Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Avast Free Antivirus & Malware will not open or run [Closed]


  • This topic is locked This topic is locked

#1
ntk04

ntk04

    Member

  • Member
  • PipPip
  • 47 posts

Hi,

 

Ive tried for the last few days to get my avast & malware running on my Windows 7 (Ultimate), but it does not open or uninstall if i tried to,

 

Please help me!!!!!!


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi lets see if we can resolve this

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
ntk04

ntk04

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Im downloading it but my internet is so slow, is this one of the effects thats causing for it to be slow, in my action centre it says my avast is "off" and my windows defender is "out of date"


Edited by ntk04, 02 July 2015 - 09:06 PM.

  • 0

#4
ntk04

ntk04

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

its just getting worse i can't even download it due to my internet being real slow and i mean really slow.......... is there a plan B.....???/


  • 0

#5
ntk04

ntk04

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

only other thing I've tried is system restore but it even won't let me do that...... HELP.....!!!!


  • 0

#6
ntk04

ntk04

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01

Ran by Kavapalu (administrator) on KAVAPALU2015 on 03-07-2015 16:32:10
Running from C:\Users\Kavapalu\Downloads
Loaded Profiles: Kavapalu (Available Profiles: Kavapalu)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
() C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe
(Oti) C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\MacKMLink.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
() C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\ExImg\ImageRoot\SKLoader.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\LEWD.exe
() C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\LinkEngKM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_au_319] => [X]
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2004360 2015-04-28] (APN)
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\Run: [CS Dispatch] => C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\MacKMLink.exe [268368 2012-11-12] (Oti)
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\MountPoints2: {2ba58259-dc32-11e4-b94c-902b3439e183} - H:\SKLoader.exe
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\MountPoints2: {3b09eff6-0796-11e2-8d73-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\MountPoints2: {40c5069d-d5df-11e2-b75e-902b3439e183} - F:\MotoCastSetup.exe -a
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\MountPoints2: {59024fd9-dc44-11e4-9608-902b3439e183} - F:\SKLoader.exe
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\MountPoints2: {a256f72c-aa01-11e3-add6-902b3439e183} - H:\MotoCastSetup.exe -a
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\MountPoints2: {fc777cbe-a443-11e3-b8c9-902b3439e183} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [GoogleChromeAutoLaunch_8CA6FDC19A04B78027F821A36FE40F4F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File not found
AppInit_DLLs-x32: c:\progra~2\suptab\search~1.dll => "c:\progra~2\suptab\search~1.dll" File not found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-02] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsur...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsur...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsur...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsur...q={searchTerms}
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...q={searchTerms}
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfin...V228103ZC180EGN
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://iat.ninemsn.c....aspx?ocid=iehp
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfin...V228103ZC180EGN
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {36F24AAC-F7DC-4C56-ADAB-7BD6D4ED9BB9} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {45181BA8-CCE0-48F4-8C39-26FF2543938F} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {F4552911-7267-4D59-9A51-15E52E9AAD95} URL = http://www.istartsur...q={searchTerms}
BHO: PriceLEss -> {71CBADA6-DE75-43F0-A300-FBA60F9CB6B2} -> C:\Program Files (x86)\PriceLEss\Ftl1Z8XQjuizJl.x64.dll [2015-06-06] ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-10] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-06-03] (Thinknice Co. Limited)
BHO-x32: PriceLEss -> {71CBADA6-DE75-43F0-A300-FBA60F9CB6B2} -> C:\Program Files (x86)\PriceLEss\Ftl1Z8XQjuizJl.dll [2015-06-06] ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-06] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll [2014-08-12] (AVG Secure Search)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ACCFB76D-CDB2-4116-8FB1-C85880C6044D}: [DhcpNameServer] 10.143.147.147 10.143.147.148
Tcpip\..\Interfaces\{F962F92D-E743-4672-AB9B-832DB6AD6BB3}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-25] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-25] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2013-04-19] (CANON INC.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKU\S-1-5-21-2443050622-1473135098-2417645833-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-12-19] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-04-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-04-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-04-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-04-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-04-21] (Apple Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2014-04-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Firefox\Extensions: [{c3357769-3570-481c-9554-97865d9054e4}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-26]
FF HKLM-x32\...\Firefox\Extensions: [{c3357769-3570-481c-9554-97865d9054e4}] - C:\Program Files\shopperz\Firefox
 
Chrome: 
=======
CHR Profile: C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-08]
CHR Extension: (Google Docs) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08]
CHR Extension: (Google Drive) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-08]
CHR Extension: (YouTube) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-08]
CHR Extension: (Google Search) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-08]
CHR Extension: (dlbemabjbfhjcccahjioenmkgimjbbkd) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlbemabjbfhjcccahjioenmkgimjbbkd [2015-06-09]
CHR Extension: (Google Sheets) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-08]
CHR Extension: (Avast Online Security) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-08]
CHR Extension: (Google Wallet) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-08]
CHR Extension: (oadboiipflhobonjjffjbfekfjcgkhco) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2015-06-10]
CHR Extension: (Gmail) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-08]
CHR HKLM\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-11-27]
CHR HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elommhojblmkninghaiajeijoinkihmk] - C:\Users\Kavapalu\AppData\Local\CRE\elommhojblmkninghaiajeijoinkihmk.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [elommhojblmkninghaiajeijoinkihmk] - C:\Users\Kavapalu\AppData\Local\CRE\elommhojblmkninghaiajeijoinkihmk.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-10]
CHR HKLM-x32\...\Chrome\Extension: [jnikkfemnfogahcandhlchoengjbeaij] - C:\Program Files (x86)\LyricsWoofer\125.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-28] (APN LLC.)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-07] ()
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-02] (Avast Software s.r.o.)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-09-26] (Creative Labs) [File not signed]
S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-09-26] (Creative Labs) [File not signed]
S4 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-12-01] (Creative Technology Ltd) [File not signed]
S4 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-04-22] (Creative Technology Ltd)
S4 cybusyro; C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009\jnsk5C01.tmp [223232 2015-06-06] () [File not signed]
S4 dequzody; C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009\hnsf77EC.tmp [167424 2015-06-06] () [File not signed]
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125056 2015-06-03] (XTab system)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-17] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-01-25] () [File not signed]
S4 SAiAdmin; C:\Windows\SysWOW64\SAiAdmin.exe [65536 2011-10-12] (SA International) [File not signed]
S4 SAiDownloader; C:\Program Files (x86)\FlexiSTARTER 10.5 P-Cut Edition1\Program\SAiDownloaderVistaUI.exe [417792 2011-10-12] (SA International) [File not signed]
S4 SAiDownloaderVista; C:\Windows\SysWOW64\SAiDownloaderVista.exe [77824 2011-10-12] (SA International) [File not signed]
S4 SAiLicSvr; C:\Windows\SysWOW64\SAiLicSvr.exe [86016 2007-12-19] (SA International) [File not signed]
S4 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-05-27] (SafeNet, Inc.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 UpdateDustTool; C:\Windows\Provider\UpdaterToolService.exe [111616 2015-04-22] (VIS without Co) [File not signed]
S4 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [695976 2015-06-06] (DTools LIMITED) <==== ATTENTION
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-05] (Wacom Technology, Corp.)
S2 e81a9dc1; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs-ena~1\AssistantSvc.dll",service
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-02] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-02] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-02] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-02] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-02] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-02] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-01-03] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-02] ()
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1044760 2013-04-22] (Creative Technology Ltd)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S3 L1C; C:\Windows\System32\DRIVERS\e22w7x64.sys [161616 2012-03-23] (Qualcomm Atheros, Inc.)
R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-26] ()
R1 {ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64; C:\Windows\System32\drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys [48776 2015-06-06] (StdLib)
S3 BS3294181778; \??\C:\Users\Kavapalu\AppData\Local\Temp\NTFS.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S1 scfd_1_10_0_16; system32\drivers\scfd_1_10_0_16.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-03 16:32 - 2015-07-03 16:32 - 00031527 _____ C:\Users\Kavapalu\Downloads\FRST.txt
2015-07-03 16:31 - 2015-07-03 16:32 - 00000000 ____D C:\FRST
2015-07-03 16:30 - 2015-07-03 16:30 - 02112512 _____ (Farbar) C:\Users\Kavapalu\Downloads\FRST64.exe
2015-07-03 16:29 - 2015-07-03 16:29 - 00002379 _____ C:\Windows\system32\DB3294181778
2015-07-03 14:14 - 2015-07-03 14:14 - 00000056 _____ C:\Windows\setupact.log
2015-07-03 14:14 - 2015-07-03 14:14 - 00000000 _____ C:\Windows\setuperr.log
2015-07-02 17:41 - 2015-07-02 17:41 - 00000017 _____ C:\Users\Kavapalu\AppData\Local\resmon.resmoncfg
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{DC255792-3B22-48D8-BC2D-1994557E1F68}
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{AE32A931-FFE4-4EB6-9B45-25CF835AED43}
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{7D2547B7-D93F-4A74-A23F-39C67928A862}
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{4F219862-A8AE-4732-958B-9A9F4AB1C545}
2015-07-01 14:23 - 2015-07-01 14:23 - 00002978 _____ C:\Windows\System32\Tasks\{3348B5F1-5EA0-4B6D-BD3B-FE3E45062FED}
2015-07-01 13:58 - 2015-07-01 14:05 - 05684904 _____ (Avast Software s.r.o.) C:\Users\Kavapalu\Desktop\avastclear.exe
2015-06-30 20:10 - 2015-06-30 21:23 - 152923328 _____ (Avast Software s.r.o.) C:\Users\Kavapalu\Downloads\avast_free_antivirus_setup.exe
2015-06-29 22:18 - 2015-07-01 14:19 - 00000000 ____D C:\Windows\pss
2015-06-26 13:32 - 2015-06-29 18:02 - 00174080 _____ (drms media group) C:\Windows\Providernew.dll
2015-06-10 11:23 - 2015-06-25 04:27 - 18174128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-10 08:06 - 2015-05-26 04:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 08:06 - 2015-05-26 04:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 08:06 - 2015-05-26 04:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 08:06 - 2015-05-26 04:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 08:06 - 2015-05-26 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 08:06 - 2015-05-26 04:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 08:06 - 2015-05-26 04:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 08:06 - 2015-05-26 04:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 08:06 - 2015-05-26 04:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 08:06 - 2015-05-26 04:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 08:06 - 2015-05-26 04:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 08:06 - 2015-05-26 04:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 08:06 - 2015-05-26 04:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 08:06 - 2015-05-26 04:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 08:06 - 2015-05-26 04:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 08:06 - 2015-05-26 04:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 08:06 - 2015-05-26 04:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 08:06 - 2015-05-26 04:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 08:06 - 2015-05-26 04:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 08:06 - 2015-05-26 04:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 04:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 08:06 - 2015-05-26 04:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 08:06 - 2015-05-26 04:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 08:06 - 2015-05-26 04:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 08:06 - 2015-05-26 04:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 08:06 - 2015-05-26 04:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 08:06 - 2015-05-26 04:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 08:06 - 2015-05-26 04:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 08:06 - 2015-05-26 04:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 08:06 - 2015-05-26 04:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 08:06 - 2015-05-26 04:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 08:06 - 2015-05-26 03:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 08:06 - 2015-05-26 03:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 08:06 - 2015-05-26 03:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 08:06 - 2015-05-26 03:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 08:06 - 2015-05-26 03:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 08:06 - 2015-05-26 03:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 03:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 08:06 - 2015-05-26 02:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 08:06 - 2015-05-26 02:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 08:06 - 2015-05-26 02:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:06 - 2015-05-26 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:06 - 2015-05-23 04:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 08:06 - 2015-05-23 04:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 08:06 - 2015-05-23 04:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 08:06 - 2015-05-23 04:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 08:06 - 2015-05-23 04:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 08:06 - 2015-05-23 04:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 08:06 - 2015-05-23 04:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 08:06 - 2015-05-21 23:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 08:06 - 2015-04-30 04:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 08:06 - 2015-04-30 04:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 08:06 - 2015-04-30 04:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 08:06 - 2015-04-30 04:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 08:06 - 2015-04-30 04:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 08:06 - 2015-04-30 04:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 08:06 - 2015-04-30 04:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 08:06 - 2015-04-30 04:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 08:06 - 2015-04-30 04:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 08:06 - 2015-04-30 04:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 08:05 - 2015-06-02 05:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 08:05 - 2015-06-02 04:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 08:05 - 2015-05-28 00:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 08:05 - 2015-05-28 00:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 08:05 - 2015-05-26 03:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 08:05 - 2015-05-23 13:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 08:05 - 2015-05-23 13:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 08:05 - 2015-05-23 13:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 08:05 - 2015-05-23 13:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 08:05 - 2015-05-23 13:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 08:05 - 2015-05-23 13:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 08:05 - 2015-05-23 13:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 08:05 - 2015-05-23 13:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 08:05 - 2015-05-23 13:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 08:05 - 2015-05-23 13:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 08:05 - 2015-05-23 13:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 08:05 - 2015-05-23 13:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 08:05 - 2015-05-23 13:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 08:05 - 2015-05-23 12:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 08:05 - 2015-05-23 12:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 08:05 - 2015-05-23 12:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 08:05 - 2015-05-23 12:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 08:05 - 2015-05-23 12:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 08:05 - 2015-05-23 12:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 08:05 - 2015-05-23 12:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 08:05 - 2015-05-23 12:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 08:05 - 2015-05-23 12:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 08:05 - 2015-05-23 12:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 08:05 - 2015-05-23 12:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 08:05 - 2015-05-23 12:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 08:05 - 2015-05-23 12:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 08:05 - 2015-05-23 05:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 08:05 - 2015-05-23 05:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 08:05 - 2015-05-23 05:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 08:05 - 2015-05-23 05:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 08:05 - 2015-05-23 05:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 08:05 - 2015-05-23 05:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 08:05 - 2015-05-23 05:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 08:05 - 2015-05-23 04:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 08:05 - 2015-05-23 04:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 08:05 - 2015-05-23 04:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 08:05 - 2015-05-23 04:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 08:05 - 2015-05-23 04:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 08:05 - 2015-05-23 04:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 08:05 - 2015-05-23 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 08:05 - 2015-05-23 04:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 08:05 - 2015-05-23 04:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 08:05 - 2015-05-23 04:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 08:05 - 2015-05-23 04:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 08:05 - 2015-05-23 04:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 08:05 - 2015-05-23 04:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 08:05 - 2015-05-23 04:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 08:05 - 2015-05-23 04:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 08:05 - 2015-05-23 04:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 08:05 - 2015-05-23 04:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 08:05 - 2015-05-23 04:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 08:05 - 2015-05-23 04:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 08:05 - 2015-05-23 03:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 08:05 - 2015-05-23 03:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 08:05 - 2015-05-23 03:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 08:05 - 2015-05-23 03:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 08:05 - 2015-04-25 04:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 08:05 - 2015-04-25 03:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 08:05 - 2015-04-11 13:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-08 14:09 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-08 14:09 - 2015-06-23 04:18 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-08 14:06 - 2015-07-03 16:17 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-08 14:06 - 2015-07-03 14:17 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-08 14:06 - 2015-06-08 14:12 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-08 14:06 - 2015-06-08 14:12 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-07 18:04 - 2015-06-07 18:26 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-06-07 18:04 - 2015-06-07 18:04 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nsz3768.tmp
2015-06-07 18:02 - 2015-06-07 18:02 - 00000000 ____D C:\Program Files (x86)\Steel Cut
2015-06-07 17:32 - 2015-06-08 09:08 - 00000000 ____D C:\Program Files (x86)\Edu App
2015-06-07 16:48 - 2015-06-08 09:08 - 00000000 ____D C:\Program Files (x86)\Infonaut_1.10.0.14
2015-06-07 10:35 - 2015-06-07 10:34 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nslB3AB.tmp
2015-06-07 09:29 - 2015-06-07 09:29 - 00000000 ____D C:\Program Files (x86)\Bin
2015-06-07 09:28 - 2015-07-01 14:19 - 00000000 ____D C:\Windows\Provider32
2015-06-07 09:28 - 2015-07-01 14:19 - 00000000 ____D C:\Windows\Provider
2015-06-07 09:28 - 2015-06-07 14:33 - 00173056 _____ C:\Windows\Provider20150607153412PM.dll
2015-06-07 09:28 - 2015-06-07 13:32 - 00173056 _____ C:\Windows\Provider20150607143339PM.dll
2015-06-07 09:28 - 2015-06-07 12:31 - 00173056 _____ C:\Windows\Provider20150607133242PM.dll
2015-06-07 09:28 - 2015-06-07 11:30 - 00173056 _____ C:\Windows\Provider20150607123144PM.dll
2015-06-07 09:28 - 2015-06-07 10:29 - 00173056 _____ C:\Windows\Provider20150607113045AM.dll
2015-06-07 09:28 - 2015-06-07 09:28 - 00000012 _____ C:\Windows\SysWOW64\0
2015-06-07 09:28 - 2015-06-02 18:30 - 00173056 _____ C:\Windows\Provider20150607102947AM.dll
2015-06-07 08:52 - 2015-06-06 03:35 - 00048776 _____ (StdLib) C:\Windows\system32\Drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys
2015-06-06 22:09 - 2015-06-06 22:09 - 00001377 _____ C:\Users\Kavapalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-06 21:59 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files\shopperz
2015-06-06 21:59 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-06-06 21:59 - 2015-06-07 09:28 - 00000045 _____ C:\user.js
2015-06-06 21:56 - 2015-06-06 21:56 - 00003166 _____ C:\Windows\System32\Tasks\{94009A26-E385-43D9-8038-C2BCB1C5F3B8}
2015-06-06 21:42 - 2015-06-06 21:42 - 00003164 _____ C:\Windows\System32\Tasks\{DD056BAA-C3D0-4C4B-9E90-013A9749C33D}
2015-06-06 13:25 - 2015-06-26 10:19 - 01133044 _____ C:\Windows\system32\CFG3294181778
2015-06-06 13:23 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\tor
2015-06-06 13:18 - 2015-06-29 21:25 - 00000000 ____D C:\Windows\Minidump
2015-06-06 12:31 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\Rainmaker_Software_Group_
2015-06-06 12:25 - 2015-06-06 12:25 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nsw5FF0.tmp
2015-06-06 12:24 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\Registry Helper
2015-06-06 11:17 - 2015-06-06 11:17 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-06-06 10:44 - 2015-06-06 10:44 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\One System Care
2015-06-06 10:44 - 2015-06-06 10:44 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\GWX
2015-06-06 10:40 - 2015-06-06 10:40 - 00000000 ____D C:\ProgramData\DesktopSearch
2015-06-06 10:30 - 2015-06-10 10:36 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-06-06 10:30 - 2015-06-08 10:36 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-06-06 10:30 - 2015-06-07 14:31 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-06-06 10:30 - 2015-06-07 10:36 - 00002834 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-06-06 10:30 - 2015-06-07 10:36 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-06-06 10:30 - 2015-06-07 10:36 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-06-06 10:28 - 2015-06-06 10:28 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nst6892.tmp
2015-06-06 10:28 - 2015-06-06 10:28 - 00000000 __SHD C:\Users\Kavapalu\AppData\Roaming\AnyProtectEx
2015-06-06 10:16 - 2015-06-06 21:40 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-06 10:06 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\SmartWeb
2015-06-06 10:06 - 2015-06-06 10:06 - 00004052 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-06-06 09:55 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\032B0290-1433584534-0539-E106-810700080009
2015-06-06 09:52 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009
2015-06-06 09:51 - 2015-06-06 09:51 - 00000000 ____D C:\Users\Guest\AppData\Local\Crossbrowse
2015-06-06 09:51 - 2015-06-06 09:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\Crossbrowse
2015-06-06 09:51 - 2015-06-06 09:51 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-06-06 09:44 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\kcpoohnmeengjfjimiocppcmadljgbbf
2015-06-06 09:44 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\16028421469776790400
2015-06-06 09:44 - 2015-06-06 09:44 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-06-06 09:43 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-06-06 09:43 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files (x86)\Priceless
2015-06-06 09:43 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-06-06 09:43 - 2015-06-06 09:43 - 00000000 ____D C:\Program Files (x86)\app_setup
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-03 16:23 - 2012-09-26 16:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-03 16:08 - 2013-02-03 08:27 - 01405853 _____ C:\Windows\WindowsUpdate.log
2015-07-03 14:30 - 2009-07-14 14:45 - 00025472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-03 14:30 - 2009-07-14 14:45 - 00025472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-03 14:21 - 2009-07-14 15:13 - 00006462 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-03 14:15 - 2015-02-05 15:21 - 00000512 _____ C:\LicenseBlock.dat
2015-07-03 14:15 - 2013-06-03 15:52 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-07-03 14:15 - 2013-01-09 20:07 - 00000424 ____H C:\Windows\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9}.job
2015-07-03 14:14 - 2009-07-14 15:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-03 12:54 - 2015-02-05 15:33 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\GSMiscDownload
2015-07-03 12:37 - 2013-09-11 18:03 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\Mp3tag
2015-07-01 14:19 - 2015-04-16 03:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-01 14:19 - 2015-04-06 10:02 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-01 14:19 - 2015-02-10 21:52 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\Apps\2.0
2015-07-01 14:19 - 2014-09-11 03:45 - 00000000 ____D C:\Windows\rescache
2015-07-01 14:19 - 2014-05-13 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-01 14:19 - 2014-03-27 17:04 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-01 14:19 - 2014-03-08 13:35 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\Skype
2015-07-01 14:19 - 2014-01-28 19:06 - 00000000 ____D C:\ProgramData\install_clap
2015-07-01 14:19 - 2013-09-05 15:40 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\vlc
2015-07-01 14:19 - 2012-12-16 17:05 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\dvdcss
2015-07-01 14:19 - 2012-10-15 13:46 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\DivX
2015-07-01 14:19 - 2012-10-04 21:46 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\AVCWare
2015-07-01 14:19 - 2012-09-26 16:29 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-07-01 14:19 - 2012-09-26 16:29 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-01 14:19 - 2012-09-26 15:08 - 00000000 ____D C:\Users\Kavapalu
2015-07-01 14:19 - 2009-07-14 15:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-01 14:19 - 2009-07-14 13:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-01 14:19 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\servicing
2015-07-01 14:19 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\registration
2015-07-01 14:19 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-01 14:19 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\AppCompat
2015-07-01 14:19 - 2009-07-14 13:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-30 19:41 - 2012-09-26 15:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-30 19:05 - 2014-11-23 22:25 - 00002170 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-29 22:37 - 2015-05-07 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-06-29 22:37 - 2015-05-04 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-06-29 22:37 - 2015-04-13 09:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-06-29 22:37 - 2015-04-13 09:01 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-29 22:37 - 2015-04-13 09:01 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-06-29 22:37 - 2015-04-06 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-29 22:37 - 2015-01-22 20:07 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2015-06-29 22:37 - 2015-01-02 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-29 22:37 - 2014-11-10 13:44 - 00000000 ____D C:\Program Files\iTunes
2015-06-29 22:37 - 2014-06-25 20:03 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\AskPartnerNetwork
2015-06-29 22:37 - 2014-03-08 13:35 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-29 22:37 - 2014-03-08 13:35 - 00000000 ____D C:\ProgramData\Skype
2015-06-29 22:37 - 2014-01-13 20:41 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2015-06-29 22:37 - 2013-07-04 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-06-29 22:37 - 2013-07-04 22:13 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2015-06-29 22:37 - 2013-01-09 20:07 - 00000000 ____D C:\Program Files (x86)\SoftQuick
2015-06-29 22:37 - 2012-10-31 19:06 - 00000000 ____D C:\Program Files\Bonjour
2015-06-29 22:37 - 2012-10-31 19:06 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-06-29 22:37 - 2012-09-27 10:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-29 22:37 - 2012-09-26 16:32 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-29 22:37 - 2010-11-21 17:16 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-29 22:36 - 2015-04-09 15:25 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\Apowersoft
2015-06-29 22:36 - 2015-04-06 10:02 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-29 22:36 - 2014-10-13 14:37 - 00000000 ____D C:\Users\Kavapalu\Downloads\ʻOfá-ko e ʻElito ʻo e Ongoongoleleí - Thomas S. Monson_files
2015-06-29 22:36 - 2014-05-14 16:59 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\Browser Extensions
2015-06-29 22:36 - 2014-01-28 19:10 - 00000000 ____D C:\Users\Public\CyberLink
2015-06-29 22:36 - 2013-07-04 22:13 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-06-29 22:36 - 2012-10-05 18:01 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-06-29 22:36 - 2010-11-21 17:16 - 00000000 ____D C:\Windows\ShellNew
2015-06-29 22:36 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-06-29 22:36 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-29 22:36 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\system32\Dism
2015-06-29 22:36 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-29 20:06 - 2012-11-12 19:55 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\Unity
2015-06-29 20:05 - 2013-09-16 17:13 - 00000000 ____D C:\Program Files (x86)\MixMeister Fusion
2015-06-29 19:56 - 2014-01-28 19:06 - 00000000 ____D C:\Program Files\CyberLink
2015-06-29 19:54 - 2013-06-28 10:27 - 00000000 ____D C:\Program Files (x86)\GRID 2
2015-06-29 19:54 - 2013-04-03 15:32 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-06-25 04:27 - 2012-09-26 16:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-25 04:27 - 2012-09-26 16:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-25 04:27 - 2012-09-26 16:29 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-11 03:21 - 2009-07-14 14:45 - 05052720 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 03:04 - 2013-07-21 03:01 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 03:01 - 2012-10-02 15:11 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-08 14:06 - 2015-02-10 21:52 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\Deployment
2015-06-08 14:06 - 2012-09-26 16:29 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-08 13:52 - 2015-05-07 22:04 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\Pro_PC_Cleaner
2015-06-07 08:58 - 2012-10-15 13:45 - 00000000 ____D C:\Program Files (x86)\DivX
2015-06-07 08:58 - 2012-10-15 13:43 - 00000000 ____D C:\ProgramData\DivX
2015-06-07 08:57 - 2012-10-15 13:45 - 00000000 ____D C:\Program Files\DivX
2015-06-07 08:53 - 2009-07-14 12:34 - 00000580 _____ C:\Windows\win.ini
2015-06-07 02:02 - 2014-07-12 09:51 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-06-06 13:22 - 2015-05-07 22:04 - 00000000 ____D C:\Users\Kavapalu\Documents\ProPCCleaner
2015-06-06 12:55 - 2012-09-26 16:29 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-06 09:46 - 2014-08-18 17:48 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\Dropbox
 
==================== Files in the root of some directories =======
 
2012-06-25 18:58 - 2012-06-25 18:58 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2009-07-14 09:19 - 2009-07-14 11:14 - 0450560 _____ () C:\Users\Kavapalu\AppData\Roaming\BackUp3294181778.exe
2014-01-03 17:27 - 2014-01-04 05:20 - 0021731 _____ () C:\Users\Kavapalu\AppData\Roaming\LiveSupport.exe_log.txt
2014-01-03 17:27 - 2014-01-04 05:20 - 0000092 _____ () C:\Users\Kavapalu\AppData\Roaming\regsvr32.exe_log.txt
2014-01-03 10:43 - 2014-03-31 23:24 - 0000178 _____ () C:\Users\Kavapalu\AppData\Roaming\WB.CFG
2013-09-21 14:05 - 2014-03-16 14:46 - 0020480 _____ () C:\Users\Kavapalu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-07 10:35 - 2015-06-07 10:34 - 0613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nslB3AB.tmp
2015-06-06 10:28 - 2015-06-06 10:28 - 0613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nst6892.tmp
2015-06-06 12:25 - 2015-06-06 12:25 - 0613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nsw5FF0.tmp
2015-06-07 18:04 - 2015-06-07 18:04 - 0613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nsz3768.tmp
2015-07-02 17:41 - 2015-07-02 17:41 - 0000017 _____ () C:\Users\Kavapalu\AppData\Local\resmon.resmoncfg
2008-02-06 07:28 - 2008-02-06 07:28 - 0000051 _____ () C:\Users\Kavapalu\AppData\Local\setup.txt
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-03 00:27
 
==================== End of log ============================

  • 0

#7
ntk04

ntk04

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Kavapalu at 2015-07-03 16:32:28
Running from C:\Users\Kavapalu\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2443050622-1473135098-2417645833-500 - Administrator - Disabled)
Guest (S-1-5-21-2443050622-1473135098-2417645833-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2443050622-1473135098-2417645833-1024 - Limited - Enabled)
Kavapalu (S-1-5-21-2443050622-1473135098-2417645833-1000 - Administrator - Enabled) => C:\Users\Kavapalu
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
ACID Pro 7.0 (HKLM-x32\...\{BFA5441E-B7E6-46F5-A15D-1B74707AE93A}) (Version: 7.0.641 - Sony)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{CA9A3E57-7DEB-BEFC-409E-FC704DD0B1AE}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Quicktime Pro  v7.71 (HKLM-x32\...\Apple Quicktime Pro ) (Version: v7.71 - )
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.3.2.533 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Browser Extensions (HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.4 - Spigot, Inc.) <==== ATTENTION
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
ContinueToSave (HKLM\...\{FC304692-AF24-48B4-AA5F-E70627D36464}) (Version: 1.0 - ) <==== ATTENTION
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft)
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version:  - Image-Line)
FlexiSTARTER 10.5 P-Cut Edition (HKLM-x32\...\{9BF5D547-A025-4888-9AED-7D40B045CAB1}) (Version: 10.0.1 - SA International)
FlexiSTARTER 10.5 P-Cut Edition1 (HKLM-x32\...\{7DC9829D-433F-4188-BE5D-6D73765E0606}) (Version: 10.0.1 - SA International)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hardcore (HKLM-x32\...\Hardcore) (Version:  - Image-Line)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® Network Connections 16.5.2.0 (HKLM\...\PROSetDX) (Version: 16.5.2.0 - Intel)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
JavaFX 2.0.3 (HKLM-x32\...\{1111706F-666A-4037-7777-203328764D10}) (Version: 2.0.3 - Oracle Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell)
MediaHuman YouTube to MP3 Converter version 3.7.7 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.7.7 - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PoiZone (HKLM-x32\...\PoiZone) (Version:  - Image-Line)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
QuickShare (HKLM-x32\...\{1B325F70-A984-421E-8407-06683E6EF03B}) (Version: 1.90.60.12091 - Linkury Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Sawer (HKLM-x32\...\Sawer) (Version:  - Image-Line)
Search Assistant SoftQuick 1.66 (HKLM-x32\...\SP_a8235b05) (Version:  - ) <==== ATTENTION
Self-service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Sentinel Protection Installer 7.6.4 (HKLM-x32\...\{7444785E-886F-4989-A69E-6394E36F3982}) (Version: 7.6.4 - SafeNet, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sound Blaster Recon3Di (HKLM-x32\...\{DBF859C2-5EA1-4744-9444-AD415C777CAE}) (Version: 1.00.08 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{5C12B035-6632-431F-93AA-E8CB8421E507}) (Version: 1.0 - Creative Technology Limited)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.04 - NCH Software)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.48 - NCH Software)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
YTD Toolbar v10.0 (HKLM-x32\...\{2FC2E07A-482B-4BA5-B5E4-9286260585B1}) (Version: 10.0 - Spigot, Inc.) <==== ATTENTION
YTD Video Downloader 4.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.9 - GreenTree Applications SRL) <==== ATTENTION
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
==================== Restore Points =========================
 
30-06-2015 19:38:59 Restore Operation
01-07-2015 14:33:22 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 12:34 - 2014-04-02 19:34 - 00001128 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip.adobe.com 
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com 
127.0.0.1 adobeereg.com crl.verisign.net ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com 
127.0.0.1 lm.licenses.adobe.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa practivate.adobe.ntp 
127.0.0.1 wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip60.adobe.com www.adobeereg.com www.wip.adobe.com www.wip1.adobe.com 
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com cmdls.adobe.com na1r.services.adobe.com prod-rel-ffc-ccm.oobesaas.adobe.com 
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07EFDAD3-856E-46A8-A4DD-18D9B64EBD15} - System32\Tasks\{94009A26-E385-43D9-8038-C2BCB1C5F3B8} => pcalua.exe -a C:\Users\Kavapalu\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=face
Task: {0AD2BAC6-525C-4DE3-961A-7996EF73817B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-25] (Adobe Systems Incorporated)
Task: {0F26F9F2-7633-486D-8804-B0D330054180} - System32\Tasks\{3348B5F1-5EA0-4B6D-BD3B-FE3E45062FED} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12] (Avast Software s.r.o.)
Task: {277E298D-1D90-4EE8-9FBA-DAA49C7771D1} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {391F01BE-0B86-420C-8134-60E017922AAF} - System32\Tasks\{DD056BAA-C3D0-4C4B-9E90-013A9749C33D} => pcalua.exe -a C:\Users\Kavapalu\AppData\Roaming\oursurfing\UninstallManager.exe -c  -ptid=amt
Task: {410E1800-056A-49CB-8991-C098704A2C58} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-02] (Avast Software s.r.o.)
Task: {43DF099D-3C1D-4DD1-96E9-1F31FCFB3874} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {4D6585FD-36C1-4198-A8BF-5A02F194C894} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {5BAADB72-ABC4-4983-AD38-573EA037C676} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {63A71AA2-BF3E-4C6B-9B1C-46B89C556934} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Kavapalu\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {7216F8F8-8B2F-4380-9A3B-C964851AC2C9} - System32\Tasks\{D460FE0E-FC5D-496E-BBA1-06DB649B9CED} => pcalua.exe -a C:\Users\Kavapalu\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=pjr <==== ATTENTION
Task: {77ABAB37-A522-4D1D-B078-496B2F895B61} - System32\Tasks\{62B04FAC-B806-44E8-AA86-C61372E6F559} => pcalua.exe -a "C:\Program Files (x86)\video MediaPlay-Air\Uninstall.exe" -c /fcp=1
Task: {7964E3E0-FEAA-4F0A-B2E5-4938C8D49DE0} - System32\Tasks\avastBCLRestartS-1-5-21-2443050622-1473135098-2417645833-1000 => Chrome.exe 
Task: {7E8F0060-3957-435B-843F-0215FFF6B962} - \RocketTab No Task File <==== ATTENTION
Task: {994027F3-989C-499C-9336-72B2A599FD96} - System32\Tasks\{DC255792-3B22-48D8-BC2D-1994557E1F68} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12] (Avast Software s.r.o.)
Task: {9C2A9D79-288A-4BFC-BE66-52A9FC0CE2CB} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {9E245820-3DBA-4374-A7B7-87D0C427DBBB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {A5FB5F14-1DAF-4F3B-A09E-624B8D7A7D4C} - System32\Tasks\{4F219862-A8AE-4732-958B-9A9F4AB1C545} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12] (Avast Software s.r.o.)
Task: {A94626FF-1B9B-4870-839A-9A5EA8B7B0C1} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {AA98DCA9-1B52-49E9-B8A5-103B6BC56C5B} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {AB03535E-8E06-4EFE-B501-0979F609C479} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-08] (Google Inc.)
Task: {AF98B5DD-5275-487E-B4DA-DDF64F2BBCEF} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {AFA9911F-309D-40B4-ADF2-93DE1972D955} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Nero AG)
Task: {BC1C72B5-4434-413E-892F-A4EC1A33F5A9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2443050622-1473135098-2417645833-1000
Task: {CEC4B81C-AFEB-452E-983F-35316BE19FB9} - System32\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9} => C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe [2012-09-20] () <==== ATTENTION
Task: {D498BF0A-39EC-42A9-92AF-31413CE5CE2D} - System32\Tasks\{F714B691-971A-470D-AFF1-90A8ECD96D65} => pcalua.exe -a "C:\Program Files (x86)\HDtubeV1.6\Uninstall.exe" -c /fcp=1
Task: {D8CBB473-6ABE-4458-B727-65A776AD3912} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-08] (Google Inc.)
Task: {DE4F9994-421D-4976-8876-551049E4EC6C} - System32\Tasks\{AE32A931-FFE4-4EB6-9B45-25CF835AED43} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12] (Avast Software s.r.o.)
Task: {F1FA9201-DDF4-435A-B48B-0C215917643F} - System32\Tasks\{FF49981C-7876-40A7-B327-A51206213783} => C:\Program Files (x86)\McAfee Security Scan\3.0.318\mcuicnt.exe
Task: {FA42D7C4-0798-402A-B4EF-5A889CA99D9A} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{31171438-2541-4650-9B31-1FEE14008209}.exe
Task: {FCD9CA64-A56D-4066-9C85-3BBD5A8E1CA3} - System32\Tasks\{7D2547B7-D93F-4A74-A23F-39C67928A862} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12] (Avast Software s.r.o.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{31171438-2541-4650-9B31-1FEE14008209}.exe <==== ATTENTION
Task: C:\Windows\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9}.job => C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exeK/schedule /profilepath C:\ProgramData\Premium\ContinueToSave\profile.ini <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-01-09 20:07 - 2012-09-20 00:50 - 00233472 ____N () C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe
2015-04-06 19:45 - 2012-10-31 19:59 - 00427600 _____ () C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\ExImg\ImageRoot\SKLoader.exe
2015-04-06 19:45 - 2012-10-09 16:36 - 00135248 _____ () C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\LEWD.exe
2015-04-06 19:45 - 2012-04-23 15:38 - 00345128 _____ () C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\LinkEngKM.exe
2015-04-06 19:45 - 2012-04-13 16:48 - 00038440 _____ () C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\OSW08.dll
2015-04-06 19:45 - 2011-08-11 15:25 - 00035368 _____ () C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\2208KM_HID.dll
2015-04-06 19:45 - 2011-04-29 14:26 - 00073728 _____ () C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\ProdLic.DLL
2015-04-06 19:45 - 2015-07-03 14:15 - 00038440 _____ () C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\Common\OTiOSW08.dll
2015-04-06 19:45 - 2011-04-29 14:26 - 00073728 _____ () C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\ProdLic.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-06-23 04:18 - 2015-06-20 15:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 04:18 - 2015-06-20 15:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-23 04:18 - 2015-06-20 15:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:661DFA1C
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kavapalu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: Creative ALchemy AL6 Licensing Service => 3
MSCONFIG\Services: Creative Audio Engine Licensing Service => 3
MSCONFIG\Services: CTAudSvcService => 2
MSCONFIG\Services: CtHdaSvc => 2
MSCONFIG\Services: cybusyro => 2
MSCONFIG\Services: dequzody => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IHProtect Service => 2
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel® PROSet Monitoring Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: SAiAdmin => 2
MSCONFIG\Services: SAiDownloader => 2
MSCONFIG\Services: SAiDownloaderVista => 2
MSCONFIG\Services: SAiLicSvr => 2
MSCONFIG\Services: SentinelKeysServer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: UpdateDustTool => 2
MSCONFIG\Services: vToolbarUpdater18.1.9 => 2
MSCONFIG\Services: WindowsMangerProtect => 2
MSCONFIG\Services: WTabletServicePro => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Kavapalu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SmartWeb.lnk => C:\Windows\pss\SmartWeb.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackUp3294181778 => C:\Users\Kavapalu\AppData\Roaming\BackUp3294181778.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: CS Dispatch => C:\Users\Kavapalu\AppData\Roaming\OTi\MacKMLink1261\FunctModules\{8AEC7F86-B5F4-499b-9ACE-203F46E4469D}\MacKMLink.exe -GN:RunFromRegistry
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: SmartWeb => C:\Users\Kavapalu\AppData\Local\SmartWeb\SmartWebHelper.exe
MSCONFIG\startupreg: Sound Blaster Recon3Di Control Panel => "C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" /r
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{09617D37-7AC9-4C5B-8FEB-746989EE144B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4E1FF287-1BC4-4496-B15F-A38B0BF513B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7D5CA940-1869-4CB5-B43F-60813F1F04D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: innfd_1_10_0_14
Description: innfd_1_10_0_14
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: innfd_1_10_0_14
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: scfd_1_10_0_16
Description: scfd_1_10_0_16
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: scfd_1_10_0_16
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: cherimoya
Description: cherimoya
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: cherimoya
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: Network Controller
Description: Network Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/03/2015 02:21:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (07/03/2015 02:21:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (07/03/2015 00:56:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (07/03/2015 00:56:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (07/03/2015 09:30:34 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
Error: (07/03/2015 09:30:32 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
Error: (07/03/2015 09:30:29 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
Error: (07/03/2015 04:30:28 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
Error: (07/03/2015 04:30:27 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
Error: (07/03/2015 04:30:27 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
 
System errors:
=============
Error: (07/03/2015 02:15:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cherimoya
innfd_1_10_0_14
scfd_1_10_0_16
 
Error: (07/03/2015 02:15:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the GS-Supporter service to connect.
 
Error: (07/03/2015 02:14:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Antivirus service failed to start due to the following error: 
%%1053
 
Error: (07/03/2015 02:14:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Avast Antivirus service to connect.
 
Error: (07/02/2015 06:30:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cherimoya
innfd_1_10_0_14
scfd_1_10_0_16
 
Error: (07/02/2015 06:30:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the GS-Supporter service to connect.
 
Error: (07/02/2015 06:30:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Antivirus service failed to start due to the following error: 
%%1053
 
Error: (07/02/2015 06:30:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Avast Antivirus service to connect.
 
Error: (07/02/2015 06:03:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/02/2015 06:03:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office:
=========================
Error: (07/03/2015 02:21:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (07/03/2015 02:21:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (07/03/2015 00:56:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (07/03/2015 00:56:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (07/03/2015 09:30:34 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
Error: (07/03/2015 09:30:32 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
Error: (07/03/2015 09:30:29 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
Error: (07/03/2015 04:30:28 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
Error: (07/03/2015 04:30:27 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
Error: (07/03/2015 04:30:27 AM) (Source: ContinueToSaveUpdater) (EventID: 0) (User: )
Description: BITS download job failed -2145386479 The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 15%
Total physical RAM: 16344.02 MB
Available physical RAM: 13745.57 MB
Total Pagefile: 32688.03 MB
Available Pagefile: 30018.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:167.58 GB) (Free:16.3 GB) NTFS
Drive d: (Main Drive) (Fixed) (Total:1863.01 GB) (Free:264.36 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 43FF3357)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=167.6 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: CE7B45B8)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 1026 KB) (Disk ID: 000A0D2E)
 

 

==================== End of log ============================

  • 0

#8
ntk04

ntk04

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hi

 

I've managed to finally download it and done what you've requested as above...... waiting now for yr further instructions..... 


  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK there is a lot of adware there, you should notice a marked improvement as each fix is run


CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_au_319] => [X]
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2004360 2015-04-28] (APN)
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File not found
AppInit_DLLs-x32: c:\progra~2\suptab\search~1.dll => "c:\progra~2\suptab\search~1.dll" File not found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsur...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsur...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsur...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsur...q={searchTerms}
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...q={searchTerms}
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfin...V228103ZC180EGN
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://iat.ninemsn.c....aspx?ocid=iehp
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfin...V228103ZC180EGN
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {36F24AAC-F7DC-4C56-ADAB-7BD6D4ED9BB9} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {45181BA8-CCE0-48F4-8C39-26FF2543938F} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {F4552911-7267-4D59-9A51-15E52E9AAD95} URL = http://www.istartsur...q={searchTerms}
BHO: PriceLEss -> {71CBADA6-DE75-43F0-A300-FBA60F9CB6B2} -> C:\Program Files (x86)\PriceLEss\Ftl1Z8XQjuizJl.x64.dll [2015-06-06] ()
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-06-03] (Thinknice Co. Limited)
BHO-x32: PriceLEss -> {71CBADA6-DE75-43F0-A300-FBA60F9CB6B2} -> C:\Program Files (x86)\PriceLEss\Ftl1Z8XQjuizJl.dll [2015-06-06] ()
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2014-04-09]
FF HKLM\...\Firefox\Extensions: [{c3357769-3570-481c-9554-97865d9054e4}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{c3357769-3570-481c-9554-97865d9054e4}] - C:\Program Files\shopperz\Firefox
CHR Extension: (dlbemabjbfhjcccahjioenmkgimjbbkd) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlbemabjbfhjcccahjioenmkgimjbbkd [2015-06-09]
CHR Extension: (oadboiipflhobonjjffjbfekfjcgkhco) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2015-06-10]
CHR HKLM\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-11-27]
CHR HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elommhojblmkninghaiajeijoinkihmk] - C:\Users\Kavapalu\AppData\Local\CRE\elommhojblmkninghaiajeijoinkihmk.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [elommhojblmkninghaiajeijoinkihmk] - C:\Users\Kavapalu\AppData\Local\CRE\elommhojblmkninghaiajeijoinkihmk.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jnikkfemnfogahcandhlchoengjbeaij] - C:\Program Files (x86)\LyricsWoofer\125.crx [Not Found]
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-28] (APN LLC.)
S4 cybusyro; C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009\jnsk5C01.tmp [223232 2015-06-06] () [File not signed]
S4 dequzody; C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009\hnsf77EC.tmp [167424 2015-06-06] () [File not signed]
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125056 2015-06-03] (XTab system)
S4 UpdateDustTool; C:\Windows\Provider\UpdaterToolService.exe [111616 2015-04-22] (VIS without Co) [File not signed]
S4 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [695976 2015-06-06] (DTools LIMITED) <==== ATTENTION
S2 e81a9dc1; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs-ena~1\AssistantSvc.dll",service
R1 {ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64; C:\Windows\System32\drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys [48776 2015-06-06] (StdLib)
S3 BS3294181778; \??\C:\Users\Kavapalu\AppData\Local\Temp\NTFS.sys [X]
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S1 scfd_1_10_0_16; system32\drivers\scfd_1_10_0_16.sys [X]
2015-07-03 16:29 - 2015-07-03 16:29 - 00002379 _____ C:\Windows\system32\DB3294181778
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{DC255792-3B22-48D8-BC2D-1994557E1F68}
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{AE32A931-FFE4-4EB6-9B45-25CF835AED43}
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{7D2547B7-D93F-4A74-A23F-39C67928A862}
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{4F219862-A8AE-4732-958B-9A9F4AB1C545}
2015-07-01 14:23 - 2015-07-01 14:23 - 00002978 _____ C:\Windows\System32\Tasks\{3348B5F1-5EA0-4B6D-BD3B-FE3E45062FED}
2015-06-07 18:04 - 2015-06-07 18:26 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-06-07 18:04 - 2015-06-07 18:04 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nsz3768.tmp
2015-06-07 16:48 - 2015-06-08 09:08 - 00000000 ____D C:\Program Files (x86)\Infonaut_1.10.0.14
2015-06-07 10:35 - 2015-06-07 10:34 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nslB3AB.tmp
2015-06-07 09:29 - 2015-06-07 09:29 - 00000000 ____D C:\Program Files (x86)\Bin
2015-06-07 09:28 - 2015-07-01 14:19 - 00000000 ____D C:\Windows\Provider32
2015-06-07 09:28 - 2015-07-01 14:19 - 00000000 ____D C:\Windows\Provider
2015-06-07 09:28 - 2015-06-07 14:33 - 00173056 _____ C:\Windows\Provider20150607153412PM.dll
2015-06-07 09:28 - 2015-06-07 13:32 - 00173056 _____ C:\Windows\Provider20150607143339PM.dll
2015-06-07 09:28 - 2015-06-07 12:31 - 00173056 _____ C:\Windows\Provider20150607133242PM.dll
2015-06-07 09:28 - 2015-06-07 11:30 - 00173056 _____ C:\Windows\Provider20150607123144PM.dll
2015-06-07 09:28 - 2015-06-07 10:29 - 00173056 _____ C:\Windows\Provider20150607113045AM.dll
2015-06-07 09:28 - 2015-06-07 09:28 - 00000012 _____ C:\Windows\SysWOW64\0
2015-06-07 09:28 - 2015-06-02 18:30 - 00173056 _____ C:\Windows\Provider20150607102947AM.dll
2015-06-07 08:52 - 2015-06-06 03:35 - 00048776 _____ (StdLib) C:\Windows\system32\Drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys
2015-06-06 21:59 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files\shopperz
2015-06-06 21:59 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-06-06 21:59 - 2015-06-07 09:28 - 00000045 _____ C:\user.js
2015-06-06 21:56 - 2015-06-06 21:56 - 00003166 _____ C:\Windows\System32\Tasks\{94009A26-E385-43D9-8038-C2BCB1C5F3B8}
2015-06-06 21:42 - 2015-06-06 21:42 - 00003164 _____ C:\Windows\System32\Tasks\{DD056BAA-C3D0-4C4B-9E90-013A9749C33D}
2015-06-06 13:25 - 2015-06-26 10:19 - 01133044 _____ C:\Windows\system32\CFG3294181778
2015-06-06 13:23 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\tor
2015-06-06 12:25 - 2015-06-06 12:25 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nsw5FF0.tmp
2015-06-06 12:24 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\Registry Helper
2015-06-06 11:17 - 2015-06-06 11:17 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-06-06 10:44 - 2015-06-06 10:44 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\One System Care
2015-06-06 10:40 - 2015-06-06 10:40 - 00000000 ____D C:\ProgramData\DesktopSearch
2015-06-06 10:30 - 2015-06-10 10:36 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-06-06 10:30 - 2015-06-08 10:36 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-06-06 10:30 - 2015-06-07 14:31 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-06-06 10:30 - 2015-06-07 10:36 - 00002834 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-06-06 10:30 - 2015-06-07 10:36 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-06-06 10:30 - 2015-06-07 10:36 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-06-06 10:28 - 2015-06-06 10:28 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nst6892.tmp
2015-06-06 10:28 - 2015-06-06 10:28 - 00000000 __SHD C:\Users\Kavapalu\AppData\Roaming\AnyProtectEx
2015-06-06 10:16 - 2015-06-06 21:40 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-06 10:06 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\SmartWeb
2015-06-06 10:06 - 2015-06-06 10:06 - 00004052 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-06-06 09:55 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\032B0290-1433584534-0539-E106-810700080009
2015-06-06 09:52 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009
2015-06-06 09:51 - 2015-06-06 09:51 - 00000000 ____D C:\Users\Guest\AppData\Local\Crossbrowse
2015-06-06 09:51 - 2015-06-06 09:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\Crossbrowse
2015-06-06 09:51 - 2015-06-06 09:51 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-06-06 09:44 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\kcpoohnmeengjfjimiocppcmadljgbbf
2015-06-06 09:44 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\16028421469776790400
2015-06-06 09:44 - 2015-06-06 09:44 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-06-06 09:43 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-06-06 09:43 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files (x86)\Priceless
2015-06-06 09:43 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-06-06 09:43 - 2015-06-06 09:43 - 00000000 ____D C:\Program Files (x86)\app_setup
2015-07-03 14:15 - 2013-06-03 15:52 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-07-03 14:15 - 2013-01-09 20:07 - 00000424 ____H C:\Windows\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9}.job
2015-06-29 22:37 - 2015-05-07 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-06-29 22:36 - 2014-05-14 16:59 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\Browser Extensions
2015-06-07 02:02 - 2014-07-12 09:51 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-06-06 13:22 - 2015-05-07 22:04 - 00000000 ____D C:\Users\Kavapalu\Documents\ProPCCleaner
Task: {277E298D-1D90-4EE8-9FBA-DAA49C7771D1} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {391F01BE-0B86-420C-8134-60E017922AAF} - System32\Tasks\{DD056BAA-C3D0-4C4B-9E90-013A9749C33D} => pcalua.exe -a C:\Users\Kavapalu\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=amt
Task: {4D6585FD-36C1-4198-A8BF-5A02F194C894} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {63A71AA2-BF3E-4C6B-9B1C-46B89C556934} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Kavapalu\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {7216F8F8-8B2F-4380-9A3B-C964851AC2C9} - System32\Tasks\{D460FE0E-FC5D-496E-BBA1-06DB649B9CED} => pcalua.exe -a C:\Users\Kavapalu\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=pjr <==== ATTENTION
Task: {7E8F0060-3957-435B-843F-0215FFF6B962} - \RocketTab No Task File <==== ATTENTION
Task: {9C2A9D79-288A-4BFC-BE66-52A9FC0CE2CB} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {9E245820-3DBA-4374-A7B7-87D0C427DBBB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {AA98DCA9-1B52-49E9-B8A5-103B6BC56C5B} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {AF98B5DD-5275-487E-B4DA-DDF64F2BBCEF} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {CEC4B81C-AFEB-452E-983F-35316BE19FB9} - System32\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9} => C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe [2012-09-20] () <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{31171438-2541-4650-9B31-1FEE14008209}.exe <==== ATTENTION
Task: C:\Windows\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9}.job => C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exeK/schedule /profilepath C:\ProgramData\Premium\ContinueToSave\profile.ini <==== ATTENTION
C:\Program Files (x86)\AskPartnerNetwork
C:\ProgramData\Premium
C:\Program Files (x86)\MiuiTab
C:\Program Files (x86)\PriceLEss
C:\Program Files\shopperz
C:\Program Files (x86)\Lyrics
C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009
C:\Windows\Provider
C:\ProgramData\WindowsMangerProtect
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#10
ntk04

ntk04

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Here is the fix log:

Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01

Ran by Kavapalu at 2015-07-04 01:01:02 Run:1
Running from C:\Users\Kavapalu\Downloads
Loaded Profiles: Kavapalu (Available Profiles: Kavapalu)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_au_319] => [X]
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2004360 2015-04-28] (APN)
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File not found
AppInit_DLLs-x32: c:\progra~2\suptab\search~1.dll => "c:\progra~2\suptab\search~1.dll" File not found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsur...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsur...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfin...V228103ZC180EGN
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsur...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsur...q={searchTerms}
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...q={searchTerms}
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfin...V228103ZC180EGN
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://iat.ninemsn.c....aspx?ocid=iehp
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfin...V228103ZC180EGN
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {36F24AAC-F7DC-4C56-ADAB-7BD6D4ED9BB9} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {45181BA8-CCE0-48F4-8C39-26FF2543938F} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> {F4552911-7267-4D59-9A51-15E52E9AAD95} URL = http://www.istartsur...q={searchTerms}
BHO: PriceLEss -> {71CBADA6-DE75-43F0-A300-FBA60F9CB6B2} -> C:\Program Files (x86)\PriceLEss\Ftl1Z8XQjuizJl.x64.dll [2015-06-06] ()
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-06-03] (Thinknice Co. Limited)
BHO-x32: PriceLEss -> {71CBADA6-DE75-43F0-A300-FBA60F9CB6B2} -> C:\Program Files (x86)\PriceLEss\Ftl1Z8XQjuizJl.dll [2015-06-06] ()
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-2443050622-1473135098-2417645833-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2014-04-09]
FF HKLM\...\Firefox\Extensions: [{c3357769-3570-481c-9554-97865d9054e4}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{c3357769-3570-481c-9554-97865d9054e4}] - C:\Program Files\shopperz\Firefox
CHR Extension: (dlbemabjbfhjcccahjioenmkgimjbbkd) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlbemabjbfhjcccahjioenmkgimjbbkd [2015-06-09]
CHR Extension: (oadboiipflhobonjjffjbfekfjcgkhco) - C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2015-06-10]
CHR HKLM\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-11-27]
CHR HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elommhojblmkninghaiajeijoinkihmk] - C:\Users\Kavapalu\AppData\Local\CRE\elommhojblmkninghaiajeijoinkihmk.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [elommhojblmkninghaiajeijoinkihmk] - C:\Users\Kavapalu\AppData\Local\CRE\elommhojblmkninghaiajeijoinkihmk.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jnikkfemnfogahcandhlchoengjbeaij] - C:\Program Files (x86)\LyricsWoofer\125.crx [Not Found]
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-28] (APN LLC.)
S4 cybusyro; C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009\jnsk5C01.tmp [223232 2015-06-06] () [File not signed]
S4 dequzody; C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009\hnsf77EC.tmp [167424 2015-06-06] () [File not signed]
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125056 2015-06-03] (XTab system)
S4 UpdateDustTool; C:\Windows\Provider\UpdaterToolService.exe [111616 2015-04-22] (VIS without Co) [File not signed]
S4 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [695976 2015-06-06] (DTools LIMITED) <==== ATTENTION
S2 e81a9dc1; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs-ena~1\AssistantSvc.dll",service
R1 {ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64; C:\Windows\System32\drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys [48776 2015-06-06] (StdLib)
S3 BS3294181778; \??\C:\Users\Kavapalu\AppData\Local\Temp\NTFS.sys [X]
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S1 scfd_1_10_0_16; system32\drivers\scfd_1_10_0_16.sys [X]
2015-07-03 16:29 - 2015-07-03 16:29 - 00002379 _____ C:\Windows\system32\DB3294181778
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{DC255792-3B22-48D8-BC2D-1994557E1F68}
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{AE32A931-FFE4-4EB6-9B45-25CF835AED43}
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{7D2547B7-D93F-4A74-A23F-39C67928A862}
2015-07-01 14:24 - 2015-07-01 14:24 - 00002978 _____ C:\Windows\System32\Tasks\{4F219862-A8AE-4732-958B-9A9F4AB1C545}
2015-07-01 14:23 - 2015-07-01 14:23 - 00002978 _____ C:\Windows\System32\Tasks\{3348B5F1-5EA0-4B6D-BD3B-FE3E45062FED}
2015-06-07 18:04 - 2015-06-07 18:26 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-06-07 18:04 - 2015-06-07 18:04 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nsz3768.tmp
2015-06-07 16:48 - 2015-06-08 09:08 - 00000000 ____D C:\Program Files (x86)\Infonaut_1.10.0.14
2015-06-07 10:35 - 2015-06-07 10:34 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nslB3AB.tmp
2015-06-07 09:29 - 2015-06-07 09:29 - 00000000 ____D C:\Program Files (x86)\Bin
2015-06-07 09:28 - 2015-07-01 14:19 - 00000000 ____D C:\Windows\Provider32
2015-06-07 09:28 - 2015-07-01 14:19 - 00000000 ____D C:\Windows\Provider
2015-06-07 09:28 - 2015-06-07 14:33 - 00173056 _____ C:\Windows\Provider20150607153412PM.dll
2015-06-07 09:28 - 2015-06-07 13:32 - 00173056 _____ C:\Windows\Provider20150607143339PM.dll
2015-06-07 09:28 - 2015-06-07 12:31 - 00173056 _____ C:\Windows\Provider20150607133242PM.dll
2015-06-07 09:28 - 2015-06-07 11:30 - 00173056 _____ C:\Windows\Provider20150607123144PM.dll
2015-06-07 09:28 - 2015-06-07 10:29 - 00173056 _____ C:\Windows\Provider20150607113045AM.dll
2015-06-07 09:28 - 2015-06-07 09:28 - 00000012 _____ C:\Windows\SysWOW64\0
2015-06-07 09:28 - 2015-06-02 18:30 - 00173056 _____ C:\Windows\Provider20150607102947AM.dll
2015-06-07 08:52 - 2015-06-06 03:35 - 00048776 _____ (StdLib) C:\Windows\system32\Drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys
2015-06-06 21:59 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files\shopperz
2015-06-06 21:59 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-06-06 21:59 - 2015-06-07 09:28 - 00000045 _____ C:\user.js
2015-06-06 21:56 - 2015-06-06 21:56 - 00003166 _____ C:\Windows\System32\Tasks\{94009A26-E385-43D9-8038-C2BCB1C5F3B8}
2015-06-06 21:42 - 2015-06-06 21:42 - 00003164 _____ C:\Windows\System32\Tasks\{DD056BAA-C3D0-4C4B-9E90-013A9749C33D}
2015-06-06 13:25 - 2015-06-26 10:19 - 01133044 _____ C:\Windows\system32\CFG3294181778
2015-06-06 13:23 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\tor
2015-06-06 12:25 - 2015-06-06 12:25 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nsw5FF0.tmp
2015-06-06 12:24 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\Registry Helper
2015-06-06 11:17 - 2015-06-06 11:17 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-06-06 10:44 - 2015-06-06 10:44 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\One System Care
2015-06-06 10:40 - 2015-06-06 10:40 - 00000000 ____D C:\ProgramData\DesktopSearch
2015-06-06 10:30 - 2015-06-10 10:36 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-06-06 10:30 - 2015-06-08 10:36 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-06-06 10:30 - 2015-06-07 14:31 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-06-06 10:30 - 2015-06-07 10:36 - 00002834 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-06-06 10:30 - 2015-06-07 10:36 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-06-06 10:30 - 2015-06-07 10:36 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-06-06 10:28 - 2015-06-06 10:28 - 00613255 _____ (CMI Limited) C:\Users\Kavapalu\AppData\Local\nst6892.tmp
2015-06-06 10:28 - 2015-06-06 10:28 - 00000000 __SHD C:\Users\Kavapalu\AppData\Roaming\AnyProtectEx
2015-06-06 10:16 - 2015-06-06 21:40 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-06 10:06 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\SmartWeb
2015-06-06 10:06 - 2015-06-06 10:06 - 00004052 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-06-06 09:55 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Local\032B0290-1433584534-0539-E106-810700080009
2015-06-06 09:52 - 2015-07-01 14:19 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009
2015-06-06 09:51 - 2015-06-06 09:51 - 00000000 ____D C:\Users\Guest\AppData\Local\Crossbrowse
2015-06-06 09:51 - 2015-06-06 09:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\Crossbrowse
2015-06-06 09:51 - 2015-06-06 09:51 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-06-06 09:44 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\kcpoohnmeengjfjimiocppcmadljgbbf
2015-06-06 09:44 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\16028421469776790400
2015-06-06 09:44 - 2015-06-06 09:44 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-06-06 09:43 - 2015-07-01 14:19 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-06-06 09:43 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files (x86)\Priceless
2015-06-06 09:43 - 2015-07-01 14:19 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-06-06 09:43 - 2015-06-06 09:43 - 00000000 ____D C:\Program Files (x86)\app_setup
2015-07-03 14:15 - 2013-06-03 15:52 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-07-03 14:15 - 2013-01-09 20:07 - 00000424 ____H C:\Windows\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9}.job
2015-06-29 22:37 - 2015-05-07 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-06-29 22:36 - 2014-05-14 16:59 - 00000000 ____D C:\Users\Kavapalu\AppData\Roaming\Browser Extensions
2015-06-07 02:02 - 2014-07-12 09:51 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-06-06 13:22 - 2015-05-07 22:04 - 00000000 ____D C:\Users\Kavapalu\Documents\ProPCCleaner
Task: {277E298D-1D90-4EE8-9FBA-DAA49C7771D1} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {391F01BE-0B86-420C-8134-60E017922AAF} - System32\Tasks\{DD056BAA-C3D0-4C4B-9E90-013A9749C33D} => pcalua.exe -a C:\Users\Kavapalu\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=amt
Task: {4D6585FD-36C1-4198-A8BF-5A02F194C894} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {63A71AA2-BF3E-4C6B-9B1C-46B89C556934} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Kavapalu\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {7216F8F8-8B2F-4380-9A3B-C964851AC2C9} - System32\Tasks\{D460FE0E-FC5D-496E-BBA1-06DB649B9CED} => pcalua.exe -a C:\Users\Kavapalu\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=pjr <==== ATTENTION
Task: {7E8F0060-3957-435B-843F-0215FFF6B962} - \RocketTab No Task File <==== ATTENTION
Task: {9C2A9D79-288A-4BFC-BE66-52A9FC0CE2CB} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {9E245820-3DBA-4374-A7B7-87D0C427DBBB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {AA98DCA9-1B52-49E9-B8A5-103B6BC56C5B} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {AF98B5DD-5275-487E-B4DA-DDF64F2BBCEF} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {CEC4B81C-AFEB-452E-983F-35316BE19FB9} - System32\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9} => C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe [2012-09-20] () <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{31171438-2541-4650-9B31-1FEE14008209}.exe <==== ATTENTION
Task: C:\Windows\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9}.job => C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exeK/schedule /profilepath C:\ProgramData\Premium\ContinueToSave\profile.ini <==== ATTENTION
C:\Program Files (x86)\AskPartnerNetwork
C:\ProgramData\Premium
C:\Program Files (x86)\MiuiTab
C:\Program Files (x86)\PriceLEss
C:\Program Files\shopperz
C:\Program Files (x86)\Lyrics
C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009
C:\Windows\Provider
C:\ProgramData\WindowsMangerProtect
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_au_319 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon => value removed successfully
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"C:\PROGRA~2\SupTab\SEARCH~2.DLL" => value data removed successfully.
"c:\progra~2\suptab\search~1.dll" => value data removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}" => key removed successfully
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}" => key removed successfully
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => key not found. 
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
"HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => key removed successfully
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found. 
"HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
"HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{36F24AAC-F7DC-4C56-ADAB-7BD6D4ED9BB9}" => key removed successfully
HKCR\CLSID\{36F24AAC-F7DC-4C56-ADAB-7BD6D4ED9BB9} => key not found. 
"HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45181BA8-CCE0-48F4-8C39-26FF2543938F}" => key removed successfully
HKCR\CLSID\{45181BA8-CCE0-48F4-8C39-26FF2543938F} => key not found. 
"HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}" => key removed successfully
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => key not found. 
"HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => key removed successfully
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found. 
"HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F4552911-7267-4D59-9A51-15E52E9AAD95}" => key removed successfully
HKCR\CLSID\{F4552911-7267-4D59-9A51-15E52E9AAD95} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71CBADA6-DE75-43F0-A300-FBA60F9CB6B2}" => key removed successfully
"HKCR\CLSID\{71CBADA6-DE75-43F0-A300-FBA60F9CB6B2}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71CBADA6-DE75-43F0-A300-FBA60F9CB6B2}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{71CBADA6-DE75-43F0-A300-FBA60F9CB6B2}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found. 
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. 
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] => moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{c3357769-3570-481c-9554-97865d9054e4} => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{c3357769-3570-481c-9554-97865d9054e4} => value removed successfully
C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlbemabjbfhjcccahjioenmkgimjbbkd => moved successfully.
C:\Users\Kavapalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco => moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop" => key removed successfully
C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx => moved successfully.
"HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Google\Chrome\Extensions\elommhojblmkninghaiajeijoinkihmk" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\elommhojblmkninghaiajeijoinkihmk" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jnikkfemnfogahcandhlchoengjbeaij" => key removed successfully
APNMCP => Service stopped successfully.
APNMCP => Service removed successfully
cybusyro => Service removed successfully
dequzody => Service removed successfully
IHProtect Service => Service removed successfully
UpdateDustTool => Service removed successfully
vToolbarUpdater18.1.9 => Service removed successfully
WindowsMangerProtect => Service removed successfully
e81a9dc1 => Service removed successfully
{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64 => Service stopped successfully.
{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64 => Service removed successfully
BS3294181778 => Service removed successfully
cherimoya => Service removed successfully
innfd_1_10_0_14 => Service removed successfully
scfd_1_10_0_16 => Service removed successfully
"C:\Windows\system32\DB3294181778" => File/Folder not found.
C:\Windows\System32\Tasks\{DC255792-3B22-48D8-BC2D-1994557E1F68} => moved successfully.
C:\Windows\System32\Tasks\{AE32A931-FFE4-4EB6-9B45-25CF835AED43} => moved successfully.
C:\Windows\System32\Tasks\{7D2547B7-D93F-4A74-A23F-39C67928A862} => moved successfully.
C:\Windows\System32\Tasks\{4F219862-A8AE-4732-958B-9A9F4AB1C545} => moved successfully.
C:\Windows\System32\Tasks\{3348B5F1-5EA0-4B6D-BD3B-FE3E45062FED} => moved successfully.
C:\Program Files (x86)\AnyProtectEx => moved successfully.
C:\Users\Kavapalu\AppData\Local\nsz3768.tmp => moved successfully.
C:\Program Files (x86)\Infonaut_1.10.0.14 => moved successfully.
C:\Users\Kavapalu\AppData\Local\nslB3AB.tmp => moved successfully.
C:\Program Files (x86)\Bin => moved successfully.
C:\Windows\Provider32 => moved successfully.
C:\Windows\Provider => moved successfully.
C:\Windows\Provider20150607153412PM.dll => moved successfully.
C:\Windows\Provider20150607143339PM.dll => moved successfully.
C:\Windows\Provider20150607133242PM.dll => moved successfully.
C:\Windows\Provider20150607123144PM.dll => moved successfully.
C:\Windows\Provider20150607113045AM.dll => moved successfully.
C:\Windows\SysWOW64\0 => moved successfully.
C:\Windows\Provider20150607102947AM.dll => moved successfully.
C:\Windows\system32\Drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys => moved successfully.
C:\Program Files\shopperz => moved successfully.
C:\Program Files (x86)\GUPlayer => moved successfully.
C:\user.js => moved successfully.
C:\Windows\System32\Tasks\{94009A26-E385-43D9-8038-C2BCB1C5F3B8} => moved successfully.
C:\Windows\System32\Tasks\{DD056BAA-C3D0-4C4B-9E90-013A9749C33D} => moved successfully.
C:\Windows\system32\CFG3294181778 => moved successfully.
C:\Users\Kavapalu\AppData\Roaming\tor => moved successfully.
C:\Users\Kavapalu\AppData\Local\nsw5FF0.tmp => moved successfully.
C:\ProgramData\Registry Helper => moved successfully.
C:\Windows\SysWOW64\Number of results => moved successfully.
C:\Users\Kavapalu\AppData\Roaming\One System Care => moved successfully.
C:\ProgramData\DesktopSearch => moved successfully.
C:\Windows\Tasks\APSnotifierPP3.job => moved successfully.
C:\Windows\Tasks\APSnotifierPP2.job => moved successfully.
C:\Windows\Tasks\APSnotifierPP1.job => moved successfully.
C:\Windows\System32\Tasks\APSnotifierPP1 => moved successfully.
C:\Windows\System32\Tasks\APSnotifierPP3 => moved successfully.
C:\Windows\System32\Tasks\APSnotifierPP2 => moved successfully.
C:\Users\Kavapalu\AppData\Local\nst6892.tmp => moved successfully.
C:\Users\Kavapalu\AppData\Roaming\AnyProtectEx => moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\Users\Kavapalu\AppData\Local\SmartWeb => moved successfully.
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task => moved successfully.
C:\Users\Kavapalu\AppData\Local\032B0290-1433584534-0539-E106-810700080009 => moved successfully.
C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009 => moved successfully.
C:\Users\Guest\AppData\Local\Crossbrowse => moved successfully.
C:\Users\Administrator\AppData\Local\Crossbrowse => moved successfully.
C:\Program Files (x86)\Crossbrowse => moved successfully.
C:\ProgramData\kcpoohnmeengjfjimiocppcmadljgbbf => moved successfully.
C:\ProgramData\16028421469776790400 => moved successfully.
C:\ProgramData\IHProtectUpDate => moved successfully.
C:\ProgramData\WindowsMangerProtect => moved successfully.
C:\Program Files (x86)\Priceless => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
C:\Program Files (x86)\app_setup => moved successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => moved successfully.
C:\Windows\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9}.job => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader => moved successfully.
C:\Users\Kavapalu\AppData\Roaming\Browser Extensions => moved successfully.
C:\Program Files (x86)\globalUpdate => moved successfully.
C:\Users\Kavapalu\Documents\ProPCCleaner => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{277E298D-1D90-4EE8-9FBA-DAA49C7771D1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277E298D-1D90-4EE8-9FBA-DAA49C7771D1}" => key removed successfully
C:\Windows\System32\Tasks\ProPCCleaner_Start => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Start" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{391F01BE-0B86-420C-8134-60E017922AAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{391F01BE-0B86-420C-8134-60E017922AAF}" => key removed successfully
C:\Windows\System32\Tasks\{DD056BAA-C3D0-4C4B-9E90-013A9749C33D} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DD056BAA-C3D0-4C4B-9E90-013A9749C33D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D6585FD-36C1-4198-A8BF-5A02F194C894}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D6585FD-36C1-4198-A8BF-5A02F194C894}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63A71AA2-BF3E-4C6B-9B1C-46B89C556934}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63A71AA2-BF3E-4C6B-9B1C-46B89C556934}" => key removed successfully
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7216F8F8-8B2F-4380-9A3B-C964851AC2C9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7216F8F8-8B2F-4380-9A3B-C964851AC2C9}" => key removed successfully
C:\Windows\System32\Tasks\{D460FE0E-FC5D-496E-BBA1-06DB649B9CED} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D460FE0E-FC5D-496E-BBA1-06DB649B9CED}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E8F0060-3957-435B-843F-0215FFF6B962}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E8F0060-3957-435B-843F-0215FFF6B962}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9C2A9D79-288A-4BFC-BE66-52A9FC0CE2CB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C2A9D79-288A-4BFC-BE66-52A9FC0CE2CB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab Update Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E245820-3DBA-4374-A7B7-87D0C427DBBB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E245820-3DBA-4374-A7B7-87D0C427DBBB}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP1 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA98DCA9-1B52-49E9-B8A5-103B6BC56C5B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA98DCA9-1B52-49E9-B8A5-103B6BC56C5B}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP3 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF98B5DD-5275-487E-B4DA-DDF64F2BBCEF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF98B5DD-5275-487E-B4DA-DDF64F2BBCEF}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP2 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CEC4B81C-AFEB-452E-983F-35316BE19FB9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEC4B81C-AFEB-452E-983F-35316BE19FB9}" => key removed successfully
C:\Windows\System32\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9}" => key removed successfully
C:\Windows\Tasks\APSnotifierPP1.job not found.
C:\Windows\Tasks\APSnotifierPP2.job not found.
C:\Windows\Tasks\APSnotifierPP3.job not found.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job not found.
C:\Windows\Tasks\ContinueToSaveUpdaterTask{5D9B37DB-DE3B-4E6F-96D5-2F5C5083CFD9}.job not found.
C:\Program Files (x86)\AskPartnerNetwork => moved successfully.
C:\ProgramData\Premium => moved successfully.
"C:\Program Files (x86)\MiuiTab" => File/Folder not found.
"C:\Program Files (x86)\PriceLEss" => File/Folder not found.
"C:\Program Files\shopperz" => File/Folder not found.
"C:\Program Files (x86)\Lyrics" => File/Folder not found.
"C:\Users\Kavapalu\AppData\Roaming\032B0290-1433548335-0539-E106-810700080009" => File/Folder not found.
"C:\Windows\Provider" => File/Folder not found.
"C:\ProgramData\WindowsMangerProtect" => File/Folder not found.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
========= End of Reg: =========
 
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2443050622-1473135098-2417645833-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {3B199A6D-521E-4DE8-AA7E-BCE0A8CEA249}.
Unable to cancel {DB45046A-B03D-4CAC-B164-17AD30568F07}.
{895D560F-7A7F-401A-B05D-FCF0348D6A61} canceled.
{44FD2CDC-F4C4-4628-B48A-0921F6C6A6E0} canceled.
{7924C7F8-841C-4C0A-9E35-564B775596BA} canceled.
{B1A96A0A-2A20-4B3E-A335-8426073B1B3A} canceled.
{0984F106-6899-4552-A442-C59DB05D7823} canceled.
{CEAD8CEA-17E6-4288-99AD-17894F554ED4} canceled.
{B2CE9A55-A2A4-4849-89B7-C852755E38B8} canceled.
{20490B75-C468-4487-97B7-D6B9FD02EC0B} canceled.
{F5DF8B0F-1906-46A7-A949-6734A235C81D} canceled.
{58A68EC3-285F-4927-8244-D0371C830969} canceled.
{CF52B03E-E3A3-4E60-902C-A8262F98E142} canceled.
{3E3A8741-DAB8-4B94-B8E7-0F774EEFB632} canceled.
{E7853501-21BF-409B-A71E-355B8216F7A0} canceled.
{C8508456-6306-4053-80DA-2626BE6FDEE0} canceled.
{1C701CFA-A151-4248-9C99-19EC936AF2EA} canceled.
{E3F12585-77AA-476B-AD61-B8224C753C04} canceled.
{9CAF4043-2F2C-4594-A1A6-2005B2885F01} canceled.
{4EC812E1-9305-49F5-879D-22F65B9085F9} canceled.
{712732D7-C2E6-41EB-B8AF-B36992026AF5} canceled.
{B59EA3AE-24C0-42B7-9752-ED55CDF7808F} canceled.
{2446AD6A-A1E9-462D-AAF0-5EABE4AE84B0} canceled.
{C380FA03-2CCE-446E-B3D6-41D40430129E} canceled.
{BCF98FF9-15BA-4E2E-BD50-A006BDAA1F05} canceled.
{264C96E0-B155-4003-8BD6-46EE1684D8AB} canceled.
{1C04D475-25BA-4F25-949E-EC9854382514} canceled.
{E2A5FCD4-3757-43E4-A5D8-472631C28CE2} canceled.
{1D16388E-F097-4151-972A-6C01A237FCA1} canceled.
{E80E3FB0-6545-4581-AE73-3AA68FB1751A} canceled.
{162A9274-5AF3-439B-AC1E-24775C8C10DE} canceled.
{83249A23-242D-426C-BFA3-63DF3F838927} canceled.
{84D75A8E-5C3F-49A7-98DC-0F86BF3A27B8} canceled.
{E859EF47-BFEA-4481-B8A1-7E7088C08B04} canceled.
{C59D46D2-3F34-4F3B-B39D-1F8413A55BBA} canceled.
{5FC8AD7E-6978-4E64-906E-065D371BF063} canceled.
{5820A255-BC4B-45B5-B912-0597357E20CF} canceled.
{9B5B6AEE-A223-4DB2-B8B6-EA6BF1D640DE} canceled.
{1E349C8F-E3E1-4DD2-81F2-BE6ED5EE64B9} canceled.
{F1468191-824C-4F90-87BB-D493B062FF66} canceled.
{E1BFC5BB-1F0C-4A23-B366-95014F54195D} canceled.
{B1958932-529F-444D-89BE-8C030B188D61} canceled.
{CDD93B12-D0A3-4D40-8ED8-80735D1A0569} canceled.
{E7733A8C-149F-43D3-AF02-565480E527EE} canceled.
{9BB6D5F2-D373-4134-A1F7-8D0E84AA4979} canceled.
{EDD7C424-8434-4B58-A50C-AE41BDF95AF0} canceled.
{A04978B6-19CC-4CB4-9891-0A646256B498} canceled.
{AD7B9455-51BD-4BA6-97D3-195EFC900369} canceled.
{D6D0FB87-F79E-4662-A3D8-78F3D27D8A12} canceled.
{197F7EBB-70B7-47E6-B8DC-6608B33DE04F} canceled.
{EF58231C-5A72-4AF0-AA30-FD9835D21764} canceled.
{3F633B5F-936B-4250-997A-14794DBBDB48} canceled.
{E40FB97B-A896-47F5-939B-2B01021D9497} canceled.
{CF34FDFC-3801-450F-AAFE-54E798D86A73} canceled.
{663DA9F7-0CC9-4A6B-ACA1-C143DA866B94} canceled.
{AEA78B75-4FC2-4486-8CF2-62832CE9029E} canceled.
{C9F72E7B-0625-43C9-A83E-89FB3F5F32AF} canceled.
{BCC2B0D4-3D40-437E-854F-C2099CC4E20C} canceled.
{920F5039-34D7-4266-8DA3-1CC591DF3B3F} canceled.
{DDC724B5-434D-4BEC-A081-82725EEC80E7} canceled.
{0C0B782B-E710-4E1E-A5D1-6FE12C6D11F9} canceled.
{9D0BA62C-5432-4996-8E67-57AF10F568FE} canceled.
{E3823BEE-E17A-4F23-A758-69A79E7B8DBE} canceled.
{47EFDADA-CA68-4D65-97C7-560ED0642A0E} canceled.
{EF900890-2E83-43AF-985A-D39DDA43D52A} canceled.
{A9052546-90EA-4CEA-8643-8B1912918AC8} canceled.
{DF2C0A6B-731F-422C-B8F4-BCB41DC2CDDD} canceled.
{FBFC45AC-0AF9-4A82-BB7E-D1918739A061} canceled.
{AA8F8E83-C2BC-4906-BC44-363526813C93} canceled.
{244F5114-CAFC-48F5-AA26-310EC9DCA452} canceled.
{A98B5EBD-B0D8-4571-B2C4-7564204F106C} canceled.
{7D2F7FB8-6F57-4F59-AA7A-BFC235D7F2CA} canceled.
{2353FB7B-6A47-4CB3-AF16-E9D3649FC316} canceled.
{267C63C7-3A9B-47A6-A952-BF6CF5445A1C} canceled.
{104B66B4-7BFF-44A2-94EC-E1F52D86ECB7} canceled.
{86BE2E7E-7A36-45A3-9A68-3229E1D3E765} canceled.
{B3B7F2AE-BD94-4741-8A48-645D614C60F6} canceled.
{DC78CBF4-48D2-4B72-B2DA-87E1823F53D6} canceled.
{995844F2-F211-4DD3-89A6-3090D134EFF2} canceled.
{533F0B14-2E6C-46B7-9D62-358DE6A36B7D} canceled.
{4993A12A-D9F6-4E73-B927-1D9DA559F080} canceled.
{B1456C1E-E912-406D-9E3A-52BF831261F7} canceled.
{DB729BED-B1CB-496F-B683-5449624E5586} canceled.
{BD3FFC45-8287-4748-8B4C-5D91184AAAC6} canceled.
{3B39542E-02BF-4724-8761-FC5F5AB9D56D} canceled.
{F0B4A0F7-608C-4A9F-9F77-FB2ADAE633A5} canceled.
{F33E1BF2-D99D-4A2A-B79A-6672A74853A3} canceled.
{8A729BA5-42BB-4E3F-A374-86AD5B40E80F} canceled.
{F51E0EAF-F55A-47A2-9D01-86F092DAC555} canceled.
{D3A4F92E-6B68-4AC7-A76C-4DCAD988FE4F} canceled.
{6D8860C5-7B54-48F5-A15E-47E2DF720CE4} canceled.
{6544D5B4-C7FE-41C0-8DCF-87CD75C45405} canceled.
{EA4398C8-ED2B-4255-9405-788841F4B78F} canceled.
{6E01C2C6-2559-497E-B2D0-7607D8F04C64} canceled.
{C349169B-67D9-40E2-B8BA-DDBCBFFB894D} canceled.
{583D7E6E-1D67-49B9-A7CB-C3714E87D456} canceled.
{80D04E20-648E-44B9-B15A-8A64AAB52D66} canceled.
{64482389-D798-4163-AE2E-D6065A9589E5} canceled.
{F43B02F7-039D-4A1C-AEDC-BB712000CC76} canceled.
{1A6F7A63-5BDA-4DED-BCD7-D7A3AD412BBA} canceled.
{6DC711DC-F4D7-4757-8D08-2629D117DAD9} canceled.
{4C23B6E2-28BB-451C-9D3E-D063584BA4FC} canceled.
{B9F6E245-C996-4233-93F6-A09C43108CD0} canceled.
{A695E9C3-7B00-4A86-BCCF-4724A0EFE9AF} canceled.
{590EDC88-F1A8-4BF1-800E-A08566470001} canceled.
{1BCA983A-B4D7-4830-93E6-D11A1E2B3772} canceled.
{C463629E-F2E7-4384-9728-4D10ECE0C703} canceled.
{19AF44D0-0956-4472-AFB3-77EA5F9923F6} canceled.
{0DBEDBED-A165-410C-90AC-13602E2C6DF7} canceled.
{9D365CF7-CD62-4079-86AD-62FFA8EA3871} canceled.
{B821A445-03B8-4F55-8AD1-FE62470807B3} canceled.
{40D3361E-0E3A-439E-A44B-3485B2782F21} canceled.
{713B7CC7-340B-44B7-A6B2-499E17B18F16} canceled.
{84761609-99DC-4A98-8B19-2823E37804E7} canceled.
{378F74D4-5EB5-4B23-93E8-8476259848E0} canceled.
{0B262BAD-3CD3-495A-9A42-1C9C8007D115} canceled.
{AAA18651-B293-498B-A40B-2855312151C8} canceled.
{6F5EC433-33F5-4E0F-869D-FA2FDD30913A} canceled.
{32535E9C-E05C-4007-9E44-E6994A7BDCAD} canceled.
{B6401931-2BCB-4789-8BF9-1FCBA4B6C536} canceled.
{0599DA02-E58E-4388-B531-B9948146AAF0} canceled.
{C5391AD5-2A47-4087-9D0B-18B34C1296C9} canceled.
{3FC5B8B1-E0CB-4C29-82F7-C18F8E646B60} canceled.
{9999C2A8-BA36-4BF4-9557-599736EA195C} canceled.
{087FA5F2-ED87-4C3A-BB1B-82BD7E95BDE7} canceled.
{AAFFA34D-FA01-4513-9A17-D9CC2DA0CC02} canceled.
{8E359AC7-80DC-4F2D-9A65-36510112DCD0} canceled.
{849D4B29-8BAB-45DA-B609-583E9B93F836} canceled.
{D461D731-6346-4987-8FC1-4997C99D361E} canceled.
{41C4C555-8D3D-407B-8339-FA49659A9C67} canceled.
{B9532024-F0F1-4AC3-AE06-BC29BC65C6DD} canceled.
{54B62B06-411A-411C-8DD0-651A31E5360E} canceled.
{9F01CE2A-A426-4590-9D29-46D4AD5F18A6} canceled.
{A5821510-1ECC-45DA-9C64-BBBF718293BF} canceled.
{2D9FF334-3A50-419A-B5CD-8BB8A591AA04} canceled.
{18CCCB1B-B957-4894-ADAB-C34200A99ED6} canceled.
{F36BB48A-D391-428D-8A1E-EB439FEF7203} canceled.
{A516A3E5-C4DD-4745-ACBB-9F4B8FAD4015} canceled.
{69635A1A-0BD1-41C6-A372-8C5D317A3424} canceled.
{B3916165-8573-4103-92E8-DE62C3536422} canceled.
{0D14C9B3-3CE3-466C-B651-DEBEC733DCE5} canceled.
{47D3C4B4-27DC-4DB2-86F3-BBFD55AC1203} canceled.
{1A1E68B7-C35E-4C16-A9F0-DF94C0930E49} canceled.
{C819F72F-0527-4062-9E69-172FD0DCB70B} canceled.
{882EC605-7200-474D-B935-4DEA8EC63C97} canceled.
{8B55D0B4-FB86-4851-A2B9-5AF57F7AD2A2} canceled.
{16F14619-77E1-4A93-93FE-E4093DC775AB} canceled.
{49164062-4D83-40FE-A74C-F58E2BD1BA65} canceled.
{CD9D126B-9A32-4B2C-8429-F837415CEEB8} canceled.
{DF87910F-D952-4138-ACA0-0E5865A3DE34} canceled.
{827A3387-96B1-4AF2-BE4B-17DE5DBF8932} canceled.
{EB81855A-2BCE-406F-919A-9EB8CC90D521} canceled.
{4FA3F376-1056-4A41-8322-1BE1A3064344} canceled.
{21555CEF-1AD5-4BA4-9507-7BCE36AA6E90} canceled.
{B61D5DCE-1E7B-46E4-8C6E-6A229F88F7CA} canceled.
{298FE000-67A6-466F-BFC2-B5945BFDCE90} canceled.
{9E4CDCEA-89D0-4600-8E77-BD3933B7A0E6} canceled.
{BEA9BBDA-FC95-4761-80A5-21476823F7E2} canceled.
{8ED57F9C-0520-4A1F-AB43-0FAFF808ADDE} canceled.
{4BF5ED78-5765-4180-B213-66F03767E71B} canceled.
{861DEA7F-FC82-4D86-9191-8FABB2E67F73} canceled.
{1135381D-4CAF-49A2-9F71-AED440C1714D} canceled.
{FD397DEE-C537-48F0-AE4B-E6616DE862FB} canceled.
{25B1A63C-71E6-45FE-8E6B-94A337B928C4} canceled.
{0D3E969E-6F54-4FF5-B684-B90A7C8560CC} canceled.
{BB842854-9AAB-45A9-B66D-E4447F94309E} canceled.
{A99A27A5-307D-4662-9A5D-EBA28B4A14D8} canceled.
{02FAF733-0B92-40E5-832B-22B2DAC1AB1F} canceled.
{4015EBFE-FBD7-4103-B97B-FCEF3A97817D} canceled.
{52259C2E-09A0-48C9-81C3-0F90658444A6} canceled.
{32C94B2D-58D0-4EB9-8E21-F055C320E171} canceled.
{13CB9D2B-EBFE-4203-95AD-024F62357E09} canceled.
{A89DF450-09CB-4183-B607-5A8FAB7CA435} canceled.
{8F92068C-73D3-4875-A7D5-96FB85C01504} canceled.
{50ACDCE4-E58D-4E64-B811-8671A1FF86F3} canceled.
{7B9B7EB2-4F53-4C35-85C8-FE70F8347644} canceled.
{D613D487-848F-4583-AD3D-6B0D9720FCF7} canceled.
{50C3FB40-1682-4C98-A0E4-D2084F3B119D} canceled.
{A8105861-5864-4C5E-8185-FA588CE6C2B2} canceled.
{91543BDA-CF41-492C-B5C4-67515794963E} canceled.
{8422A97A-4FB6-44E6-88C6-54B68E001097} canceled.
{D0866D5B-B363-4B87-A104-CEC21CC97162} canceled.
{F617A12C-99BF-4D11-A63F-D4CC7B08288E} canceled.
{3C99A7E9-D800-478C-8CBD-6A88C437DC9F} canceled.
{2B2A2151-462D-482A-86FE-041D32838A77} canceled.
{9A868228-5215-40DE-98DD-5F0A84E08A07} canceled.
{C951F158-A8A1-4EDA-9CC4-1B0FD9270948} canceled.
{A3678258-7F20-4E36-96DF-9F7E249FD0FF} canceled.
{88535228-6521-4851-A517-0516067404FA} canceled.
{B19D9A90-B9E3-4168-B75E-B344996929AC} canceled.
{5BF4E42D-6A92-4653-96CE-94AFC49A51FA} canceled.
{84379AAD-3521-489C-B2C8-701438AF7AAD} canceled.
{A07FF948-A862-48D1-8E55-B4113335A95D} canceled.
{A6405DDD-5988-481B-A3BE-3E56334B588C} canceled.
{40255C18-B44B-4C44-956C-B6BEB7574A0E} canceled.
{4CA577FB-658E-48F2-B7CF-20C12F7C258D} canceled.
{D5914C4F-13B4-4184-8D7F-B79FDDE58180} canceled.
{7A98FE1A-CDDE-4F8E-9A25-7AFABC28210A} canceled.
{FC9DBEBA-95E9-4EFB-9EFC-D5E01B7A5234} canceled.
{6AE642FE-9DC0-402B-AE25-91848077BFDA} canceled.
{9B7729AA-415A-43E4-AF15-E84C83BE6F27} canceled.
{331F590D-FA90-4F07-985E-B3BDE8F3DFCA} canceled.
{1152A167-9CFA-4DFC-ABDD-FA0CDFA7B98E} canceled.
{E559A96C-BADF-438D-A749-B6180FE03BCA} canceled.
{AEEFC6CC-15A1-428C-88A5-A8E10F029677} canceled.
{FE94B839-2DC1-4364-B9E7-FC5F04D7F5AD} canceled.
{E73B55BE-71BC-47A6-ACDD-E2F743B8D317} canceled.
{AF7E272F-1879-450E-B76A-3562E7A78926} canceled.
{0D632B55-291E-4D1F-B39A-7EE6676D5F7E} canceled.
{F4A1B8DF-25DC-4E89-9BD8-E9FC6CF1C0F7} canceled.
{F9DD3B1B-324F-427D-8365-B47730E0C862} canceled.
{11D847DC-0CE0-4D6F-B211-305DCBDAAD05} canceled.
{73970667-ED66-47BD-B1A8-C75B78149AB8} canceled.
{2512BDDB-A8AD-46A4-B1A9-5EF3065909D4} canceled.
{0CBEF3E9-8E5A-4C50-8AFF-5916FDD2CD84} canceled.
{7DD43218-6EA0-4576-A701-1681538FC0A6} canceled.
{EEB2B61B-E1A9-4667-AB7A-0D5FDE1EE792} canceled.
{937D2FA2-36DC-4697-9713-A0D9151DAF41} canceled.
{9441E4AD-B9CB-48D0-9FB6-D70F18C79F96} canceled.
{5CAD07AE-01CE-463B-ADAB-B526C3C2E4E7} canceled.
{94AB0394-7894-47B1-93E8-42EB47623CB6} canceled.
{905C22E2-FDD1-46BC-B963-379DAF612580} canceled.
{CFF2596C-6449-4F34-809B-EEAC7D2C5C77} canceled.
{2E5226CC-3AC7-459B-9BC6-D96A703E9219} canceled.
{646DE4F9-7E10-49B7-B7F8-5B7F83C50F25} canceled.
{D0520DD8-19E8-4B2E-8EFA-E414FE730304} canceled.
{7ED482F3-9823-4506-95EB-C6B7EBD0F41D} canceled.
{30A23179-FC86-453C-83CC-0763A764A8DD} canceled.
{DB135D90-4716-43A3-8806-DFF1C9C3990F} canceled.
{AD21A9E5-D614-4871-8CFC-2CF78C03A375} canceled.
{415A810F-89AD-4E93-BBC2-E62F6545AFEA} canceled.
{B4F1270C-868D-4039-83BB-0D2DE2E80734} canceled.
{1B5AE153-76B7-4B55-8F8B-8C7F39FBD874} canceled.
{826C44E6-A2BD-4AC8-9C56-1A9539D133D0} canceled.
{A873D4CE-E4C7-4005-8D75-0A6E5ECA204F} canceled.
{5AD75FB0-1369-4920-AD7F-FFC9CA854B63} canceled.
{69AE589D-C49A-4D34-B635-EBA1438751B7} canceled.
{82C81C27-3C9B-496A-8609-11D049FCC58D} canceled.
{8A1D89A2-BFCF-4DBF-89EA-36FDEF54095B} canceled.
{0A0277D9-84F8-4212-92C1-BFF2449F1BF6} canceled.
{89765EFB-D80B-49CD-8F3C-ECDAF0E3E67D} canceled.
{3671BB93-E383-441D-9F8C-0A3240CC24F5} canceled.
{50EC4F7D-DC40-4E32-B643-6269A0BD48B2} canceled.
{755E415A-AD88-4D4E-90E5-578696D6065A} canceled.
{49EA659E-8815-4E36-A215-8980C8D8F6A4} canceled.
{5D48B5F6-F6FF-4816-B51E-1D8096E7945F} canceled.
{67E0D6AD-C8B1-4799-A8F1-E2721CCE3A0C} canceled.
{87E12686-0080-4063-8958-1CC0CA5F3FD8} canceled.
{CA749E2A-3C0E-499F-AB18-12F5C1CFD98E} canceled.
{F8B689B0-527E-4913-8C6B-4A1B028A1545} canceled.
{6234030F-CC39-4BD9-B267-52F7575008AE} canceled.
{6A143FA9-63AF-42CF-AAD7-9158A73CA329} canceled.
{A7676977-D060-49A5-8440-AE4350BB76BE} canceled.
{924FAA0F-45AD-42E1-B564-14D9658E4F09} canceled.
{4C01F276-90C9-44E0-94EA-DBDFD9AF1F38} canceled.
{121DD578-5552-4D4C-9144-8DC8F6A7047A} canceled.
{55E5CF28-5956-45E3-88A3-69187B84CC06} canceled.
{E41D4B81-BDC8-4B00-AB0B-3DDE9FE0E8A1} canceled.
{C460CE83-7636-49B6-BD01-95C15CB5D0A5} canceled.
{B149D7A9-CEDB-46DC-AE5C-6E36C311F3E1} canceled.
{7BE15CE4-DD33-4CC5-ADB8-F617710E6108} canceled.
{F4E6690D-962F-4E2B-8E48-88ADAC1B66AE} canceled.
{247AD4A1-D624-4F45-AEEE-0A4E34EA4AAF} canceled.
{D85B76D0-9BC8-42B4-B2DC-F56D00EB01CF} canceled.
{996F9C7D-B1BF-4E09-B218-321C3E0E3012} canceled.
{3B2881D4-DF4B-4316-99EA-02B218A411CC} canceled.
{626FD997-0A6F-4C49-B69B-AC8DF0994244} canceled.
{82255278-DAA2-4C3A-9562-19674C476F55} canceled.
{029CFF7D-E6D1-4002-A81B-01845E8CADD1} canceled.
{A94E1949-BFC7-474F-A012-0BE3FC413BBD} canceled.
{7AFC9B83-4015-440E-9855-619115BF5484} canceled.
{B1FF737B-1672-4446-92B0-BD1DBC520FF9} canceled.
{2B92FFC4-CE58-46DE-8745-A988919BBCDC} canceled.
{21C1432F-0AE5-4667-B321-77B260A4DDA3} canceled.
{37BE0E01-1706-420A-ACBF-2688FEC4F907} canceled.
{706CFDCD-50E1-4640-BF62-47EC6F00A17D} canceled.
{FAEFD3E4-A936-46C2-A748-ADA2CD7D4FB3} canceled.
{1DE92034-0D9B-4E66-AB35-9C000BD95BEA} canceled.
{4E99D4AA-6280-49D2-B794-D06F531C3F2D} canceled.
{2D907831-5CDE-4F28-983C-FC78B7035064} canceled.
{39087B84-BE34-486B-B19E-D820007D634E} canceled.
{1D73F0EA-A06A-40C1-B200-83F7B45F75F5} canceled.
{3B5C3D5F-2DE6-4474-BFB5-B7DE742DE713} canceled.
{94B9FC0D-3429-4874-AD2D-63D14F9EAA68} canceled.
{75E08B85-DCEC-4BEF-9704-09BE11342C5A} canceled.
{BB4EBEFA-378D-421B-BA1A-890E611A6716} canceled.
{B47C5C5F-C6E6-4BB2-BC65-09F108F43C79} canceled.
{7F15C5FB-9A0A-4557-9C3D-52440A1B9ABC} canceled.
{A0C104AF-56E3-4652-8F56-533049850312} canceled.
{70419533-43BE-42C9-A744-8DAB0663A844} canceled.
{DB2ED880-1F87-4F92-9EBA-343079229B39} canceled.
{C350B489-8F0B-400A-B5F1-EB9594B07467} canceled.
{EFBF40FC-30BC-4A69-B78E-64DC6BBFAEF5} canceled.
{78910DBD-25A1-4A71-BCD2-D12F94687763} canceled.
{F7E91AA0-9434-4ADB-83D3-EEB894F78921} canceled.
{7BF7DF29-7865-4878-98DA-F88DF62180F9} canceled.
{EE2AB917-0FEE-4A4D-A7D8-13435EAFAD97} canceled.
{994F3A87-0A5A-4437-8831-0CA75D528BE8} canceled.
{481CD793-EB95-49D4-A4FC-109843D6C9A9} canceled.
{059F2583-1519-4559-BBE1-C2036CEB4D2D} canceled.
{C00BAB8B-FC98-4CAD-953F-F8AFCA924167} canceled.
{677524E1-1975-4CF3-9F6E-12E931CEA1E5} canceled.
{E2D49FE9-475B-4383-8C20-C9511F29BE33} canceled.
{292FDD38-A068-419A-950D-74A7D1FE58DA} canceled.
{967A8E6D-D18D-40EF-87CF-023973803EB2} canceled.
{60109E61-5800-4283-94E9-0B6DB7CABE72} canceled.
{92AEFD8E-B171-41B3-B6B2-05271C5CD0B7} canceled.
{128BE79C-55DF-4C20-8B4B-6C21DEC790FA} canceled.
{D91CBA3D-5B0F-4910-A267-D15017E300FE} canceled.
{3ADA5A69-F302-4C8E-9C06-0D50ED72FC19} canceled.
{8FBD5F08-FFD2-46CA-B840-DF2824EBA566} canceled.
{D045EF52-E220-4211-BED2-58B56FC2F54E} canceled.
{CABD35D7-F129-49C0-956E-E4E4F9DADD49} canceled.
{29AEE1FC-2BEB-4672-9DAC-D339BB39CD51} canceled.
{0BD05822-5418-40BF-8930-B2DB0018AF1A} canceled.
{FEB95F7E-2D01-425C-838F-409C2639954E} canceled.
{333A6FFE-B832-474D-AFFE-34ACCC4B8A04} canceled.
{E6035D57-292D-4C65-B998-BA45D03500EA} canceled.
{61251C32-3C4D-4F61-9DBB-C54B7085D0C0} canceled.
{3A89C1AA-43F9-42AF-9473-2D684FE587BF} canceled.
{186F2230-4137-468B-8BF2-73F4E5E27547} canceled.
{6DFD0D3F-6AF5-482F-83CA-CBA27F9E1A84} canceled.
{766A93A7-5145-4C33-976C-C007FA26176F} canceled.
{2C62F7CD-EA04-408E-A7CC-254F886D6644} canceled.
{ACAB4EC2-2C8E-4EEF-B582-8F9B027F4722} canceled.
{2DDC90F2-ECF6-4A3F-A1B8-D5D6E65A4BB3} canceled.
{C204F826-4084-4B1B-9684-98791B82F556} canceled.
{0B2DA8D5-6CEC-499F-B442-ED2C972AE39D} canceled.
{7D5307A1-B867-4307-B5B7-42BE6BD3E402} canceled.
{B791D0BF-DE6C-4335-BA52-26AEE1B537CB} canceled.
{D9731BC4-AEAB-41E5-BC36-9BD3270557EC} canceled.
{510B8459-C336-464C-B44B-830647D23F9F} canceled.
{BAB9C363-49C9-494D-8916-2BD4865B5929} canceled.
{BDE0AE45-57D1-4479-98D0-92276E87016D} canceled.
{D6E473B0-E473-4B44-B0C0-AF935EE31521} canceled.
{C7257922-C406-4623-AEC6-0A382F63C92E} canceled.
{5757AAAC-A1C0-4969-BC1B-07E8E31ED7BB} canceled.
{E1BEF72B-4B79-4E1F-B73A-F13C982F13EB} canceled.
{3C4838C1-8095-467C-8786-4C83301A4311} canceled.
{2A9A5758-9CFE-4F47-B25D-A361C6F85156} canceled.
{3DD92C24-5920-4328-92C8-4FD695D40B80} canceled.
{F5406F11-076D-4063-9538-F671ED48C647} canceled.
{F1664A61-4CD9-405D-AB5B-6F2ABFC17B47} canceled.
{DE0702C1-3762-4013-A09D-C5F3B4285495} canceled.
{EC3F1F7A-CC00-4715-BDD3-F0E3918E96DB} canceled.
{FFA46759-F9AE-427D-89E2-E63C9DBC7F86} canceled.
{3374E4CF-F1E2-45A2-81BD-972DA20528BE} canceled.
{37D63C2E-9A51-4564-ABAA-4A8A2AB10F5E} canceled.
{AFB89D5E-679E-40D3-9FF4-03975994C070} canceled.
{A74C1B28-F1ED-44E8-B93F-8514B4033619} canceled.
{C8DA1A7F-856F-43C0-8B0B-F7AF7197C400} canceled.
{EDB83B4B-9A3C-4B16-BA29-5A5EF912CADA} canceled.
{D9C36485-F3E8-43D6-BA56-74E6B1057568} canceled.
{8CFF8B45-4FD1-44D1-BEEE-9F2CA0A72F64} canceled.
{4BBEC2C5-040E-49F7-920B-756AFB43FCC3} canceled.
{30885EA6-2CED-415F-B4A6-CC4521B30148} canceled.
{A6D1C5D2-8DCA-4F35-81E8-8F18542543C5} canceled.
{9AD14821-5A50-4652-8435-6BADDD74B866} canceled.
{7C335F06-77DC-487C-82D0-83F02A752F2F} canceled.
{C3C70E5C-4525-47DD-A919-28B535D2CB94} canceled.
{92F793C8-0D1E-457B-831C-153E2830EDC5} canceled.
{84CE1102-F857-46F2-B619-DB023299D7E9} canceled.
{9698891F-FEC0-4BC0-8B99-74EE92F108D4} canceled.
{2E9F2B64-3F98-41B3-A916-133B487FF1FA} canceled.
{D24BCB67-EC29-4655-B7DC-A79826EA9226} canceled.
{96A919F0-2E40-456D-9C8C-19034F5C4E68} canceled.
{E719F4DB-0479-4BCA-B3A2-54F3C06141B1} canceled.
{B94A537F-0F12-4531-9B77-F0B3CE663D2E} canceled.
{A4A2703B-DC07-4628-A3D8-E3291E907F95} canceled.
{03C9625F-F8EA-4528-9455-4CC4EB78A5F2} canceled.
{D447EA22-5D67-41F6-AE9D-D91BEA1F32C1} canceled.
{25BB8871-F999-4D35-AF69-C18B3A487C01} canceled.
{A1882940-0E4B-4737-8D7D-BF0D2B26164B} canceled.
{030124A0-7087-45CB-9B0B-476DE6371AD9} canceled.
{828228BE-76E9-4A39-8E02-A7788D2CCB7D} canceled.
{94FDD425-8C84-43D6-9B70-BC37B4FFC08B} canceled.
{A8F70A75-A7DF-4809-B4F2-18A8868F016A} canceled.
{4863BB40-77B5-420B-8E4B-8C70919A6AB8} canceled.
{76444296-BCB2-4D5E-9C29-1FA3BE03F973} canceled.
{5A6AAF37-9504-4C21-AAA3-92A97205E3E0} canceled.
{247437CF-7656-4491-A2A0-11083ADE5596} canceled.
{E2C2FF35-BB2A-4ED0-97B0-4DDD5BF53DFD} canceled.
{7348BCDD-006E-4686-ABB3-4E00B0B70457} canceled.
{362DF9AD-A0AD-4212-ACBB-5CE2819AF1E0} canceled.
{5C9CD203-663A-4A74-850C-8410B7CD5B2B} canceled.
{9FA89BB3-7238-479F-ACA4-A715D5BED175} canceled.
{168A6174-BDD5-4A54-BB1F-3108984F93D8} canceled.
{AEAC3073-7CA2-4623-85BB-72326401F231} canceled.
{9C3507AF-DB4D-4A80-83A6-D31BA8205FB7} canceled.
{1E5751E8-7B68-488A-B4F8-1E8ACC81F9AB} canceled.
{7808827D-90BF-4B6A-8332-DC9E46EF0B07} canceled.
{C0E9AA0E-B752-42E8-BC14-0936BF7422DD} canceled.
{30FDB9A1-C478-4A6F-B3F0-EAE3A22F2B55} canceled.
{F0A90492-D9AB-4E29-BFCE-C8D376E740C9} canceled.
{F7CD663A-E7A4-4B3D-8EDE-EA9B53782310} canceled.
{0C6C9067-7568-48D4-AC26-E3ABEA675509} canceled.
{53A7F698-5F37-47E8-97D9-365570B341D1} canceled.
{ABC87C09-5952-47E9-B03D-601229404796} canceled.
{7129A2CC-149D-4560-A2C3-9E2712DB3F74} canceled.
{49BD753A-63F8-4521-949A-D85647658C5A} canceled.
{F3E6D21D-58EE-4297-99D5-FD9A22B03DE5} canceled.
{605ADDBC-ECD8-4C66-97F0-604149854F3B} canceled.
{23AAA754-6364-4277-BA39-79DCAD315EB6} canceled.
{AFA7A5D6-D172-4E54-BFC2-30893EB5AA26} canceled.
{4FD4F165-0E42-4FFE-9BA0-644BE2D7A98A} canceled.
{E6F3D76F-9C3B-4EEF-8A97-17A60084C92D} canceled.
{CE583785-9DBB-4E9D-927F-C8C490ADC73E} canceled.
{DE6132FF-C07D-4022-8FC6-2E8BCCAE8C6A} canceled.
{4193BE32-121F-4D85-844D-C617D2E97061} canceled.
{D85BCB71-AEDE-4E8E-B858-3BEA59A7C0F6} canceled.
{B27D7DEA-2674-4325-820E-2BCD8832088B} canceled.
{03C54898-B81C-41FB-828C-681E3FBD51E8} canceled.
{B191B5CE-5D5F-4013-AE73-B5502B1FF23B} canceled.
{2A1844DA-64AA-43CE-8AA6-6582BC3E1CE9} canceled.
{17A927A4-A41C-4E4C-82E8-FCD0A5F2105F} canceled.
{1F6D7B58-E9B7-47D0-81CD-B3827EF53BBA} canceled.
{0EBE70C6-F2AF-40AB-B3BB-87B99BA0F9AC} canceled.
{92F15090-5D15-45B2-A0EA-060860C43FA0} canceled.
{018911E6-41AE-4D22-8394-6A3EA505EE45} canceled.
{5F6DF0AD-7E4B-4843-85D1-22F1D38CCC1D} canceled.
{6A6F5FCD-3ADF-448B-84B8-6D7FA346041A} canceled.
{B00897E0-A8D6-474C-9232-65CE7B7EB16D} canceled.
{F7375215-B6DB-4B8B-B4F6-F3B1E12DBF83} canceled.
{DA14A08A-DDC9-4AC0-8489-7BDBD822D80A} canceled.
{615B353C-5A22-431B-ADEC-E4F8D076ACC1} canceled.
{CEBC9342-FD08-40AC-B867-FDF4AD25D86C} canceled.
{B8670496-8435-40D4-AF46-AB6C131AC227} canceled.
{3342B083-8BC0-4848-9525-C17F26411EF5} canceled.
{DFC45972-90E0-48B9-A9D7-F234D160E38D} canceled.
{890B0658-6541-469D-8CDA-23145EA9325E} canceled.
{1FA9FF0A-C3F4-4926-8320-4EF24F42C13D} canceled.
{D5C7ED10-74AA-497C-9A05-AA4FDFCD2D7F} canceled.
{CAA3E9CB-0AA5-4279-86C3-AB9DEF127C5A} canceled.
{80C7C12D-97F6-4D7A-AE52-EED905778099} canceled.
{4B3D9685-88B5-49CC-AE73-024E5DF817C4} canceled.
{20523A4C-044E-4AA9-8D26-94DD2CF66372} canceled.
{B41A3870-E5F5-4B31-80B7-6476BCE0FD0E} canceled.
{3F9F062E-A1F7-4F8A-BB93-E1E755F94F75} canceled.
{F823FA02-E94B-407A-BB44-6F535EAE7CCA} canceled.
{09EAF13A-B4B5-4171-9621-E1A9B2DD183E} canceled.
{23DFEA2F-A2BE-4BA7-8883-6370DEF488AF} canceled.
{0934DD76-15FA-4110-AF1F-10008D399EEB} canceled.
{311EEC28-5047-49CB-ABBE-A01C5001F28F} canceled.
{9E4A2980-FE2E-485C-8A38-28EE17DF8F87} canceled.
{E32A401C-A116-4305-BBA9-A6B0311FAE16} canceled.
{58D6B5BD-B0F7-4FB8-9094-BC640CD2C1CD} canceled.
{754BC641-E62D-45A3-92A9-63D16F0A6869} canceled.
{DF4EE833-12CE-4BBB-AA64-0F86CDB68FE7} canceled.
{CCCA4DF4-8617-4862-9E67-60E9EEB08106} canceled.
{9F77ECE9-0FD9-4D81-8C11-A5558BBB2A97} canceled.
{C4CBAFA6-6C94-424E-9EBE-B7B299A4C288} canceled.
{9B7C10FE-3ED2-407B-9BF8-DE65B057D1C2} canceled.
{FEDCF439-4D02-41C2-965A-4003F13762C6} canceled.
{497E531C-1A52-4148-864A-C6A45B1D2B8E} canceled.
{A2D7C8CA-88C8-4588-A940-C025F21D34C8} canceled.
{F5BFBEB4-EB3D-4236-B051-7DE0A9EA28D1} canceled.
{64C4C258-A92F-446D-A777-6F357B76F1AE} canceled.
{36425BD0-DAC4-4EC7-8A83-7D3423939D49} canceled.
{F425A569-D8B5-485A-A95D-0E933906B23E} canceled.
{3AE6975E-5842-411C-B161-44CDFD709F55} canceled.
{FDBAE832-5942-44E1-9185-3080123F3CC9} canceled.
{0C1CAD8F-5E40-43B4-8F35-FB1F903FB0AB} canceled.
{50257D03-1BE4-4460-90D3-0567E10174F0} canceled.
{EB77492C-3686-4F77-88CA-5898A3AD0CB9} canceled.
{D72CB6A0-B486-4049-AFEE-01D914E3DAB1} canceled.
{50C6B4B1-B353-4411-80DB-A5EDDFD30D14} canceled.
{8D64BEA3-1F43-48DD-975B-C701F307B581} canceled.
{4F7FF54C-FB6C-4DFD-90BF-5870225BEA25} canceled.
{E46826AF-003A-4AE9-954A-A3B8B3AA070C} canceled.
{F15C8AC3-B956-4790-9B18-8E6DB2C1A374} canceled.
{0B3FD32F-9D55-4CC2-B7EA-9AD047962EC7} canceled.
{F679A04F-7CDC-4D21-ACD9-6668AD7D5F99} canceled.
{467792E7-4FE8-4217-A873-1CA873A9B8E8} canceled.
{061F21CC-C5AB-4190-8F7F-7A3F23259589} canceled.
{59B2A0F7-4F1E-4BD0-ABF2-A78D0C12E2C4} canceled.
{1FBFC8A5-6064-4CC5-8BFD-0CB49605CE45} canceled.
{21A10013-3A3C-4980-BB58-6E42B47DF0DC} canceled.
{3E96CC73-C54C-4D0B-98D1-63555455E511} canceled.
{FCD6B4EB-D5D5-42D9-AA95-B009E35EF7B6} canceled.
{4AC6FC6C-995C-4399-B25F-4BCA18CB21E4} canceled.
{2B9BF2EA-EE1F-4898-A3FC-6769CBF2CCE4} canceled.
{4832885B-6BA7-4072-AEE3-1BB9D8CC3A86} canceled.
{FD6FF681-9539-484C-8B47-29B50276129A} canceled.
{FF1EDD02-460E-4090-9FAB-8119A6BACD6C} canceled.
{588586C1-2E97-499F-B475-9F666BC8B4D8} canceled.
{52FFAD05-62C2-402A-A4C0-EC1FBBE9AF7B} canceled.
{F44A36B4-F046-4523-A3C7-D9836C53BB72} canceled.
{EC940C29-5AAD-4611-8BBA-6BE2AA515DCC} canceled.
{29EEE61A-9DBD-4B36-9EED-E3FC7988640D} canceled.
{2DF409B8-4FCC-419D-92F9-B78CEC142467} canceled.
{978ADEDA-A54F-4793-9DBF-47FA40DD3DC9} canceled.
{088BD032-2FAB-4C5F-BD20-7D2E88D182BF} canceled.
{DBDCADA8-FEBC-4A67-A095-4935AC7CC3CC} canceled.
{3D075DA7-5B51-4DA3-8F0C-71921BFE9195} canceled.
{6072D5D7-ABB4-42EF-B7C3-682178F8E205} canceled.
{2649C172-F732-433A-B70C-D06804F4F9B8} canceled.
{062B163D-FBA8-4BF8-9C0D-8DA4010339D9} canceled.
{01936C88-A47D-4E77-9886-2228255054C4} canceled.
{A3C2D3C4-8AB0-444E-AF8A-B2F8F52BFF68} canceled.
{715F147B-1D7A-4801-88CB-4ADE9E850157} canceled.
{69D85D84-0F40-4A90-BA7B-C6D565329280} canceled.
{D6C6BBCC-7868-4F1D-81D1-0F9013410AD0} canceled.
{46C0322C-F9F4-4C52-8964-624281E3FD57} canceled.
{0910875E-E8D3-4436-88D6-A956D6167605} canceled.
{2D83A3A0-D7BF-4AC0-920C-3322E816355D} canceled.
{591ED287-FC0A-42C5-BF86-7E0473DA4E5B} canceled.
{93D93EE7-D261-4E02-AE78-CE2CA7D06F35} canceled.
{D632D2F1-7EF4-4329-9670-C4AF2E9A7545} canceled.
{219A6E51-E43F-450C-8D5E-5B36C3DBDDA9} canceled.
{AC3D1D43-E153-43F2-BB20-EA39E9A043C8} canceled.
{C5D035EE-3E90-4530-B003-5DC74F99DB88} canceled.
{969BC31D-6E0B-4423-A732-ADC3A0997819} canceled.
{90814127-17C1-4239-8E1E-59CCD377CE83} canceled.
{9AB02AA9-88E3-4B5F-B90C-8C2EC6CFB0D6} canceled.
{260B0436-A221-4A46-A885-E7969909852D} canceled.
{D4D89495-C408-48AE-B447-A6F03F1C9E6F} canceled.
{F9515144-BEBD-4EAD-BAB9-8F3F8ABA4B46} canceled.
{D8D55AB3-18B2-4A27-BDD1-C3DA89407BA7} canceled.
{26A1A511-3656-4CDA-A6DE-0443B2D6090E} canceled.
{C8BC32AE-5328-4FC0-9F90-89E1258E8E29} canceled.
{B8B76A95-A188-4226-BE30-5BDA5100FFBF} canceled.
{4F2046DD-5680-40FF-9BA0-2FD5B80C9806} canceled.
{C55FD639-D3B4-4A37-B64A-D63D3F86033A} canceled.
{ADD62088-249A-44BF-9BFC-857477AB5B91} canceled.
{C3B820C2-9C3C-4FEC-A771-53323645429F} canceled.
{802409C2-6EA3-4E67-AB08-B5185B6D3B9A} canceled.
{F2F3B170-1CE2-4749-8C46-BF6C3A33CBBC} canceled.
{DF54CFE3-8B0F-4321-887D-A296A0E8127F} canceled.
{29EE7526-EC28-4E0B-ACD2-48A17E46C081} canceled.
{08C3EAEF-9C85-4A70-940C-2BC7C37AE37C} canceled.
{32C8C36C-FDC1-42B3-96DE-8A36DA01BB46} canceled.
{2E40ECDC-A488-4B86-8EAF-4790EC13AC6C} canceled.
{A9574C83-BDC5-49BB-B729-21F6D5F709B9} canceled.
{8A588F32-D192-480B-A6C7-0F97F9D433CF} canceled.
{25CB6CCD-6357-4B9C-825E-BCFD9B6CF043} canceled.
{227854DD-46CC-43E9-82D6-62D21B88F5EA} canceled.
{3AB2ABAC-CE71-4479-A176-DD89D5012B64} canceled.
{94DF01ED-EE7B-4094-BFF5-43552EB759E0} canceled.
{9A85BF0C-09DB-4B9A-B527-E0969DAFD58B} canceled.
{F0308820-C156-4837-87B4-61C09035F670} canceled.
{333146EE-F041-47BC-ABC8-56DB53FCA657} canceled.
{E1F6CA9D-AFC7-483F-B13B-66754016B11C} canceled.
{3A97BE3C-1D77-4FD6-8332-E8CE609D0330} canceled.
{589CB754-9CF8-4C82-AC49-29AA623D45BC} canceled.
{CB801E79-8B87-4909-B207-2F715A368FD1} canceled.
{DB658523-A864-410D-9D7E-BB020AB9B36C} canceled.
{D69948CE-927A-4BDC-97F3-1BB3E57542D3} canceled.
{4C24DB64-4138-4A97-8EDE-175F27971E71} canceled.
{1C6DD3B5-1803-4097-983B-7620FC61DBB4} canceled.
{70A4425D-8EDE-45E7-8370-82F4F3C53333} canceled.
{6F3824CC-9127-41F9-A91D-998575F3DAAD} canceled.
{882BD88E-6266-4BA0-B26A-42A58E8A4E2E} canceled.
{7E4756EF-A838-45C5-8ABD-5CF78DD22857} canceled.
{D45A1062-2FB9-4400-94A5-696297B76F78} canceled.
{72855CD1-3C60-428A-9AC6-93EE17B0A9D4} canceled.
{FC194276-A41B-4F3A-A864-7038538EC9E1} canceled.
{E2B68E72-A3D9-4CAF-8611-EF24553845EE} canceled.
{0A176182-FB0D-454F-A1B8-1E06F057A335} canceled.
{52C9DA7F-80C2-4D80-A269-2686ECD725D4} canceled.
{76C0C517-CCE5-41A0-B433-A97C8C16AC2B} canceled.
{381505B5-79E5-45D5-AA79-98032A9241CB} canceled.
{AFF02C4D-E55C-4FD0-9FA8-5864C2EDD8F0} canceled.
{D9236592-EF19-49FB-8FC5-48CBC7BF48D6} canceled.
{E94DDA3E-8106-4244-9F2B-E0C2CFBC6F7E} canceled.
{B25C56D9-428E-4504-BFCD-4C2E3C8743D6} canceled.
{FB63B0CD-35D1-4859-B044-8B412A5C66A7} canceled.
{D58415F9-3571-4C46-9402-FDAA16DCD84F} canceled.
{2FFC0823-35A2-414B-8CDB-9F45CD0593BE} canceled.
{75781066-4A00-4298-8025-F8093D0B2AD8} canceled.
{B0F922E3-92BC-463D-95DD-18624EA02B4B} canceled.
{439DB434-6A54-4499-8788-66BB44D5FC61} canceled.
{C3F21C62-11A9-4854-93E6-5EE6D0345E43} canceled.
{B21149AC-D0E0-4975-8933-48A46609C2A6} canceled.
{F8AFC0F1-1F9C-4C96-8F04-783A9B46DD88} canceled.
572 out of 574 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 120.6 MB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 01:01:19 ====

  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Once you have run AdwCleaner and posted the log could you let me know how the computer is behaving
  • 0

#12
ntk04

ntk04

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

ok here is the log from the adwcleaner:

 

# AdwCleaner v4.207 - Logfile created 04/07/2015 at 01:13:03

# Updated 21/06/2015 by Xplode
# Database : 2015-07-02.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Kavapalu - KAVAPALU2015
# Running from : C:\Users\Kavapalu\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : swdumon
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\SoftWarehouse
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\InstallSightSDK
Folder Deleted : C:\ProgramData\SeeArch-NewTab
Folder Deleted : C:\ProgramData\50Couapoons
Folder Deleted : C:\ProgramData\UTuuBErAdBlOOcker
Folder Deleted : C:\ProgramData\Avg_Update_0814tb
Folder Deleted : C:\ProgramData\de706467904a4380
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\continuetosave
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Updater
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\BearShare Applications
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\Uninstaller
Folder Deleted : C:\Program Files (x86)\YTD Toolbar
Folder Deleted : C:\Program Files (x86)\Edu App
Folder Deleted : C:\Program Files (x86)\SeeArch-NewTab
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SearchProtect
Folder Deleted : C:\Program Files\DriverAssist
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\Kavapalu\music\qtrax media library
Folder Deleted : C:\Users\Kavapalu\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Kavapalu\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Conduit
Folder Deleted : C:\Users\Kavapalu\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Kavapalu\AppData\Local\PackageAware
Folder Deleted : C:\Users\Kavapalu\AppData\Local\torch
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Tuguu_SL
Folder Deleted : C:\Users\Kavapalu\AppData\Local\VNT
Folder Deleted : C:\Users\Kavapalu\AppData\Local\GAMESDESKTOP
Folder Deleted : C:\Users\Kavapalu\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Kavapalu\AppData\LocalLow\Claro LTD
Folder Deleted : C:\Users\Kavapalu\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Kavapalu\AppData\LocalLow\continuetosave
Folder Deleted : C:\Users\Kavapalu\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Kavapalu\AppData\LocalLow\SmartWeb
Folder Deleted : C:\Users\Kavapalu\AppData\LocalLow\smileyswelove
Folder Deleted : C:\Users\Kavapalu\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Folder Deleted : C:\Users\Kavapalu\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Kavapalu\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Kavapalu\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Kavapalu\AppData\Roaming\SmartPCFix
Folder Deleted : C:\Users\Kavapalu\AppData\Roaming\smileyswelove
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\akohpaojipnnalnkiiocdfpgaklfaemk
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\akohpaojipnnalnkiiocdfpgaklfaemk
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\clehfjlfelijkmklphhglkcfacogalcn
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\clehfjlfelijkmklphhglkcfacogalcn
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnaagajffhgkflpmbnmgddcghcgdgda
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnaagajffhgkflpmbnmgddcghcgdgda
[/!\] Not Deleted ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\akohpaojipnnalnkiiocdfpgaklfaemk
[/!\] Not Deleted ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\akohpaojipnnalnkiiocdfpgaklfaemk
[/!\] Not Deleted ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\clehfjlfelijkmklphhglkcfacogalcn
[/!\] Not Deleted ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\clehfjlfelijkmklphhglkcfacogalcn
[/!\] Not Deleted ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
[/!\] Not Deleted ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
[/!\] Not Deleted ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnaagajffhgkflpmbnmgddcghcgdgda
[/!\] Not Deleted ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnaagajffhgkflpmbnmgddcghcgdgda
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kgdaeidiojbdgmnjnpmklilaodjlkbjp
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dlbemabjbfhjcccahjioenmkgimjbbkd
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akohpaojipnnalnkiiocdfpgaklfaemk
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akohpaojipnnalnkiiocdfpgaklfaemk
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\akohpaojipnnalnkiiocdfpgaklfaemk
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\clehfjlfelijkmklphhglkcfacogalcn
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\clehfjlfelijkmklphhglkcfacogalcn
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\clehfjlfelijkmklphhglkcfacogalcn
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\olnaagajffhgkflpmbnmgddcghcgdgda
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\olnaagajffhgkflpmbnmgddcghcgdgda
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\olnaagajffhgkflpmbnmgddcghcgdgda
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgdaeidiojbdgmnjnpmklilaodjlkbjp
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dlbemabjbfhjcccahjioenmkgimjbbkd
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akohpaojipnnalnkiiocdfpgaklfaemk
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akohpaojipnnalnkiiocdfpgaklfaemk
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\akohpaojipnnalnkiiocdfpgaklfaemk
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\clehfjlfelijkmklphhglkcfacogalcn
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\clehfjlfelijkmklphhglkcfacogalcn
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\clehfjlfelijkmklphhglkcfacogalcn
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\olnaagajffhgkflpmbnmgddcghcgdgda
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\olnaagajffhgkflpmbnmgddcghcgdgda
Folder Deleted : C:\Users\Kavapalu\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\olnaagajffhgkflpmbnmgddcghcgdgda
File Deleted : C:\END
File Deleted : C:\prefs.js
File Deleted : C:\Users\Public\Desktop\YTD Video Downloader.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\drivers\swdumon.sys
File Deleted : C:\Users\Kavapalu\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Kavapalu\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Deleted : C:\Users\Kavapalu\AppData\Roaming\Mozilla\Firefox\Profiles\5dgi5gwl.default\user.js
File Deleted : C:\Users\Kavapalu\AppData\Roaming\Mozilla\Firefox\Profiles\Kavapalu\user.js
 
***** [ Scheduled tasks ] *****
 
Task Deleted : RunAsStdUser Task for VeohWebPlayer
Task Deleted : amiupdaterExd
Task Deleted : amiupdaterExi
Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\SDP
Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\registry helper service
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_a8235b05
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44FC7A33-2E5C-48DC-B6F5-B81E8005D122}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7A6DCEC2-55AB-418F-A903-93D0DF482809}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27CE191D-733B-4450-AFCD-096D105288C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\qtrax
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\SoftwareUpdater
Key Deleted : HKCU\Software\TNT2
Key Deleted : HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Deleted : HKCU\Software\Crossbrowse
Key Deleted : HKCU\Software\YorkNewCin
Key Deleted : HKCU\Software\HighDefAction
Key Deleted : HKCU\Software\ArenaHD
Key Deleted : HKCU\Software\Avg Secure Update
Key Deleted : HKCU\Software\esties
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Browser Extensions
Key Deleted : HKCU\Software\AppDataLow\Software\SmartWeb
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GS-Enabler
Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Registry Helper
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\Taronja
Key Deleted : HKLM\SOFTWARE\AdGazelle
Key Deleted : HKLM\SOFTWARE\YorkNewCin
Key Deleted : HKLM\SOFTWARE\HighDefAction
Key Deleted : HKLM\SOFTWARE\oursurfingSoftware
Key Deleted : HKLM\SOFTWARE\ArenaHD
Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Deleted : HKU\.DEFAULT\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1B325F70-A984-421E-8407-06683E6EF03B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v43.0.2357.130
 
 
-\\ Comodo Dragon v
 
 
-\\ Chrome Canary v
 
 
*************************
 
AdwCleaner[R0].txt - [27697 bytes] - [04/07/2015 01:11:44]
AdwCleaner[S0].txt - [23585 bytes] - [04/07/2015 01:13:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23645  bytes] ##########

  • 0

#13
ntk04

ntk04

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

its rebooted now...... and now what am i looking for next.....???


  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is Avast now running ? If not what error are you getting ?

Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Ensure that "Enable free trial of Malwarebytes Anti-Malware Premium" is unchecked
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

To access logs from Malwarebytes Anti-Malware 2.0:

mbamlogs.JPG

1.Open Malwarebytes Anti-Malware 2.0
2.Click History > Application Logs
3.Double-click the log you would like to open

Scan Logs record detections from manual scans, including threats detected and the actions taken against them

To save a Scan Log:

1.Open the log file you would like to save
2.Click Export
3.Choose to export to a .txt
4.Choose a folder to save the log file in, then click Save
5.Post that log here
  • 0

#15
ntk04

ntk04

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

i still can't open or uninstall avast if thats want u mean by how my computer is behaving....


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP