Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Need help, have multiple pop-ups and probably a virus too

Started by juglar21 , Dec 19 2014 04:07 PM

This topic is locked

#1
juglar21

Posted 19 December 2014 - 04:07 PM

Member

Member
132 posts

Hi,

it is difficult to communicate since there are all the time things popping up and I believe I have at least one virus too. Appriciate any help I can get. What is the first step, please?

Many thanks, juglar21

#2
zep516

Posted 19 December 2014 - 06:11 PM

Trusted Helper

Malware Removal
8,093 posts

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

#3
zep516

Posted 20 December 2014 - 11:34 AM

Trusted Helper

Malware Removal
8,093 posts

Are you going to follow up ? Are you able to run that scan above ?

Joe

#4
juglar21

Posted 21 December 2014 - 10:11 AM

Member

Topic Starter
Member
132 posts

trying right now 11:10 am EST on 12/21/14 - thanks for your patience!

#5
juglar21

Posted 21 December 2014 - 10:30 AM

Member

Topic Starter
Member
132 posts

Okay, I downloaded it, then I went to Downloads on my computer and double clicked on it.

A little window opens (called Farbar Recovery Scan Tool), with a Search box and some smaler boxes saying 'Scan' and 'Search Files' and'Serach Registry' and 'Fix'.

but I don't know how to save it to my Deskop?

Thanks Juglar 21

#6
zep516

Posted 21 December 2014 - 11:16 AM

Trusted Helper

Malware Removal
8,093 posts

Hello,

In the downloads folder, right click on FRST, choose cut, then go back to the desktop and on an empty space right click and choose paste. That should put FRST on the desktop.

Once FRST is on the desktop
open FRST

Click scan.

Post both log reports

FRST.txt
Additions.txt

Joe

#7
juglar21

Posted 21 December 2014 - 12:32 PM

Member

Topic Starter
Member
132 posts

Well, I thought I would be clever by deliting FBAR, which is what I did and not finding it under 'Uninstall programm' I then downl\oaded it again.

But when I went to the Downloads and doubleclikced on it, it opened immediately whlst I was thinking the system would give me again the option

to put it on the desktop. Not sure what to do now and waiting for your advice.

Thanks, Juglar21

#8
juglar21

Posted 21 December 2014 - 12:33 PM

Member

Topic Starter
Member
132 posts

oh, you are there. will do what you just said

#9
zep516

Posted 21 December 2014 - 12:36 PM

Trusted Helper

Malware Removal
8,093 posts

I'm here all day.

Run the scan and post both logs

Joe

#10
juglar21

Posted 21 December 2014 - 12:44 PM

Member

Topic Starter
Member
132 posts

Here they come:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-12-2014 01
Ran by Kris (administrator) on KRIS-PC on 21-12-2014 13:37:57
Running from C:\Users\Kris\Desktop
Loaded Profile: Kris (Available profiles: Kris)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
(LogMeIn, Inc.) C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0006.tmp\LMI_Rescue_srv.exe
(LogMeIn, Inc.) C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0005.tmp\LMI_Rescue_srv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\ProgramData\Avg_Update_1114avz\AVG-Secure-Search-Update_1114avz.exe
(LogMeIn, Inc.) C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0006.tmp\lmi_rescue.exe
(LogMeIn, Inc.) C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0005.tmp\lmi_rescue.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\dlupdr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
() C:\Users\Kris\AppData\Roaming\Avg_Update_1114avz\AVG-Secure-Search-Update_1114avz.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\gs_agent\dsc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1882920 2009-11-12] (Synaptics Incorporated)
HKLM\...\Run: [DLPSP] => C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE [913216 2010-06-01] (Dell Inc.)
HKLM\...\Run: [DLUPDR] => C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE [587584 2010-06-01] (Dell Inc.)
HKLM\...\Run: [DLQLU] => C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE [1284416 2010-06-01] (Dell Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [dellsupportcenter] => c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1126416 2014-10-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-07] (Dell)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4287490833-3400291495-2554494040-1000\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4287490833-3400291495-2554494040-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-09-04] (Google Inc.)
HKU\S-1-5-21-4287490833-3400291495-2554494040-1000\...\Run: [AVG-Secure-Search-Update_1114avz] => C:\Users\Kris\AppData\Roaming\Avg_Update_1114avz\AVG-Secure-Search-Update_1114avz.exe [2776088 2014-10-08] ()
HKU\S-1-5-21-4287490833-3400291495-2554494040-1000\...\MountPoints2: {b43b67ec-8e78-11df-82dd-806e6f6e6963} - D:\mri.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => No File
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4287490833-3400291495-2554494040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-4287490833-3400291495-2554494040-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....1I7GGNI_enUS552
URLSearchHook: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - No File
URLSearchHook: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 - (No Name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - No File
URLSearchHook: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 - (No Name) - {cc8ae5b8-005b-4b1a-a27d-307eddffe5c8} - No File
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {5F985957-0049-4210-85EA-753302A958A3} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://groovorio.com...=1690693304&ir=
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM-x32 -> {5EF5EE14-605F-4F27-B7E0-E5510E36D687} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {195F4B0C-8532-4E8F-A797-7BD3525C1AFC} URL = http://websearch.ask...FF-0ECF3BF72416
SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {1AC6F0D9-5B4C-423A-B201-98A06EC8B28E} URL =
SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {5EF5EE14-605F-4F27-B7E0-E5510E36D687} URL =
SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={D1B0889F-1643-4B0F-B97B-CA7A60E63D23}&mid=8551acdd3c8547d381bf69e5299db7b1-90251f1b08ece7b999cfccfa4036ef24c7d46596&lang=en&ds=ft013&coid=avgtbdisft&pr=sa&d=2013-11-17 20:39:30&v=17.1.3.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...id=10002&lng=en
SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80472&lng=en
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: savernet -> {fb17d7e0-5f62-443d-aa59-0234ee02af98} -> C:\ProgramData\savernet\17viDZh78U1DWv.x64.dll ()
BHO-x32: No Name -> {06e3475c-5521-4de8-bb12-50720f21631c} -> No File
BHO-x32: No Name -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> No File
BHO-x32: No Name -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO-x32: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
BHO-x32: No Name -> {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} -> No File
BHO-x32: savernet -> {fb17d7e0-5f62-443d-aa59-0234ee02af98} -> C:\ProgramData\savernet\17viDZh78U1DWv.dll ()
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {cf51de5b-eb36-4114-bb69-84df63fbadb4} - No File
Toolbar: HKLM-x32 - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKLM-x32 - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM-x32 - No Name - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - No File
Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - No File
Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: crawler - {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - No File
Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @mywebsearch.com/Plugin -> C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll No File
FF Plugin-x32: @RecipeHub_2j.com/Plugin -> C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4287490833-3400291495-2554494040-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: deal4me - C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\[email protected] [2014-12-19]
FF Extension: SaverAddon - C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\[email protected] [2014-12-19]
FF Extension: ProShopper - C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\[email protected] [2014-12-21]
FF Extension: Yahoo! Toolbar - C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-11-22]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\MyWebSearch\bar\2.bin
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
FF HKU\S-1-5-21-4287490833-3400291495-2554494040-1000\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi
FF Extension: Consumer Input - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi [2014-09-23]
FF Extension: No Name - ConsumerInput@Compete [Not Found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\program files (x86)\google\chrome\application\29.0.1547.62\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\program files (x86)\google\chrome\application\29.0.1547.62\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\program files (x86)\google\chrome\application\29.0.1547.62\pdf.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java™ Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Sammsoft Toolbar) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanpaddaaoffccehffldolecpkgpej [2013-08-21]
CHR Extension: (TinyWallet) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnppomhgimolmjboaiheibhcglppgmfj [2014-11-17]
CHR Extension: (timeStats) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejifodhjoeeenihgfpjijjmpomaphmah [2014-12-21]
CHR Extension: (Skype Click to Call) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-21]
CHR Extension: (Smart QrCode Generator) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnbjbobhhoaekejilcmdkfomkndikho [2014-12-19]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (SoftCoup) - C:\ProgramData\faalfcfgbnpgfmbeofnfninccoiebffn\ [2013-08-25]
CHR HKLM-x32\...\Chrome\Extension: [aaaanpaddaaoffccehffldolecpkgpej] - C:\Users\Kris\AppData\Local\APN\GoogleCRXs\aaaanpaddaaoffccehffldolecpkgpej_7.14.1.0.crx [2012-03-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [857616 2014-10-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 DLPWD; C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE [155888 2009-10-16] (Dell Inc.)
R2 DLSDB; C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [344384 2010-06-01] (Dell Inc.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S4 LMIRescue_149ce099-4625-4038-9722-c30e91f61d82; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe [3087664 2014-11-17] (LogMeIn, Inc.)
S4 LMIRescue_23e0af0d-6954-4a4f-866e-75012bcc141c; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0003.tmp\LMI_Rescue_srv.exe [3087664 2014-11-17] (LogMeIn, Inc.)
R2 LMIRescue_4dfe4f39-c462-4e16-8da7-0d70430aa3eb; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0006.tmp\LMI_Rescue_srv.exe [2570592 2014-11-18] (LogMeIn, Inc.)
S4 LMIRescue_73098fbd-996d-4264-9284-cc57a720938b; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0004.tmp\LMI_Rescue_srv.exe [3087664 2014-11-17] (LogMeIn, Inc.)
R2 LMIRescue_f44abba4-72b6-4322-8148-61fdb289373d; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0005.tmp\LMI_Rescue_srv.exe [2570592 2014-11-17] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)
S2 consumerinput_update; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe /svc [X]
S3 consumerinput_updatem; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe /medsvc [X]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 13:37 - 2014-12-21 13:39 - 00029385 _____ () C:\Users\Kris\Desktop\FRST.txt
2014-12-21 13:24 - 2014-12-21 13:25 - 02122240 _____ (Farbar) C:\Users\Kris\Desktop\FRST64.exe
2014-12-21 13:13 - 2014-12-21 13:13 - 01065264 _____ (Installer Setup) C:\Users\Kris\Downloads\setup(1).exe
2014-12-21 12:23 - 2014-12-21 12:24 - 00000000 ____D () C:\Users\Kris\AppData\Local\Innovative Solutions
2014-12-21 12:23 - 2014-12-21 12:24 - 00000000 ____D () C:\ProgramData\Innovative Solutions
2014-12-21 12:23 - 2014-12-21 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO
2014-12-21 12:23 - 2014-12-21 12:23 - 00000000 ____D () C:\Program Files (x86)\Innovative Solutions
2014-12-21 12:23 - 2014-03-07 09:25 - 00042496 _____ () C:\Windows\SysWOW64\AdvUninstCPL.cpl
2014-12-21 12:21 - 2014-12-21 12:22 - 18178312 _____ (Innovative Solutions ) C:\Users\Kris\Downloads\Advanced_Uninstaller11_55_CNet.exe
2014-12-21 12:07 - 2014-12-21 12:07 - 00000000 ____D () C:\ProgramData\savernet
2014-12-21 12:06 - 2014-12-21 12:06 - 00231920 _____ () C:\Users\Kris\Downloads\revosetup.exe
2014-12-21 11:21 - 2014-12-21 12:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-19 16:35 - 2014-12-19 16:36 - 00000000 ____D () C:\ProgramData\SmartCompare
2014-12-19 16:35 - 2014-12-19 16:36 - 00000000 ____D () C:\ProgramData\SaverAddon
2014-12-19 16:35 - 2014-12-19 16:35 - 00000000 ____D () C:\ProgramData\faalfcfgbnpgfmbeofnfninccoiebffn
2014-12-19 16:35 - 2014-12-19 16:35 - 00000000 ____D () C:\ProgramData\BestDiscountApp
2014-12-19 16:27 - 2014-12-19 16:27 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\MyTurboPC.com
2014-12-19 16:27 - 2014-12-19 16:27 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyTurboPC.com
2014-12-19 16:27 - 2014-12-19 16:27 - 00000000 ____D () C:\ProgramData\MyTurboPC.com
2014-12-19 16:27 - 2014-12-19 16:27 - 00000000 ____D () C:\Program Files (x86)\MyTurboPC.com
2014-12-19 16:25 - 2014-12-19 16:26 - 06379208 _____ (MyTurboPC.com) C:\Users\Kris\Downloads\Myturbopc(1).exe
2014-12-19 16:25 - 2014-12-19 16:25 - 06379208 _____ (MyTurboPC.com) C:\Users\Kris\Downloads\Myturbopc.exe
2014-12-19 16:19 - 2014-12-19 16:19 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-12-19 16:15 - 2014-12-19 16:15 - 00000000 ____D () C:\ProgramData\ShoppingDealFactory
2014-12-19 16:02 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-19 16:02 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-19 15:46 - 2014-12-19 15:46 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 13:37 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 13:37 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 10:06 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-12 10:06 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-12 10:06 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-12 10:06 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-12 10:06 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-12 10:06 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-12 10:06 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-12 10:06 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-12 10:06 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 10:06 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 10:05 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-12 10:05 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 10:05 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 10:05 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 10:05 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-12 10:05 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 10:05 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-12 10:05 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 10:05 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-12 10:05 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-12 10:05 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 10:05 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-12 10:05 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 10:05 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-12 10:05 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 10:05 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-12 10:05 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 10:05 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 10:05 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 10:05 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 10:05 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 10:05 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-12 10:05 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 10:05 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 10:05 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-12 10:05 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 10:05 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 10:05 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 10:05 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 10:05 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 10:05 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-12 10:05 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 10:05 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 10:05 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 10:05 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-12 10:05 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-12 10:05 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 10:05 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 10:05 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 10:05 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 10:05 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-12 10:05 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 10:05 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 10:05 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 10:05 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 10:05 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 10:05 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 10:05 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 10:05 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 10:05 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 10:05 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-12 10:05 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 10:05 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 10:05 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 10:05 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 10:05 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 10:05 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 10:05 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 10:05 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 10:05 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 10:05 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 10:05 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 10:05 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 10:05 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 10:05 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 10:05 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 10:05 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 10:04 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 10:04 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-11-22 20:52 - 2014-11-22 20:52 - 00033740 _____ () C:\Users\Kris\Downloads\Addition.txt
2014-11-22 07:55 - 2014-11-22 07:55 - 00853360 _____ (Download Assistant ) C:\Users\Kris\Downloads\Avast_Setup(1).exe
2014-11-22 07:53 - 2014-11-22 07:53 - 00853360 _____ (Download Assistant ) C:\Users\Kris\Downloads\Avast_Setup.exe
2014-11-21 18:10 - 2014-12-21 13:38 - 00000000 ____D () C:\FRST

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 13:39 - 2014-11-17 13:31 - 00000358 _____ () C:\Windows\Tasks\CIMT_S-1-5-21-4287490833-3400291495-2554494040-1000.job
2014-12-21 13:38 - 2009-07-14 00:10 - 02006852 _____ () C:\Windows\WindowsUpdate.log
2014-12-21 13:36 - 2014-11-17 14:35 - 00000526 _____ () C:\Windows\Tasks\AVG_SYS_TASK_1114avz.job
2014-12-21 13:36 - 2014-11-17 14:35 - 00000392 _____ () C:\Windows\Tasks\AVG_SYS_TASK_1114avz_DELETE.job
2014-12-21 13:36 - 2014-11-17 13:29 - 00000962 _____ () C:\Windows\Tasks\ConsumerInputUpdateTaskMachineCore.job
2014-12-21 13:35 - 2010-07-13 05:49 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-12-21 13:35 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 13:35 - 2009-07-13 23:51 - 00120208 _____ () C:\Windows\setupact.log
2014-12-21 13:28 - 2014-05-08 11:35 - 00000556 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4287490833-3400291495-2554494040-1000.job
2014-12-21 13:09 - 2009-07-13 23:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-21 13:09 - 2009-07-13 23:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-21 13:03 - 2014-11-17 13:31 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\Compete
2014-12-21 13:01 - 2014-11-17 13:31 - 00000000 ____D () C:\ProgramData\TinyWallet
2014-12-21 13:01 - 2013-11-17 20:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-21 13:01 - 2010-07-13 07:18 - 00219392 _____ () C:\Windows\PFRO.log
2014-12-21 12:45 - 2014-11-15 11:43 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\systweak
2014-12-21 12:45 - 2014-11-15 11:42 - 00000000 ____D () C:\ProgramData\Systweak
2014-12-21 12:38 - 2014-11-17 10:45 - 00000000 ____D () C:\ProgramData\cea2cad3caee4f45
2014-12-21 12:34 - 2014-11-17 13:29 - 00000966 _____ () C:\Windows\Tasks\ConsumerInputUpdateTaskMachineUA.job
2014-12-21 12:34 - 2014-11-17 13:29 - 00000000 ____D () C:\Program Files (x86)\Consumer Input
2014-12-21 12:33 - 2010-07-13 07:36 - 00000000 ____D () C:\DELL
2014-12-21 12:29 - 2013-09-04 13:00 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-12-21 12:29 - 2013-09-04 12:55 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-19 15:46 - 2014-05-08 11:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-19 15:46 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-19 15:45 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 13:36 - 2009-07-14 00:13 - 00006558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-12 10:01 - 2014-01-03 21:56 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-12-12 09:52 - 2014-11-17 13:27 - 00000000 ____D () C:\ProgramData\374311380
2014-11-22 21:05 - 2013-09-10 10:30 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-22 21:05 - 2013-09-10 10:30 - 00000000 ____D () C:\ProgramData\eSellerate
2014-11-22 21:04 - 2010-08-25 09:54 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\SoftGrid Client
2014-11-22 07:46 - 2014-02-22 12:31 - 00000000 ____D () C:\Users\Kris\Desktop\Old Firefox Data

Some content of TEMP:
====================
C:\Users\Kris\AppData\Local\Temp\18be6784_.exe
C:\Users\Kris\AppData\Local\Temp\294823_.exe
C:\Users\Kris\AppData\Local\Temp\avguirn_081342301626.exe
C:\Users\Kris\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\Kris\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Kris\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Kris\AppData\Local\Temp\optprosetup.exe
C:\Users\Kris\AppData\Local\Temp\psftp.exe
C:\Users\Kris\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Kris\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Kris\AppData\Local\Temp\setup.exe
C:\Users\Kris\AppData\Local\Temp\UNINSTALL.EXE

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-17 17:48

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2014 01
Ran by Kris at 2014-12-21 13:40:18
Running from C:\Users\Kris\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advanced Uninstaller PRO - Version 11 (HKLM-x32\...\AU11_is1) (Version: 11.55.0.209 - Innovative Solutions)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‎Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG6300 series User Registration (HKLM-x32\...\Canon MG6300 series User Registration) (Version: - Canon Inc.‎)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
CommonCents 4.0 (x32 Version: 4.5.58.668 - enDevelopment) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0009 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Printer Software (HKLM-x32\...\{105F3CE5-FE55-408E-BF30-E78F85BA0B12}) (Version: 1.00.000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.48.35 - Dell Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version: - )
HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Help (HKLM-x32\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)
HP Officejet 4620 series Product Improvement Study (HKLM\...\{83F51BBA-48BE-4BB6-B96A-F4AAE4C462F9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2097 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{7FCDABCC-1A1E-4D61-909D-BA9495172774}) (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java™ 6 Update 18 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
LoJack Factory Installer (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 1.0.0 - Absolute Software)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-4287490833-3400291495-2554494040-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 en-US)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyTurboPC (HKLM-x32\...\{A2F37CA8-53F8-4594-B701-32AE64BAED1A}) (Version: 3.2.14.0 - MyTurboPC.com)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.1 - Dell Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6039 - Realtek Semiconductor Corp.)
Recipe Hub Internet Explorer Toolbar (HKLM-x32\...\RecipeHub_2jbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
savernet (HKLM-x32\...\{614925F9-841A-53FE-A28F-DC30FA07239B}) (Version: - "") <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.15.0 - Synaptics Incorporated)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Kris\AppData\Local\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll No File
CustomCLSID: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

17-11-2014 10:38:19 Windows Update
17-11-2014 12:50:42 Removed AVG 2015
17-11-2014 13:02:11 Removed AVG 2015
17-11-2014 13:13:52 Removed AVG PC TuneUp 2014
17-11-2014 13:16:50 Removed AVG PC TuneUp 2014 (en-US)
17-11-2014 13:21:37 Removed Citrix Online Launcher
17-11-2014 14:22:43 Installed AVG 2015
17-11-2014 14:24:01 Installed AVG 2015
19-11-2014 18:01:36 Windows Update
03-12-2014 14:40:22 Windows Update
12-12-2014 09:53:52 Windows Update
12-12-2014 13:35:58 Windows Update
19-12-2014 15:50:46 Windows Update
19-12-2014 17:08:12 Windows Update
21-12-2014 13:32:39 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-03-08 10:36 - 00000867 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 d3oxij66pru1i3.cloudfront.net

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1889E0B0-1DDE-41B2-8387-E5FA7CAEEBA2} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {1E02957D-B640-4D11-8D12-DBDF5502812B} - System32\Tasks\{45927D42-45DA-41C1-9133-2E78F4793759} => pcalua.exe -a E:\OneCare-Connect-PC\SetupWireless.exe -d E:\OneCare-Connect-PC
Task: {2CDD4B80-0EFE-4312-9777-D5B30F1AE60A} - \MediaPlayerEnhance-codedownloader No Task File <==== ATTENTION
Task: {2DCA76F5-03B4-4989-9EDA-CE83BD9BB2C7} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {2F8C85BF-463B-4B0B-9C8A-FED80761662C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {36C68EDF-D2D1-473F-A3F5-5641AFC81DF9} - System32\Tasks\CIMT_S-1-5-21-4287490833-3400291495-2554494040-1000 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
Task: {38FDD950-0FBF-45E7-ABF9-2BA33E75B8BD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {47B2E892-0295-4FC6-A957-1C196C0B9823} - System32\Tasks\AVG_SYS_TASK_1114avz_DELETE => C:\ProgramData\Avg_Update_1114avz\AVG-Secure-Search-Update_1114avz.exe [2014-10-08] ()
Task: {568E6BEA-F6BF-4CE7-A877-B5995D5A40A1} - \AmiUpdXp No Task File <==== ATTENTION
Task: {58BC9D6C-AC45-4625-AD0D-04CA6C69A28F} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {74AF7D31-002A-4932-9E9B-8F39353882FA} - System32\Tasks\{E865C863-A8A5-4F88-A118-5D6957CB749E} => pcalua.exe -a "C:\Users\Kris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZIJXXIKB\freefileviewer_b1.exe" -d C:\Users\Kris\Desktop
Task: {86817139-8E58-4A3E-B547-68499F7A2E73} - System32\Tasks\G2MUpdateTask-S-1-5-21-4287490833-3400291495-2554494040-1000 => C:\Users\Kris\AppData\Local\Citrix\GoToMeeting\1963\g2mupdate.exe
Task: {8F14A824-0FBF-426A-A3C6-23C8EE5CB985} - System32\Tasks\AVG_SYS_TASK_1114avz => C:\ProgramData\Avg_Update_1114avz\AVG-Secure-Search-Update_1114avz.exe [2014-10-08] ()
Task: {943F4C85-FF7C-4116-81B9-CDFFFA5E42EB} - System32\Tasks\ConsumerInputUpdateTaskMachineUA => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
Task: {993B97E4-9A23-4A33-86A0-AC1AB92958E2} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
Task: {AD4C203C-D0A0-407E-B1FE-09003B1D98DC} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {B6D34BB0-693F-493A-A3BC-79493FF0E55A} - \MediaPlayerEnhance-firefoxinstaller No Task File <==== ATTENTION
Task: {C4FE0A79-8615-4541-BE62-6D58EF0A3AA5} - System32\Tasks\LoJack for Laptops Install => C:\Program Files (x86)\Absolute Software\LoJack Install\FactoryInstaller.exe [2009-11-26] (Absolute Software)
Task: {DBE031A3-D261-4205-93D7-3C3E620DB126} - \MediaPlayerEnhance-chromeinstaller No Task File <==== ATTENTION
Task: {E3531C3B-C58C-4F72-AC68-E6D0212E8F19} - \MediaPlayerEnhance-updater No Task File <==== ATTENTION
Task: {E6759104-7D47-46F9-8484-D8CCFBA0F1EF} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
Task: {E6EE1F9B-1986-402B-B2D5-2D6C94569AD6} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe <==== ATTENTION
Task: {EF53CF1B-10F9-4CD5-8336-9AF9D9ABB3DB} - \MediaPlayerEnhance-enabler No Task File <==== ATTENTION
Task: {F5A98B4D-0500-40C8-899E-DFDD55452089} - System32\Tasks\{E520266F-EDED-4891-ABA1-FEC17B514D36} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: C:\Windows\Tasks\AVG_SYS_TASK_1114avz.job => C:\ProgramData\Avg_Update_1114avz\AVG-Secure-Search-Update_1114avz.exe
Task: C:\Windows\Tasks\AVG_SYS_TASK_1114avz_DELETE.job => C:\ProgramData\Avg_Update_1114avz\AVG-Secure-Search-Update_1114avz.exe
Task: C:\Windows\Tasks\CIMT_S-1-5-21-4287490833-3400291495-2554494040-1000.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
Task: C:\Windows\Tasks\ConsumerInputUpdateTaskMachineCore.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
Task: C:\Windows\Tasks\ConsumerInputUpdateTaskMachineUA.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4287490833-3400291495-2554494040-1000.job => C:\Users\Kris\AppData\Local\Citrix\GoToMeeting\1963\g2mupdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-17 14:35 - 2014-10-08 07:00 - 02776088 _____ () C:\ProgramData\Avg_Update_1114avz\AVG-Secure-Search-Update_1114avz.exe
2011-08-31 19:13 - 2011-08-31 19:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-11-17 14:35 - 2014-10-08 07:00 - 02776088 _____ () C:\Users\Kris\AppData\Roaming\Avg_Update_1114avz\AVG-Secure-Search-Update_1114avz.exe
2014-10-16 13:39 - 2014-10-16 13:39 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\27062a1bd5e07ac476c1ef919d9abff5\VistaBridgeLibrary.ni.dll
2012-10-11 21:56 - 2012-10-11 21:56 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 21:56 - 2012-10-11 21:56 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-17 14:18 - 2014-11-17 14:18 - 31842816 _____ () C:\Program Files (x86)\AVG\Framework\Common\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0CA8EFF8

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_149ce099-4625-4038-9722-c30e91f61d82 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_23e0af0d-6954-4a4f-866e-75012bcc141c => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_73098fbd-996d-4264-9284-cc57a720938b => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
MSCONFIG\startupreg: DellSupportCenter => "c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Kris\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

========================= Accounts: ==========================

Administrator (S-1-5-21-4287490833-3400291495-2554494040-500 - Administrator - Disabled)
Guest (S-1-5-21-4287490833-3400291495-2554494040-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4287490833-3400291495-2554494040-1002 - Limited - Enabled)
Kris (S-1-5-21-4287490833-3400291495-2554494040-1000 - Administrator - Enabled) => C:\Users\Kris

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: ssnfd
Description: ssnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ssnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: exception in main loop CoCreateInstance failed : HR: 0x80040154 ErrorCode: 0x0

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Error: (12/21/2014 01:35:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sftservice.EXE, version: 1.0.82.72, time stamp: 0x4e45499a
Faulting module name: sftservice.EXE, version: 1.0.82.72, time stamp: 0x4e45499a
Exception code: 0xc0000005
Fault offset: 0x0011f29f
Faulting process id: 0xbe8
Faulting application start time: 0xsftservice.EXE0
Faulting application path: sftservice.EXE1
Faulting module path: sftservice.EXE2
Report Id: sftservice.EXE3

Error: (12/21/2014 01:33:08 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Product: Microsoft Office Click-to-Run 2010 - Update 'Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

System errors:
=============
Error: (12/21/2014 01:37:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ConsumerInput Update Service (consumerinput_update) service failed to start due to the following error:
%%2

Error: (12/21/2014 01:35:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/21/2014 01:35:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ssnfd

Error: (12/21/2014 01:35:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG PC TuneUp Service service failed to start due to the following error:
%%2

Error: (12/21/2014 01:35:30 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753636.

Error: (12/21/2014 01:33:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition.

Error: (12/21/2014 01:04:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ConsumerInput Update Service (consumerinput_update) service failed to start due to the following error:
%%2

Error: (12/21/2014 01:02:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ssnfd

Error: (12/21/2014 01:01:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG PC TuneUp Service service failed to start due to the following error:
%%2

Error: (12/21/2014 01:01:35 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753636.

Microsoft Office Sessions:
=========================
Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: exception in main loop CoCreateInstance failed : HR: 0x80040154 ErrorCode: 0x0

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}

Error: (12/21/2014 01:35:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Error: (12/21/2014 01:35:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sftservice.EXE1.0.82.724e45499asftservice.EXE1.0.82.724e45499ac00000050011f29fbe801d01d4ce65ec3f6C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXEC:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE2d24b02b-8940-11e4-aed4-b8ac6f795e42

Error: (12/21/2014 01:33:08 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Click-to-Run 2010Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition1603(NULL)(NULL)(NULL)

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 51%
Total physical RAM: 3892.52 MB
Available physical RAM: 1876.64 MB
Total Pagefile: 7783.23 MB
Available Pagefile: 5674.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:218.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7188B833)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Thanks Juglar21

#11
zep516

Posted 21 December 2014 - 12:50 PM

Trusted Helper

Malware Removal
8,093 posts

Thanks for the logs. I need time to look them over.

You have 2 Anti virus programs installed. You can't run two Anti Virus programs it will cause all kinds of issues. Please uninstall 1 of them now and let me know the one you're keeping.

Please run these 2 Adware scanners while I look over log reports.

Next

Please download AdwCleaner by Xplode onto your Desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Click the Report button and the report will open in Notepad.
NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished and the PC has rebooted.
Please post the content of that log file with your next answer.
You can find the log file at C:\AdwCleaner
Next

Please download Junkware Removal Tool to your Desktop.

Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.

In your next reply post;
- The AdwCleaner [SO].txt Log
- The JRT.txt Log
Thanks
Joe

#12
juglar21

Posted 21 December 2014 - 01:25 PM

Member

Topic Starter
Member
132 posts

re the AdwCleaner

before I click on report, I click on 'clean', right?

Thanks J

#13
zep516

Posted 21 December 2014 - 01:33 PM

Trusted Helper

Malware Removal
8,093 posts

Hello,

Click the Scan button and wait for the process to complete.
Click the Report button and the report will open in Notepad.

Then
Click on the Clean button follow the prompts.

#14
juglar21

Posted 21 December 2014 - 01:42 PM

Member

Topic Starter
Member
132 posts

sorry, after my last message I thought it was obviious, but it wasn't, i.e. I cleaned frist and then clicked on the report, which is here:

# AdwCleaner v4.106 - Report created 21/12/2014 at 14:29:35
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Kris - KRIS-PC
# Running from : C:\Users\Kris\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : consumerinput_update
[#] Service Deleted : consumerinput_updatem

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\StormAlert
[!] Folder Deleted : C:\ProgramData\374311380
[!] Folder Deleted : C:\ProgramData\Systweak
[!] Folder Deleted : C:\ProgramData\Tarma Installer
[!] Folder Deleted : C:\ProgramData\savernet
[!] Folder Deleted : C:\ProgramData\ShoppingDealFactory
[!] Folder Deleted : C:\ProgramData\WildWestCoupon
[!] Folder Deleted : C:\ProgramData\SaverAddon
[!] Folder Deleted : C:\ProgramData\SmartCompare
[!] Folder Deleted : C:\ProgramData\TinyWallet
[!] Folder Deleted : C:\ProgramData\BestDiscountApp
[!] Folder Deleted : C:\ProgramData\less2pay
[!] Folder Deleted : C:\ProgramData\SaverAddon
[!] Folder Deleted : C:\ProgramData\SmartCompare
[!] Folder Deleted : C:\ProgramData\WildWestCoupon
[!] Folder Deleted : C:\ProgramData\cea2cad3caee4f45
[!] Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
[!] Folder Deleted : C:\Program Files (x86)\FLVM Player
[!] Folder Deleted : C:\Program Files (x86)\FunWebProducts
[!] Folder Deleted : C:\Program Files (x86)\supporter
[!] Folder Deleted : C:\Program Files (x86)\Uninstaller
[!] Folder Deleted : C:\Program Files (x86)\Consumer Input
[!] Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\torch
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
[!] Folder Deleted : C:\Users\Guest\AppData\Local\torch
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
[!] Folder Deleted : C:\Users\Kris\AppData\Local\apn
[!] Folder Deleted : C:\Users\Kris\AppData\Local\Chromatic Browser
[!] Folder Deleted : C:\Users\Kris\AppData\Local\torch
[!] Folder Deleted : C:\Users\Kris\AppData\LocalLow\FunWebProducts
[!] Folder Deleted : C:\Users\Kris\AppData\LocalLow\weDownload Manager Pro
[!] Folder Deleted : C:\Users\Kris\AppData\Roaming\iWin
[!] Folder Deleted : C:\Users\Kris\AppData\Roaming\Systweak
[!] Folder Deleted : C:\Users\Kris\Documents\Optimizer Pro
[!] Folder Deleted : C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[!] Folder Deleted : C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\[email protected]
[!] Folder Deleted : C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\[email protected]
[!] Folder Deleted : C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\[email protected]
[!] Folder Deleted : C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\END
File Deleted : C:\Windows\SysWOW64\f3PSSavr.scr
File Deleted : C:\Users\Kris\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Kris\daemonprocess.txt
File Deleted : C:\Users\Kris\Desktop\Continue Live Installation.lnk
File Deleted : C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\user.js
File Deleted : C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage

***** [ Scheduled Tasks ] *****

Task Deleted : Advanced System Protector_startup
Task Deleted : LaunchApp

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\CptUrlPassthru.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor
Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor.1
Key Deleted : HKLM\SOFTWARE\Classes\dcabho.Dca
Key Deleted : HKLM\SOFTWARE\Classes\dcabho.Dca.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@RecipeHub_2j.com/Plugin
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{195F4B0C-8532-4E8F-A797-7BD3525C1AFC}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Compete
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\FocusInteractive
Key Deleted : HKLM\SOFTWARE\Fun Web Products
Key Deleted : HKLM\SOFTWARE\MyWebSearch
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{614925F9-841A-53FE-A28F-DC30FA07239B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD04033484A18CA4CAB3EE59D39D756E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1708EDD6AB4EB164A86999D0AF0ABE1D
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\getwebcake.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetsurprise.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Mozilla Firefox v34.0 (x86 en-US)

[nup7b7k3.default-1416660402991\prefs.js] - Line Deleted : user_pref("extensions.I4ORhPJtIY3uNI1Y.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[nup7b7k3.default-1416660402991\prefs.js] - Line Deleted : user_pref("extensions.eQbo1805TSBPUGiT.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[nup7b7k3.default-1416660402991\prefs.js] - Line Deleted : user_pref("extensions.fpjQx3dkFEPdGMe7.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[z8anwi81.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Groovorio");
[z8anwi81.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://groovorio.com/?f=1&a=grv_keyd3_14_24&cd=2XzuyEtN2Y1L1Qzu0Bzz0A0CyC0FyBzyyD0EyEtBzyzy0AzztN0D0Tzu0StCtDyDtBtN1L2XzutAtFyCtFtCtFtDtN1L1Czu1N1C2X1V1J1P2U1QtA[...]

-\\ Google Chrome v

[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80472&lng=en
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=X-SD&o=13959&locale=en_US&apn_uid=a0427bfc-1fe9-4c50-b742-5f9c3bd132d0&apn_ptnrs=SV&apn_sauid=D95BAB34-841F-4B89-86FF-0ECF3BF72416&apn_dtid=YYYYYYBCUS&q={searchTerms}
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=X-SD&o=13959&locale=en_US&apn_uid=a0427bfc-1fe9-4c50-b742-5f9c3bd132d0&apn_ptnrs=SV&apn_sauid=D95BAB34-841F-4B89-86FF-0ECF3BF72416&apn_dtid=YYYYYYBCUS&q={searchTerms}
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : geggofhlfbcmanadhknllmlajiafopoh

-\\ Comodo Dragon v

[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80472&lng=en
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=X-SD&o=13959&locale=en_US&apn_uid=a0427bfc-1fe9-4c50-b742-5f9c3bd132d0&apn_ptnrs=SV&apn_sauid=D95BAB34-841F-4B89-86FF-0ECF3BF72416&apn_dtid=YYYYYYBCUS&q={searchTerms}
[C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=X-SD&o=13959&locale=en_US&apn_uid=a0427bfc-1fe9-4c50-b742-5f9c3bd132d0&apn_ptnrs=SV&apn_sauid=D95BAB34-841F-4B89-86FF-0ECF3BF72416&apn_dtid=YYYYYYBCUS&q={searchTerms}

*************************

AdwCleaner[R0].txt - [30363 octets] - [21/12/2014 14:20:16]
AdwCleaner[S0].txt - [30064 octets] - [21/12/2014 14:29:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30125 octets] ##########