Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Pop-up problems/Malware possible? [Solved]

Started by iburiedpaul , Nov 27 2014 06:23 PM

  • This topic is locked This topic is locked

#1
iburiedpaul
Posted 27 November 2014 - 06:23 PM

iburiedpaul

    Member

  • Member
  • PipPip
  • 34 posts

I seem to be having some problems with popups after installing/then uninstalling some freeware on my HP Pavillion laptop. The freeware was a MP4 to AVI converter and the problems occured right after uninstalling it. the pop ups appear on the bottom left, and right of the screen and change with the pages visited. I scanned my computer with Spyhunter and some of the threats detected incude: conduit search toolbar (59 infections), delta-search.com (41 infections), adware helpers (20 infections), PUP iLivid (4862 infections), and others. Can someone please help me out in getting rid of this problem? Any and all help is truly appreciated. Thank you

 

PS-I forgot to mention that the pop ups have a tab on them that says "Hold Page" not sure if that helps


Edited by iburiedpaul, 27 November 2014 - 06:33 PM.

  • 0

Advertisements

#2
Essexboy
Posted 28 November 2014 - 11:40 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there first I will need to look at the system

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
iburiedpaul
Posted 28 November 2014 - 04:16 PM

iburiedpaul

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Thanks so much for your help :spoton: Here are both logs generated...

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Willard (administrator) on WILLARD-PC on 28-11-2014 17:02:13
Running from C:\Users\Willard\Downloads
Loaded Profile: Willard (Available profiles: Willard)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Corporation) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\AESTSr64.exe
(Agere Systems) C:\Windows\System32\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\SMINST\BLService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Users\Willard\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Willard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_233.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_233.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [246784 2008-01-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [441344 2008-09-11] (IDT, Inc.)
HKLM-x32\...\Run: [DVDAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] => C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1316136 2008-12-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] => C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-25] (CyberLink)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe [239336 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-08-26] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SMessaging] => C:\Users\Willard\AppData\Local\Strongvault Online Backup\SMessaging.exe
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => "C:\Users\Willard\Desktop\HP Webcam\MUITransfer\MUIStartMenu.exe" "C:\Users\Willard\Desktop\HP Webcam" UpdateWithCreateOnce "Software\CyberLink\HP Webcam\1.0"
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-03-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\Run: [HPAdvisor] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [966656 2008-11-18] (Hewlett-Packard)
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\Run: [Spotify] => C:\Users\Willard\AppData\Roaming\Spotify\Spotify.exe [5576408 2012-10-09] (Spotify Ltd)
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\Run: [Spotify Web Helper] => C:\Users\Willard\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-10-09] ()
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\Run: [Media Finder] => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Willard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Willard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/?mtmhp=hyplogusaolp00000019
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL =
SearchScopes: HKLM -> {314502BD-5212-4FC8-95CA-A5CF8EA1313C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM -> {8A257C0B-8A05-46F1-A178-6022177EB9A8} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF
SearchScopes: HKLM-x32 -> DefaultScope {27B85468-DBA3-4579-8B05-C2CA35A9100D} URL =
SearchScopes: HKLM-x32 -> {314502BD-5212-4FC8-95CA-A5CF8EA1313C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=amonetizetest1-ie&s_qt=sb&tb_uuid=20121212121252355&tb_oid=12-12-2012
&tb_mrud=12-12-2012

SearchScopes: HKLM-x32 -> {8A257C0B-8A05-46F1-A178-6022177EB9A8} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> DefaultScope {27B85468-DBA3-4579-8B05-C2CA35A9100D} URL =
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {27B85468-DBA3-4579-8B05-C2CA35A9100D} URL =
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {314502BD-5212-4FC8-95CA-A5CF8EA1313C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=amonetizetest1-ie&s_qt=sb&tb_uuid=20121212121252355&tb_oid=12-12-2012
&tb_mrud=12-12-2012

SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {64DEDB01-D034-40D8-8348-EB4665778288} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={780E82BA-C08A-46F7-A143-B9C071E8EB2A}&mid=20a4b870cbf34b429da25b196b2d3160-e1b2088e01e0ddee5881229eece09f4bb7e0d1fe&lang=en&ds=hk011&pr=&d=2012-11-15 23:03:27&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: YoutubeAdblocker -> {56D6F469-7267-180A-A878-156A6AC2E3CB} -> C:\Program Files (x86)\YoutubeAdblocker\bmBMst.x64.dll No File
BHO: suurf and keeepp -> {D9153E97-69AD-A178-DE67-D7FDA9BF1E9D} -> C:\Program Files (x86)\suurf and keeepp\4h.x64.dll No File
BHO-x32: PopupBlockerBHO.CPopupBlockerBHO -> {0D929918-C804-4756-B0AC-640EF3F061E9} -> C:\Program Files (x86)\SmartPopupBlocker\PopupBlockerBHO.dll (aa)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Soda PDF 3D Reader Helper -> {2FE0F895-6D1D-4c80-A20D-18E42DE9B631} -> C:\Program Files (x86)\Soda PDF 3D Reader\PDFIEHelper.dll (LULU Software)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Soda PDF 3D Reader Toolbar - {64C9D46E-8F8B-4158-9780-A6581C7439B1} - C:\Program Files (x86)\Soda PDF 3D Reader\PDFIEPlugin.dll (LULU Software)
Toolbar: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c328fed4-6a85-11db-9fbd-806e6f6e6963}: [NameServer] 107.6.133.8,23.23.180.210

FireFox:
========
FF ProfilePath: C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_233.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_233.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\searchplugins\aol-search.xml
FF SearchPlugin: C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Broewse2ysuave - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\[email protected] [2013-03-28]
FF Extension: surf and keeep - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\[email protected] [2013-12-20]
FF Extension: AOL Toolbar - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2013-09-21]
FF Extension: Hold Page - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\{90018a24-bc1e-468a-b232-4bcc260b3165}.xpi [2014-11-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-13]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-04-08]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Soda PDF 3D Reader\FFSodaReaderExt
FF Extension: Soda PDF 3D Reader Converter For Firefox - C:\Program Files (x86)\Soda PDF 3D Reader\FFSodaReaderExt [2013-04-26]
FF HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fohginfilnjopabeoimmkhnpfegkfobb [2013-12-20]
CHR Extension: (surf and keeep) - C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeicgnbonnghphidgpojolgancpkmmfo [2013-12-20]
CHR Extension: (Broewse2ysuave) - C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfchmnnbbgfbdlhhdgjknkaomhlobhjc [2013-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx []
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-04-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\AESTSr64.exe [89088 2008-06-27] (Andrea Electronics Corporation)
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-12-17] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 Soda PDF 3D Reader Helper Service; C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe [1352024 2012-12-21] (LULU Software)
R2 Soda PDF 3D Reader Service; C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe [874328 2012-12-21] (LULU Software)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-11-27] (Enigma Software Group USA, LLC.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\STacSV64.exe [279040 2008-09-11] (IDT, Inc.)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-11-27] (Enigma Software Group USA, LLC.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-01-08] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-10-10] (ManyCam LLC)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U4 eabfiltr; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-28 17:02 - 2014-11-28 17:03 - 00027486 _____ () C:\Users\Willard\Downloads\FRST.txt
2014-11-28 16:59 - 2014-11-28 17:02 - 00000000 ____D () C:\FRST
2014-11-28 16:59 - 2014-11-28 16:59 - 02117632 _____ (Farbar) C:\Users\Willard\Downloads\FRST64.exe
2014-11-28 16:57 - 2014-11-28 16:57 - 01109504 _____ (Farbar) C:\Users\Willard\Downloads\FRST.exe
2014-11-27 16:15 - 2014-11-27 16:42 - 00000000 ____D () C:\Users\Willard\AppData\Local\CrashDumps
2014-11-27 15:22 - 2014-11-27 15:22 - 00003338 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-27 15:22 - 2014-11-27 15:22 - 00000921 _____ () C:\Users\Willard\Desktop\SpyHunter.lnk
2014-11-27 15:22 - 2014-11-27 15:22 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-11-27 15:22 - 2014-11-27 15:22 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Enigma Software Group
2014-11-27 15:22 - 2014-11-27 15:22 - 00000000 ____D () C:\sh4ldr
2014-11-27 15:20 - 2014-11-27 15:21 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-11-27 14:03 - 2014-11-27 16:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-27 14:02 - 2014-11-27 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-27 14:02 - 2014-11-27 14:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-27 14:02 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-27 14:02 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-26 21:39 - 2014-11-26 21:39 - 00000000 ____D () C:\Users\Willard\AppData\Local\MajorSilence
2014-11-26 20:58 - 2014-11-26 20:58 - 00000108 _____ () C:\Users\Willard\AppData\Roaming\settings.xml
2014-11-26 20:58 - 2014-11-26 20:58 - 00000000 ____D () C:\Users\Willard\AppData\Local\SkinSoft
2014-11-26 20:57 - 2014-11-26 20:57 - 00000000 ____D () C:\ProgramData\PCSettings
2014-11-26 20:55 - 2014-11-26 20:55 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\convertaudiofree
2014-11-26 20:55 - 2014-11-26 20:55 - 00000000 ____D () C:\Users\Willard\AppData\Local\StormFall
2014-11-26 20:53 - 2014-11-26 20:53 - 00792904 _____ ( ) C:\Users\Willard\Downloads\mp4toavi(1).exe
2014-11-26 20:52 - 2014-11-26 20:55 - 16741957 _____ (convertaudiofree) C:\Users\Willard\Downloads\mp4toavi.exe
2014-11-20 03:01 - 2014-10-23 20:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-20 03:01 - 2014-10-23 19:39 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 18:10 - 2014-11-27 14:47 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-11-19 18:10 - 2014-11-27 14:44 - 00000000 ____D () C:\Program Files (x86)\YTD Toolbar
2014-11-13 23:00 - 2014-11-13 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-13 03:21 - 2014-10-12 18:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 03:21 - 2014-09-18 19:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 03:21 - 2014-09-18 19:45 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 03:16 - 2014-08-11 21:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-13 03:16 - 2014-08-11 21:11 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 03:14 - 2014-10-17 20:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 03:14 - 2014-10-17 19:46 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 03:14 - 2014-10-09 20:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 03:14 - 2014-10-09 20:09 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 03:14 - 2014-10-09 20:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 03:14 - 2014-10-09 20:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 03:14 - 2014-10-09 20:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 03:14 - 2014-10-09 18:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 03:14 - 2014-10-09 18:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 03:14 - 2014-10-02 20:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 03:14 - 2014-10-02 20:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 03:14 - 2014-10-02 20:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 03:14 - 2014-10-02 20:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 03:14 - 2014-10-02 20:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 03:14 - 2014-10-02 20:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 03:14 - 2014-10-02 20:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 03:14 - 2014-10-02 18:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2014-11-13 03:02 - 2014-10-23 20:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 03:02 - 2014-10-23 19:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 03:01 - 2014-08-26 19:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 03:01 - 2014-08-26 19:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 03:01 - 2014-08-26 19:41 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 03:01 - 2014-08-26 19:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 11:56 - 2014-10-27 15:32 - 17870336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 11:56 - 2014-10-27 15:13 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 11:56 - 2014-10-27 15:12 - 10921472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 11:56 - 2014-10-27 15:07 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 11:56 - 2014-10-27 15:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 11:56 - 2014-10-27 15:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 11:56 - 2014-10-27 15:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 11:56 - 2014-10-27 15:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 11:56 - 2014-10-27 15:04 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 11:56 - 2014-10-27 15:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 11:56 - 2014-10-27 15:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 11:56 - 2014-10-27 15:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 11:56 - 2014-10-27 15:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 11:56 - 2014-10-27 15:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 11:56 - 2014-10-27 15:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 11:56 - 2014-10-27 15:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 11:56 - 2014-10-27 15:03 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 11:56 - 2014-10-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 11:56 - 2014-10-27 15:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 11:56 - 2014-10-27 15:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 11:56 - 2014-10-27 15:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 11:56 - 2014-10-27 14:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 11:56 - 2014-10-27 14:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 11:56 - 2014-10-27 14:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 11:56 - 2014-10-27 13:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 11:56 - 2014-10-27 13:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 11:56 - 2014-10-27 13:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 11:56 - 2014-10-27 13:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-12 11:56 - 2014-10-27 13:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 11:56 - 2014-10-27 13:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 11:56 - 2014-10-27 13:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-12 11:56 - 2014-10-27 13:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 11:56 - 2014-10-27 13:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 11:56 - 2014-10-27 13:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 11:56 - 2014-10-27 13:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 11:56 - 2014-10-27 13:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 11:56 - 2014-10-27 13:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 11:56 - 2014-10-27 13:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 11:56 - 2014-10-27 13:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-12 11:56 - 2014-10-27 13:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-12 11:56 - 2014-10-27 13:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-12 11:56 - 2014-10-27 13:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-10 18:12 - 2014-11-10 18:20 - 00000000 ____D () C:\Users\Willard\Downloads\Documents\dvd
2014-11-10 18:08 - 2014-11-11 12:38 - 00000000 ____D () C:\Program Files (x86)\DVD Flick
2014-11-10 18:08 - 2007-08-31 18:36 - 00036864 _____ (Robdogg Inc.) C:\Windows\SysWOW64\trayicon_handler.ocx
2014-11-10 18:08 - 2003-01-26 13:41 - 00040960 _____ (vbAccelerator) C:\Windows\SysWOW64\ssubtmr6.dll
2014-11-10 18:07 - 2014-11-10 18:08 - 12951423 _____ (Dennis Meuwissen ) C:\Users\Willard\Downloads\dvdflick_setup_1.3.0.7.exe
2014-11-07 19:34 - 2014-11-07 19:35 - 00274432 _____ () C:\Windows\Minidump\Mini110714-01.dmp
2014-11-06 19:55 - 2014-11-06 19:55 - 21495116 _____ ( ) C:\Users\Willard\Downloads\DVDStylerPortable-2.6.1-win32.exe
2014-11-06 18:03 - 2014-11-06 18:09 - 4293962665 _____ () C:\Users\Willard\Desktop\Hartford Whalers Final Game - Entire Game.mp4
2014-11-06 17:38 - 2014-11-06 17:38 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Digiarty
2014-11-06 17:37 - 2014-11-06 17:37 - 11037824 _____ (DigiartySoft, Inc. ) C:\Users\Willard\Downloads\winx-dvd-author.exe
2014-11-06 17:33 - 2014-11-06 17:34 - 22625445 _____ ( ) C:\Users\Willard\Downloads\DVDStyler-2.8-win32.exe
2014-11-06 16:47 - 2014-11-06 16:48 - 352531863 _____ () C:\Users\Willard\Desktop\Hartford Whalers vs. Montreal Canadiens Game 7 1992 Playoffs Full Game (edited)..mp4
2014-11-06 16:30 - 2014-11-06 16:30 - 147396856 _____ () C:\Users\Willard\Desktop\NHL Expansion Documentary.mp4
2014-11-06 15:57 - 2014-11-06 15:57 - 337747637 _____ () C:\Users\Willard\Desktop\Hartford Whalers 1986-87 Highlite Film - _Whalermania_.mp4
2014-11-06 15:56 - 2014-11-06 15:56 - 84674845 _____ () C:\Users\Willard\Desktop\New England (Hartford) Whalers WHA 1972-73 Championship Films (full).mp4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-28 16:56 - 2011-12-23 05:45 - 01659997 _____ () C:\Windows\WindowsUpdate.log
2014-11-28 16:54 - 2012-04-04 15:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-27 18:56 - 2013-12-20 13:14 - 00000000 ____D () C:\ProgramData\suurf and keeepp
2014-11-27 18:56 - 2012-04-19 18:38 - 00000000 ___RD () C:\Users\Willard\Desktop\PROGRAMS & APS
2014-11-27 18:18 - 2006-11-02 10:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-27 18:18 - 2006-11-02 10:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-27 17:12 - 2012-04-04 15:39 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-27 17:12 - 2012-04-04 15:39 - 00003684 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-27 17:12 - 2011-12-24 16:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-27 16:58 - 2014-06-26 11:55 - 00003110 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForWillard
2014-11-27 16:58 - 2014-06-26 11:55 - 00000342 _____ () C:\Windows\Tasks\HPCeeScheduleForWillard.job
2014-11-27 16:23 - 2012-01-27 16:59 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Spotify
2014-11-27 16:23 - 2009-06-01 09:47 - 00003582 _____ () C:\Windows\System32\Tasks\HP Health Check
2014-11-27 16:22 - 2013-10-05 10:08 - 00000000 ___RD () C:\Users\Willard\Dropbox
2014-11-27 16:22 - 2013-10-05 10:00 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Dropbox
2014-11-27 16:19 - 2013-12-20 13:14 - 00000448 ____H () C:\Windows\Tasks\SK.Enabler-S-1495795506.job
2014-11-27 16:19 - 2013-06-20 18:00 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-11-27 16:19 - 2013-06-03 15:14 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-11-27 16:18 - 2008-01-20 22:26 - 01472758 _____ () C:\Windows\PFRO.log
2014-11-27 16:18 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-27 16:17 - 2009-06-01 07:53 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-11-27 16:17 - 2006-11-02 10:42 - 00032598 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-27 16:16 - 2013-01-21 14:07 - 00003052 _____ () C:\Windows\System32\Tasks\{4B72CDD9-330D-4BC3-8790-9F9202563576}
2014-11-27 15:21 - 2014-01-08 11:02 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-11-27 14:45 - 2013-09-16 19:21 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\UpdaterEX
2014-11-27 14:45 - 2006-11-02 07:34 - 00000246 _____ () C:\Windows\win.ini
2014-11-27 14:44 - 2013-11-26 17:54 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-11-27 14:44 - 2013-06-14 21:21 - 00000000 ____D () C:\Windows\SysWOW64\ARFC
2014-11-27 14:02 - 2012-03-19 16:34 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Malwarebytes
2014-11-27 14:02 - 2012-03-19 16:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-27 14:02 - 2012-03-19 16:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-11-26 22:23 - 2009-06-01 08:28 - 00000000 ____D () C:\ProgramData\Norton
2014-11-20 18:41 - 2012-05-25 13:36 - 00154112 _____ () C:\Users\Willard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-20 18:40 - 2012-11-27 13:11 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\BitTorrent
2014-11-20 03:17 - 2012-04-28 00:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-19 18:10 - 2013-10-05 10:03 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-13 04:03 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:41 - 2006-11-02 10:21 - 00334080 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 03:19 - 2009-06-01 09:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:11 - 2013-08-14 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:02 - 2006-11-02 07:35 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-07 19:42 - 2006-11-02 07:46 - 00758854 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 19:34 - 2013-03-22 19:13 - 474232953 _____ () C:\Windows\MEMORY.DMP
2014-11-07 19:34 - 2012-12-30 23:12 - 00000000 ____D () C:\Windows\Minidump
2014-11-06 22:37 - 2011-12-23 04:21 - 00000000 ____D () C:\Users\Willard
2014-11-04 14:30 - 2012-02-22 01:47 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Willard\AppData\Local\Temp\CloudBackup3555.exe
C:\Users\Willard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfffox0.dll
C:\Users\Willard\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Willard\AppData\Local\Temp\FastDownload.exe
C:\Users\Willard\AppData\Local\Temp\htmlayout.dll
C:\Users\Willard\AppData\Local\Temp\ICSW_0R0S1E1T1C1J.exe
C:\Users\Willard\AppData\Local\Temp\SHSetup.exe
C:\Users\Willard\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Willard\AppData\Local\Temp\supoptsetup.exe
C:\Users\Willard\AppData\Local\Temp\uninst1.exe
C:\Users\Willard\AppData\Local\Temp\uttF5AA.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-27 16:29

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2014 01
Ran by Willard at 2014-11-28 17:04:11
Running from C:\Users\Willard\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.233 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.233 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
BitTorrent (HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 5.10.38.26 - Broadcom Corporation)
BrowseToSave (HKLM\...\{732C824C-3ADF-4AD8-A833-72FDA8CFA0BA}) (Version: 1.0 - ) <==== ATTENTION
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon PowerShot A4000 IS and A3400 IS and A2400 IS and A2300 and A1300 and A810 Camera User Guide (HKLM-x32\...\CameraUserGuide-PSA4000ISandA3400ISandA2400ISandA2300andA1300andA810) (Version: 1.0.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.7.0.11 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2326 - CyberLink Corp.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.28 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESU for Microsoft Vista (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Extended Update (HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\UpdaterEX) (Version:  - ) <==== ATTENTION
ffdshow v1.1.3572 [2010-09-13] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3572.0 - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.8.208 - SurfRight B.V.)
HP Active Support Library (HKLM-x32\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Doc Viewer (HKLM-x32\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard)
HP Help and Support (HKLM-x32\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.1.2328 - Hewlett-Packard)
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.1.2206 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.1.2425 - Hewlett-Packard)
HP MediaSmart SlingPlayer (HKLM-x32\...\HP.MediaSmartSlingPlayer_is1) (Version: 2.1 - Sling Media, Inc.)
HP MediaSmart SmartMenu (HKLM\...\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}) (Version: 2.1.7 - Hewlett-Packard)
HP MULTIPLE MODEM INSTALLER for VISTA (HKLM-x32\...\{45A136EC-88BF-4B95-99F5-C45D3930E1CC}) (Version: 1.0.0.30 - Hewlett Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.17.1 - Hewlett-Packard Company)
HP Total Care Advisor (HKLM-x32\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.5991.2847 - Hewlett-Packard)
HP Total Care Setup (HKLM-x32\...\{4916DFBD-403B-4707-AA64-294DC082B99F}) (Version: 1.1.2274.2854 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0125 (HKLM-x32\...\{C4CF43CE-94AE-498E-9EB1-C804E05CB3CA}) (Version: 1.00.0000 - Hewlett-Packard)
HP Webcam (HKLM-x32\...\InstallShield_{F639E2A2-FE6B-4527-B8BE-C1C423B81844}) (Version: 1.0.2827 - CyberLink Corp.)
HP Wireless Assistant (HKLM-x32\...\{E5E29403-3D25-40C6-892B-F9FEE2A95585}) (Version: 3.50 A6 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
IB Updater Service (HKLM\...\WNLT) (Version: 3.0.5.3 - ) <==== ATTENTION
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6087.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java™ 6 Update 33 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
Java™ 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
JMicron JMB38X Flash Media Controller (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.17.07 - JMicron Technology Corp.)
Juno Preloader (HKLM-x32\...\{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}) (Version: 1.0.0 - Juno, Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1118 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1118 - CyberLink Corp.) Hidden
LightScribe System Software  1.14.17.1 (HKLM-x32\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.97 - LSI Corporation)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}) (Version: 7.0.35.7660 - muvee Technologies Pte Ltd)
My HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
NetZero Preloader (HKLM-x32\...\{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2325 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.2325 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2317 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.2317 - CyberLink Corp.) Hidden
ProtectSmart Hard Drive Protection (HKLM\...\{2F97CE84-9C33-4631-821B-85EA371EA254}) (Version: 3.10.1.7 - Hewlett-Packard)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RAR File Open Knife - Free Opener (HKLM-x32\...\RAR File Open Knife - Free Opener) (Version: 3.40 - Philipp Winterberg)
Realtek 8101E/8168/8169 PCI/PCIe Adapters (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 6.210.1003.2008 - Realtek Corporation)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Slingbox - Watch Your TV Anywhere (HKLM-x32\...\{7B798B31-2F33-4DC8-BDA4-D36488E86636}) (Version: 1.0.0 - Sling Media)
Smart Popup Blocker version 1.20 (HKLM-x32\...\Smart Popup Blocker_is1) (Version:  - )
Soda PDF 3D Reader (HKLM-x32\...\{71753364-C964-42E0-9B4F-5B0C7C0DA69F}) (Version: 5.0.15.8803 - LULU Software)
Sothink Movie DVD Maker (HKLM-x32\...\{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1) (Version: 3.8 - SourceTec Software Co., LTD)
Spotify (HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\...\Spotify) (Version: 0.8.4.124.ga3559d86 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.20 - Safer-Networking Ltd.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
Strongvault Online Backup (x32 Version: 5.0.2.34 - Strongvault Online Backup) Hidden <==== ATTENTION
Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Updater By SweetPacks 2.0.0.609 (HKLM\...\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1) (Version: 2.0.0.609 - SweetPacks) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Windows Driver Package - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (HKLM\...\07B260955637F1FF7587ED2AA87459040DD09BF7) (Version: 09/04/2008 2.6.0.0 - ENE)
YTD Toolbar v10.3 (HKLM-x32\...\{DB3044F4-47BE-4104-8AED-D0B4038CCC80}) (Version: 10.3 - Spigot, Inc.) <==== ATTENTION
YTD Video Downloader 4.7.2 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.2 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Willard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willard\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willard\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willard\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willard\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willard\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willard\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willard\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willard\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

21-10-2014 16:11:00 Windows Update
28-10-2014 19:46:33 Windows Update
04-11-2014 20:17:48 Windows Update
10-11-2014 19:36:50 Scheduled Checkpoint
11-11-2014 17:00:24 Windows Update
13-11-2014 08:01:06 Windows Update
18-11-2014 16:24:58 Windows Update
20-11-2014 08:00:25 Windows Update
25-11-2014 21:04:41 Windows Update
27-11-2014 01:56:49 Installed Free MP4 To AVI Converter
27-11-2014 02:41:12 Removed Free MP4 To AVI Converter
27-11-2014 02:43:14 Removed Free MP4 To AVI Converter
27-11-2014 20:20:11 Removed SpyHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 07:34 - 2006-09-18 16:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {021BA55E-8D63-45E4-8D9E-5CEC2D658C31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27] (Adobe Systems Incorporated)
Task: {0B8FAE4F-EE19-43A7-8518-966274C21B7E} - System32\Tasks\Searchya => C:\Users\Willard\AppData\Roaming\Searchya\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {37EEF31E-F9F0-47AA-AD23-32BCE64F4BC0} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-10-06] (CyberLink Corp.)
Task: {3C22C827-C7F8-4C30-8F8B-57A6E21FC2BF} - System32\Tasks\{133D9B19-9865-42F9-AA3F-5D9CD116DC4D} => Firefox.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?page=tsProgressBar
Task: {3F141F82-107B-4720-9412-840ADE8A05B5} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {533D2E10-E93C-4EC7-9E3E-5D4D6954BC93} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-10-06] (CL)
Task: {6C7BB3D6-867A-496F-92E9-52EBFD4F0ED9} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {7D40D95E-3560-401D-8D55-F4C43C747839} - \LaunchSignup No Task File <==== ATTENTION
Task: {8232948F-4CE2-4EC3-A7BD-7B3A4F408CF5} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-10-06] (CL)
Task: {834F539F-BDB0-42D0-9DC2-62FCD6E891E1} - System32\Tasks\SK.Enabler-S-1495795506 => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION
Task: {B325FA75-F138-42D3-A869-B9EA5F97DECC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B331178B-8CF1-4D2C-AFF1-AD2ACB40FD18} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {C4FE3637-4F9E-4808-9683-5DF6EEEA8D5F} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-11-27] (Enigma Software Group USA, LLC.)
Task: {CAE23711-4EB8-4418-AC5B-8B867A1FEC39} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {CBA94AA1-1238-4BFE-8C20-3EF609CB8F57} - System32\Tasks\HPCeeScheduleForWillard => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2008-05-19] (Hewlett-Packard)
Task: {DCC6FD59-4945-4F87-8861-858670CD439E} - System32\Tasks\{D31EC2F4-097A-46D8-AA73-7CFC4D617279} => Firefox.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?page=tsProgressBar
Task: {E62F2FD5-69A2-46A2-9C75-885CB485203F} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{309B502D-594B-4D8E-A28C-DE182D5182CD}.exe
Task: {F97A23D7-79BD-4A5F-9B0B-679178037B5F} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-10-06] (CL)
Task: {FBBD20EA-F0DC-4042-BA82-87C8CFA99911} - \BitGuard No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{309B502D-594B-4D8E-A28C-DE182D5182CD}.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForWillard.job => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\SK.Enabler-S-1495795506.job => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-02-05 18:20 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2009-06-01 09:41 - 2008-12-17 18:11 - 00365952 _____ () C:\Program Files (x86)\SMINST\BLService.exe
2009-06-01 09:33 - 2008-09-15 09:13 - 00241734 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-10-31 13:47 - 2013-10-31 13:47 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2014-08-11 14:12 - 2014-08-11 14:11 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2012-05-10 22:25 - 2012-10-09 11:53 - 01193176 _____ () C:\Users\Willard\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
2009-10-06 22:56 - 2009-10-06 22:56 - 00090920 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\Common\MCEMediaStatus64.dll
2012-11-15 23:03 - 2014-08-26 10:51 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2013-02-12 21:37 - 2013-02-12 21:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2009-07-01 15:44 - 2009-07-01 15:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-06-01 09:41 - 2008-12-17 18:11 - 00132480 _____ () C:\Program Files (x86)\SMINST\STWmiM.dll
2009-06-01 09:33 - 2008-09-15 09:13 - 00028672 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2013-06-20 17:59 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-06-20 17:59 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-06-20 17:59 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-06-20 17:59 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-06-20 17:59 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-11 14:12 - 2014-08-11 14:11 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2007-07-12 16:55 - 2007-07-12 16:55 - 01581056 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2007-08-14 16:59 - 2007-08-14 16:59 - 06365184 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2007-07-12 16:55 - 2007-07-12 16:55 - 00131072 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2008-11-18 12:57 - 2008-11-18 12:57 - 00057344 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2008-11-18 13:03 - 2008-11-18 13:03 - 00032768 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
2008-11-18 12:56 - 2008-11-18 12:56 - 00118784 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\ECLibrary.dll
2008-11-18 12:56 - 2008-11-18 12:56 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2008-11-18 12:56 - 2008-11-18 12:56 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2008-11-18 12:56 - 2008-11-18 12:56 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2011-12-26 19:19 - 2009-04-11 01:28 - 00368640 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2008-11-18 12:56 - 2008-11-18 12:56 - 00010240 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2008-11-18 12:57 - 2008-11-18 12:57 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-10-06 22:57 - 2009-10-06 22:57 - 00120232 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
2009-10-06 22:57 - 2009-10-06 22:57 - 00279976 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
2009-10-06 22:57 - 2009-10-06 22:57 - 00464168 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
2014-11-27 16:22 - 2014-11-27 16:22 - 00043008 _____ () c:\users\willard\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfffox0.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\Willard\AppData\Roaming\Dropbox\bin\libcef.dll
2008-12-25 16:41 - 2008-12-25 16:41 - 00881960 ____N () C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2013-02-12 21:38 - 2013-02-12 21:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-11-13 23:00 - 2014-11-13 23:00 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-11-27 17:12 - 2014-11-27 17:12 - 16858288 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_233.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
AlternateDataStreams: C:\Users\Willard\Desktop\Overstreet's World of Comic Books.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Willard\Desktop\Supergirl_ Stranger in a Strange Land Fan-Film INTERNATIONAL version.mp4:TOC.WMV

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3072893087-1111557918-2373783436-500 - Administrator - Disabled)
Guest (S-1-5-21-3072893087-1111557918-2373783436-501 - Limited - Disabled)
Willard (S-1-5-21-3072893087-1111557918-2373783436-1000 - Administrator - Enabled) => C:\Users\Willard

==================== Faulty Device Manager Devices =============

Name: isatap.home
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: isatap.home
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: isatap.home
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/28/2014 04:54:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1185

Error: (11/28/2014 04:54:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1185

Error: (11/28/2014 10:55:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/27/2014 09:28:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1170

Error: (11/27/2014 09:28:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1170

Error: (11/27/2014 09:28:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/27/2014 09:25:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5712647

Error: (11/27/2014 09:25:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5712647

Error: (11/27/2014 09:25:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/27/2014 07:50:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1092


System errors:
=============
Error: (11/28/2014 04:59:30 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&04E4) disappeared from the system without first being prepared for removal.

Error: (11/28/2014 04:59:30 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&03E4) disappeared from the system without first being prepared for removal.

Error: (11/28/2014 04:59:30 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&02E4) disappeared from the system without first being prepared for removal.

Error: (11/28/2014 04:59:30 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: The device 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&00E4) disappeared from the system without first being prepared for removal.

Error: (11/28/2014 10:54:18 AM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&04E4) disappeared from the system without first being prepared for removal.

Error: (11/28/2014 10:54:18 AM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&03E4) disappeared from the system without first being prepared for removal.

Error: (11/28/2014 10:54:18 AM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&02E4) disappeared from the system without first being prepared for removal.

Error: (11/28/2014 10:54:18 AM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: The device 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&00E4) disappeared from the system without first being prepared for removal.

Error: (11/27/2014 07:28:13 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&04E4) disappeared from the system without first being prepared for removal.

Error: (11/27/2014 07:28:13 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&03E4) disappeared from the system without first being prepared for removal.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-28 17:03:58.464
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-28 17:03:58.136
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-28 17:03:57.712
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-28 17:03:57.510
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-28 17:03:56.932
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-28 17:03:56.530
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-28 17:03:56.167
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-28 17:03:55.887
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-28 17:02:45.139
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-28 17:02:44.727
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T6500 @ 2.10GHz
Percentage of memory in use: 78%
Total physical RAM: 3998.03 MB
Available physical RAM: 868.21 MB
Total Pagefile: 8233.33 MB
Available Pagefile: 3924.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.65 GB) (Free:87.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.44 GB) (Free:1.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

==================== End Of Log ============================


  • 0

#4
Essexboy
Posted 29 November 2014 - 04:41 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets get at it, after this run could you let me know what problems remain

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

HKLM-x32\...\Run: [SMessaging] => C:\Users\Willard\AppData\Local\Strongvault Online Backup\SMessaging.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL =
SearchScopes: HKLM -> {314502BD-5212-4FC8-95CA-A5CF8EA1313C} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> DefaultScope {27B85468-DBA3-4579-8B05-C2CA35A9100D} URL =
SearchScopes: HKLM-x32 -> {314502BD-5212-4FC8-95CA-A5CF8EA1313C} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> DefaultScope {27B85468-DBA3-4579-8B05-C2CA35A9100D} URL =
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {27B85468-DBA3-4579-8B05-C2CA35A9100D} URL =
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {314502BD-5212-4FC8-95CA-A5CF8EA1313C} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect..._oid=12-12-2012
&tb_mrud=12-12-2012
BHO: YoutubeAdblocker -> {56D6F469-7267-180A-A878-156A6AC2E3CB} -> C:\Program Files (x86)\YoutubeAdblocker\bmBMst.x64.dll No File
BHO: suurf and keeepp -> {D9153E97-69AD-A178-DE67-D7FDA9BF1E9D} -> C:\Program Files (x86)\suurf and keeepp\4h.x64.dll No File
Toolbar: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
FF Extension: Broewse2ysuave - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\[email protected] [2013-03-28]
FF Extension: surf and keeep - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\[email protected] [2013-12-20]
FF Extension: AOL Toolbar - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2013-09-21]
FF Extension: Hold Page - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\{90018a24-bc1e-468a-b232-4bcc260b3165}.xpi [2014-11-26]
CHR Extension: (No Name) - C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fohginfilnjopabeoimmkhnpfegkfobb [2013-12-20]
CHR Extension: (surf and keeep) - C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeicgnbonnghphidgpojolgancpkmmfo [2013-12-20]
CHR Extension: (Broewse2ysuave) - C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfchmnnbbgfbdlhhdgjknkaomhlobhjc [2013-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx []
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-04-02]
2014-11-27 15:22 - 2014-11-27 15:22 - 00003338 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-27 15:22 - 2014-11-27 15:22 - 00000921 _____ () C:\Users\Willard\Desktop\SpyHunter.lnk
2014-11-27 15:22 - 2014-11-27 15:22 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-11-27 15:22 - 2014-11-27 15:22 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Enigma Software Group
2014-11-27 15:20 - 2014-11-27 15:21 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-11-26 20:58 - 2014-11-26 20:58 - 00000108 _____ () C:\Users\Willard\AppData\Roaming\settings.xml
2014-11-26 20:58 - 2014-11-26 20:58 - 00000000 ____D () C:\Users\Willard\AppData\Local\SkinSoft
2014-11-26 20:57 - 2014-11-26 20:57 - 00000000 ____D () C:\ProgramData\PCSettings
2014-11-26 20:55 - 2014-11-26 20:55 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\convertaudiofree
2014-11-26 20:55 - 2014-11-26 20:55 - 00000000 ____D () C:\Users\Willard\AppData\Local\StormFall
2014-11-26 20:53 - 2014-11-26 20:53 - 00792904 _____ ( ) C:\Users\Willard\Downloads\mp4toavi(1).exe
2014-11-26 20:52 - 2014-11-26 20:55 - 16741957 _____ (convertaudiofree) C:\Users\Willard\Downloads\mp4toavi.exe
2014-11-19 18:10 - 2014-11-27 14:47 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-11-19 18:10 - 2014-11-27 14:44 - 00000000 ____D () C:\Program Files (x86)\YTD Toolbar
2014-11-27 18:56 - 2013-12-20 13:14 - 00000000 ____D () C:\ProgramData\suurf and keeepp
2014-11-27 16:16 - 2013-01-21 14:07 - 00003052 _____ () C:\Windows\System32\Tasks\{4B72CDD9-330D-4BC3-8790-9F9202563576}
2014-11-27 14:45 - 2013-09-16 19:21 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\UpdaterEX
Task: {0B8FAE4F-EE19-43A7-8518-966274C21B7E} - System32\Tasks\Searchya => C:\Users\Willard\AppData\Roaming\Searchya\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {7D40D95E-3560-401D-8D55-F4C43C747839} - \LaunchSignup No Task File <==== ATTENTION
Task: {834F539F-BDB0-42D0-9DC2-62FCD6E891E1} - System32\Tasks\SK.Enabler-S-1495795506 => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION
Task: {C4FE3637-4F9E-4808-9683-5DF6EEEA8D5F} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-11-27] (Enigma Software Group USA, LLC.)
Task: {FBBD20EA-F0DC-4042-BA82-87C8CFA99911} - \BitGuard No Task File <==== ATTENTION
Task: C:\Windows\Tasks\SK.Enabler-S-1495795506.job => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION
c:\programdata\quickset
C:\Users\Willard\AppData\Local\Strongvault Online Backup
C:\Program Files (x86)\suurf and keeepp
C:\Users\Willard\AppData\Roaming\Searchya
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#5
iburiedpaul
Posted 29 November 2014 - 10:38 AM

iburiedpaul

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Here is the log generated by FRST...

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-11-2014 01
Ran by Willard at 2014-11-29 11:12:49 Run:1
Running from C:\Users\Willard\Desktop
Loaded Profile: Willard (Available profiles: Willard)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [SMessaging] => C:\Users\Willard\AppData\Local\Strongvault Online Backup\SMessaging.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL =
SearchScopes: HKLM -> {314502BD-5212-4FC8-95CA-A5CF8EA1313C} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> DefaultScope {27B85468-DBA3-4579-8B05-C2CA35A9100D} URL =
SearchScopes: HKLM-x32 -> {314502BD-5212-4FC8-95CA-A5CF8EA1313C} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> DefaultScope {27B85468-DBA3-4579-8B05-C2CA35A9100D} URL =
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {27B85468-DBA3-4579-8B05-C2CA35A9100D} URL =
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {314502BD-5212-4FC8-95CA-A5CF8EA1313C} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect..._oid=12-12-2012
&tb_mrud=12-12-2012
BHO: YoutubeAdblocker -> {56D6F469-7267-180A-A878-156A6AC2E3CB} -> C:\Program Files (x86)\YoutubeAdblocker\bmBMst.x64.dll No File
BHO: suurf and keeepp -> {D9153E97-69AD-A178-DE67-D7FDA9BF1E9D} -> C:\Program Files (x86)\suurf and keeepp\4h.x64.dll No File
Toolbar: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-3072893087-1111557918-2373783436-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
FF Extension: Broewse2ysuave - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\[email protected] [2013-03-28]
FF Extension: surf and keeep - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\[email protected] [2013-12-20]
FF Extension: AOL Toolbar - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2013-09-21]
FF Extension: Hold Page - C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\{90018a24-bc1e-468a-b232-4bcc260b3165}.xpi [2014-11-26]
CHR Extension: (No Name) - C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fohginfilnjopabeoimmkhnpfegkfobb [2013-12-20]
CHR Extension: (surf and keeep) - C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeicgnbonnghphidgpojolgancpkmmfo [2013-12-20]
CHR Extension: (Broewse2ysuave) - C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfchmnnbbgfbdlhhdgjknkaomhlobhjc [2013-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx []
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-04-02]
2014-11-27 15:22 - 2014-11-27 15:22 - 00003338 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-27 15:22 - 2014-11-27 15:22 - 00000921 _____ () C:\Users\Willard\Desktop\SpyHunter.lnk
2014-11-27 15:22 - 2014-11-27 15:22 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-11-27 15:22 - 2014-11-27 15:22 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\Enigma Software Group
2014-11-27 15:20 - 2014-11-27 15:21 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-11-26 20:58 - 2014-11-26 20:58 - 00000108 _____ () C:\Users\Willard\AppData\Roaming\settings.xml
2014-11-26 20:58 - 2014-11-26 20:58 - 00000000 ____D () C:\Users\Willard\AppData\Local\SkinSoft
2014-11-26 20:57 - 2014-11-26 20:57 - 00000000 ____D () C:\ProgramData\PCSettings
2014-11-26 20:55 - 2014-11-26 20:55 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\convertaudiofree
2014-11-26 20:55 - 2014-11-26 20:55 - 00000000 ____D () C:\Users\Willard\AppData\Local\StormFall
2014-11-26 20:53 - 2014-11-26 20:53 - 00792904 _____ ( ) C:\Users\Willard\Downloads\mp4toavi(1).exe
2014-11-26 20:52 - 2014-11-26 20:55 - 16741957 _____ (convertaudiofree) C:\Users\Willard\Downloads\mp4toavi.exe
2014-11-19 18:10 - 2014-11-27 14:47 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-11-19 18:10 - 2014-11-27 14:44 - 00000000 ____D () C:\Program Files (x86)\YTD Toolbar
2014-11-27 18:56 - 2013-12-20 13:14 - 00000000 ____D () C:\ProgramData\suurf and keeepp
2014-11-27 16:16 - 2013-01-21 14:07 - 00003052 _____ () C:\Windows\System32\Tasks\{4B72CDD9-330D-4BC3-8790-9F9202563576}
2014-11-27 14:45 - 2013-09-16 19:21 - 00000000 ____D () C:\Users\Willard\AppData\Roaming\UpdaterEX
Task: {0B8FAE4F-EE19-43A7-8518-966274C21B7E} - System32\Tasks\Searchya => C:\Users\Willard\AppData\Roaming\Searchya\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {7D40D95E-3560-401D-8D55-F4C43C747839} - \LaunchSignup No Task File <==== ATTENTION
Task: {834F539F-BDB0-42D0-9DC2-62FCD6E891E1} - System32\Tasks\SK.Enabler-S-1495795506 => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION
Task: {C4FE3637-4F9E-4808-9683-5DF6EEEA8D5F} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-11-27] (Enigma Software Group USA, LLC.)
Task: {FBBD20EA-F0DC-4042-BA82-87C8CFA99911} - \BitGuard No Task File <==== ATTENTION
Task: C:\Windows\Tasks\SK.Enabler-S-1495795506.job => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION
c:\programdata\quickset
C:\Users\Willard\AppData\Local\Strongvault Online Backup
C:\Program Files (x86)\suurf and keeepp
C:\Users\Willard\AppData\Roaming\Searchya
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SMessaging => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{314502BD-5212-4FC8-95CA-A5CF8EA1313C}" => Key deleted successfully.
"HKCR\CLSID\{314502BD-5212-4FC8-95CA-A5CF8EA1313C}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{314502BD-5212-4FC8-95CA-A5CF8EA1313C}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{314502BD-5212-4FC8-95CA-A5CF8EA1313C}" => Key not found.
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{27B85468-DBA3-4579-8B05-C2CA35A9100D}" => Key deleted successfully.
"HKCR\CLSID\{27B85468-DBA3-4579-8B05-C2CA35A9100D}" => Key not found.
"HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{314502BD-5212-4FC8-95CA-A5CF8EA1313C}" => Key deleted successfully.
"HKCR\CLSID\{314502BD-5212-4FC8-95CA-A5CF8EA1313C}" => Key not found.
"HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}" => Key deleted successfully.
"HKCR\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}" => Key not found.
&tb_mrud=12-12-2012 => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56D6F469-7267-180A-A878-156A6AC2E3CB}" => Key deleted successfully.
"HKCR\CLSID\{56D6F469-7267-180A-A878-156A6AC2E3CB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D9153E97-69AD-A178-DE67-D7FDA9BF1E9D}" => Key deleted successfully.
"HKCR\CLSID\{D9153E97-69AD-A178-DE67-D7FDA9BF1E9D}" => Key deleted successfully.
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key not found.
HKU\S-1-5-21-3072893087-1111557918-2373783436-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => value deleted successfully.
"HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}" => Key not found.
C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\[email protected] => Moved successfully.
C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\[email protected] => Moved successfully.
C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} => Moved successfully.
C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\Extensions\{90018a24-bc1e-468a-b232-4bcc260b3165}.xpi => Moved successfully.
C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fohginfilnjopabeoimmkhnpfegkfobb => Moved successfully.
C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeicgnbonnghphidgpojolgancpkmmfo => Moved successfully.
C:\Users\Willard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfchmnnbbgfbdlhhdgjknkaomhlobhjc => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof" => Key deleted successfully.
"C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm" => Key deleted successfully.
C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx => Moved successfully.
C:\Windows\System32\Tasks\SpyHunter4Startup => Moved successfully.
C:\Users\Willard\Desktop\SpyHunter.lnk => Moved successfully.
C:\Users\Willard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter => Moved successfully.
C:\Users\Willard\AppData\Roaming\Enigma Software Group => Moved successfully.
C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP => Moved successfully.
C:\Users\Willard\AppData\Roaming\settings.xml => Moved successfully.
C:\Users\Willard\AppData\Local\SkinSoft => Moved successfully.
C:\ProgramData\PCSettings => Moved successfully.
C:\Users\Willard\AppData\Roaming\convertaudiofree => Moved successfully.
C:\Users\Willard\AppData\Local\StormFall => Moved successfully.
C:\Users\Willard\Downloads\mp4toavi(1).exe => Moved successfully.
C:\Users\Willard\Downloads\mp4toavi.exe => Moved successfully.
C:\Program Files (x86)\Application Updater => Moved successfully.
C:\Program Files (x86)\YTD Toolbar => Moved successfully.
C:\ProgramData\suurf and keeepp => Moved successfully.
C:\Windows\System32\Tasks\{4B72CDD9-330D-4BC3-8790-9F9202563576} => Moved successfully.
C:\Users\Willard\AppData\Roaming\UpdaterEX => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B8FAE4F-EE19-43A7-8518-966274C21B7E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B8FAE4F-EE19-43A7-8518-966274C21B7E}" => Key deleted successfully.
C:\Windows\System32\Tasks\Searchya => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Searchya" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D40D95E-3560-401D-8D55-F4C43C747839}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D40D95E-3560-401D-8D55-F4C43C747839}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{834F539F-BDB0-42D0-9DC2-62FCD6E891E1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{834F539F-BDB0-42D0-9DC2-62FCD6E891E1}" => Key deleted successfully.
C:\Windows\System32\Tasks\SK.Enabler-S-1495795506 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SK.Enabler-S-1495795506" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C4FE3637-4F9E-4808-9683-5DF6EEEA8D5F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4FE3637-4F9E-4808-9683-5DF6EEEA8D5F}" => Key deleted successfully.
C:\Windows\System32\Tasks\SpyHunter4Startup not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBBD20EA-F0DC-4042-BA82-87C8CFA99911}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBBD20EA-F0DC-4042-BA82-87C8CFA99911}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard" => Key not found.
C:\Windows\Tasks\SK.Enabler-S-1495795506.job => Moved successfully.
"c:\programdata\quickset" => File/Directory not found.
"C:\Users\Willard\AppData\Local\Strongvault Online Backup" => File/Directory not found.
C:\Program Files (x86)\suurf and keeepp => Moved successfully.
"C:\Users\Willard\AppData\Roaming\Searchya" => File/Directory not found.

=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.0.6001 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

{20590F10-06AF-49F2-8803-106C17EAFD03} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 6.4 GB temporary data.


The system needed a reboot.

==== End of Fixlog ====


  • 0

#6
iburiedpaul
Posted 29 November 2014 - 10:51 AM

iburiedpaul

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

And here is the ADWCleaner log...

 

# AdwCleaner v4.102 - Report created 29/11/2014 at 11:43:36
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Willard - WILLARD-PC
# Running from : C:\Users\Willard\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\AI_RecycleBin
[!] Folder Deleted : C:\ProgramData\AVG Secure Search
[!] Folder Deleted : C:\ProgramData\Babylon
[!] Folder Deleted : C:\ProgramData\SoftSafe
[!] Folder Deleted : C:\ProgramData\ytd video downloader
[!] Folder Deleted : C:\ProgramData\Broewse2ysuave
[!] Folder Deleted : C:\ProgramData\471b40fd6e8c5d3c
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[!] Folder Deleted : C:\Program Files (x86)\AVG Secure Search
[!] Folder Deleted : C:\Program Files (x86)\GreenTree Applications
[!] Folder Deleted : C:\Program Files (x86)\WinZip Registry Optimizer
[!] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[!] Folder Deleted : C:\Windows\SysWOW64\ARFC
[!] Folder Deleted : C:\Windows\SysWOW64\WNLT
[!] Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
[!] Folder Deleted : C:\Users\Willard\AppData\Local\AVG Secure Search
[!] Folder Deleted : C:\Users\Willard\AppData\Local\Zoom_Downloader
[!] Folder Deleted : C:\Users\Willard\AppData\LocalLow\AVG Secure Search
[!] Folder Deleted : C:\Users\Willard\AppData\LocalLow\Delta
[!] Folder Deleted : C:\Users\Willard\AppData\Roaming\SendSpace
[!] Folder Deleted : C:\Users\Willard\AppData\Roaming\Strongvault
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Willard\AppData\Roaming\Mozilla\Firefox\Profiles\7ch2wsa5.default\invalidprefs.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKCU\Software\59088dcb73aef12
Key Deleted : HKLM\SOFTWARE\59088dcb73aef12
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Browser Extensions
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\iLividSRTB
Key Deleted : HKLM\SOFTWARE\InfoAtoms
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\WebConnect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtoms
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Protection
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\UpdaterEX
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16592


-\\ Mozilla Firefox v33.1 (x86 en-US)

[7ch2wsa5.default\prefs.js] - Line Deleted : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [19583 octets] - [29/11/2014 11:41:36]
AdwCleaner[S0].txt - [15048 octets] - [29/11/2014 11:43:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15109 octets] ##########


  • 0

#7
Essexboy
Posted 29 November 2014 - 11:14 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That removed a fair bit :) How is the computer now ?

bf_new.gif Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
  • Select the language and click OK.
  • Accept the agreement
  • Make sure a checkmark is placed next to Enable the Free Trial and Launch Malwarebytes' Anti-Malware, then click on finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Scan Now".
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click on Quarantine All,.
  • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
  • Upon restart, launch Malwarebytes Antimalware and select History.
  • Double click on the last scan done, then on Copy to Clipboard.
  • To submit your reply, click on Add Reply, then right click on the window and select Paste.
  • Submit your reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
  • 0

#8
iburiedpaul
Posted 29 November 2014 - 05:24 PM

iburiedpaul

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

It's running much better now thanks! :spoton: Will run Malwarebytes now and post that log in the next reply


  • 0

#9
iburiedpaul
Posted 30 November 2014 - 12:08 PM

iburiedpaul

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/30/2014
Scan Time: 12:39:34 PM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.30.06
Rootkit Database: v2014.11.30.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Willard

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 341334
Time Elapsed: 26 min, 48 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.ConnectDLC.A, C:\Users\Willard\AppData\LocalLow\Connect_DLC_5, Quarantined, [2cc26fd26616e254ae5b42f54cb79a66],

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#10
Essexboy
Posted 30 November 2014 - 12:10 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Any outstanding problems ?
  • 0

#11
iburiedpaul
Posted 30 November 2014 - 06:05 PM

iburiedpaul

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Any outstanding problems ?

No Sir, Seems like everything is A-OK :yeah:


  • 0

#12
Essexboy
Posted 01 December 2014 - 09:02 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
In that case methinks I will send you on your merry way :)

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix

delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#13
iburiedpaul
Posted 01 December 2014 - 01:37 PM

iburiedpaul

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Thanks so much for your help, and Happy Holidays! :spoton:


  • 0

#14
Essexboy
Posted 01 December 2014 - 01:47 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP