Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need help please Framer - inf ....movieroomreviews .... getdata and ot


  • This topic is locked This topic is locked

#31
JUSTME1969

JUSTME1969

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

Thank you :) Is this the one?

 

[email protected] as downloader log:
all ok
[email protected] as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8c64fe4ca32a314283f762fc1d7d629e
# engine=21803
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-01-03 07:43:09
# local_time=2015-01-03 02:43:09 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 171858980 0 0
# scanned=170598
# found=0
# cleaned=0
# scan_time=7408
[email protected] as downloader log:
all ok


  • 0

Advertisements


#32
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
That's the one. :) And it has just what I wanted to see, no threats found. :thumbsup:


Great news, your logs are CLEAN! :thumbsup: :) but we still have a few things we need to address namely:
  • I need to remove the tools we installed on your machine.
  • We also have some programs on your machine that need updating to help protect you in the future.
Step 1: Tool Removal with Delfix and Creation of a clean restore point
  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can uninstall ESET Online Scanner at this time.

I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.


Step 2: Program Updates
  • Update Avast Anti-Virus
  • Your current version fo Avast is out of date. Please update it by following the instructions below.
  • Right click the orange orb in the lower right corner of your desktop and select Open Avast User Interface and then click Settings
  • Click on Update and then click Program.
  • Once it has updated the program, click Virus Definitions to update it to the latest database.
A word about Java

Java has become the #1 program exploited by thieves and hackers as of today. It's gotten so bad, the Department of Homeland Security recently recommended that users disable Java on their machines.

For more information regarding this, see the two articles below:

Forbes: US Department of Homeland Security Calls on user do disable Java

US warns on Java software

Unless you have software on your machine that absolutely requires Java, I highly recommend you completely remove it from your system.

If you do have software that requires it, then disable it until such time as it's needed by those programs.

Please click the link below for instructions to disable Java.

How to Disable Java in your Web Browser


If you wish to continue to use Java on your machine, please be sure to keep it updated by following the instructions below.
  • Click on this link Java Website and click Do I Have Java?
  • Then click the Verify Java Version button. It will scan your current version and show you if you have the most current version.
You can find instructions for manually removing older versions for Windows XP, Vista, and 7 by clicking the link below:

Instructions for manually removing old versions of Java


Update Adobe flash Player

Your current version of Adobe Flash is out of date. Please update it by clicking the link below.

Also, make sure you Uncheck the box to install the McAfee Security Scan Plus software.

http://get.adobe.com/flashplayer/


Updating Adobe Reader
  • Malware will exploit any vulnerabilities it can find in outdated software. If you are using Adobe Reader for reading pdf files, try using FoxIt Reader. It is a very capable alternative to Adobe.
  • Please click here to download FoxIt Reader.
  • If you wish to continue to use Adobe Reader, then please update it by clicking here.
  • Please remember to uncheck the option to install McAfee's Security Suite.
Download CCleaner

I'd like you to download this program and run it about once every 2 weeks. There were almost 10 gigs of temporary files eating up hard drive space on your computer. When you use this program, do not use the Registry cleaner part of it. Only use the program to clean out temporary files. :thumbsup:

Download CCleaner


Step 3: Tips, Information, and Optional Installation of Unchecky
  • Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
  • Install and keep only one anti-virus on your machine. Update it and scan your machine with it at least once a week.
  • Be careful of the websites you visit.
  • When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take your time and read each screen as you go. :)
To help protect yourself while on the web, I recommend you read How did I get infected in the first place?

Installation of Unchecky

This is a very good little program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.

Click here to be taken to Unchecky.com

Click the very large Download button.

Click Save

Once downloaded, double click the program (Vista, Win 7, and 8, right click and Run as Administrator)

Once open, click the Install button.


unchecky1_zps667e512d.jpg


Then click Finish

unchecky2_zpsca4e7d0d.jpg


Unchecky is now installed and will help you keep unwanted check boxes unchecked. :thumbsup:


Things I need to see in your next post:

Delfix Log

  • 0

#33
JUSTME1969

JUSTME1969

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

Awesome!! :)  Thank you a million times!!


  • 0

#34
JUSTME1969

JUSTME1969

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

# DelFix v10.8 - Logfile created 04/01/2015 at 00:47:24
# Updated 29/07/2014 by Xplode
# Username : April - APRIL-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\TDSSKiller.3.0.0.42_02.01.2015_12.42.09_log.txt
Deleted : C:\TDSSKiller.3.0.0.42_31.12.2014_23.33.30_log.txt
Deleted : C:\Users\April\Desktop\AdwCleaner.exe
Deleted : C:\Users\April\Desktop\esetsmartinstaller_enu.exe
Deleted : C:\Users\April\Desktop\FRST.exe
Deleted : C:\Users\April\Desktop\JRT.exe
Deleted : C:\Users\April\Desktop\SecurityCheck.exe
Deleted : C:\Users\April\Desktop\tdsskiller.exe
Deleted : C:\Users\April\Downloads\adwcleaner_4.106.exe
Deleted : C:\Users\April\Downloads\aswMBR (1).exe
Deleted : C:\Users\April\Downloads\FRST.exe
Deleted : C:\Users\April\Downloads\FSS.exe
Deleted : C:\Users\April\Downloads\tdsskiller.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #522 [Windows Update | 12/19/2014 07:30:49]
Deleted : RP #523 [Windows Update | 12/23/2014 16:57:40]
Deleted : RP #524 [Windows Update | 12/27/2014 01:08:39]
Deleted : RP #525 [Windows Update | 12/30/2014 14:39:39]
Deleted : RP #526 [Restore Operation | 01/01/2015 05:31:30]
Deleted : RP #528 [Restore Point Created by FRST | 01/02/2015 06:08:56]
Deleted : RP #529 [Windows Update | 01/02/2015 18:18:33]

New restore point created !

########## - EOF - ##########


  • 0

#35
JUSTME1969

JUSTME1969

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

:thumbsup: I have finished each item on the list and my PC seems to be running lightning fast!   :)

 

You ROCK thank you so very much!!! 


Edited by JUSTME1969, 04 January 2015 - 12:34 AM.

  • 0

#36
JUSTME1969

JUSTME1969

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

I just rebooted and got this message.

 

 

"Device driver software was not successfully installed. Please consult with your device manufacturer for assistance getting this device installed." Unknown device - X Failed.......

 

Do you know what this could be?


  • 0

#37
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

:thumbsup: I have finished each item on the list and my PC seems to be running lightning fast!   :)
 
You ROCK thank you so very much!!!


You're quite welcome, I'm glad we were able to help you. :)
 

I just rebooted and got this message.





"Device driver software was not successfully installed. Please consult with your device manufacturer for assistance getting this device installed." Unknown device - X Failed.......



Do you know what this could be


What that means that a device's software driver is not loading at start up. Hardware is a bit out of my area of knowledge, but let me take a look with a scan with FRST and see if we can figure it out. If not, I'll refer you to our Hardware forum and those guys over there will be able to track it down. :thumbsup:


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

  • 0

#38
JUSTME1969

JUSTME1969

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

:thumbsup:  FRST Log

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-01-2015
Ran by April (administrator) on APRIL-PC on 04-01-2015 23:31:17
Running from C:\Users\April\Desktop
Loaded Profile: April (Available profiles: April)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Nero AG) C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Gadwin Systems, Inc) C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
() C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_bg.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\Windows\winsxs\x86_microsoft-windows-s..-downlevel.binaries_31bf3856ad364e35_6.3.9600.17501_none_039f75f346d6221f\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM\...\Run: [EKStatusMonitor] => C:\PROGRAM FILES\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKU\S-1-5-21-692471023-1834078390-643647909-1001\...\Run: [Gadwin PrintScreen] => C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [487424 2011-05-03] (Gadwin Systems, Inc)
HKU\S-1-5-21-692471023-1834078390-643647909-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-692471023-1834078390-643647909-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...Box&FORM=IE10SR
HKU\S-1-5-21-692471023-1834078390-643647909-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://startpage.com/
HKU\S-1-5-21-692471023-1834078390-643647909-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
HKU\S-1-5-21-692471023-1834078390-643647909-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
SearchScopes: HKLM -> {8930D4D5-7D5F-4D26-8424-B1961D3E6EE0} URL = http://www.google.co...ng}&rlz=1I7TSNA
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-692471023-1834078390-643647909-1001 -> Comcast URL = http://search.xfinit...art_tech_search
SearchScopes: HKU\S-1-5-21-692471023-1834078390-643647909-1001 -> {6C59297E-BFFE-4E6A-0BF5-4187155432D8} URL = http://www.bing.com/...referrer:source}
SearchScopes: HKU\S-1-5-21-692471023-1834078390-643647909-1001 -> {8930D4D5-7D5F-4D26-8424-B1961D3E6EE0} URL = http://www.google.co...NA_enUS355US356
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-692471023-1834078390-643647909-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-07]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\April\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Coupons Inc., Coupon Printer) - C:\Program Files\Google\Chrome\Application\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 8.0.250.18) - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 8 U25) - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
CHR Profile: C:\Users\April\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-27]
CHR Extension: (Google Search) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-27]
CHR Extension: (Avast Online Security) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-22]
CHR Extension: (Google Wallet) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-26]
CHR Extension: (Gmail) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-27]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-08-10] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 DeviceMonitorService; C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe [87368 2011-09-19] (Nero AG)
S3 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [250616 2009-05-22] (WildTangent, Inc.)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2014-05-06] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-12-11] (Eastman Kodak Company)
R2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [72936 2011-03-24] (SANDBOXIE L.T.D)
S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [54136 2011-02-11] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [185712 2009-08-11] (TOSHIBA Corporation)
S3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-09-17] (TOSHIBA Corporation)
S3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [685424 2009-08-06] (TOSHIBA Corporation)
R2 Unchecky; C:\Program Files\Unchecky\bin\unchecky_svc.exe [111208 2015-01-04] (RaMMicHaeL)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-12-02] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2014-12-02] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-12-02] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2014-12-02] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2014-12-02] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2014-12-02] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-12-02] ()
R3 PGEffect; C:\windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [126696 2011-03-24] (SANDBOXIE L.T.D)
R2 TVALZFL; C:\windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-19] (TOSHIBA Corporation)
S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [43520 2012-02-15] (Apple, Inc.) [File not signed]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-04 23:31 - 2015-01-04 23:31 - 00017581 _____ () C:\Users\April\Desktop\FRST.txt
2015-01-04 23:31 - 2015-01-04 23:31 - 00000000 ____D () C:\FRST
2015-01-04 23:30 - 2015-01-04 23:30 - 01115136 _____ (Farbar) C:\Users\April\Desktop\FRST.exe
2015-01-04 03:44 - 2015-01-04 03:44 - 00004714 _____ () C:\Users\April\Desktop\Brutal Cold to Invade Midwest, East Next Week#.VKgELJPRsHM.facebook.url
2015-01-04 01:22 - 2015-01-04 01:22 - 00000960 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2015-01-04 01:22 - 2015-01-04 01:22 - 00000000 ____D () C:\ProgramData\Unchecky
2015-01-04 01:22 - 2015-01-04 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-01-04 01:22 - 2015-01-04 01:22 - 00000000 ____D () C:\Program Files\Unchecky
2015-01-04 01:14 - 2015-01-04 01:14 - 00000936 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-04 01:14 - 2015-01-04 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-04 01:14 - 2015-01-04 01:14 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-04 01:08 - 2015-01-04 01:08 - 01054400 _____ (Adobe) C:\Users\April\Desktop\install_flashplayer16x32ax_chrd_dn_awa_aih_exe
2015-01-04 01:06 - 2015-01-04 01:06 - 00000000 _____ () C:\Users\April\Desktop\install_flashplayer16x32ax_chrd_dn_awa_aih_exe.23ooh5m.partial
2015-01-04 01:02 - 2015-01-04 01:02 - 00000220 _____ () C:\Users\April\Desktop\How do I uninstall Java on my Windows computer.url
2015-01-04 01:02 - 2015-01-04 01:02 - 00000156 _____ () C:\Users\April\Desktop\java.com Java + You.url
2015-01-04 00:47 - 2015-01-04 00:48 - 00001602 _____ () C:\DelFix.txt
2015-01-03 03:49 - 2015-01-03 03:49 - 00000000 ____D () C:\Program Files\ESET
2015-01-02 13:10 - 2015-01-02 13:10 - 00000000 ____D () C:\Users\April\AppData\Local\{6CD66513-1CBF-4265-BE55-AC6E76F59BFF}
2015-01-02 02:10 - 2015-01-04 00:47 - 00000000 ____D () C:\windows\ERUNT
2015-01-01 22:52 - 2015-01-01 22:52 - 00000000 ____D () C:\Users\April\Desktop\OTHER
2015-01-01 14:50 - 2015-01-01 14:51 - 02433253 _____ (MightyUninstaller.com ) C:\Users\April\Downloads\MightyUninstaller_Setup.exe
2015-01-01 02:11 - 2015-01-04 01:16 - 00000000 ____D () C:\windows\Minidump
2015-01-01 01:18 - 2015-01-02 03:09 - 00000000 ____D () C:\Users\April\Desktop\WT
2014-12-18 11:49 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-17 02:01 - 2014-12-25 05:21 - 00000000 ____D () C:\Users\April\Desktop\LINKS TO LOOK AT
2014-12-16 15:02 - 2014-12-16 15:02 - 00000214 _____ () C:\Users\April\Desktop\(99) Lo Mas Loco Del Face.url
2014-12-16 02:34 - 2014-12-16 02:34 - 00000237 _____ () C:\Users\April\Desktop\The Holy Spirit.url
2014-12-15 05:29 - 2014-12-15 05:29 - 00000164 _____ () C:\Users\April\Desktop\CPSC Home  CPSC.gov.url
2014-12-12 02:22 - 2014-12-12 02:22 - 00000360 _____ () C:\Users\April\Desktop\Easy Gift Ideas Cookies in a Jar – P&G everyday  Home-Garden  P&G Everyday.url
2014-12-10 05:30 - 2014-12-10 05:32 - 00000000 ____D () C:\Users\April\Desktop\1039 older
2014-12-10 04:11 - 2014-12-10 04:11 - 00000000 ____D () C:\windows\system32\appraiser
2014-12-10 03:54 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-12-10 03:54 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-12-10 03:54 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-12-10 03:54 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-12-10 03:54 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-12-09 18:51 - 2014-12-03 23:38 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2014-12-09 18:51 - 2014-12-03 23:38 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2014-12-09 18:51 - 2014-12-03 23:38 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-12-09 18:51 - 2014-12-03 23:34 - 00873984 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-12-09 18:51 - 2014-12-01 18:28 - 01160872 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2014-12-09 18:51 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-09 18:51 - 2014-11-10 20:32 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2014-12-09 18:50 - 2014-12-03 23:38 - 00337920 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-12-09 18:50 - 2014-12-03 23:38 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-12-09 18:50 - 2014-12-03 23:38 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-12-09 18:50 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-09 18:50 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-09 18:50 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-09 18:50 - 2014-11-21 21:20 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-09 18:50 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-09 18:50 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-09 18:50 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-09 18:50 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-09 18:50 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-09 18:50 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-09 18:50 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-09 18:50 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-09 18:50 - 2014-11-21 20:55 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-09 18:50 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-09 18:50 - 2014-11-21 20:48 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-12-09 18:50 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-09 18:50 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 18:50 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-09 18:50 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-09 18:50 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-09 18:50 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-09 18:50 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-09 18:50 - 2014-11-21 20:23 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-09 18:50 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-09 18:50 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-12-09 18:50 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-09 18:50 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-09 18:50 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-09 18:50 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-09 18:49 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-12-09 18:48 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2014-12-09 18:48 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-09 18:48 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2014-12-09 18:48 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-12-09 18:48 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2014-12-09 18:48 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-04 23:26 - 2010-03-16 21:48 - 00000886 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-04 23:26 - 2009-10-27 08:25 - 01140089 _____ () C:\windows\WindowsUpdate.log
2015-01-04 23:25 - 2012-03-28 04:29 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-04 13:43 - 2010-03-16 21:48 - 00000882 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-04 12:34 - 2013-03-28 19:18 - 00000000 ____D () C:\ProgramData\Kodak
2015-01-04 11:35 - 2009-07-13 23:34 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-04 11:35 - 2009-07-13 23:34 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-04 11:28 - 2012-02-22 02:58 - 00000000 ____D () C:\Temp
2015-01-04 11:28 - 2009-07-13 23:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-04 01:41 - 2014-03-10 16:28 - 00000000 ____D () C:\Users\April\Desktop\POSTPICSFORFB
2015-01-04 01:17 - 2011-11-28 03:15 - 00000000 ____D () C:\Users\April\AppData\Roaming\Ventrilo
2015-01-04 01:17 - 2011-04-20 22:09 - 00000000 ____D () C:\Users\April\AppData\Roaming\Skype
2015-01-04 01:16 - 2009-09-03 20:27 - 00000000 ____D () C:\windows\Panther
2015-01-04 01:12 - 2014-08-13 21:05 - 00000000 ____D () C:\Users\April\AppData\Local\Adobe
2015-01-04 01:11 - 2012-03-28 04:29 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-01-04 01:11 - 2011-05-16 16:03 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-03 23:44 - 2013-03-28 19:31 - 00100584 _____ () C:\Users\April\AppData\Local\installer.log
2015-01-03 16:25 - 2009-07-13 21:37 - 00000000 ____D () C:\windows\rescache
2015-01-03 14:50 - 2012-04-07 01:39 - 00000000 ____D () C:\Users\April\Tracing
2015-01-02 21:18 - 2014-07-12 14:32 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-01 01:07 - 2009-09-03 20:09 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-01 00:17 - 2009-11-27 22:21 - 00000000 ____D () C:\Users\April
2014-12-31 20:29 - 2011-10-14 19:25 - 00000000 ____D () C:\AmericasCardroom
2014-12-25 05:21 - 2014-03-28 17:11 - 00000000 ____D () C:\Users\April\Desktop\SALE
2014-12-21 23:26 - 2009-12-02 02:04 - 00000000 ____D () C:\Users\April\Desktop\POKER
2014-12-17 09:39 - 2014-07-12 14:31 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-17 02:07 - 2014-07-12 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-17 02:07 - 2012-04-09 19:35 - 00001031 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-16 15:56 - 2014-10-16 00:22 - 00000000 ____D () C:\Users\April\Desktop\ALL FROM THIS SIDE
2014-12-14 00:44 - 2009-09-03 20:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-13 23:22 - 2010-06-04 05:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-11 10:44 - 2011-05-14 02:27 - 00000000 ____D () C:\Program Files\PhotoFiltre
2014-12-11 03:12 - 2014-11-06 13:35 - 00000000 ____D () C:\Users\April\Desktop\CAR
2014-12-10 04:11 - 2014-05-06 19:37 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-12-10 04:11 - 2009-07-13 21:37 - 00000000 ____D () C:\windows\AppCompat
2014-12-10 03:55 - 2009-10-27 08:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:51 - 2013-07-12 02:52 - 00000000 ____D () C:\windows\system32\MRT
2014-12-10 03:43 - 2009-11-28 03:52 - 109818608 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-03 16:09

==================== End Of Log ============================


  • 0

#39
JUSTME1969

JUSTME1969

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

Addition Log

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-01-2015
Ran by April at 2015-01-04 23:32:20
Running from C:\Users\April\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aced.com (HKU\S-1-5-21-692471023-1834078390-643647909-1001\...\Aced.com) (Version: 6.0 - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
aioscnnr (Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (Version: 7.6.13.10 - Your Company Name) Hidden
AmericasCardroom (HKLM\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.0 - IGSoft)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Attack Poker 1.0.1.266 (HKLM\...\Attack Poker_is1) (Version:  - )
Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software)
BetOnline Poker 8.2 (HKLM\...\BetOnline Poker 8.2) (Version: 8.2.12.201404151600 - Hero Poker Network)
BlackChipPoker (HKLM\...\FE4D6F94-B3D5-484b-94F7-8BC45DEB7A82) (Version: 16.6 - IGSoft)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BovadaPoker (HKLM\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version:   - )
C4USelfUpdater (Version: 1.00.0000 - Your Company Name) Hidden
CarbonPoker (HKU\S-1-5-21-692471023-1834078390-643647909-1001\...\CarbonPoker) (Version: 5.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
center (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Comcast Desktop Software (v1.2.0.9) (HKLM\...\{CEF7211D-CE3A-44C4-B321-D84A2099AE94}) (Version: 23 - Comcast)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
ESPN Version 2.0.7.21 (HKLM\...\ESPN_is1) (Version:  - ESPN)
essentials (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Full Flush Poker 8.2 (HKLM\...\Full Flush Poker 8.2) (Version: 8.2.12.201310281100 - Full Flush Poker)
Gadwin PrintScreen (HKLM\...\Gadwin PrintScreen) (Version: 4.6 - Gadwin Systems, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GridPoker (HKLM\...\{516D6624-97F2-4F28-8FFA-8D157D9BBD4F}) (Version: 1.1.0238 - Fastgrid Ltd)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1883 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intertops Poker (HKLM\...\Intertops Poker) (Version:  - )
iTunes (HKLM\...\{11E568E0-3244-4BCB-875E-F334269DFDCB}) (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
[email protected] 1.0 (HKLM\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Lock Poker (HKLM\...\Lock Poker) (Version: 1.0.11423 - LockPoker)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MotoHelper 2.1.32 Driver 5.4.0 (HKLM\...\MotoHelper) (Version: 2.1.32 - Motorola)
MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
MOTOROLA MEDIA LINK (HKLM\...\{378397D6-FD32-4092-A854-6A75CB7EDA46}) (Version: 1.5.4090.2 - Motorola)
Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Oasis (HKLM\...\{c6c214df-2922-4809-94aa-f4d67d4451ec}) (Version: 1.0.0 - W3i, LLC)
MyToshiba (HKLM\...\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}) (Version: 2.2.0.3 - Toshiba)
NetZero Launcher (HKLM\...\{9AEAF9CC-390B-49C0-8F7F-14092BF163B6}) (Version: 2.01 - TOSHIBA Corporation)
NLOP (HKU\S-1-5-21-692471023-1834078390-643647909-1001\...\NLOP) (Version:  - Power Play Development)
NoPayPOKER (HKLM\...\NoPayPOKER_is1) (Version:  - )
ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PhotoFiltre (HKU\S-1-5-21-692471023-1834078390-643647909-1001\...\PhotoFiltre) (Version:  - )
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Host (HKU\S-1-5-21-692471023-1834078390-643647909-1001\...\Poker Host) (Version: 5.0 - )
Poker Rebel 1.0 (HKLM\...\{7DB4BC53-AD0C-485F-8D5B-D98B01AC9A2A}_is1) (Version: 1.0 - Entertain ME LLC)
PokerStars.net (HKLM\...\PokerStars.net) (Version:  - PokerStars.net)
PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Quickbooks Financial Center (HKLM\...\{3B843B38-04B1-4CE6-8888-586273E0F289}) (Version: 2.02 - TOSHIBA Corporation)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller  Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
Sandboxie 3.54 (32-bit) (HKLM\...\Sandboxie) (Version:  - )
Sharks Den Poker (HKLM\...\com.teamodc.sharksdenpoker.E54FAB7AFFA7DC546BACB249B6BFF74B58FC797F.1) (Version: 1.2.404 - UNKNOWN)
Sharks Den Poker (Version: 1.2.404 - UNKNOWN) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.6.11664 - Skype Technologies S.A.)
Skype Launcher (HKLM\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.6.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-692471023-1834078390-643647909-1001\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Toshiba Application and Driver Installer (HKLM\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.0.9 - Toshiba)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.11 - TOSHIBA)
TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.21 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.0.07-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.1.7.0 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.1.0.32 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM\...\{D0387727-C89D-4774-B643-B9333EAA09DE}) (Version: 2.00.11 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.2 - TOSHIBA Corporation)
Toshiba Online Backup (HKLM\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.35 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.4.1.0 - TOSHIBA Corporation)
Toshiba Quality Application (HKLM\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.001.0000 - Toshiba)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version:  - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version:  - )
TOSHIBA Supervisor Password (HKLM\...\{A208044D-A88B-4ACF-AE95-E4F213E6EDC0}) (Version: 2.00.09 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.25 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.4 - TOSHIBA Corporation)
ToshibaRegistration (HKLM\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.3 - Toshiba)
Unchecky v0.3.5 (HKLM\...\Unchecky) (Version: 0.3.5 - RaMMicHaeL)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WildTangent Games (HKLM\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Woman Poker Player Lobby (HKLM\...\Woman Poker Player Lobby by CardRoom.com_is1) (Version:  - CardRoom International, LLC)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

04-01-2015 00:47:45 End of disinfection

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2015-01-04 11:28 - 00001204 ____A C:\windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A8D3326-C4B7-4813-BD7D-4481491A4BE4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1AFBF29F-9EB9-450B-8B70-FAA7C5CFE916} - System32\Tasks\{9C18DC0D-56D4-4DC9-9963-E0801CA79D51} => pcalua.exe -a "c:\Poker Application\_uninstallation_info\UB\CasinoUninstall.exe"
Task: {25399E15-DD0C-4965-A43B-584BFFD0BC87} - System32\Tasks\MotoHelper MUM => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {6B3FD0C3-CF7A-4C5B-9825-1D6B8FB314B9} - System32\Tasks\MotoHelper Initial Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {748AB0F1-1C20-4007-8043-AC62FFDDD249} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {7A25820B-8689-4578-9CC1-0E4E4E1D3153} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-04] (Adobe Systems Incorporated)
Task: {966E3996-3DC0-4C33-B4E8-1E4C634C683C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {A4DE1393-A58E-4665-8CA9-9587551B3524} - System32\Tasks\{E94825DE-B4BE-402F-A640-81421CCF7FA4} => pcalua.exe -a "C:\Users\April\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G3DJWFVX\AdobeAIRInstaller.exe" -d C:\Users\April\Desktop
Task: {AF1FBC7E-E94A-40C3-8D79-6274840FD861} - System32\Tasks\{1037A8AB-79D4-4DFF-AC6F-320B65207154} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-18] (Skype Technologies S.A.)
Task: {BF303E8E-1A41-430C-9EE4-95521698FD95} - System32\Tasks\MotoHelper Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {C31BC5FB-A9F8-4EC2-A19C-2C6E927B298F} - System32\Tasks\MotoHelper Routing => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {D75E9E91-7C7C-4DF6-BBC9-E43DD2B730FE} - System32\Tasks\{ABED2CE2-1675-45C7-94E4-95CFBF59971C} => pcalua.exe -a "C:\Users\April\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8AYHR0JK\do-download[1].exe" -d C:\Users\April\Desktop
Task: {D9B2DD3F-ADAE-4A23-B3C4-6C1CB99C76DE} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-07-13] (TOSHIBA CORPORATION)
Task: {E75DA587-9600-4EAA-9EC5-A02AA70080E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {F5E92D4A-A722-4B5A-863D-98B9C3BA5FFF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-02] (AVAST Software)
Task: {F83343C8-C3FD-4643-86C6-AB04BF721F29} - System32\Tasks\{6C69C5F8-42EC-4867-87C6-C5AFE1F3D59D} => pcalua.exe -a "C:\Users\April\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S137ZGJX\RaginBet_Setup_WinXP_v03.39Rev366922.exe" -d C:\Users\April\Desktop

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-01-03 12:12 - 2015-01-03 12:12 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010301\algo.dll
2015-01-04 11:28 - 2015-01-04 11:28 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010400\algo.dll
2015-01-04 15:30 - 2015-01-04 15:30 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010401\algo.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-02 04:18 - 2014-12-02 04:18 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-09-19 15:57 - 2011-09-19 15:57 - 00128336 _____ () C:\Program Files\Motorola Media Link\Lite\liveupdatetactics.dll
2011-09-19 15:57 - 2011-09-19 15:57 - 00023872 _____ () C:\Program Files\Motorola Media Link\Lite\DbAccess.dll
2011-09-19 15:59 - 2011-09-19 15:59 - 00465632 _____ () C:\Program Files\Motorola Media Link\Lite\sqlite3.dll
2011-09-19 15:57 - 2011-09-19 15:57 - 00045368 _____ () C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll
2011-09-19 15:57 - 2011-09-19 15:57 - 00034128 _____ () C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2011-12-06 16:00 - 2011-12-06 16:00 - 00214896 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
2011-12-06 16:00 - 2011-12-06 16:00 - 00784240 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Program Files\Colt Poker:MID
AlternateDataStreams: C:\Program Files\Intertops Poker:MID
AlternateDataStreams: C:\Users\April\Desktop\Circulation Notices.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^April^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Conime => %windir%\system32\conime.exe
MSCONFIG\startupreg: Desktop Software => "C:\Program Files\Common Files\SupportSoft\bin\bcont.exe"  /ini "C:\Program Files\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
MSCONFIG\startupreg: EKStatusMonitor => C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
MSCONFIG\startupreg: Gadwin PrintScreen => "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MyTOSHIBA => "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TWebCamera => "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-692471023-1834078390-643647909-500 - Administrator - Disabled)
April (S-1-5-21-692471023-1834078390-643647909-1001 - Administrator - Enabled) => C:\Users\April
Guest (S-1-5-21-692471023-1834078390-643647909-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-692471023-1834078390-643647909-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2015 06:55:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8331

Error: (01/04/2015 06:55:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8331

Error: (01/04/2015 06:55:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/04/2015 11:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 106.1.168.192.in-addr.arpa. PTR April-PC.local.

Error: (01/04/2015 11:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.106:5353   18 106.1.168.192.in-addr.arpa. PTR April-PC-2.local.

Error: (01/04/2015 01:37:35 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/04/2015 01:37:35 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/04/2015 01:37:35 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/04/2015 01:37:35 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (01/04/2015 01:37:28 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

System errors:
=============
Error: (01/04/2015 01:37:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/04/2015 01:37:35 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T6500 @ 2.10GHz
Percentage of memory in use: 37%
Total physical RAM: 2939.99 MB
Available physical RAM: 1825.33 MB
Total Pagefile: 5878.27 MB
Available Pagefile: 4675.12 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.09 MB

==================== Drives ================================

Drive c: (TI102805W0E) (Fixed) (Total:223.42 GB) (Free:159.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 1902C2AF)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=223.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=17)

==================== End Of Log ============================


  • 0

#40
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hi :)

Well, I'm not seeing anything in the log showing the device driver error, but the guys over at the Hardware forum will have different tools to scan your machine. What I'm going to do is refer you to that forum, so they can take a look. Those techs are great at hardware issues, and they should be able to solve the problem. :thumbsup:

Once there, post a topic and let them know your machine has been cleared of malware, and then describe the problem. :)

http://www.geekstogo...nd-peripherals/
  • 0

Advertisements


#41
JUSTME1969

JUSTME1969

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

Again...Thank you so much pystryker! I really appreciate all of the wonderful help :)


  • 0

#42
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
You're quite welcome, I'm glad we could help!

Safe surfing,

Pystryker :wave:
  • 0

#43
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP