Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Can't install AVG Internet Security 2015

Started by brothaman23464 , Nov 09 2014 05:36 PM

This topic is locked

#1
brothaman23464

Posted 09 November 2014 - 05:36 PM

Member

Member
17 posts

I'm trying to install AVG Internet Security 2015, but I'm having trouble because halfway through the download it reads:

Driver installation failed

Severity: Error

Error code: 0xC0070643

Error message: General internal error.

Additional message: MSI Engine: Failed to install the product.

@AVGMSI_Error27046

Driver installation failed (0xC007001C)

Context: AVG product installation, MSI action failed

My windows is up to date, I used the AVG removal tool, I've used revo unistaller, and I still can't get it to install. Any help will be dearly appreciated.

#2
emeraldnzl

Posted 10 November 2014 - 01:10 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello brothaman23464,

Welcome to Geekstogo.

Go here for instructions telling you how to deal with that problem.

Tell me how you get on.

If those actions don't solve your problem do this:

Download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator. When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called (FRST.txt) in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

#3
brothaman23464

Posted 10 November 2014 - 03:52 PM

Member

Topic Starter
Member
17 posts

Thanks emeraldnzl, I have already tried the AVG support way and no luck...I have attached the logs from the Farbar Recovery Scan Tool

Here is FRST.TXT

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-11-2014 01
Ran by Pooh~Mar (administrator) on POOHMAR-PC on 09-11-2014 23:06:39
Running from C:\Users\Pooh~Mar\Favorites\Downloads
Loaded Profile: Pooh~Mar (Available profiles: Pooh~Mar & Mcx1 & Guest)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Creative Technology Ltd.) C:\Windows\V0350Mon.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Coupons.com Inc.) C:\Program Files\Coupons\CouponPrinterService.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PasswordBox, Inc.) C:\Program Files\PasswordBox\pbbtnService.exe
(PureLeads) C:\Program Files\PureLeads\PureLeadsTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(sendori) C:\Program Files\PureLeads\PureLeads.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\KBD\kbd.exe
(PureLeads) C:\Program Files\PureLeads\PureLeadsSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [KBD] => C:\Program Files\Hewlett-Packard\KBD\KbdStub.EXE [12288 2008-07-21] (Microsoft)
HKLM\...\Run: [UpdatePDIRShortCut] => c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [TSMAgent] => c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296 2008-10-17] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer for HP TouchSmart] => c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-10-17] (CyberLink)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [912688 2008-09-23] (Hewlett-Packard)
HKLM\...\Run: [V0350Mon.exe] => C:\Windows\V0350Mon.exe [28672 2007-08-23] (Creative Technology Ltd.)
HKLM\...\Run: [DVDAgent] => c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2009-09-09] (CyberLink Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-07-26] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (CANON INC.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ApnUpdater] => C:\Program Files\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
HKLM\...\Run: [vProt] => "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [PureLeads Tray] => C:\Program Files\PureLeads\PureLeadsTray.exe [83232 2014-01-23] (PureLeads)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-07-09] (Wondershare)
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6692632 2014-11-09] (SUPERAntiSpyware)
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\...\Run: [Google Update] => C:\Users\Pooh~Mar\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-14] (Google Inc.)
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={BE1064BC-337C-42A3-BD78-696EEF200F8E}&mid=8d406c8f9b0847d0b8f5d16a12404be6-45b18233fda1019a25bdd3467daa3b7e0638f7cb&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-05 21:20:46&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.entru.com/?s=21982
URLSearchHook: HKLM - KeyBar 1.14 Toolbar - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
URLSearchHook: HKCU - KeyBar 1.14 Toolbar - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope {8E3BB2DA-D7A0-4F35-95F0-DB748713C901} URL =
SearchScopes: HKLM - {a5470ceb-4b05-457a-b89a-d0c10a80454b} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT3220468
SearchScopes: HKCU - DefaultScope {8E3BB2DA-D7A0-4F35-95F0-DB748713C901} URL = http://search.condui...6121968812&UM=2
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0C44E856-4A9E-4D85-9733-680A230299DA} URL = http://websearch.ask...D0-FC53FF1E415B
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-se...813_dt&tsp=4992
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {8E3BB2DA-D7A0-4F35-95F0-DB748713C901} URL = http://search.condui...6121968812&UM=2
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={BE1064BC-337C-42A3-BD78-696EEF200F8E}&mid=8d406c8f9b0847d0b8f5d16a12404be6-45b18233fda1019a25bdd3467daa3b7e0638f7cb&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 21:20:46&v=17.3.1.204&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: KeyBar 1.14 Toolbar -> {da51d4f6-3e7e-4ef8-b400-9198e0874606} -> C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - KeyBar 1.14 Toolbar - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKCU - KeyBar 1.14 Toolbar - {DA51D4F6-3E7E-4EF8-B400-9198E0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Pooh~Mar\AppData\Roaming\Mozilla\Firefox\Profiles\mryign2z.default-1404603865777
FF Homepage: https://www.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @TVvie_4g.com/Plugin -> C:\Program Files\TVvie_4g\bar\1.bin\NP4gStub.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npkanevapatch.dll (Kaneva, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\[email protected] [2014-11-08]
FF HKLM\...\Firefox\Extensions: [4gffxtbr@TVvie_4g.com] - C:\Program Files\TVvie_4g\bar\1.bin
FF Extension: TVvie - C:\Program Files\TVvie_4g\bar\1.bin [2011-09-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files\PasswordBox\Firefox [2013-11-21]

Chrome:
=======
CHR Profile: C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Toolbar) - C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo [2014-09-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (KeyBar 1.14) - C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn [2014-09-15]
CHR Extension: (Hello Kitty) - C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mioiobnjjjgemkflahplehgpkbjcojld [2014-09-16]
CHR Extension: (Google Wallet) - C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Pooh~Mar\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-03-31]
CHR HKLM\...\Chrome\Extension: [dnmlhhbehhdmajijfenoldcajelckpmn] - C:\Users\Pooh~Mar\AppData\Local\CRE\dnmlhhbehhdmajijfenoldcajelckpmn.crx [2013-09-01]
CHR HKLM\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Pooh~Mar\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2013-09-01]
CHR HKLM\...\Chrome\Extension: [ghnpfkmgeiojiaheaiefkilmjinpoccb] - C:\Users\Pooh~Mar\AppData\Local\Temp\ghnpfkmgeiojiaheaiefkilmjinpoccb.crx [2013-09-01]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Pooh~Mar\AppData\Local\Temp\YontooLayers.crx [2013-09-01]
CHR HKLM\...\Chrome\Extension: [npffmjkglbnioaoncpfmdbmehnbcldfh] - C:\Program Files\LyricSing\131.crx [2013-09-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-13] (SUPERAntiSpyware.com)
R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 CouponPrinterService; C:\Program Files\Coupons\CouponPrinterService.exe [154608 2014-08-28] (Coupons.com Inc.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
R2 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 PlsvcV1; C:\Program Files\PureLeads\PureLeadsSvc.exe [91936 2014-01-23] (PureLeads)
R2 PlsvcV2; C:\Program Files\PureLeads\PureLeads.Service.exe [24352 2014-01-23] (sendori)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2009-09-30] (Avanquest Software) [File not signed]
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-08-12] (Symantec Corporation)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
S3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34384 2009-12-01] (Screaming Bee LLC)
S1 SRTSP; C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS [305712 2008-11-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [43696 2008-11-06] (Symantec Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R0 TPkd; C:\Windows\system32\Drivers\TPkd.sys [86016 2009-12-23] (PACE Anti-Piracy, Inc.) [File not signed]
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
S3 VF0350Afx; C:\Windows\System32\Drivers\V0350Afx.sys [142656 2007-06-11] (Creative Technology Ltd.)
S3 VF0350Vfx; C:\Windows\System32\DRIVERS\V0350VFx.sys [7424 2007-03-05] (EyePower Games Pte. Ltd.)
S3 VF0350Vid; C:\Windows\System32\DRIVERS\V0350Vid.sys [170368 2007-08-29] (Creative Technology Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
U4 Avgfwfd; system32\DRIVERS\avgfwd6x.sys [X]
R4 AVGIDSHX; system32\DRIVERS\avgidshx.sys [X]
R4 AVGIDSShim; system32\DRIVERS\avgidsshimx.sys [X]
S3 catchme; \??\C:\Users\Pooh~Mar\AppData\Local\Temp\catchme.sys [X]
U4 cisvc; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKsl4fede91d; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BEA6A431-C17A-4BA8-92E3-B35610C0AB86}\MpKsl4fede91d.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVEX15.SYS [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 23:06 - 2014-11-09 23:06 - 00000000 ____D () C:\FRST
2014-11-09 18:28 - 2014-11-09 18:28 - 00000000 ____D () C:\Users\Pooh~Mar\AppData\Local\Avg2014
2014-11-09 18:20 - 2014-11-09 18:20 - 00000000 ____D () C:\Windows\LastGood
2014-11-09 18:18 - 2014-11-09 18:21 - 00000000 ____D () C:\ProgramData\AVG2015
2014-11-09 18:13 - 2014-11-09 18:13 - 00000000 ____D () C:\Users\Pooh~Mar\AppData\Local\Avg2015
2014-11-09 18:04 - 2014-11-09 18:04 - 00000000 ____D () C:\Users\Pooh~Mar\AppData\Local\VS Revo Group
2014-11-09 18:03 - 2014-11-09 18:03 - 00001027 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-11-09 18:03 - 2014-11-09 18:03 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-11-09 18:03 - 2014-11-09 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-11-09 18:03 - 2014-11-09 18:03 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-11-09 18:03 - 2009-12-30 11:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-11-09 15:55 - 2014-11-09 15:55 - 00000000 ____D () C:\AVG_BFEfix
2014-11-09 15:23 - 2014-11-09 15:23 - 04579176 _____ (AVG Technologies) C:\Users\Pooh~Mar\Desktop\avg_isct_stb_all_2015_5315.exe
2014-11-09 13:17 - 2014-11-09 13:17 - 03201304 _____ () C:\Users\Pooh~Mar\Desktop\AVGInstLog.cab
2014-11-09 11:52 - 2014-11-09 11:52 - 00000000 ____D () C:\Users\Pooh~Mar\AppData\Local\AVG Secure Search
2014-11-09 11:47 - 2014-11-09 15:55 - 00000181 _____ () C:\cleanup.bat
2014-11-09 11:35 - 2014-11-09 18:22 - 00000000 ____D () C:\AVG_Remover
2014-11-08 09:17 - 2014-11-08 09:17 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-16 05:01 - 2014-06-15 17:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 05:01 - 2014-06-13 13:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 05:01 - 2014-06-13 13:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 04:58 - 2014-09-27 18:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 04:30 - 2014-09-04 18:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-16 04:15 - 2014-09-16 11:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 17:46 - 2014-09-19 17:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 17:46 - 2014-09-19 17:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 17:46 - 2014-09-19 17:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 17:46 - 2014-09-19 17:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 17:46 - 2014-09-19 17:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 17:46 - 2014-09-19 17:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 17:46 - 2014-09-19 17:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-15 17:46 - 2014-09-19 17:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 17:46 - 2014-09-19 17:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 17:46 - 2014-09-19 17:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 17:46 - 2014-09-19 17:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-15 17:46 - 2014-09-19 17:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 17:46 - 2014-09-19 17:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 17:46 - 2014-09-19 17:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-15 17:46 - 2014-09-19 17:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 17:46 - 2014-09-19 17:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 17:46 - 2014-09-19 17:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 17:46 - 2014-09-19 17:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 17:46 - 2014-09-19 17:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-15 17:46 - 2014-09-19 17:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-15 17:46 - 2014-09-19 17:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 21:58 - 2006-11-02 07:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 21:58 - 2006-11-02 07:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 18:29 - 2012-05-23 12:04 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-09 18:25 - 2012-07-11 04:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 18:23 - 2012-09-22 17:31 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3331768213-1759502172-4088974818-1000UA.job
2014-11-09 18:22 - 2010-08-05 12:44 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 18:20 - 2009-11-27 18:26 - 00000000 ____D () C:\Users\Pooh~Mar
2014-11-09 18:20 - 2009-11-27 18:25 - 01215241 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 18:01 - 2012-09-06 15:25 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-09 18:00 - 2010-08-05 12:44 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 17:58 - 2012-05-11 21:25 - 00297916 _____ () C:\Windows\PFRO.log
2014-11-09 17:58 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 15:56 - 2006-11-02 08:01 - 00032614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-09 15:22 - 2006-11-02 06:18 - 00000000 ___RD () C:\Users\Public
2014-11-09 13:10 - 2006-11-02 05:33 - 00766864 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 12:43 - 2013-09-11 23:22 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-11-09 11:54 - 2013-09-11 23:24 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-11-09 11:37 - 2013-09-11 23:23 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-11-09 02:00 - 2014-08-15 05:50 - 00000000 ____D () C:\Users\Pooh~Mar\AppData\Local\Adobe
2014-11-08 22:23 - 2012-09-22 17:30 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3331768213-1759502172-4088974818-1000Core.job
2014-11-08 15:18 - 2012-05-06 12:38 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-08 10:26 - 2011-05-03 18:22 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-11-04 14:30 - 2009-12-07 18:18 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-31 20:18 - 2012-09-30 10:28 - 00000000 ____D () C:\Users\Pooh~Mar\AppData\Roaming\uTorrent
2014-10-31 20:18 - 2012-08-18 19:06 - 00000000 ____D () C:\Users\Pooh~Mar\Desktop\Goin to MP3
2014-10-31 20:17 - 2014-06-29 08:28 - 00000000 ____D () C:\Users\Pooh~Mar\AppData\Roaming\vlc
2014-10-31 15:11 - 2013-11-21 12:03 - 00000000 ____D () C:\Program Files\PasswordBox
2014-10-28 15:26 - 2012-10-29 13:22 - 00002059 _____ () C:\Users\Pooh~Mar\Desktop\Google Chrome.lnk
2014-10-27 17:59 - 2009-12-14 21:59 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2014-10-18 19:39 - 2010-08-11 11:29 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForPooh~Mar.job
2014-10-16 15:34 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-16 14:20 - 2012-05-11 21:25 - 00376056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 04:57 - 2013-07-13 20:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 04:32 - 2006-11-02 05:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3331768213-1759502172-4088974818-1000\$c93ff9029ad365e5464a81a9a0643200

Some content of TEMP:
====================
C:\Users\Pooh~Mar\AppData\Local\temp\any-video-converter.exe
C:\Users\Pooh~Mar\AppData\Local\temp\CertificatesDLL.dll
C:\Users\Pooh~Mar\AppData\Local\temp\DseShExt-x86.dll
C:\Users\Pooh~Mar\AppData\Local\temp\ICReinstall_FreeFileViewerSetup.exe
C:\Users\Pooh~Mar\AppData\Local\temp\SDShelEx-win32.dll
C:\Users\Pooh~Mar\AppData\Local\temp\Setup.exe
C:\Users\Pooh~Mar\AppData\Local\temp\SpOrder.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-09 18:25

==================== End Of Log ============================

Here is Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-11-2014 01
Ran by Pooh~Mar at 2014-11-09 23:08:06
Running from C:\Users\Pooh~Mar\Favorites\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Disabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 3.2.0 - )
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Any Video Converter Professional 5.0.8 (HKLM\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.23.0 - Ask.com) <==== ATTENTION
AVS Audio Converter version 6.2 (HKLM\...\AVS Audio Converter 6.2_is1) (Version: - Online Media Technologies Ltd.)
AVS Audio Recorder version 3.9 (HKLM\...\AVS Audio Recorder 3.9_is1) (Version: - Online Media Technologies Ltd.)
AVS Image Converter 1.2.1.100 (HKLM\...\AVS Image Converter_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
BearShare (Version: 9.0.0.88083 - Musiclab, LLC) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
Canon MP250 series User Registration (HKLM\...\Canon MP250 series User Registration) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.10) (Version: 5.0.0.10 - Coupons.com Incorporated)
Creative Live! Cam Center (HKLM\...\Creative Live! Cam Center) (Version: - )
Creative Live! Cam Video Chat or Video IM Driver (1.03.01.00) (HKLM\...\Creative VF0350) (Version: - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Elements 11 Organizer (Version: 11.0 - Adobe Systems Incorporated) Hidden
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: 1.0.9.2 - Hewlett-Packard)
File Extractor (HKLM\...\Tweaks File Extractor) (Version: 1.1.1 - Tweaks) <==== ATTENTION
File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version: - Trusted Software) <==== ATTENTION
Foxit PDF Editor (HKLM\...\Foxit PDF Editor) (Version: - )
Free NaturalReader (HKLM\...\{1F2DF2C6-08F7-40BD-8E85-D16CB436E7F0}) (Version: 9.0 - NaturalSoft Limited)
Garmin Communicator Plugin (HKLM\...\{8ED02445-D491-414C-A56D-2ED6BBB7239A}) (Version: 3.0.1 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{CCB71FF8-DE82-469C-8641-44378F4443EB}) (Version: 2.5.4 - Garmin Ltd or its subsidiaries)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth (HKLM\...\{BE06114F-559D-11E0-B5A1-001D0926B1BF}) (Version: 6.0.2.2074 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
HitLeap Viewer 2.8 (HKLM\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{64B9E2F5-558E-4C56-B419-A1679518F6E7}) (Version: 5.7.0.2784 - Hewlett-Packard)
HP Demo (HKLM\...\{A2016015-8323-4AF8-8B3E-F56239D7D59D}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.2.3309 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2217 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}) (Version: 2.0.8 - Hewlett-Packard)
HP Total Care Setup (HKLM\...\{38058455-8C21-4C2F-B2F6-14ED166039CB}) (Version: 1.1.1983.2818 - Hewlett-Packard Company)
HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
Interlok driver setup x32 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.13 - PACE Anti-Piracy)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java™ 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Juno Preloader (HKLM\...\{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}) (Version: 1.0.0 - Juno, Inc.)
KeyBar 1.14 Toolbar (HKLM\...\KeyBar_1.14 Toolbar) (Version: 6.15.0.27 - KeyBar 1.14)
LightScribe System Software (HKLM\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
LightScribe Template Labeler (HKLM\...\{5BD0CB24-11AF-4BA8-A198-38D25257C656}) (Version: 1.14.25.1 - LightScribe)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
MediaSPace (HKLM\...\{238F787F-4FE9-4644-8362-30800F50E190}) (Version: 1.00.0000 - MediaSPace)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM\...\{4FAB5122-775E-4418-B8D9-E2873BC93570}) (Version: 3.0.541.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 7.0 (HKLM\...\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}) (Version: 07.02.0620 - Microsoft Corporation)
Mozilla Firefox 33.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 33.0.3 (x86 en-US)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCams 2.2010.05.13 (HKLM\...\{A94D0A32-5BDB-4400-8E78-07B148B929C5}_is1) (Version: - MyFreeCams.com)
NCH Toolbox (HKLM\...\ToolBox) (Version: - NCH Software)
NetZero Preloader (HKLM\...\{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.)
Nursing Assistant CD (HKLM\...\Nursing Assistant CD) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PhotoStage Slideshow Producer (HKLM\...\PhotoStage) (Version: - NCH Software)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.8 - Google, Inc.)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2202 - CyberLink Corp.)
PowerDirector (Version: 7.0.2202 - CyberLink Corp.) Hidden
PSE11 STI Installer (Version: 11.0 - Adobe Systems Incorporated) Hidden
PureLeads (HKLM\...\PureLeads) (Version: 2.0.17 - PureLeads)
Python 2.5.2 (HKLM\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
rrsavings (HKLM\...\rrsavings) (Version: 2.0.1 - rrsavings) <==== ATTENTION
RrSavings (Version: 1.0.0.0 - RrSavings) Hidden <==== ATTENTION
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.80.0.0 - Conexant Systems)
Sound Organizer (HKLM\...\{010813A5-CE68-4C86-96F4-11CAEA3E6292}) (Version: 1.1.1.12161 - Sony Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1016 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{C71067FC-288F-4E0B-88C6-44DFDA8311E2}) (Version: 4.5.9.0 - Husdawg, LLC)
TeleTech WB ISA (HKLM\...\TeleTech ISA) (Version: 1.2.2.0 - TeleTech)
TVvie (HKLM\...\TVvie_4gbar Uninstall) (Version: - TVvie)
UltraMixer 4.0.2 (HKLM\...\{8C101DEE-540D-42C7-860F-E326883C81C5}_is1) (Version: 4.0.2 - UltraMixer Digital Audio Solutions)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.0 (HKLM\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version: - Microsoft Corporation)
Winferno Registry Power Cleaner (HKLM\...\RegPowerClean_is1) (Version: 2009 - Winferno.com)
Wondershare Video Editor(Build 3.6.1) (HKLM\...\Wondershare Video Editor_is1) (Version: - Wondershare Software)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
Zylom Games Player Plugin (HKLM\...\Zylom Games Player Plugin) (Version: - Zylom Games)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\Application\38.0.2125.111\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3331768213-1759502172-4088974818-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Pooh~Mar\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points =========================

24-10-2014 04:36:38 Scheduled Checkpoint
25-10-2014 04:00:10 Scheduled Checkpoint
26-10-2014 00:22:35 Windows Update
27-10-2014 11:07:50 Scheduled Checkpoint
28-10-2014 04:00:07 Scheduled Checkpoint
29-10-2014 04:00:10 Scheduled Checkpoint
29-10-2014 07:10:50 Windows Update
30-10-2014 04:00:06 Scheduled Checkpoint
31-10-2014 04:00:08 Scheduled Checkpoint
01-11-2014 04:00:07 Scheduled Checkpoint
01-11-2014 12:32:18 Windows Update
02-11-2014 04:00:10 Scheduled Checkpoint
04-11-2014 19:26:52 Windows Update
07-11-2014 00:47:32 Scheduled Checkpoint
08-11-2014 02:21:43 Windows Update
08-11-2014 22:26:39 Scheduled Checkpoint
09-11-2014 17:08:07 Installed AVG 2015
09-11-2014 17:10:10 Installed AVG 2015
09-11-2014 17:14:25 Removed AVG 2015
09-11-2014 17:20:02 Installed AVG 2015
09-11-2014 17:34:52 Installed AVG 2015
09-11-2014 17:39:47 Removed AVG 2015
09-11-2014 17:53:30 Installed AVG 2015
09-11-2014 18:08:16 Installed AVG 2015
09-11-2014 18:13:49 Removed AVG 2015
09-11-2014 18:27:29 Installed AVG 2015
09-11-2014 19:02:13 Installed AVG 2015
09-11-2014 19:05:47 Removed AVG 2015
09-11-2014 20:26:48 Installed AVG 2015
09-11-2014 20:40:10 Installed AVG 2015
09-11-2014 20:44:38 Removed AVG 2015
09-11-2014 21:09:47 Installed AVG 2015
09-11-2014 21:13:01 Installed AVG 2015
09-11-2014 21:22:37 Removed AVG 2015
09-11-2014 23:05:14 Revo Uninstaller Pro's restore point - AVG 2014
09-11-2014 23:06:40 Revo Uninstaller Pro's restore point - AVG 2014
09-11-2014 23:16:30 Installed AVG 2015
09-11-2014 23:17:22 Installed AVG 2015
09-11-2014 23:21:18 Removed AVG 2015

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2012-05-22 13:36 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09BCD0CA-5F19-4F92-8601-B06ECEBFEE68} - \{35DC3473-A719-4d14-B7C1-FD326CA84A0C} No Task File <==== ATTENTION
Task: {300AB127-246D-42BE-B5E0-D06712A89F92} - System32\Tasks\RecoveryCD => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2008-10-20] ()
Task: {311800C8-FDF1-468C-87CF-094F8FED3374} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {36ECBD63-0995-4580-A8CB-69E53A4E6651} - System32\Tasks\AdobeAAMUpdater-1.0-PoohMar-PC-Pooh~Mar => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {3BE80994-6606-4197-BBAA-5891152F8ECC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3331768213-1759502172-4088974818-1000UA => C:\Users\Pooh~Mar\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {44A0DE5C-BD7F-4651-A557-9F03B4DF6D51} - System32\Tasks\ProgramUpdateCheck => C:\Program Files\File Type Assistant\TSAssist.exe [2012-09-13] (Trusted Software ApS) <==== ATTENTION
Task: {46D28D87-E72A-4E65-B908-26CA1FC01277} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {4F0E62D3-74B1-489C-84A3-22363B810B86} - System32\Tasks\HPCeeScheduleForPooh~Mar => C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-09-16] (Hewlett-Packard)
Task: {6B535D96-95A5-45A0-A524-79C19B7D3E5C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6CB512E8-0526-440A-90D9-A127C566E4A5} - System32\Tasks\RPCReminder => C:\Program Files\Winferno\RegistryPowerCleaner\RPCReminder.exe [2008-10-28] (Winferno Software)
Task: {6EFCB065-1818-415E-AE98-003FB5A66B0C} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {7958D249-9E44-4045-BE27-BBE4D94E1832} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {81C5038E-5979-46B0-80AE-A8CF0036C02A} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2013-03-31] () <==== ATTENTION
Task: {8C9BA9BD-6B44-49D0-B64A-D52A5D8265EA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe
Task: {9FDDED82-27BF-4F63-9417-2438A84AEEF8} - System32\Tasks\BearShareNAG => C:\Users\Pooh~Mar\AppData\Local\Temp\BearShare_setup.exe <==== ATTENTION
Task: {9FE7E0DD-F4D0-40E8-8663-54C69550132C} - \{66BA574B-1E11-49b8-909C-8CC9E0E8E015} No Task File <==== ATTENTION
Task: {A0B3DA94-90AA-421A-90A6-8C07214A2195} - System32\Tasks\Hewlett-Packard online update program => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {CC26A340-BA9F-4DF4-9E73-6E4990D5F18B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3331768213-1759502172-4088974818-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {D538DC9C-9202-4E54-B4ED-677CA5A19F6F} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {E3C095D2-C412-4390-BB86-29EE57D52A0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {E8C2C3D4-25EB-4D0B-880E-41AC20EB9FEE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3331768213-1759502172-4088974818-1000Core => C:\Users\Pooh~Mar\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {EA8AB04F-C5D5-4B6C-9E33-045B0C6677FF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3331768213-1759502172-4088974818-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {F7C10C5C-7345-4D19-861E-51AF8859B25A} - System32\Tasks\Google Updater and Installer => C:\Users\Pooh~Mar\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3331768213-1759502172-4088974818-1000Core.job => C:\Users\Pooh~Mar\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3331768213-1759502172-4088974818-1000UA.job => C:\Users\Pooh~Mar\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPooh~Mar.job => C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe
Task: C:\Windows\Tasks\RPCReminder.job => C:\Program Files\Winferno\RegistryPowerCleaner\RPCReminder.exe

==================== Loaded Modules (whitelisted) =============

2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-10-17 19:57 - 2008-10-17 19:57 - 00881960 _____ () C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2011-05-03 18:22 - 2009-02-10 11:01 - 00116104 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2014-05-14 11:45 - 2014-05-14 11:45 - 00090624 _____ () C:\Program Files\PasswordBox\libwebsocketswin32.dll
2014-10-01 17:24 - 2014-07-09 11:01 - 01459712 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-10-01 17:24 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-11-08 09:17 - 2014-11-08 09:17 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HPADVISOR => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: SpeedItUpEX => C:\Program Files\SpeedItup Free\SpeedItUp.exe -MINI
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

========================= Accounts: ==========================

Administrator (S-1-5-21-3331768213-1759502172-4088974818-500 - Administrator - Disabled)
Guest (S-1-5-21-3331768213-1759502172-4088974818-501 - Limited - Enabled) => C:\Users\Guest.PoohMar-PC
Mcx1 (S-1-5-21-3331768213-1759502172-4088974818-1001 - Administrator - Enabled) => C:\Users\Mcx1
Pooh~Mar (S-1-5-21-3331768213-1759502172-4088974818-1000 - Administrator - Enabled) => C:\Users\Pooh~Mar

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2014 09:57:49 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:52:47 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:47:48 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:43:01 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:37:54 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:32:49 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:27:50 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:22:53 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:17:55 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:12:55 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

System errors:
=============
Error: (11/09/2014 06:01:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Media Center Service Launcher

Error: (11/09/2014 06:01:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Windows Defender%%2148081667

Error: (11/09/2014 06:01:38 PM) (Source: WinDefend) (EventID: 2004) (User: )
Description: %%%82627 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

   Signatures Attempted: %%%82625

   Error Code: 0x80092003

   Error description: An error occurred while reading or writing to a file.

   Signatures loading: %%826

   Loading signature version: 0.0.0.0

   Loading engine version: %%%826270

Error: (11/09/2014 06:01:37 PM) (Source: WinDefend) (EventID: 2004) (User: )
Description: %%%82527 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

   Signatures Attempted: %%%82524

   Error Code: 0x8050a001

   Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support.

   Signatures loading: %%825

   Loading signature version: 0.0.0.0

   Loading engine version: %%%825270

Error: (11/09/2014 06:00:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Microsoft Antimalware Service%%2147949456

Error: (11/09/2014 06:00:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: netfilter
SRTSP

Error: (11/09/2014 06:00:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: PlsvcV1%%1053

Error: (11/09/2014 06:00:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000PlsvcV1

Error: (11/09/2014 06:00:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Internet Connection Sharing (ICS)Base Filtering Engine%%1053

Error: (11/09/2014 06:00:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: IPsec Policy AgentBase Filtering Engine%%1053

Microsoft Office Sessions:
=========================
Error: (11/09/2014 09:57:49 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:52:47 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:47:48 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:43:01 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:37:54 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:32:49 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:27:50 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:22:53 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:17:55 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

Error: (11/09/2014 09:12:55 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154 Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).

CodeIntegrity Errors:
===================================
Date: 2014-11-09 23:07:31.689
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 23:07:31.049
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 23:07:30.407
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 23:07:29.709
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-11-08 15:35:02.289
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SET9C38.tmp because the set of per-page image hashes could not be found on the system.

Date: 2014-11-08 15:35:01.636
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SET9C38.tmp because the set of per-page image hashes could not be found on the system.

Date: 2014-11-08 15:35:00.967
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SET9C38.tmp because the set of per-page image hashes could not be found on the system.

Date: 2014-11-08 15:35:00.215
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SET9C38.tmp because the set of per-page image hashes could not be found on the system.

Date: 2014-11-08 15:34:45.162
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG2014\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-11-08 15:34:44.522
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG2014\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD Athlon™ 64 X2 Dual Core Processor 5000+
Percentage of memory in use: 61%
Total physical RAM: 1917.83 MB
Available physical RAM: 738.63 MB
Total Pagefile: 4084.14 MB
Available Pagefile: 2710.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.36 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:286.43 GB) (Free:81.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.66 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=286.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Edited by brothaman23464, 10 November 2014 - 08:43 PM.

#4
emeraldnzl

Posted 10 November 2014 - 04:32 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello brothaman23464,

Please copy and paste you logs into the thread. Easier to analyze and better for the students here to follow.

Now

There is Zero Access infection and multiple adware programs showing in the log. We will see if we can deal with most of it straight off.

Also you have residues of multiple anti-virus programs, AVG, Norton and McAfee Security Toolbar. Might be partly why you had difficulty installing AVG Internet Security. You also seem to have Microsoft Security Essentials installed. It will likely not be working with the Zero Access infection. Personally I would update and keep that one, once we have cleaned your machine.

Note: Running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.

Next

Firstly please uninstall the following foistware and adware programs:

KeyBar 1.14 Toolbar
McAfee Security Scan Plus
PureLeads
rrsavings
TVvie

After that

Open notepad.

Please copy the contents of the code box below.

To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it as fixlist.txt.

Alternatively type the contents of the box into notepad and save it to your desktop as fixlist.txt.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

C:\$Recycle.Bin\S-1-5-21-3331768213-1759502172-4088974818-1000\$c93ff9029ad365e5464a81a9a0643200
HKLM\...\Run: [] => [X]
R2 PlsvcV1; C:\Program Files\PureLeads\PureLeadsSvc.exe
C:\Program Files\PureLeads
R2 PlsvcV2; C:\Program Files\PureLeads\PureLeads.Service.exe
C:\Users\Pooh~Mar\AppData\Local\temp\any-video-converter.exe
C:\Users\Pooh~Mar\AppData\Local\temp\CertificatesDLL.dll
C:\Users\Pooh~Mar\AppData\Local\temp\DseShExt-x86.dll
C:\Users\Pooh~Mar\AppData\Local\temp\ICReinstall_FreeFileViewerSetup.exe
C:\Users\Pooh~Mar\AppData\Local\temp\SDShelEx-win32.dll
C:\Users\Pooh~Mar\AppData\Local\temp\Setup.exe
C:\Users\Pooh~Mar\AppData\Local\temp\SpOrder.dll
RrSavings (Version: 1.0.0.0 - RrSavings) Hidden <==== ATTENTION
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={BE1064BC-337C-42A3-BD78-696EEF200F8E}&mid=8d406c8f9b0847d0b8f5d16a12404be6-45b18233fda1019a25bdd3467daa3b7e0638f7cb&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-05 21:20:46&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.entru.com/?s=21982
URLSearchHook: HKLM - KeyBar 1.14 Toolbar - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
URLSearchHook: HKCU - KeyBar 1.14 Toolbar - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope {8E3BB2DA-D7A0-4F35-95F0-DB748713C901} URL =
SearchScopes: HKLM - {a5470ceb-4b05-457a-b89a-d0c10a80454b} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Y8xdm002YYus&ptb=DAE8AAC8-F9FB-4821-A2E6-516E4918D3BD&ind=2011091012&ptnrS=Y8xdm002YYus&si=tvvie&n=77ded044&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
SearchScopes: HKCU - DefaultScope {8E3BB2DA-D7A0-4F35-95F0-DB748713C901} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291327&CUI=UN40619546121968812&UM=2
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0C44E856-4A9E-4D85-9733-680A230299DA} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=BE4A1486-BA3F-41C1-A083-B219093800EC&apn_sauid=23AF8AFA-2CE2-4ED0-80D0-FC53FF1E415B
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=4AF7002354A4A215&affID=122471&tt=280813_dt&tsp=4992
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {8E3BB2DA-D7A0-4F35-95F0-DB748713C901} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291327&CUI=UN40619546121968812&UM=2
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={BE1064BC-337C-42A3-BD78-696EEF200F8E}&mid=8d406c8f9b0847d0b8f5d16a12404be6-45b18233fda1019a25bdd3467daa3b7e0638f7cb&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 21:20:46&v=17.3.1.204&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: KeyBar 1.14 Toolbar -> {da51d4f6-3e7e-4ef8-b400-9198e0874606} -> C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
C:\Program Files\KeyBar_1.14
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - KeyBar 1.14 Toolbar - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
Toolbar: HKCU - KeyBar 1.14 Toolbar - {DA51D4F6-3E7E-4EF8-B400-9198E0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Extension: TVvie - C:\Program Files\TVvie_4g\bar\1.bin [2011-09-10]
C:\Program Files\TVvie_4g
CHR Extension: (KeyBar 1.14) - C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn [2014-09-15]
S1 SRTSP; C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS [305712 2008-11-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [43696 2008-11-06] (Symantec Corporation)
U4 Avgfwfd; system32\DRIVERS\avgfwd6x.sys [X]
R4 AVGIDSHX; system32\DRIVERS\avgidshx.sys [X]
R4 AVGIDSShim; system32\DRIVERS\avgidsshimx.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVEX15.SYS [X
C:\Program Files\McAfee Security Scan
C:\ProgramData\Norton
CMD: ipconfig /flushdns
EmptyTemp:

This script is specifically written for the infection on this person's computer. It should NOT to be used on another machine. It may cause serious damage even to the point of rendering the computer unusable.

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

#5
brothaman23464

Posted 11 November 2014 - 03:39 AM

Member

Topic Starter
Member
17 posts

Ok emeraldnzl, here is my Fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-11-2014 01
Ran by Pooh~Mar at 2014-11-10 22:38:24 Run:1
Running from C:\Users\Pooh~Mar\Favorites\Downloads
Loaded Profile: Pooh~Mar (Available profiles: Pooh~Mar & Mcx1 & Guest)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\$Recycle.Bin\S-1-5-21-3331768213-1759502172-4088974818-1000\$c93ff9029ad365e5464a81a9a0643200
HKLM\...\Run: [] => [X]
R2 PlsvcV1; C:\Program Files\PureLeads\PureLeadsSvc.exe
C:\Program Files\PureLeads
R2 PlsvcV2; C:\Program Files\PureLeads\PureLeads.Service.exe
C:\Users\Pooh~Mar\AppData\Local\temp\any-video-converter.exe
C:\Users\Pooh~Mar\AppData\Local\temp\CertificatesDLL.dll
C:\Users\Pooh~Mar\AppData\Local\temp\DseShExt-x86.dll
C:\Users\Pooh~Mar\AppData\Local\temp\ICReinstall_FreeFileViewerSetup.exe
C:\Users\Pooh~Mar\AppData\Local\temp\SDShelEx-win32.dll
C:\Users\Pooh~Mar\AppData\Local\temp\Setup.exe
C:\Users\Pooh~Mar\AppData\Local\temp\SpOrder.dll
RrSavings (Version: 1.0.0.0 - RrSavings) Hidden <==== ATTENTION
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={BE1064BC-337C-42A3-BD78-696EEF200F8E}&mid=8d406c8f9b0847d0b8f5d16a12404be6-45b18233fda1019a25bdd3467daa3b7e0638f7cb&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-05 21:20:46&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.entru.com/?s=21982
URLSearchHook: HKLM - KeyBar 1.14 Toolbar - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
URLSearchHook: HKCU - KeyBar 1.14 Toolbar - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope {8E3BB2DA-D7A0-4F35-95F0-DB748713C901} URL =
SearchScopes: HKLM - {a5470ceb-4b05-457a-b89a-d0c10a80454b} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT3220468
SearchScopes: HKCU - DefaultScope {8E3BB2DA-D7A0-4F35-95F0-DB748713C901} URL = http://search.condui...6121968812&UM=2
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0C44E856-4A9E-4D85-9733-680A230299DA} URL = http://websearch.ask...D0-FC53FF1E415B
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-se...813_dt&tsp=4992
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {8E3BB2DA-D7A0-4F35-95F0-DB748713C901} URL = http://search.condui...6121968812&UM=2
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={BE1064BC-337C-42A3-BD78-696EEF200F8E}&mid=8d406c8f9b0847d0b8f5d16a12404be6-45b18233fda1019a25bdd3467daa3b7e0638f7cb&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 21:20:46&v=17.3.1.204&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: KeyBar 1.14 Toolbar -> {da51d4f6-3e7e-4ef8-b400-9198e0874606} -> C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
C:\Program Files\KeyBar_1.14
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - KeyBar 1.14 Toolbar - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
Toolbar: HKCU - KeyBar 1.14 Toolbar - {DA51D4F6-3E7E-4EF8-B400-9198E0874606} - C:\Program Files\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Extension: TVvie - C:\Program Files\TVvie_4g\bar\1.bin [2011-09-10]
C:\Program Files\TVvie_4g
CHR Extension: (KeyBar 1.14) - C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn [2014-09-15]
S1 SRTSP; C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS [305712 2008-11-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [43696 2008-11-06] (Symantec Corporation)
U4 Avgfwfd; system32\DRIVERS\avgfwd6x.sys [X]
R4 AVGIDSHX; system32\DRIVERS\avgidshx.sys [X]
R4 AVGIDSShim; system32\DRIVERS\avgidsshimx.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVEX15.SYS [X
C:\Program Files\McAfee Security Scan
C:\ProgramData\Norton
CMD: ipconfig /flushdns
EmptyTemp:
*****************

C:\$Recycle.Bin\S-1-5-21-3331768213-1759502172-4088974818-1000\$c93ff9029ad365e5464a81a9a0643200 => Directory moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
PlsvcV1 => Service stopped successfully.
PlsvcV1 => Service deleted successfully.

"C:\Program Files\PureLeads" directory move:

C:\Program Files\PureLeads\DynLib.dll => Moved successfully.
C:\Program Files\PureLeads\freebl3.dll => Moved successfully.
C:\Program Files\PureLeads\Interop.PCProxyLib.dll => Moved successfully.
C:\Program Files\PureLeads\libnspr4.dll => Moved successfully.
C:\Program Files\PureLeads\libplc4.dll => Moved successfully.
C:\Program Files\PureLeads\libplds4.dll => Moved successfully.
C:\Program Files\PureLeads\nss3.dll => Moved successfully.
C:\Program Files\PureLeads\nssckbi.dll => Moved successfully.
C:\Program Files\PureLeads\nssdbm3.dll => Moved successfully.
C:\Program Files\PureLeads\nssutil3.dll => Moved successfully.
C:\Program Files\PureLeads\PAD_FILE.xml => Moved successfully.
C:\Program Files\PureLeads\plsapp64.dll => Moved successfully.
C:\Program Files\PureLeads\plsappDLL.dll => Moved successfully.
C:\Program Files\PureLeads\plsappLSP.exe => Moved successfully.
C:\Program Files\PureLeads\plsappLSP.ini => Moved successfully.
C:\Program Files\PureLeads\plsappLSP64.exe => Moved successfully.
C:\Program Files\PureLeads\pureleads-win-upgrader.exe => Moved successfully.
C:\Program Files\PureLeads\PureLeads.Library.dll => Moved successfully.
C:\Program Files\PureLeads\PureLeads.Service.exe => Moved successfully.
C:\Program Files\PureLeads\PureLeadsControl.exe => Moved successfully.
C:\Program Files\PureLeads\PureLeadsSvc.exe => Moved successfully.
C:\Program Files\PureLeads\PureLeadsTray.exe => Moved successfully.
C:\Program Files\PureLeads\smime3.dll => Moved successfully.
C:\Program Files\PureLeads\softokn3.dll => Moved successfully.
C:\Program Files\PureLeads\sqlite3.dll => Moved successfully.
C:\Program Files\PureLeads\ssl3.dll => Moved successfully.
Could not move "C:\Program Files\PureLeads" directory. => Scheduled to move on reboot.

PlsvcV2 => Service stopped successfully.
PlsvcV2 => Service deleted successfully.
C:\Users\Pooh~Mar\AppData\Local\temp\any-video-converter.exe => Moved successfully.
C:\Users\Pooh~Mar\AppData\Local\temp\CertificatesDLL.dll => Moved successfully.
C:\Users\Pooh~Mar\AppData\Local\temp\DseShExt-x86.dll => Moved successfully.
C:\Users\Pooh~Mar\AppData\Local\temp\ICReinstall_FreeFileViewerSetup.exe => Moved successfully.
C:\Users\Pooh~Mar\AppData\Local\temp\SDShelEx-win32.dll => Moved successfully.
C:\Users\Pooh~Mar\AppData\Local\temp\Setup.exe => Moved successfully.
C:\Users\Pooh~Mar\AppData\Local\temp\SpOrder.dll => Moved successfully.
"HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}" => Key deleted successfully.
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{da51d4f6-3e7e-4ef8-b400-9198e0874606} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => value deleted successfully.
"HKCR\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7473b6bd-4691-4744-a82b-7854eb3d70b6} => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{da51d4f6-3e7e-4ef8-b400-9198e0874606} => Value not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a5470ceb-4b05-457a-b89a-d0c10a80454b}" => Key deleted successfully.
"HKCR\CLSID\{a5470ceb-4b05-457a-b89a-d0c10a80454b}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
"HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\BrowserMngrDefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0C44E856-4A9E-4D85-9733-680A230299DA}" => Key deleted successfully.
"HKCR\CLSID\{0C44E856-4A9E-4D85-9733-680A230299DA}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully.
"HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => Key deleted successfully.
"HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8E3BB2DA-D7A0-4F35-95F0-DB748713C901}" => Key deleted successfully.
"HKCR\CLSID\{8E3BB2DA-D7A0-4F35-95F0-DB748713C901}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => Key not found.
"HKCR\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => Key not found.
"HKU\S-1-5-21-3331768213-1759502172-4088974818-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da51d4f6-3e7e-4ef8-b400-9198e0874606}" => Key not found.
"HKCR\CLSID\{da51d4f6-3e7e-4ef8-b400-9198e0874606}" => Key not found.
"C:\Program Files\KeyBar_1.14" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully.
"HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{da51d4f6-3e7e-4ef8-b400-9198e0874606} => Value not found.
"HKCR\CLSID\{da51d4f6-3e7e-4ef8-b400-9198e0874606}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9565115D-C7D6-46D3-BD63-B67B481A4368} => value deleted successfully.
"HKCR\CLSID\{9565115D-C7D6-46D3-BD63-B67B481A4368}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DA51D4F6-3E7E-4EF8-B400-9198E0874606} => Value not found.
"HKCR\CLSID\{DA51D4F6-3E7E-4EF8-B400-9198E0874606}" => Key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key not found.
"HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin" => Key not found.
C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll not found.
C:\Program Files\TVvie_4g\bar\1.bin => not found.
C:\Program Files\TVvie_4g => Moved successfully.
C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn => Moved successfully.
SRTSP => Service deleted successfully.
SRTSPX => Service stopped successfully.
SRTSPX => Service deleted successfully.
Avgfwfd => Service not found.
AVGIDSHX => Service not found.
AVGIDSShim => Service not found.
NAVENG => Service deleted successfully.
NAVEX15 => Service deleted successfully.
"C:\Program Files\McAfee Security Scan" => File/Directory not found.
C:\ProgramData\Norton => Moved successfully.

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => Removed 2.9 GB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-11 04:32:43)<=

C:\Program Files\PureLeads => Is moved successfully.

==== End of Fixlog ====

#6
emeraldnzl

Posted 11 November 2014 - 01:34 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello again brothaman23464,

Please download : ADWCleaner to your desktop (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon. AdwCleaner will update itself and then open.

Click on Scan and follow the prompts. It may appear not to be doing anything, please be patient and let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

After that

Please download Junkware Removal Tool to your desktop.

Shut down your protection software to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

When you return please post

AdwCleaner log

JRT.txt

#7
brothaman23464

Posted 11 November 2014 - 06:59 PM

Member

Topic Starter
Member
17 posts

Ok emeraldnzl, below is my AdwCleaner Log and JRT.txt

Here is AdwCleaner log

# AdwCleaner v4.101 - Report created 11/11/2014 at 19:02:58
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Pooh~Mar - POOHMAR-PC
# Running from : C:\Users\Pooh~Mar\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : netfilter

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AGI
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\ProgramData\Free Ride Games
Folder Deleted : C:\ProgramData\Kiwee Toolbar
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kiwee Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RebateInformer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaks
Folder Deleted : C:\Program Files\002
Folder Deleted : C:\Program Files\AGI
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\BearShare Applications
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Crawler
Folder Deleted : C:\Program Files\File Type Assistant
Folder Deleted : C:\Program Files\FinalMediaPlayer
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\Inbox Toolbar
Folder Deleted : C:\Program Files\Kiwee Toolbar
Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\SpeedItup Free
Folder Deleted : C:\Program Files\Tweaks
Folder Deleted : C:\Program Files\Yontoo Layers Client
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Guest.PoohMar-PC\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Guest.PoohMar-PC\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Guest.PoohMar-PC\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Pooh~Mar\AppData\Local\apn
Folder Deleted : C:\Users\Pooh~Mar\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Pooh~Mar\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Pooh~Mar\AppData\Local\Conduit
Folder Deleted : C:\Users\Pooh~Mar\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\Pooh~Mar\AppData\Local\PackageAware
Folder Deleted : C:\Users\Pooh~Mar\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\AGI
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\Kiwee Toolbar
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\Mp3Tube Toolbar
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\myfreezetoolbar
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\RebateInformer
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\ShoppingReport
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\ShoppingReport2
Folder Deleted : C:\Users\Pooh~Mar\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Pooh~Mar\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Pooh~Mar\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
File Deleted : C:\END
File Deleted : C:\Windows\system32\conduitEngine.tmp
File Deleted : C:\Users\Pooh~Mar\AppData\Roaming\Mozilla\Firefox\Profiles\bsh74n5k.default\BrowserMngr_extensions.sqlite
File Deleted : C:\Users\Pooh~Mar\AppData\Roaming\Mozilla\Firefox\Profiles\lqip7i5t.default-1346898659536\BrowserMngr_extensions.sqlite
File Deleted : C:\Users\Pooh~Mar\AppData\Roaming\Mozilla\Firefox\Profiles\bsh74n5k.default\user.js
File Deleted : C:\Users\Pooh~Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ki3ua5sz.default-1351460623044\user.js
File Deleted : C:\Users\Pooh~Mar\AppData\Roaming\Mozilla\Firefox\Profiles\lqip7i5t.default-1346898659536\user.js
File Deleted : C:\Users\Pooh~Mar\AppData\Roaming\Mozilla\Firefox\Profiles\mqthf711.default-1349124183048\user.js
File Deleted : C:\Users\Pooh~Mar\AppData\Roaming\Mozilla\Firefox\Profiles\vzyni534.default-1352499446119\user.js
File Deleted : C:\Users\Pooh~Mar\AppData\Roaming\Mozilla\Firefox\Profiles\xq9ru1lq.default-1351451231774\user.js
File Deleted : C:\Users\Pooh~Mar\AppData\Roaming\Mozilla\Firefox\Profiles\zrnub33w.default-1351373427432\user.js
File Deleted : C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www2.delta-search.com_0.localstorage

***** [ Scheduled Tasks ] *****

Task Deleted : ProgramUpdateCheck
Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2
Key Deleted : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKCU\Software\5f5788dee034ef49
Key Deleted : HKLM\SOFTWARE\5f5788dee034ef49
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3291327
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01AD9322-02FF-4F4F-AC52-92FDA5AE65F0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28C02550-6572-401a-A2AE-5BC703C9BBA6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Bitberry
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\MarketPrecision
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\I Want This
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Rr Savings
Key Deleted : HKCU\Software\AppDataLow\Software\RrSavings
Key Deleted : HKCU\Software\AppDataLow\Software\ShoppingReport2
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BrowserMngr
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : HKLM\SOFTWARE\RrSavings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trusted Software Assistant_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tweaks File Extractor
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.10
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Homepage Protection Service
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IspAssistant-Mp3Tube
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mp3Tube Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuestScan
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RrSavings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Trusted Software Assistant_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Tweaks File Extractor
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Coupon Printer for Windows5.0.0.10
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16584

-\\ Mozilla Firefox v33.1 (x86 en-US)

[dt038pgv.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[dt038pgv.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
[dt038pgv.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[dt038pgv.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
[dt038pgv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.129571859753082121.isToggled_item0_11", "true");user_pref("extensions.autoDisableScopes", 0);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.129813684259252248.APP_WIN_FEATURES", "resizable=0,saveresizedsize=0,titlebar=0,closeonexternalclick=1,savelocation=0,openposition=offset:(25;30)");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.BT_Stats", "{\"last_log\":1345400923,\"uuid\":694668359549271,\"seq_id\":1,\"ssb\":1345400923}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.FirstTime", "true");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.FirstTimeFF3", "true");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.UserID", "UN65687175970836470");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.autoDisableScopes", -1);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.cbfirsttime", "Sun Aug 19 2012 14:28:42 GMT-0400 (Eastern Daylight Time)");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.defaultSearch", "FALSE");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.enableAlerts", "always");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.enableSearchFromAddressBar", "FALSE");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.firstTimeDialogOpened", "true");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.fixPageNotFoundError", "true");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.fixUrls", true);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.installId", "fft2327.tmp.exe");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.installType", "XPE");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.isNewTabEnabled", false);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Asupport\",\"EB_MAIN_FRAME_TITLE\":\"Troubleshooting%20Information\",\"EB_TOOLBAR_SUB_DOMAIN\":\"h[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.openThankYouPage", "true");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.openUninstallPage", "FALSE");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.search.searchAppId", "129813684258939747");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.search.searchCount", "0");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.searchInNewTabEnabled", "false");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1345400916811");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_appTracking_lastUpdate", "1345400919481");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1345713392930");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1345400917513");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.10.20.14_lastUpdate", "1346145548140");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1346890195196");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1345400919399");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1345713393375");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1346837702776");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1345400919193");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1346895127281");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1346837703832");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.settingsINI", true);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.shouldFirstTimeDialog", "false");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.smartbar.CTID", "CT3220468");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.smartbar.Uninstall", "0");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.toolbarBornServerTime", "19-8-2012");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("CT3220468.toolbarCurrentServerTime", "6-9-2012");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("browser.search..selectedEngineURL", "hxxp://mp3tubetoolbar.com/?&prt=pinballtbfour01ff&clid=c6664edd411a4edeb6af3c4ebc0ce3df&subid=&keywords={searchTerms}");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.TVvie_4g.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=Y8xdm002YYus&ptb=DAE8AAC8-F9FB-4821-A2E6-516E4918D3BD&ind=2011091012&ptnrS=Y8xdm002YYus&si[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.TVvie_4g.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Y8xdm002YYus&ptb=DAE8AAC8-F9FB-4821-A2E6-516E4918D3BD&ind=2011091012&ptnrS=Y8xdm002YYus&si=tvvie&[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "13571210a8c6d7ad36acdaa1086a560a");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationThankYouPage", true);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1328393199);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.searchUserConifrmation", false);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setHomepage", false);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setNewTab", false);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setSearch", false);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.active", true);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.addressbar", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.affid", "0");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.backgroundjs", "\n\n_GPL_PID = 21;\nfunction parse_url(str,component){var key=['source','scheme','authority','userInfo','user','pass','host','port','relati[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.backgroundver", 8);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.certdomaininstaller", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.changeprevious", false);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1328393199");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallerParams.value", "%7B%22source_id%22%3A%224caa425a93dbdb1f6d0AQ3204%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%2217632%26subid%3D%26pi[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.value", "1328393199");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_geo.expiration", "Sun Apr 22 2012 19:20:43 GMT-0400 (Eastern Daylight Time)");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_geo.value", "%7B%22geoplugin_city%22%3A%22Hyden%22%2C%22geoplugin_region%22%3A%22KY%22%2C%22geoplugin_areaCode%22%3A606%2C%22geoplugin_dmaCode%[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.value", "%221%22");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%224caa425a93dbdb1f6d0AQ3204%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%2217632%26subid%3[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.value", "%2217632%22");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.value", "%2218092%22");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.description", "I Want This!");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.domain", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.emailsig", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.enablesearch", false);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.exposesites", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.fbremoteurl", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.group", 0);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.homepage", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.iframe", false);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.js", "\n\nvar _GPL_PID = 21;\n\n(function($) { \n\n $.geoplugin = function(options) {\n var baseCurrency = \"USD\";\n var address = null;\n var[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.manifesturl", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.name", "I Want This");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.newtab", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.opensearch", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.code", "(function(b){b.selectedText=function(f,a){function c(){if(window.getSelection)return window.getSelection();if(document.getSelecti[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.name", "CrossriderAppUtils");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.ver", 1);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.code", "(function(a){a.later=function(b,g,d,c,e){var b=b0,g=g{},k=d,j=a.makeArray©,h;\"string\"===typeof d&&(k=g[d]);if(!k)throw{na[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.name", "CrossriderUtils");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.ver", 1);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.code", "(function(f){function t(b,d){for(css_prop in d)d.hasOwnProperty(css_prop)&&(b.style[css_prop]=d[css_prop])}function r(b,d){var b=[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.name", "FacebookFFIE");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.ver", 1);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.code", "(function(b,a){function i(c,a,d,f){\"defineProperty\"in Object?Object.defineProperty(c,a,{get:function(){return b.prefs[f](h+d)}}[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.name", "FFAppAPIWrapper");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.ver", 1);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.code", "var $$jquery;\n(function(l,n){function X(){if(!c.isReady){try{k.documentElement.doScroll(\"left\")}catch(a){setTimeout(X,1);retur[...]
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.name", "jQuery");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.ver", 1);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_0", "17,14,16");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_1", "17,14,13,16,15");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.pluginsurl", "hxxp://app-static.crossrider.com/plugin/apps/2258/plugins/079/ff/plugins.json");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.pluginsversion", 1);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.premium", true);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.publisher", "215 Apps");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.searchstatus", 0);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.setnewtab", false);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.settingsurl", "");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.thankyou", "hxxp://iw.antthis.com/thankyou.html");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.updateinterval", 360);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.ver", 43);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.adsOldValue", -1);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.apps", "2258");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.bic", "13571210a8c6d7ad36acdaa1086a560a");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.cid", 2258);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.firstrun", false);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.hadappinstalled", true);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.installationdate", 1329042885);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.jsver", 3);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.lastcheck", 22242200);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.lastcheckitem", 22242420);
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.misc.lastBgWorkerTimer", "1334545210983");
[bsh74n5k.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.misc.lastDomWorkerTimer", "1334545210978");
[lqip7i5t.default-1346898659536\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
[lqip7i5t.default-1346898659536\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
[lqip7i5t.default-1346898659536\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
[mqthf711.default-1349124183048\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
[mqthf711.default-1349124183048\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
[mqthf711.default-1349124183048\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");

-\\ Google Chrome v

[C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=DD8455F6-F185-46CB-97BB-FFD662F4088A&n=77fcb7b6&ind=2013050806&p2=^AFA^chr999^YY^us&si=101497
[C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=DD8455F6-F185-46CB-97BB-FFD662F4088A&n=77fcb7b6&ind=2013050806&p2=^AFA^chr999^YY^us&si=101497
[C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=BE4A1486-BA3F-41C1-A083-B219093800EC&apn_ptnrs=TV&apn_sauid=23AF8AFA-2CE2-4ED0-80D0-FC53FF1E415B&apn_dtid=OSJ000YYUS&q={searchTerms}
[C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=BE4A1486-BA3F-41C1-A083-B219093800EC&apn_ptnrs=TV&apn_sauid=23AF8AFA-2CE2-4ED0-80D0-FC53FF1E415B&apn_dtid=OSJ000YYUS&q={searchTerms}
[C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=DD8455F6-F185-46CB-97BB-FFD662F4088A&n=77fcb7b6&ind=2013050806&p2=^AFA^chr999^YY^us&si=101497
[C:\Users\Pooh~Mar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=DD8455F6-F185-46CB-97BB-FFD662F4088A&n=77fcb7b6&ind=2013050806&p2=^AFA^chr999^YY^us&si=101497

*************************

AdwCleaner[R0].txt - [46254 octets] - [11/11/2014 18:56:46]
AdwCleaner[S0].txt - [48304 octets] - [11/11/2014 19:02:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [48365 octets] ##########

Here is JRT.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows Vista ™ Home Premium x86
Ran by Pooh~Mar on Tue 11/11/2014 at 19:51:07.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] couponprinterservice
Successfully deleted: [Service] couponprinterservice

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TVvie_4g.Radio
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}

~~~ Files

Successfully deleted: [File] "C:\Windows\couponprinter.ocx"
Successfully deleted: [File] "C:\Windows\wininit.ini"

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Pooh~Mar\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Pooh~Mar\appdata\locallow\tvvie_4g"
Successfully deleted: [Folder] "C:\Users\Pooh~Mar\appdata\locallow\tvvie_4gei"
Successfully deleted: [Folder] "C:\Users\Pooh~Mar\Local Settings\Application Data\cre"
Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Program Files\tvvie_4gei"
Successfully deleted: [Folder] "C:\Program Files\winferno\registrypowercleaner"
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{01852987-DC9C-48E2-A037-429EEDEF9BA9}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{05432865-19C5-422C-A1BB-E3E6A457F40C}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{06E44094-92F1-4234-8380-ECEE07352D1C}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{06F201E2-2502-4D5B-A349-7FD6F1A4A19F}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{06F2D429-6B6E-47B1-9632-8FE6DBBD6304}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{096C03B9-8E5B-43CA-98F3-2A157DC216E7}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{0A5AB2E8-BBD0-4183-94ED-3D4094F329BF}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{0A7BD922-9207-4667-A947-D9E87DDA1EE8}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{0FF71645-174D-4806-8B2A-57FF8148D0B5}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{15C538CE-CE75-4710-BCB9-0226226E44FA}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{161710AC-D6F9-491B-ADAC-6FC6B4A13B49}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{181D4DDA-0168-4341-A9D7-6481B1BDEE6F}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{184DEF9E-26B2-4985-A2D8-08A4ABB46DD3}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{18A7AABE-ADA3-413D-915A-FDC708C4B80C}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{18B1CFED-F554-4FEE-A374-7726957D0DAF}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{19C7F1D8-348E-4063-9575-1C605CAFFFC5}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{1ACDBBB9-9E36-41BC-8127-B476B8090DE7}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{1E2C724F-EABA-466A-AF04-04C55C62A654}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{1EBD194D-1A69-4E93-8733-B6FB07CB8A84}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{2011F6A3-6211-43F5-ACF3-BA5B40F16713}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{20E450B3-9F4F-4304-BE7B-A037A9832708}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{23A6F15A-8FD4-4931-A33F-7319D17B7FEA}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{2931317A-2C46-4B0A-A1C0-4E6F2BCEEAE8}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{2B8017A6-AB57-4F3A-8421-EADD2A7617D4}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{2C6A8058-D2FC-4DD7-B524-2C13D008F211}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{2DD7F25A-2B30-4AC0-958D-AFFED66D795C}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{2E3989C7-8336-4467-B20A-779E096FA148}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{313F3FEA-2DCF-4534-B9BA-54CECCC76BD9}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{33AE29BD-73C7-4632-907C-8BDA912BBA5F}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{33EAB7BB-291C-4169-B085-CADE0167CB84}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{3660477F-DB6B-4D5A-BF2B-0FA56E2B8945}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{40F3A2F7-50D4-41DD-8DEF-F9DEB66A6BBC}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{416E9226-8FAD-4131-AD78-77A02EB8ECDB}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{44BB522C-038B-45A8-ADDC-CD1A4E3A6876}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{46C564E6-6270-4694-91D8-500A52934345}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{47B79F79-9177-42E1-9CDB-FD732C4115A6}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{4F62F16A-9EC9-4884-A057-57E555F69823}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{4FFFC1CB-1610-411B-9105-1BED8FDF4171}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{50659AAB-5E6C-4DB1-A58A-15AD1C60B5D8}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{543407A8-4A24-4EBA-A06A-7511CC9EAA06}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{5CFA1B69-F286-4527-8362-EB9281CB70F9}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{5DD988D1-023E-4D48-9454-EB7E6361FDE5}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{5F1FB4BB-A135-47A1-A224-AAB278774665}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{64BDA4D3-6AAD-45B7-B26B-910438627080}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{67A56039-4D77-4C91-BF8A-CCD16E39D8B0}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{6A7B49C3-34AF-43C4-9E5F-B20A78A3C1FB}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{6A8B2A17-4FE5-43C1-BB3E-52111E7C1E22}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{7420281D-C1C1-467B-A227-7017C52AF6D6}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{7490562D-D74C-4CD7-B5C9-76CE0B100534}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{749C22E4-E35F-4F6C-B5A8-FF8D84B288A2}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{7A0C1038-B6D7-4EBE-95D6-330D7702FA9F}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{7A4A1219-1E05-401C-82D1-45FF3942A715}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{7DACFFB0-4394-4602-BE1B-46A292E600B6}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{816C45CC-015F-4434-ACA2-11797F4F5FE8}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{822B30DC-E3A9-4ECE-8AD4-AFB6CD481DB8}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{825159D5-6E4D-41B5-B457-27A85BF12616}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{842D4D09-577E-4C51-AFC6-A9635F4C77C4}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{86E6C7C4-330A-42E5-BBA4-DE6FCF90764A}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{89AEF119-ADC6-4855-A447-E6D2C944C617}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{8AAB3925-D1E7-4558-9555-7B24D8A0BBA2}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{8DE03DAD-CC49-4FB8-937F-C4DB135C53E0}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{92C20775-B997-409D-996E-49A2A7E88994}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{95DB3525-4C1D-4052-999C-676CD01B961C}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{96DE83F5-3237-4886-9FBD-C580B227D5CF}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{9713BB19-DA77-428A-851F-2177F102997E}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{9833E66C-CA31-4428-ACF0-EA63088BA535}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{99FFC481-1D3E-46EE-B85C-F80A8B9A7DCE}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{9CC560F9-4068-4601-8C14-D7F7356D2D6C}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{9D86BA96-A71C-45BB-A933-61717E0D9DA2}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{9DD66807-5668-4AFE-A0F1-80A57E7D4A67}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{A2B3D967-6BE0-4F31-BC34-CF2FC2F30672}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{A3361A72-641F-4240-BE28-EAE17D957AF8}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{A82F2AA6-9467-4E1D-AABB-CB98FC08EB92}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{A8359C66-B85A-4164-816B-5DBA34051D07}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{A9AEF835-35FC-4CF3-81F7-F3C4BB140937}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{AAE2F4F4-AEFC-4E5E-9A99-3BEF9B663514}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{AC7F88F2-2474-4AB0-919E-B1D58D341D5E}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{AEAE851B-A97C-4DD3-9328-61CBD5064850}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{B4AF81D2-6D62-4D8C-B17F-4A3BFD7DFA7D}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{B5120074-40B6-4568-AB98-0B9E1DA2FB14}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{B6D5A828-FE8C-4DA7-9729-F2FA55F427EF}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{B792EBCA-93A4-4380-A127-0913EF0CCA8F}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{B8B1E4AD-596C-4C45-A39E-CDDC58B471C7}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{B9B94B9F-20F5-4B22-9E28-F0DC146F6B03}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{B9E36DD4-1ABE-4D5C-B0E3-1FFF127F6A4F}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{BBA7740A-D08F-4613-A622-D54C8C5E0B96}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{BE2986D7-49DE-4BF6-8233-80095B3191E1}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{C06116F5-BA72-4ABA-A441-55C1BF1E6050}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{C15B95B7-5F46-4641-976A-5FFF66A4E8D3}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{C2B5200B-20A9-4F2B-B06D-B621FD3A8CD1}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{C3873292-9081-4D15-BADE-46EBCEF28996}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{C4FD6A2D-9B2A-4213-BB19-052C011CE5F1}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{C8185F59-DA46-4619-91D5-809D28C6139C}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{CD35D920-3331-4122-9F8C-98D2BFE79DBB}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{CD8F5EEF-C482-4C3C-A04C-B9F04910F364}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{CE370A1D-EE16-45F1-993B-4F3385D9F4C6}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{D10C7769-BFA5-4B6F-A16F-F958E1196C24}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{D2B9A09F-6175-45B1-9BCF-F7060EBCCC53}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{D6313FDD-7536-4021-AD38-591804C9B05D}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{D80E3732-46EE-4DFC-989D-785C0BE9E652}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{D9858A1E-3FF0-472D-ABBC-C91C40BE8BF4}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{DA73F016-6205-4DF6-89E6-DF896413AF87}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{DA774969-B9CA-44CB-A6CC-64404966C987}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{DD46A6F2-4D08-40DE-B12C-ECB9BB3A2C77}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{DF7A3DC5-4885-442D-AF84-C5677FD822CD}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{E0107D69-88C1-4F1D-B8A4-E55F3359F677}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{E06D45E9-E1E7-40C7-8436-B03F8DA00519}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{E0BC0092-0A61-49DC-A487-E3BB559B4113}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{E1106088-90FF-4B82-9897-0F4F90788694}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{E28B8806-8E14-4BC3-BACF-F2FE412EA05A}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{E3669FB5-012B-4BD1-9494-1A31BD17C7AE}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{E39868F4-7E25-4356-9268-3DC95F06826B}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{E4BDC377-CB18-4CBB-939D-44EA12237E6F}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{E603CB6F-CAE8-4C8E-B23C-AF21CD2DBEF7}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{E9533C53-F7FE-4E73-9D5D-EDF6292290E3}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{EA843376-8A90-47BA-9CF4-DE1BDA6E9710}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{ECB2E51C-BB25-4014-8FC9-594B4D8A26A7}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{ED72D554-1F9D-4A5F-BBF4-6AFF943410E9}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{EE5FB034-6CD1-471E-9DEE-A9C6F6BAE718}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{F03B089C-8D8E-4731-A7A7-F4B1E84BA1FA}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{F13F0390-5264-49EB-BB63-342ABBD6B01E}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{F43688C7-792D-4CE6-8707-D9646FA68033}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{F5B18310-A168-44B2-BFB6-3B59B794CB1B}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{F6B47E09-B7D3-4C69-B817-F1689720F1D5}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{F84A7220-0C60-4A84-8850-F98A24041960}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{F9FC319D-AB27-4121-A76E-F71DFDE206DC}
Successfully deleted: [Empty Folder] C:\Users\Pooh~Mar\appdata\local\{FB6A0972-2A51-4EF8-A77F-712FE0568F99}

~~~ FireFox

Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\[email protected]"
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\4gffxtbr@tvvie_4g.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tvvie_4g.com/plugin
Emptied folder: C:\Users\Pooh~Mar\AppData\Roaming\mozilla\firefox\profiles\mryign2z.default-1404603865777\minidumps [140 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/11/2014 at 19:53:26.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#8
emeraldnzl

Posted 11 November 2014 - 07:04 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello again brothaman23464,

Please download Farbar Service Scanner and run.

Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other Services

Press Scan
A log (FSS.txt) will be created in the same directory the tool is run.
Copy and paste the log back here.

#9
brothaman23464

Posted 11 November 2014 - 07:12 PM

Member

Topic Starter
Member
17 posts

Ok emeraldnzl, below is FSS.txt log

Farbar Service Scanner Version: 21-07-2014
Ran by Pooh~Mar (administrator) on 11-11-2014 at 20:10:12
Running from "C:\Users\Pooh~Mar\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Other Services:
==============

File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcsvc.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed

**** End of log ****

#10
emeraldnzl

Posted 11 November 2014 - 07:20 PM

GeekU Instructor

GeekU Moderator
20,051 posts

That looks good.

Are you going to use Microsoft Security Essentials or install the AVG one?

I think I recommended the MSE one earlier. This because for me it is getting bloated in it's old age and it comes with a suspect toolbar. Up to you though.

If you decide to keep MSE please update it and run a full scan. Come back and tell me how it went.

Also please note that on reboot Windows Firewall should re-enable itself to work with MSE but if it doesn't please do this:

Go to Control Panel > System and Security > Windows Firewall > and on the left panel click Turn Windows Firewall on or off

In the window that opens check the Turn off Windows Firewall (not recommended) items.
Click OK.

If you decide to go the AVG way then please update and run a full scan with that and tell me the results.

#11
brothaman23464

Posted 11 November 2014 - 07:26 PM

Member

Topic Starter
Member
17 posts

Thanks for all your help emeraldnzl. I'm going to go with the AVG since I have already paid for a year. Hopefully it will install this time and I will give you the results of the scan.

#12
emeraldnzl

Posted 11 November 2014 - 07:27 PM

GeekU Instructor

GeekU Moderator
20,051 posts

:thumbsup:

#13
brothaman23464

Posted 11 November 2014 - 07:39 PM

Member

Topic Starter
Member
17 posts

Well, just tried installing the AVG and still getting same error message. If I had hair, I would be pulling it out right now.

#14
emeraldnzl

Posted 11 November 2014 - 07:49 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Have you uninstalled MSE?

If not, do that and then try your download and installation again. You may have to run the AVG removal tool before re-installation though if AVG partially installed before being blocked.

#15
brothaman23464

Posted 11 November 2014 - 08:26 PM

Member

Topic Starter
Member
17 posts

Well, MSE is not in my program list of programs that I can uninstall, so I'm guessing it is. Everytime I run AVG removal tool part way through it gives me an error that it has quit working.