DDon

Members
  • Content Count

    188
  • Joined

  • Last visited

Community Reputation

0 Neutral

About DDon

  • Rank
    Advanced Member

Profile Information

  • Location
    Texas
  1. Ok, Bing stopped showing up on my new tabs, and this problem seems to be with Avast. I will pursue it with them. thanks again...!!
  2. Web Companion says it is not compatible with Google Chrome and Ad-Aware gives warnings about Avast. I am about to get busy on cotton harvest again, so for now - I removed them. I saved that notepad with text to the same folder, ran Frst64 & fix, rebooted, and I still get Yahoo in search and Bing on new tabs. I repated the steps. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01 Ran by Don at 2014-11-10 20:07:02 Run:2 Running from C:\Users\Don\Documents\Working Loaded Profile: Don (Available profiles: Don) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM\...\Run: [] => [X] HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.searc...simp=yhs-001&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.searc...simp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.searc...simp=yhs-001&p={searchTerms} SearchScopes: HKCU - {C0234695-9B49-4D17-8110-40D21CEC995B} URL = https://search.yahoo...&type=198484&p={searchTerms} Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File FF DefaultSearchEngine: Yahoo! FF SelectedSearchEngine: Yahoo! FF Keyword.URL: https://search.yahoo...&type=198484&p= FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml FF Extension: No Name - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\extensions\[email protected] [Not Found] FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found] FF Extension: No Name - [email protected] [Not Found] ***************** HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => Value not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value not found. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}" => Key not found. "HKCR\Wow6432Node\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0234695-9B49-4D17-8110-40D21CEC995B}" => Key not found. "HKCR\CLSID\{C0234695-9B49-4D17-8110-40D21CEC995B}" => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value not found. "HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found. Firefox DefaultSearchEngine deleted successfully. Firefox SelectedSearchEngine deleted successfully. Firefox Keyword.URL deleted successfully. "HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key not found. "HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key not found. C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml => Moved successfully. C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\extensions\[email protected] not found. C:\Program Files (x86)\IObit Apps Toolbar\FF not found. FF Extension: No Name - [email protected] [Not Found] not found. ==== End of Fixlog ====
  3. Question: I quit Ad-Aware after years of use when one program was found to conflict with other anti-virus programs, like Avast. I disabled Avast while I ran these, but since this Ad-Aware program installed with the special notice of possible conflict, and in secondary defense - would it be safe to keep it with Avast now? I ran all of these. I see that one of them installed Bing as my primary search engine plus home page and new tab page the Ad-Aware installation I think. More of the problem I came here about. I do try to watch out of these little tricks. The Ad-Aware scan only removed one object: The AdwCleaner. I got my home page back from Bing and got it out of my search engine preferences. Can you tell me how to remove Bing from showing up on new tabs? EditL OMG Now I have duckduckgo for a search engine/...?! Eset froze on step 4. Ran again. # AdwCleaner v3.019 - Report created 17/02/2014 at 12:41:48 # Updated 17/02/2014 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (64 bits) # Username : Don - 2009PC # Running from : C:\Users\Don\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** [#] Service Deleted : Viewpoint Manager Service ***** [ Files / Folders ] ***** [!] Folder Deleted : C:\ProgramData\AlawarWrapper [!] Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner [!] Folder Deleted : C:\Program Files (x86)\Viewpoint [!] Folder Deleted : C:\Users\Don\AppData\LocalLow\Viewpoint [!] Folder Deleted : C:\Users\Don\AppData\LocalLow\IObitCom [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected] [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected] [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected](104).com [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected](539).com [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected](95).com [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected] [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected] [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected](105).com [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected] [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\staged(540) [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE} [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(169) [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(104) [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(105) [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(116) [!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(132) # AdwCleaner v4.101 - Report created 09/11/2014 at 19:11:18 # Updated 09/11/2014 by Xplode # Database : 2014-11-07.1 [Live] # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Don - DONS2009 # Running from : C:\Users\Don\Documents\Working\adwcleaner_4.101.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Viewpoint Folder Deleted : C:\Program Files (x86)\Viewpoint Folder Deleted : C:\Users\Don\AppData\Local\LPT Folder Deleted : C:\Users\Don\AppData\Local\Smartbar Folder Deleted : C:\Users\Don\AppData\Local\Temp\Smartbar Folder Deleted : C:\Users\Don\AppData\LocalLow\Smartbar Folder Deleted : C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm ***** [ Scheduled Tasks ] ***** Task Deleted : Driver Booster Scan Task Deleted : Driver Booster Update ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\mysearchdial Key Deleted : HKCU\Software\mysearchdial.com Key Deleted : HKCU\Software\SearchProtectINT Key Deleted : HKCU\Software\SmartBar Key Deleted : HKCU\Software\smartbarbackup Key Deleted : HKCU\Software\smartbarlog Key Deleted : HKLM\SOFTWARE\InstallCore Key Deleted : HKLM\SOFTWARE\MetaStream Key Deleted : HKLM\SOFTWARE\Viewpoint Key Deleted : HKLM\SOFTWARE\Vittalia Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17344 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [searchAssistant] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] -\\ Mozilla Firefox v33.0.3 (x86 en-US) -\\ Google Chrome v38.0.2125.111 ************************* AdwCleaner[R0].txt - [23521 octets] - [17/02/2014 12:24:46] AdwCleaner[R1].txt - [19948 octets] - [17/02/2014 13:07:50] AdwCleaner[R2].txt - [10802 octets] - [18/02/2014 17:27:23] AdwCleaner[R3].txt - [9841 octets] - [18/02/2014 17:36:11] AdwCleaner[s0].txt - [10509 octets] - [17/02/2014 12:41:48] AdwCleaner[s1].txt - [11126 octets] - [17/02/2014 13:10:25] AdwCleaner[s2].txt - [2332 octets] - [18/02/2014 17:30:31] AdwCleaner[s3].txt - [1201 octets] - [18/02/2014 18:59:18] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10751 octets] ########## Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01 Ran by Don (administrator) on DONS2009 on 10-11-2014 01:47:33 Running from C:\Users\Don\Documents\Working Loaded Profile: Don (Available profiles: Don) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe (Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Abine Inc.) C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (The Weather Channel Interactive, Inc.) C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe (Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe (AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1394217651\ee\aolsoftware.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AOL Inc.) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\shellmon.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\aolbrowser.exe (AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1394217651\ee\aolupdates.exe (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [] => [X] HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] () HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-05] (AVAST Software) HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1394217651\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM-x32\...\RunOnce: [AbineAutoUpdate] => C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe [127728 2014-11-05] (Abine Inc.) HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit) HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [DW6] => C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe [822456 2012-07-30] (The Weather Channel Interactive, Inc.) HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE [72296 2014-08-19] (AOL Inc.) HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1299776 2014-10-30] (Lavasoft) HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_206_ActiveX.exe -update activex ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?pc=COSP&ptag=D110914-AA9FED7399E21497DA0F&form=CONBDF&conlogo=CT3330947&q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?pc=COSP&ptag=D110914-AA9FED7399E21497DA0F&form=CONBDF&conlogo=CT3330947&q={searchTerms} SearchScopes: HKCU - {C0234695-9B49-4D17-8110-40D21CEC995B} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Blur BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\4.5.1301\AbineBHO64.dll (Abine Inc.) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit) BHO-x32: Blur BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\4.5.1301\AbineBHO.dll (Abine Inc.) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited) Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited) Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited) Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited) Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited) Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited) Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited) Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited) Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited) Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240 FF DefaultSearchEngine: Yahoo! FF SelectedSearchEngine: Yahoo! FF Homepage: https://www.google.com FF Keyword.URL: https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll () FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-686715638-536031369-4033485687-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Don\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\[email protected] [2014-11-08] FF Extension: Xmarks - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\[email protected] [2014-11-03] FF Extension: Flashblock - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-11-04] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-07] FF Extension: No Name - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\extensions\[email protected] [Not Found] FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found] FF Extension: No Name - [email protected] [Not Found] Chrome: ======= CHR HomePage: Default -> https://www.google.com/ CHR StartupUrls: Default -> "https://www.google.com/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Yahoo Application State Plugin) - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) CHR Profile: C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-03-07] CHR Extension: (Google Drive) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-07] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-07] CHR Extension: (YouTube) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-07] CHR Extension: (Adblock Plus) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-07] CHR Extension: (Win7 Scrollbars) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifcnoebhbpdndjendfkpehpfbglgfkc [2014-03-07] CHR Extension: (DoNotTrackMe Privacy Dashboard) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjidbdiahninbecbcigapoocbkfncobc [2014-11-07] CHR Extension: (Google Search) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-07] CHR Extension: (Blur (Formerly DoNotTrackMe)) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-11-07] CHR Extension: (HTTPS Everywhere) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-06-13] CHR Extension: (AdBlock) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-07] CHR Extension: (FlashBlock) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2014-11-03] CHR Extension: (TinEye Reverse Image Search) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-03-07] CHR Extension: (Google Wallet) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-07] CHR Extension: (Gmail) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-07] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-05] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit) R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-05] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-05] (Avast Software) R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] () R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [1351512 2014-10-30] (Lavasoft Limited) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit) S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2014-10-30] () R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.) S2 TeamViewer9; No ImagePath ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2014-09-17] (Advanced Micro Devices Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-05] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-05] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-05] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-05] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-05] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-05] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-05] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-05] () S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-11-05] (Avast Software) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-10 01:46 - 2014-11-10 01:46 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-11-10 01:35 - 2014-11-10 01:35 - 00000056 _____ () C:\Windows\setupact.log 2014-11-10 01:35 - 2014-11-10 01:35 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-10 01:34 - 2014-11-10 01:34 - 00008806 _____ () C:\Windows\PFRO.log 2014-11-10 01:33 - 2014-11-10 01:33 - 00000000 _____ () C:\asc_rdflag 2014-11-09 19:47 - 2014-11-09 19:47 - 00000000 ____D () C:\Users\Don\AppData\Roaming\LavasoftStatistics 2014-11-09 19:46 - 2014-11-09 19:47 - 00000000 ____D () C:\Users\Don\AppData\Local\Lavasoft 2014-11-09 19:46 - 2014-11-09 19:46 - 00004648 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini 2014-11-09 19:46 - 2014-11-09 19:46 - 00002480 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini 2014-11-09 19:46 - 2014-11-09 19:46 - 00002480 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini 2014-11-09 19:45 - 2014-11-09 19:45 - 00000000 ____D () C:\Program Files (x86)\Lavasoft 2014-11-09 19:45 - 2014-10-30 16:15 - 00358736 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll 2014-11-09 19:45 - 2014-10-30 16:15 - 00312424 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll 2014-11-09 19:43 - 2014-11-10 01:37 - 00002265 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2014-11-09 19:43 - 2014-11-09 21:16 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Lavasoft 2014-11-09 19:43 - 2014-11-09 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2014-11-09 19:37 - 2014-11-09 19:37 - 00000000 ____D () C:\Program Files\Lavasoft 2014-11-09 19:25 - 2014-11-09 19:25 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft 2014-11-09 19:22 - 2014-11-09 19:43 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-11-09 01:54 - 2014-11-09 01:54 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-11-09 01:54 - 2014-11-09 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-09 01:53 - 2014-11-09 01:53 - 00000000 ____D () C:\Program Files\Java 2014-11-09 01:50 - 2014-11-09 01:50 - 00000000 ____D () C:\ProgramData\Sun 2014-11-09 01:48 - 2014-11-09 01:48 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-09 01:22 - 2014-11-09 01:23 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2014-11-09 01:22 - 2014-11-09 01:22 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2014-11-08 21:17 - 2014-11-10 01:47 - 00000000 ____D () C:\FRST 2014-11-08 12:56 - 2014-11-08 12:56 - 00003182 _____ () C:\Windows\System32\Tasks\{EBB6AEEE-8E40-4826-9E0D-411D73435CDC} 2014-11-08 11:50 - 2014-11-08 11:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-11-07 23:07 - 2014-11-10 01:37 - 00000000 ____D () C:\Program Files (x86)\DoNotTrackMe 2014-11-06 23:52 - 2014-11-06 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-11-06 14:56 - 2014-11-06 14:57 - 00000197 _____ () C:\Windows\system32\2014-11-06-20-56-44.067-AvastVBoxSVC.exe-328.log 2014-11-06 14:56 - 2014-11-06 14:56 - 00000247 _____ () C:\Windows\system32\2014-11-06-20-56-52.051-aswFe.exe-2348.log 2014-11-06 14:50 - 2014-11-10 01:33 - 58318848 _____ () C:\Windows\system32\config\software.iodefrag 2014-11-06 14:50 - 2014-11-10 01:33 - 00278528 _____ () C:\Windows\system32\config\default.iodefrag 2014-11-06 14:50 - 2014-11-10 01:33 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag 2014-11-06 14:50 - 2014-11-10 01:33 - 00024576 _____ () C:\Windows\system32\config\sam.iodefrag 2014-11-06 14:04 - 2014-11-06 14:04 - 00000247 _____ () C:\Windows\system32\2014-11-06-20-04-04.074-aswFe.exe-6640.log 2014-11-06 13:53 - 2014-11-06 13:53 - 00000197 _____ () C:\Windows\system32\2014-11-06-19-53-03.037-AvastVBoxSVC.exe-6760.log 2014-11-06 12:37 - 2014-11-06 13:52 - 00000247 _____ () C:\Windows\system32\2014-11-06-18-37-17.046-aswFe.exe-2132.log 2014-11-06 12:27 - 2014-11-06 12:27 - 00000197 _____ () C:\Windows\system32\2014-11-06-18-27-03.030-AvastVBoxSVC.exe-7148.log 2014-11-06 11:11 - 2014-11-06 12:27 - 00000247 _____ () C:\Windows\system32\2014-11-06-17-11-03.081-aswFe.exe-6428.log 2014-11-06 00:01 - 2014-11-06 11:11 - 00000247 _____ () C:\Windows\system32\2014-11-06-06-01-36.098-aswFe.exe-1612.log 2014-11-06 00:01 - 2014-11-06 00:01 - 00000197 _____ () C:\Windows\system32\2014-11-06-06-01-15.058-AvastVBoxSVC.exe-1232.log 2014-11-05 23:46 - 2014-11-05 23:46 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2014-11-05 23:46 - 2014-11-05 23:46 - 00000000 ____D () C:\Windows\system32\vbox 2014-11-05 23:35 - 2014-11-05 23:35 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-11-05 23:35 - 2014-11-05 23:35 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-11-05 22:51 - 2014-11-05 22:51 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-11-05 22:45 - 2014-11-05 22:45 - 00000000 __SHD () C:\Users\Don\AppData\Local\EmieUserList 2014-11-05 22:45 - 2014-11-05 22:45 - 00000000 __SHD () C:\Users\Don\AppData\Local\EmieSiteList 2014-11-05 01:36 - 2014-11-05 01:36 - 00000000 ____D () C:\Users\Don\AppData\Local\Free_Picture_Solutions 2014-11-05 01:32 - 2014-11-05 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Picture Resizer 2014-11-05 01:32 - 2014-11-05 01:32 - 00000000 ____D () C:\Program Files (x86)\Free Picture Resizer 2014-11-03 19:30 - 2014-11-03 19:30 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2014-11-03 19:30 - 2014-11-03 19:30 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2014-11-03 19:30 - 2014-11-03 19:30 - 00000000 ____D () C:\Windows\en 2014-11-03 19:29 - 2014-11-03 19:29 - 00000020 _____ () C:\Windows\$÷­ 2014-11-03 19:29 - 2014-11-03 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-11-03 19:29 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-11-03 19:29 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-11-03 19:29 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-11-03 19:29 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-11-03 19:29 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-11-03 19:29 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-11-03 19:29 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-11-03 19:29 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-11-03 19:28 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2014-11-03 19:28 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2014-11-03 19:27 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2014-11-03 19:27 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2014-11-03 19:19 - 2014-11-03 19:19 - 00001257 _____ () C:\Users\Public\Desktop\The Weather Channel Desktop .lnk 2014-11-03 19:19 - 2014-11-03 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel 2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-11-03 17:26 - 2014-11-03 17:26 - 00003170 _____ () C:\Windows\System32\Tasks\{1964C532-CE81-4EC3-A6D6-81B0724504B0} 2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat 2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\Program Files (x86)\WinDirStat 2014-11-03 17:16 - 2014-11-05 22:51 - 00000000 ____D () C:\Users\Don\AppData\Local\Citrix 2014-11-03 17:16 - 2014-11-03 18:53 - 00000000 ____D () C:\Users\Don\Tracing 2014-11-03 17:16 - 2014-11-03 18:35 - 00000000 ____D () C:\Program Files (x86)\Citrix 2014-11-03 16:58 - 2014-11-03 16:58 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2014-11-03 16:57 - 2014-11-03 16:57 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2014-11-03 16:56 - 2014-11-03 16:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2014-11-03 16:56 - 2014-11-03 16:56 - 00000000 ____D () C:\Windows\PCHEALTH 2014-11-03 16:56 - 2014-11-03 16:56 - 00000000 ____D () C:\Program Files\Windows Live 2014-11-03 16:56 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys 2014-11-03 16:55 - 2014-11-03 16:58 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2014-11-03 16:53 - 2014-11-03 16:53 - 00002130 _____ () C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-11-03 16:53 - 2014-11-03 16:53 - 00002100 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-11-03 16:53 - 2014-11-03 16:53 - 00002100 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-11-03 16:53 - 2014-11-03 16:53 - 00000000 ___RD () C:\Users\Don\OneDrive 2014-11-03 16:53 - 2014-11-03 16:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive 2014-11-03 16:52 - 2014-11-03 16:52 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive 2014-11-03 16:51 - 2014-11-03 16:51 - 00003150 _____ () C:\Windows\System32\Tasks\{7A8C627F-E2D7-4763-AD3E-9ABA67A1831C} 2014-11-03 16:49 - 2014-11-05 18:47 - 00000000 ____D () C:\Users\Don\AppData\Local\Windows Live 2014-11-03 14:04 - 2014-11-07 12:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-03 13:48 - 2014-11-03 18:47 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7a 2014-11-03 13:46 - 2014-11-03 13:51 - 00001738 ____H () C:\IPH.PH 2014-10-18 10:28 - 2014-10-06 20:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-18 10:28 - 2014-10-06 20:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-18 10:28 - 2014-09-28 18:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-18 10:28 - 2014-09-25 16:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-18 10:28 - 2014-09-25 16:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-18 10:28 - 2014-09-25 16:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-18 10:28 - 2014-09-25 16:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-18 10:28 - 2014-09-25 16:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-18 10:28 - 2014-09-25 16:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-18 10:28 - 2014-09-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-18 10:28 - 2014-09-18 19:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-18 10:28 - 2014-09-18 19:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-18 10:28 - 2014-09-18 19:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-18 10:28 - 2014-09-18 19:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-18 10:28 - 2014-09-18 19:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-18 10:28 - 2014-09-18 19:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-18 10:28 - 2014-09-18 19:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-18 10:28 - 2014-09-18 19:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-18 10:28 - 2014-09-18 19:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-18 10:28 - 2014-09-18 19:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-18 10:28 - 2014-09-18 19:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-18 10:28 - 2014-09-18 19:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-18 10:28 - 2014-09-18 19:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-18 10:28 - 2014-09-18 19:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-18 10:28 - 2014-09-18 19:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-18 10:28 - 2014-09-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-18 10:28 - 2014-09-18 18:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-18 10:28 - 2014-09-18 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-18 10:28 - 2014-09-18 18:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-18 10:28 - 2014-09-18 18:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-18 10:28 - 2014-09-18 18:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-18 10:28 - 2014-09-18 18:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-18 10:28 - 2014-09-18 18:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-18 10:28 - 2014-09-18 18:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-18 10:28 - 2014-09-18 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-18 10:28 - 2014-09-18 18:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-18 10:28 - 2014-09-18 18:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-18 10:28 - 2014-09-18 18:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-18 10:28 - 2014-09-18 18:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-18 10:28 - 2014-09-18 17:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-18 10:28 - 2014-09-18 17:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-18 10:28 - 2014-09-18 17:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-18 10:27 - 2014-09-25 16:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-18 10:27 - 2014-09-18 20:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-18 10:27 - 2014-09-18 19:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-18 10:27 - 2014-09-18 19:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-18 10:27 - 2014-09-18 19:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-18 10:27 - 2014-09-18 19:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-18 10:27 - 2014-09-18 19:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-18 10:27 - 2014-09-18 19:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-18 10:27 - 2014-09-18 19:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-18 10:27 - 2014-09-18 19:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-18 10:27 - 2014-09-18 19:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-18 10:27 - 2014-09-18 18:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-18 10:27 - 2014-09-18 18:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-18 10:27 - 2014-09-18 18:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-18 10:27 - 2014-09-18 17:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-18 10:26 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-18 10:26 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-10-18 10:26 - 2014-09-17 20:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-18 10:26 - 2014-09-17 19:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-18 10:26 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-18 10:26 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-18 10:26 - 2014-08-28 20:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-18 10:25 - 2014-09-12 19:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-18 10:25 - 2014-09-12 19:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-18 10:25 - 2014-09-04 20:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-18 10:25 - 2014-09-04 19:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-18 10:25 - 2014-07-16 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-18 10:25 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-18 10:25 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-18 10:25 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-18 10:25 - 2014-07-16 20:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-18 10:25 - 2014-07-16 20:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-18 10:25 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-18 10:25 - 2014-07-16 19:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-18 10:25 - 2014-07-16 19:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-18 10:25 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-18 10:25 - 2014-07-16 19:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-10 01:47 - 2014-03-08 00:20 - 00000000 ____D () C:\Users\Don\Documents\Working 2014-11-10 01:43 - 2014-03-07 12:59 - 01682228 _____ () C:\Windows\WindowsUpdate.log 2014-11-10 01:43 - 2009-07-13 23:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-10 01:40 - 2014-03-07 12:18 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-10 01:38 - 2014-03-07 12:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-11-10 01:36 - 2014-03-07 12:18 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-10 01:35 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-10 01:33 - 2014-03-07 22:32 - 58318848 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak 2014-11-10 01:33 - 2014-03-07 22:32 - 00278528 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak 2014-11-10 01:33 - 2014-03-07 22:32 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak 2014-11-10 01:33 - 2014-03-07 22:32 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak 2014-11-10 01:33 - 2014-03-07 11:49 - 00000000 ____D () C:\Users\Don 2014-11-10 01:20 - 2014-03-07 12:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-09 19:16 - 2014-03-07 19:53 - 00000000 ____D () C:\ProgramData\ProductData 2014-11-09 19:11 - 2014-02-17 12:24 - 00000000 ____D () C:\AdwCleaner 2014-11-09 13:21 - 2014-03-07 12:17 - 00064024 _____ () C:\Users\Don\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-09 01:46 - 2014-03-07 20:04 - 00000000 ___RD () C:\Users\Don\Desktop\Computer tools - security 2014-11-09 01:43 - 2009-07-13 22:45 - 00295608 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-09 01:23 - 2014-03-11 00:53 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-11-09 01:17 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-11-07 12:32 - 2014-03-07 12:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-06 23:53 - 2014-03-07 19:56 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Skype 2014-11-06 23:52 - 2014-03-07 19:56 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-11-06 23:52 - 2014-03-07 19:56 - 00000000 ____D () C:\ProgramData\Skype 2014-11-05 23:35 - 2014-04-30 22:53 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-11-05 10:14 - 2014-03-07 20:09 - 00000000 ___RD () C:\Users\Don\Desktop\Photo - Vids 2014-11-05 03:02 - 2014-03-08 00:27 - 00000000 ____D () C:\ProgramData\Yahoo! 2014-11-05 03:02 - 2014-03-08 00:23 - 00000000 ____D () C:\Program Files (x86)\Yahoo! 2014-11-05 02:19 - 2014-04-08 20:07 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Dropbox 2014-11-04 02:53 - 2009-07-13 22:45 - 00017088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-04 02:53 - 2009-07-13 22:45 - 00017088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-03 19:19 - 2014-03-16 13:46 - 00000000 ____D () C:\Program Files (x86)\The Weather Channel FW 2014-11-03 19:16 - 2014-03-16 13:46 - 00000000 ____D () C:\Users\Don\AppData\Local\The Weather Channel 2014-11-03 18:49 - 2014-03-08 00:28 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-11-03 16:55 - 2011-04-12 01:51 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-11-03 13:51 - 2014-03-07 12:43 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL Desktop 9.7.lnk 2014-11-03 13:51 - 2014-03-07 12:43 - 00000000 ____D () C:\Users\Don\AppData\Roaming\AOL 2014-11-03 13:51 - 2014-03-07 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL 2014-11-03 13:50 - 2014-03-07 12:43 - 00001034 _____ () C:\Users\Public\Desktop\AOL Desktop 9.7.lnk 2014-11-03 13:50 - 2014-03-07 12:41 - 00000000 ____D () C:\Users\Don\AppData\Local\AOL 2014-11-03 13:48 - 2014-03-07 12:40 - 00000000 ____D () C:\ProgramData\AOL 2014-11-03 13:46 - 2014-03-07 12:58 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Mozilla 2014-11-03 11:54 - 2014-03-07 12:19 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-11-03 11:35 - 2014-03-07 12:18 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-03 11:35 - 2014-03-07 12:18 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-10-28 06:34 - 2010-11-20 21:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-18 13:12 - 2014-03-12 09:11 - 43929600 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak 2014-10-18 12:58 - 2014-03-07 12:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-10-18 12:58 - 2014-03-07 12:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-18 12:58 - 2014-03-07 12:50 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-10-18 12:20 - 2014-03-07 15:48 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-18 12:15 - 2014-03-07 15:48 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Some content of TEMP: ==================== C:\Users\Don\AppData\Local\Temp\6c037c40-8a06-4bb4-aac9-f23dfd142c03.exe C:\Users\Don\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfyjdrl.dll C:\Users\Don\AppData\Local\Temp\Quarantine.exe C:\Users\Don\AppData\Local\Temp\SkypeSetup.exe C:\Users\Don\AppData\Local\Temp\SpOrder.dll C:\Users\Don\AppData\Local\Temp\The_Weather_Channel_Application.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-26 19:35 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014 01 Ran by Don at 2014-11-10 01:49:04 Running from C:\Users\Don\Documents\Working Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996} AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft) Ad-Aware Web Companion (x32 Version: 1.0.757.1446 - Lavasoft) Hidden AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit) AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software) Blur 4.5.1301 (HKLM-x32\...\DoNotTrackMe Add-on_is1) (Version: 4.5.1301 - Abine Inc) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Free Picture Resizer version 1.0.1.2 (HKLM-x32\...\{53076EED-5E5F-47D7-BB90-9B061B524D17}_is1) (Version: 1.0.1.2 - Free Picture Solutions) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden LavasoftTcpService (x32 Version: 2.2.9.5 - Lavasoft) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 33.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 en-US)) (Version: 33.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation) Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.) Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated) The Weather Channel Desktop 6 (HKLM-x32\...\The Weather Channel Desktop 6) (Version: - ) Web Companion (HKLM-x32\...\{DE20CE03-D4C1-4C3F-ACEB-86F731E1A358}_WebCompanion) (Version: 1.0.757.1446 - Lavasoft) WinDirStat 1.1.2 (HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\WinDirStat) (Version: - ) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 20-03-2014 04:31:29 Windows Update 29-03-2014 15:39:31 Windows Update 02-04-2014 08:49:08 avast! antivirus system restore point 02-04-2014 08:51:55 Windows Update 09-04-2014 02:06:44 Windows Update 09-04-2014 02:13:33 Windows Update 13-04-2014 07:20:58 Windows Update 01-05-2014 04:50:54 avast! antivirus system restore point 01-05-2014 04:50:54 Windows Update 01-05-2014 23:16:26 Windows Update 05-05-2014 11:00:47 Windows Update 05-05-2014 17:47:59 Windows Modules Installer 30-05-2014 20:15:16 Windows Update 07-06-2014 04:36:56 Windows Update 08-06-2014 09:26:15 avast! antivirus system restore point 13-06-2014 00:24:08 Windows Update 13-06-2014 00:29:58 Windows Update 13-06-2014 14:29:08 Windows Backup 05-07-2014 17:25:21 Windows Backup 05-07-2014 17:27:22 avast! antivirus system restore point 05-07-2014 17:34:32 Windows Update 12-07-2014 15:48:07 Windows Update 12-07-2014 15:48:20 Windows Backup 26-07-2014 14:25:38 Windows Update 26-07-2014 14:29:15 Windows Backup 13-08-2014 15:06:06 Windows Update 13-08-2014 15:06:57 Windows Backup 17-09-2014 10:02:08 Windows Update 17-09-2014 10:04:52 Windows Backup 17-09-2014 10:31:28 Windows Update 17-09-2014 17:31:19 Driver Booster : Standard Dual Channel PCI IDE Controller 27-09-2014 19:33:15 Windows Update 27-09-2014 19:34:28 Windows Backup 18-10-2014 16:08:26 Windows Update 18-10-2014 16:18:19 Windows Backup 18-10-2014 18:15:13 Windows Update 03-11-2014 17:37:53 Windows Update 03-11-2014 17:39:37 Windows Backup 03-11-2014 22:50:24 Windows Live Essentials 03-11-2014 22:55:39 WLSetup 04-11-2014 01:26:06 Windows Live Essentials 04-11-2014 01:27:14 Installed DirectX 04-11-2014 01:28:03 Installed DirectX 04-11-2014 01:28:36 Installed DirectX 04-11-2014 01:29:18 WLSetup 05-11-2014 07:29:26 Image Resizer for Windows 05-11-2014 07:49:51 Image Resizer for Windows 06-11-2014 04:50:12 Removed Citrix Online Launcher 06-11-2014 05:32:54 avast! antivirus system restore point 07-11-2014 14:50:51 Windows Update 09-11-2014 07:18:14 Installed OpenOffice 4.1.1 09-11-2014 07:52:26 Removed Java 8 Update 25 (64-bit) 10-11-2014 01:00:46 Windows Backup 10-11-2014 01:22:52 AA11 10-11-2014 01:44:05 LavasoftWeCompanion ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {073B3D58-CBBE-4D9D-BAE1-1A3392F6FE97} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-08-22] (IObit) Task: {36300A2A-5D1A-4CA9-AED8-E017C40CB422} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {3A742DD9-CB7B-477D-A5F7-18174D7ED9B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.) Task: {3AAC9B6F-3F67-4619-8161-A38ED0304592} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.) Task: {7DE1EC52-3EFC-4F9A-8316-39DC8EB28D54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-18] (Adobe Systems Incorporated) Task: {7E32F53A-C31F-41FB-A8EF-7330CC0A3585} - System32\Tasks\Driver Booster SkipUAC (Don) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit) Task: {8A3C7916-F643-4040-880F-682CE51BAF57} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-05] (AVAST Software) Task: {9CDFE5B5-4DE5-491E-B5F5-0BA46E8DC77F} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit) Task: {B6E64269-EE54-4142-9F4E-236D2FFF895A} - System32\Tasks\ASC7_SkipUac_Don => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-10-15 14:03 - 2014-10-15 14:03 - 02753360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareShellExtension.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll 2014-10-15 13:37 - 2014-10-15 13:37 - 00707888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe 2014-10-15 14:03 - 2014-10-15 14:03 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 12459344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 02185560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00952152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00250696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00989016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01281344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll 2014-10-15 14:04 - 2014-10-15 14:04 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00976728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01092440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00893768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00845136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 02887504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01264960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01179496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll 2014-11-05 23:35 - 2014-11-05 23:35 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2014-11-05 23:35 - 2014-11-05 23:35 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 08925504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe 2014-10-15 14:03 - 2014-10-15 14:03 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 02132800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll 2014-11-10 01:46 - 2014-06-26 07:44 - 00358144 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe 2014-03-07 19:52 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll 2014-11-09 18:38 - 2014-11-09 18:38 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\14110901\algo.dll 2014-11-05 23:35 - 2014-11-05 23:35 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll 2014-03-07 19:52 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl 2014-03-07 19:52 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl 2014-03-07 19:52 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl 2014-03-07 19:52 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll 2014-10-30 16:14 - 2014-10-30 16:14 - 00047936 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll 2014-10-30 16:14 - 2014-10-30 16:14 - 00163688 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll 2014-10-30 16:14 - 2014-10-30 16:14 - 00236872 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Filtering.dll 2014-10-30 16:14 - 2014-10-30 16:14 - 00039256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll 2014-10-30 16:14 - 2014-10-30 16:14 - 00033136 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll 2014-10-30 16:14 - 2014-10-30 16:14 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll 2014-10-30 16:14 - 2014-10-30 16:14 - 00039768 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll 2014-11-05 23:35 - 2014-11-05 23:35 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-08-19 12:34 - 2014-08-19 12:34 - 00048640 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\zlib.dll 2014-08-19 12:34 - 2014-08-19 12:34 - 21151232 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libcef.dll 2014-08-19 12:34 - 2014-08-19 12:34 - 00648704 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libglesv2.dll 2014-08-19 12:34 - 2014-08-19 12:34 - 00122880 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libegl.dll 2014-11-03 14:04 - 2014-11-07 12:21 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-686715638-536031369-4033485687-500 - Administrator - Disabled) Don (S-1-5-21-686715638-536031369-4033485687-1000 - Administrator - Enabled) => C:\Users\Don Guest (S-1-5-21-686715638-536031369-4033485687-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/10/2014 01:46:24 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/10/2014 01:46:19 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/10/2014 01:46:19 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/10/2014 01:43:52 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/10/2014 01:36:49 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/10/2014 01:35:45 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (11/09/2014 07:15:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/09/2014 07:15:30 PM) (Source: ESENT) (EventID: 455) (User: ) Description: taskhost (1896) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Don\AppData\Local\Microsoft\Windows\WebCache\V0100034.log. Error: (11/09/2014 07:15:12 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (11/09/2014 07:07:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program ASC.exe version 7.4.0.474 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 15c4 Start Time: 01cffc6da00a58ad Termination Time: 3806 Application Path: C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe Report Id: f0147122-6875-11e4-8797-00038a000015 System errors: ============= Error: (11/10/2014 01:36:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The TeamViewer 9 service failed to start due to the following error: %%3 Error: (11/10/2014 01:36:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the IE Search Set service to connect. Error: (11/10/2014 01:34:54 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (11/10/2014 01:34:54 AM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (11/10/2014 01:34:18 AM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Error: (11/09/2014 07:15:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The TeamViewer 9 service failed to start due to the following error: %%3 Error: (11/09/2014 07:14:30 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (11/09/2014 07:14:30 PM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (11/09/2014 07:11:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/09/2014 07:11:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The HP Service service terminated unexpectedly. It has done this 1 time(s). Microsoft Office Sessions: ========================= Error: (11/10/2014 01:46:24 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Documents\Working\esetsmartinstaller_enu.exe Error: (11/10/2014 01:46:19 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Documents\Working\esetsmartinstaller_enu.exe Error: (11/10/2014 01:46:19 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Documents\Working\esetsmartinstaller_enu.exe Error: (11/10/2014 01:43:52 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Documents\Working\esetsmartinstaller_enu.exe Error: (11/10/2014 01:36:49 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/10/2014 01:35:45 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (11/09/2014 07:15:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/09/2014 07:15:30 PM) (Source: ESENT) (EventID: 455) (User: ) Description: taskhost1896WebCacheLocal: C:\Users\Don\AppData\Local\Microsoft\Windows\WebCache\V0100034.log-1811 Error: (11/09/2014 07:15:12 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (11/09/2014 07:07:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: ASC.exe7.4.0.47415c401cffc6da00a58ad3806C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exef0147122-6875-11e4-8797-00038a000015 ==================== Memory info =========================== Processor: AMD Turion X2 Dual-Core Mobile RM-74 Percentage of memory in use: 50% Total physical RAM: 4093.83 MB Available physical RAM: 2044.61 MB Total Pagefile: 8185.84 MB Available Pagefile: 5792.53 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:451.71 GB) (Free:282.1 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVERY) (Fixed) (Total:14.05 GB) (Free:3.56 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0E285E0C) Partition 1: (Active) - (Size=451.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=14.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================ C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF27.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF4.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF5.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF6.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF7.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF8.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF9.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftLSPInstaller.exe Win32/AdWare.Loadshop.I application C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftLSPInstaller64.exe Win64/Adware.Loadshop.F application C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.dll Win32/AdWare.Loadshop.C application C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe Win32/AdWare.Loadshop.D application C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService64.dll Win64/Adware.Loadshop.C application C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpServiceCert.dll Win32/AdWare.Loadshop.F application C:\Windows\Installer\aece7.msi multiple threats C:\Windows\System32\LavasoftTcpService.dll Win32/AdWare.Loadshop.C application C:\Windows\SysWOW64\LavasoftTcpService.dll Win32/AdWare.Loadshop.C application Operating memory Win32/AdWare.Loadshop.C application
  4. Okee dokee, here it is.... # AdwCleaner v3.019 - Report created 18/02/2014 at 17:27:23 # Updated 17/02/2014 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (64 bits) # Username : Don - 2009PC # Running from : C:\Users\Don\Downloads\adwcleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found C:\Program Files (x86)\Viewpoint Folder Found C:\ProgramData\Viewpoint ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{94C3BB3A-56A1-43DE-A242-8B41F46E97EF} Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Found : HKLM\Software\MetaStream Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP Key Found : HKLM\Software\Viewpoint ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16533 -\\ Mozilla Firefox v20.0.1 (en-US) [ File : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\prefs.js ] -\\ Google Chrome v32.0.1700.107 [ File : C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [14949 octets] - [17/02/2014 12:24:46] AdwCleaner[R1].txt - [11376 octets] - [17/02/2014 13:07:50] AdwCleaner[R2].txt - [1968 octets] - [18/02/2014 17:27:23] AdwCleaner[s0].txt - [3252 octets] - [17/02/2014 12:41:48] AdwCleaner[s1].txt - [11126 octets] - [17/02/2014 13:10:25] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2149 octets] ########## # AdwCleaner v4.100 - Report created 09/11/2014 at 13:10:33 # Updated 08/11/2014 by Xplode # Database : 2014-11-07.1 # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Don - DONS2009 # Running from : C:\Users\Don\Documents\Working\adwcleaner_4.100.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found : C:\Program Files (x86)\Viewpoint Folder Found : C:\ProgramData\Viewpoint Folder Found : C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm Folder Found : C:\Users\Don\AppData\Local\LPT Folder Found : C:\Users\Don\AppData\Local\Smartbar Folder Found : C:\Users\Don\AppData\Local\Temp\Smartbar Folder Found : C:\Users\Don\AppData\LocalLow\Smartbar ***** [ Scheduled Tasks ] ***** Task Found : Driver Booster Scan Task Found : Driver Booster Update ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\InstallCore Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : HKCU\Software\mysearchdial Key Found : HKCU\Software\mysearchdial.com Key Found : HKCU\Software\SearchProtectINT Key Found : HKCU\Software\Smartbar Key Found : HKCU\Software\SmartBar Key Found : HKCU\Software\smartbarbackup Key Found : HKCU\Software\smartbarlog Key Found : [x64] HKCU\Software\InstallCore Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} Key Found : [x64] HKCU\Software\mysearchdial Key Found : [x64] HKCU\Software\mysearchdial.com Key Found : [x64] HKCU\Software\SearchProtectINT Key Found : [x64] HKCU\Software\SmartBar Key Found : [x64] HKCU\Software\Smartbar Key Found : [x64] HKCU\Software\smartbarbackup Key Found : [x64] HKCU\Software\smartbarlog Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Key Found : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform Key Found : HKLM\SOFTWARE\InstallCore Key Found : HKLM\SOFTWARE\MetaStream Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP Key Found : HKLM\SOFTWARE\Viewpoint Key Found : HKLM\SOFTWARE\Vittalia Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4 Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964 Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17344 -\\ Mozilla Firefox v33.0.3 (x86 en-US) -\\ Google Chrome v38.0.2125.111 ************************* AdwCleaner[R0].txt - [23521 octets] - [17/02/2014 12:24:46] AdwCleaner[R1].txt - [19948 octets] - [17/02/2014 13:07:50] AdwCleaner[R2].txt - [10279 octets] - [18/02/2014 17:27:23] AdwCleaner[R3].txt - [1262 octets] - [18/02/2014 17:36:11] AdwCleaner[s0].txt - [3252 octets] - [17/02/2014 12:41:48] AdwCleaner[s1].txt - [11126 octets] - [17/02/2014 13:10:25] AdwCleaner[s2].txt - [2332 octets] - [18/02/2014 17:30:31] AdwCleaner[s3].txt - [1201 octets] - [18/02/2014 18:59:18] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [10641 octets] ##########
  5. Ok thanks... Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014 01 Ran by Don (administrator) on DONS2009 on 08-11-2014 21:17:39 Running from C:\Users\Don\Documents\Working Loaded Profile: Don (Available profiles: Don) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Abine Inc.) C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (The Weather Channel Interactive, Inc.) C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1394217651\ee\aolsoftware.exe (AOL Inc.) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\shellmon.exe (AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1394217651\ee\aolupdates.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-05] (AVAST Software) HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1394217651\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\RunOnce: [AbineAutoUpdate] => C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe [127728 2014-11-05] (Abine Inc.) HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit) HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [DW6] => C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe [822456 2012-07-30] (The Weather Channel Interactive, Inc.) HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE [72296 2014-08-19] (AOL Inc.) HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_206_ActiveX.exe -update activex ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbaPuJho93q_rwYmLYBecCau0A8gUQbjoqmOnNhRG2FlxZ76a_gLLrQQBigcC9OVr12EQM35edDTzUcIFGethgqMUDp_7B_xixHFlBr_JgCQS3ggtwFP9vFZ5Y5ywSFoDyXN5geA4i2WPJCABdb3HHzIxhUT5MZge4QnR5DWJkUWabY7ezQ,&q={searchTerms} SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - DefaultScope {C0234695-9B49-4D17-8110-40D21CEC995B} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms} SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - {C0234695-9B49-4D17-8110-40D21CEC995B} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Blur BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\4.5.1301\AbineBHO64.dll (Abine Inc.) BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit) BHO-x32: Blur BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\4.5.1301\AbineBHO.dll (Abine Inc.) BHO-x32: No Name -> {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} -> No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - No Name - {3004627E-F8E9-4E8B-909D-316753CBA923} - No File Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240 FF DefaultSearchEngine: Yahoo! FF SelectedSearchEngine: Yahoo! FF Homepage: https://www.google.com/ FF Keyword.URL: https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Don\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\[email protected] [2014-11-08] FF Extension: Xmarks - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\[email protected] [2014-11-03] FF Extension: Flashblock - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-11-04] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-07] FF Extension: No Name - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\extensions\[email protected] [Not Found] FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found] FF Extension: No Name - [email protected] [Not Found] Chrome: ======= CHR HomePage: Default -> https://www.google.com/ CHR StartupUrls: Default -> "https://www.google.com/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Yahoo Application State Plugin) - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) CHR Profile: C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-03-07] CHR Extension: (Google Drive) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-07] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-07] CHR Extension: (YouTube) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-07] CHR Extension: (Adblock Plus) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-07] CHR Extension: (Win7 Scrollbars) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifcnoebhbpdndjendfkpehpfbglgfkc [2014-03-07] CHR Extension: (DoNotTrackMe Privacy Dashboard) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjidbdiahninbecbcigapoocbkfncobc [2014-11-07] CHR Extension: (Google Search) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-07] CHR Extension: (Search by Image (by Google)) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-03-07] CHR Extension: (Blur (Formerly DoNotTrackMe)) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-11-07] CHR Extension: (HTTPS Everywhere) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-06-13] CHR Extension: (AdBlock) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-07] CHR Extension: (FlashBlock) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2014-11-03] CHR Extension: (TinEye Reverse Image Search) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-03-07] CHR Extension: (Google Wallet) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-07] CHR Extension: (Gmail) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-07] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-05] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit) R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-05] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-05] (Avast Software) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.) S2 TeamViewer9; No ImagePath ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2014-09-17] (Advanced Micro Devices Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-05] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-05] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-05] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-05] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-05] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-05] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-05] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-05] () R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-11-05] (Avast Software) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-08 21:17 - 2014-11-08 21:17 - 00000000 ____D () C:\FRST 2014-11-08 12:56 - 2014-11-08 12:56 - 00003182 _____ () C:\Windows\System32\Tasks\{EBB6AEEE-8E40-4826-9E0D-411D73435CDC} 2014-11-08 11:50 - 2014-11-08 15:22 - 00000708 _____ () C:\Windows\setupact.log 2014-11-08 11:50 - 2014-11-08 11:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-11-08 11:50 - 2014-11-08 11:50 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-07 23:07 - 2014-11-08 15:23 - 00000000 ____D () C:\Program Files (x86)\DoNotTrackMe 2014-11-06 23:52 - 2014-11-06 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-11-06 14:56 - 2014-11-06 14:57 - 00000197 _____ () C:\Windows\system32\2014-11-06-20-56-44.067-AvastVBoxSVC.exe-328.log 2014-11-06 14:56 - 2014-11-06 14:56 - 00000247 _____ () C:\Windows\system32\2014-11-06-20-56-52.051-aswFe.exe-2348.log 2014-11-06 14:50 - 2014-11-07 21:59 - 57475072 _____ () C:\Windows\system32\config\software.iodefrag 2014-11-06 14:50 - 2014-11-07 21:59 - 00278528 _____ () C:\Windows\system32\config\default.iodefrag 2014-11-06 14:50 - 2014-11-07 21:59 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag 2014-11-06 14:50 - 2014-11-07 21:59 - 00024576 _____ () C:\Windows\system32\config\sam.iodefrag 2014-11-06 14:04 - 2014-11-06 14:04 - 00000247 _____ () C:\Windows\system32\2014-11-06-20-04-04.074-aswFe.exe-6640.log 2014-11-06 13:53 - 2014-11-06 13:53 - 00000197 _____ () C:\Windows\system32\2014-11-06-19-53-03.037-AvastVBoxSVC.exe-6760.log 2014-11-06 12:37 - 2014-11-06 13:52 - 00000247 _____ () C:\Windows\system32\2014-11-06-18-37-17.046-aswFe.exe-2132.log 2014-11-06 12:27 - 2014-11-06 12:27 - 00000197 _____ () C:\Windows\system32\2014-11-06-18-27-03.030-AvastVBoxSVC.exe-7148.log 2014-11-06 11:11 - 2014-11-06 12:27 - 00000247 _____ () C:\Windows\system32\2014-11-06-17-11-03.081-aswFe.exe-6428.log 2014-11-06 00:01 - 2014-11-06 11:11 - 00000247 _____ () C:\Windows\system32\2014-11-06-06-01-36.098-aswFe.exe-1612.log 2014-11-06 00:01 - 2014-11-06 00:01 - 00000197 _____ () C:\Windows\system32\2014-11-06-06-01-15.058-AvastVBoxSVC.exe-1232.log 2014-11-05 23:46 - 2014-11-05 23:46 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2014-11-05 23:46 - 2014-11-05 23:46 - 00000000 ____D () C:\Windows\system32\vbox 2014-11-05 23:35 - 2014-11-05 23:35 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-11-05 23:35 - 2014-11-05 23:35 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-11-05 22:51 - 2014-11-05 22:51 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-11-05 22:45 - 2014-11-05 22:45 - 00000000 __SHD () C:\Users\Don\AppData\Local\EmieUserList 2014-11-05 22:45 - 2014-11-05 22:45 - 00000000 __SHD () C:\Users\Don\AppData\Local\EmieSiteList 2014-11-05 01:36 - 2014-11-05 01:36 - 00000000 ____D () C:\Users\Don\AppData\Local\Free_Picture_Solutions 2014-11-05 01:32 - 2014-11-05 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Picture Resizer 2014-11-05 01:32 - 2014-11-05 01:32 - 00000000 ____D () C:\Program Files (x86)\Free Picture Resizer 2014-11-03 19:30 - 2014-11-03 19:30 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2014-11-03 19:30 - 2014-11-03 19:30 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2014-11-03 19:30 - 2014-11-03 19:30 - 00000000 ____D () C:\Windows\en 2014-11-03 19:29 - 2014-11-03 19:29 - 00000020 _____ () C:\Windows\$÷­ 2014-11-03 19:29 - 2014-11-03 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-11-03 19:29 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-11-03 19:29 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-11-03 19:29 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-11-03 19:29 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-11-03 19:29 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-11-03 19:29 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-11-03 19:29 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-11-03 19:29 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-11-03 19:28 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2014-11-03 19:28 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2014-11-03 19:27 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2014-11-03 19:27 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2014-11-03 19:19 - 2014-11-03 19:19 - 00001257 _____ () C:\Users\Public\Desktop\The Weather Channel Desktop .lnk 2014-11-03 19:19 - 2014-11-03 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel 2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-11-03 17:26 - 2014-11-03 17:26 - 00003170 _____ () C:\Windows\System32\Tasks\{1964C532-CE81-4EC3-A6D6-81B0724504B0} 2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat 2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\Program Files (x86)\WinDirStat 2014-11-03 17:16 - 2014-11-05 22:51 - 00000000 ____D () C:\Users\Don\AppData\Local\Citrix 2014-11-03 17:16 - 2014-11-03 18:53 - 00000000 ____D () C:\Users\Don\Tracing 2014-11-03 17:16 - 2014-11-03 18:35 - 00000000 ____D () C:\Program Files (x86)\Citrix 2014-11-03 16:58 - 2014-11-03 16:58 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2014-11-03 16:57 - 2014-11-03 16:57 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2014-11-03 16:56 - 2014-11-03 16:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2014-11-03 16:56 - 2014-11-03 16:56 - 00000000 ____D () C:\Windows\PCHEALTH 2014-11-03 16:56 - 2014-11-03 16:56 - 00000000 ____D () C:\Program Files\Windows Live 2014-11-03 16:56 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys 2014-11-03 16:55 - 2014-11-03 16:58 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2014-11-03 16:53 - 2014-11-03 16:53 - 00002130 _____ () C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-11-03 16:53 - 2014-11-03 16:53 - 00002100 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-11-03 16:53 - 2014-11-03 16:53 - 00002100 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-11-03 16:53 - 2014-11-03 16:53 - 00000000 ___RD () C:\Users\Don\OneDrive 2014-11-03 16:53 - 2014-11-03 16:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive 2014-11-03 16:52 - 2014-11-03 16:52 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive 2014-11-03 16:51 - 2014-11-03 16:51 - 00003150 _____ () C:\Windows\System32\Tasks\{7A8C627F-E2D7-4763-AD3E-9ABA67A1831C} 2014-11-03 16:49 - 2014-11-05 18:47 - 00000000 ____D () C:\Users\Don\AppData\Local\Windows Live 2014-11-03 14:04 - 2014-11-07 12:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-03 13:48 - 2014-11-03 18:47 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7a 2014-11-03 13:46 - 2014-11-03 13:51 - 00001738 ____H () C:\IPH.PH 2014-10-18 10:28 - 2014-10-06 20:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-18 10:28 - 2014-10-06 20:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-18 10:28 - 2014-09-28 18:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-18 10:28 - 2014-09-25 16:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-18 10:28 - 2014-09-25 16:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-18 10:28 - 2014-09-25 16:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-18 10:28 - 2014-09-25 16:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-18 10:28 - 2014-09-25 16:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-18 10:28 - 2014-09-25 16:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-18 10:28 - 2014-09-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-18 10:28 - 2014-09-18 19:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-18 10:28 - 2014-09-18 19:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-18 10:28 - 2014-09-18 19:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-18 10:28 - 2014-09-18 19:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-18 10:28 - 2014-09-18 19:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-18 10:28 - 2014-09-18 19:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-18 10:28 - 2014-09-18 19:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-18 10:28 - 2014-09-18 19:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-18 10:28 - 2014-09-18 19:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-18 10:28 - 2014-09-18 19:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-18 10:28 - 2014-09-18 19:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-18 10:28 - 2014-09-18 19:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-18 10:28 - 2014-09-18 19:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-18 10:28 - 2014-09-18 19:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-18 10:28 - 2014-09-18 19:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-18 10:28 - 2014-09-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-18 10:28 - 2014-09-18 18:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-18 10:28 - 2014-09-18 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-18 10:28 - 2014-09-18 18:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-18 10:28 - 2014-09-18 18:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-18 10:28 - 2014-09-18 18:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-18 10:28 - 2014-09-18 18:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-18 10:28 - 2014-09-18 18:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-18 10:28 - 2014-09-18 18:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-18 10:28 - 2014-09-18 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-18 10:28 - 2014-09-18 18:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-18 10:28 - 2014-09-18 18:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-18 10:28 - 2014-09-18 18:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-18 10:28 - 2014-09-18 18:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-18 10:28 - 2014-09-18 17:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-18 10:28 - 2014-09-18 17:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-18 10:28 - 2014-09-18 17:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-18 10:28 - 2014-06-18 16:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-18 10:27 - 2014-09-25 16:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-18 10:27 - 2014-09-18 20:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-18 10:27 - 2014-09-18 19:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-18 10:27 - 2014-09-18 19:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-18 10:27 - 2014-09-18 19:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-18 10:27 - 2014-09-18 19:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-18 10:27 - 2014-09-18 19:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-18 10:27 - 2014-09-18 19:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-18 10:27 - 2014-09-18 19:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-18 10:27 - 2014-09-18 19:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-18 10:27 - 2014-09-18 19:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-18 10:27 - 2014-09-18 18:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-18 10:27 - 2014-09-18 18:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-18 10:27 - 2014-09-18 18:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-18 10:27 - 2014-09-18 17:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-18 10:26 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-18 10:26 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-10-18 10:26 - 2014-09-17 20:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-18 10:26 - 2014-09-17 19:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-18 10:26 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-18 10:26 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-18 10:26 - 2014-08-28 20:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-18 10:25 - 2014-09-12 19:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-18 10:25 - 2014-09-12 19:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-18 10:25 - 2014-09-04 20:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-18 10:25 - 2014-09-04 19:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-18 10:25 - 2014-07-16 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-18 10:25 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-18 10:25 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-18 10:25 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-18 10:25 - 2014-07-16 20:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-18 10:25 - 2014-07-16 20:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-18 10:25 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-18 10:25 - 2014-07-16 19:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-18 10:25 - 2014-07-16 19:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-18 10:25 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-18 10:25 - 2014-07-16 19:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-08 21:17 - 2014-03-08 00:20 - 00000000 ____D () C:\Users\Don\Documents\Working 2014-11-08 20:40 - 2014-03-07 12:18 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-08 20:35 - 2014-03-07 12:59 - 01623574 _____ () C:\Windows\WindowsUpdate.log 2014-11-08 20:20 - 2014-03-07 12:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-08 15:28 - 2009-07-13 23:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-08 15:23 - 2014-03-07 19:53 - 00000000 ____D () C:\ProgramData\ProductData 2014-11-08 15:23 - 2014-03-07 12:18 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-08 15:22 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-07 22:02 - 2014-03-07 12:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-11-07 21:59 - 2014-03-07 22:32 - 57475072 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak 2014-11-07 21:59 - 2014-03-07 22:32 - 00278528 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak 2014-11-07 21:59 - 2014-03-07 22:32 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak 2014-11-07 21:59 - 2014-03-07 22:32 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak 2014-11-07 21:59 - 2014-03-07 11:49 - 00000000 ____D () C:\Users\Don 2014-11-07 12:32 - 2014-03-07 12:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-06 23:53 - 2014-03-07 19:56 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Skype 2014-11-06 23:52 - 2014-03-07 19:56 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-11-06 23:52 - 2014-03-07 19:56 - 00000000 ____D () C:\ProgramData\Skype 2014-11-05 23:50 - 2014-03-07 20:04 - 00000000 ___RD () C:\Users\Don\Desktop\Computer tools - security 2014-11-05 23:35 - 2014-04-30 22:53 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2014-11-05 23:35 - 2014-03-07 12:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-11-05 10:14 - 2014-03-07 20:09 - 00000000 ___RD () C:\Users\Don\Desktop\Photo - Vids 2014-11-05 03:02 - 2014-03-08 00:27 - 00000000 ____D () C:\ProgramData\Yahoo! 2014-11-05 03:02 - 2014-03-08 00:23 - 00000000 ____D () C:\Program Files (x86)\Yahoo! 2014-11-05 02:19 - 2014-04-08 20:07 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Dropbox 2014-11-04 02:53 - 2009-07-13 22:45 - 00017088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-04 02:53 - 2009-07-13 22:45 - 00017088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-03 19:19 - 2014-03-16 13:46 - 00000000 ____D () C:\Program Files (x86)\The Weather Channel FW 2014-11-03 19:16 - 2014-03-16 13:46 - 00000000 ____D () C:\Users\Don\AppData\Local\The Weather Channel 2014-11-03 18:49 - 2014-03-08 00:28 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-11-03 16:56 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-11-03 16:55 - 2011-04-12 01:51 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-11-03 13:51 - 2014-03-07 12:43 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL Desktop 9.7.lnk 2014-11-03 13:51 - 2014-03-07 12:43 - 00000000 ____D () C:\Users\Don\AppData\Roaming\AOL 2014-11-03 13:51 - 2014-03-07 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL 2014-11-03 13:50 - 2014-03-07 12:43 - 00001034 _____ () C:\Users\Public\Desktop\AOL Desktop 9.7.lnk 2014-11-03 13:50 - 2014-03-07 12:41 - 00000000 ____D () C:\Users\Don\AppData\Local\AOL 2014-11-03 13:48 - 2014-03-07 12:40 - 00000000 ____D () C:\ProgramData\AOL 2014-11-03 13:46 - 2014-03-07 12:58 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Mozilla 2014-11-03 11:54 - 2014-03-07 12:19 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-11-03 11:35 - 2014-03-07 12:18 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-03 11:35 - 2014-03-07 12:18 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-10-28 06:34 - 2010-11-20 21:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-18 13:12 - 2014-03-12 09:11 - 43929600 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak 2014-10-18 12:58 - 2014-03-07 12:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-10-18 12:58 - 2014-03-07 12:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-18 12:58 - 2014-03-07 12:50 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-10-18 12:36 - 2009-07-13 22:45 - 00295608 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-18 12:20 - 2014-03-07 15:48 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-18 12:15 - 2014-03-07 15:48 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Some content of TEMP: ==================== C:\Users\Don\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfyjdrl.dll C:\Users\Don\AppData\Local\Temp\SkypeSetup.exe C:\Users\Don\AppData\Local\Temp\The_Weather_Channel_Application.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-26 19:35 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-11-2014 01 Ran by Don at 2014-11-08 21:19:05 Running from C:\Users\Don\Documents\Working Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit) AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software) Blur 4.5.1301 (HKLM-x32\...\DoNotTrackMe Add-on_is1) (Version: 4.5.1301 - Abine Inc) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit) Free Picture Resizer version 1.0.1.2 (HKLM-x32\...\{53076EED-5E5F-47D7-BB90-9B061B524D17}_is1) (Version: 1.0.1.2 - Free Picture Solutions) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 33.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 en-US)) (Version: 33.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.) Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated) The Weather Channel Desktop 6 (HKLM-x32\...\The Weather Channel Desktop 6) (Version: - ) Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version: - ) WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version: - ) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 20-03-2014 04:31:29 Windows Update 29-03-2014 15:39:31 Windows Update 02-04-2014 08:49:08 avast! antivirus system restore point 02-04-2014 08:51:55 Windows Update 09-04-2014 02:06:44 Windows Update 09-04-2014 02:13:33 Windows Update 13-04-2014 07:20:58 Windows Update 01-05-2014 04:50:54 avast! antivirus system restore point 01-05-2014 04:50:54 Windows Update 01-05-2014 23:16:26 Windows Update 05-05-2014 11:00:47 Windows Update 05-05-2014 17:47:59 Windows Modules Installer 30-05-2014 20:15:16 Windows Update 07-06-2014 04:36:56 Windows Update 08-06-2014 09:26:15 avast! antivirus system restore point 13-06-2014 00:24:08 Windows Update 13-06-2014 00:29:58 Windows Update 13-06-2014 14:29:08 Windows Backup 05-07-2014 17:25:21 Windows Backup 05-07-2014 17:27:22 avast! antivirus system restore point 05-07-2014 17:34:32 Windows Update 12-07-2014 15:48:07 Windows Update 12-07-2014 15:48:20 Windows Backup 26-07-2014 14:25:38 Windows Update 26-07-2014 14:29:15 Windows Backup 13-08-2014 15:06:06 Windows Update 13-08-2014 15:06:57 Windows Backup 17-09-2014 10:02:08 Windows Update 17-09-2014 10:04:52 Windows Backup 17-09-2014 10:31:28 Windows Update 17-09-2014 17:31:19 Driver Booster : Standard Dual Channel PCI IDE Controller 27-09-2014 19:33:15 Windows Update 27-09-2014 19:34:28 Windows Backup 18-10-2014 16:08:26 Windows Update 18-10-2014 16:18:19 Windows Backup 18-10-2014 18:15:13 Windows Update 03-11-2014 17:37:53 Windows Update 03-11-2014 17:39:37 Windows Backup 03-11-2014 22:50:24 Windows Live Essentials 03-11-2014 22:55:39 WLSetup 04-11-2014 01:26:06 Windows Live Essentials 04-11-2014 01:27:14 Installed DirectX 04-11-2014 01:28:03 Installed DirectX 04-11-2014 01:28:36 Installed DirectX 04-11-2014 01:29:18 WLSetup 05-11-2014 07:29:26 Image Resizer for Windows 05-11-2014 07:49:51 Image Resizer for Windows 06-11-2014 04:50:12 Removed Citrix Online Launcher 06-11-2014 05:32:54 avast! antivirus system restore point 07-11-2014 14:50:51 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {073B3D58-CBBE-4D9D-BAE1-1A3392F6FE97} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-08-22] (IObit) Task: {36300A2A-5D1A-4CA9-AED8-E017C40CB422} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {3A742DD9-CB7B-477D-A5F7-18174D7ED9B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.) Task: {3AAC9B6F-3F67-4619-8161-A38ED0304592} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.) Task: {755F9B58-6ABC-4BA0-8880-B7B4270B8302} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-08-01] (IObit) Task: {7DE1EC52-3EFC-4F9A-8316-39DC8EB28D54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-18] (Adobe Systems Incorporated) Task: {7E32F53A-C31F-41FB-A8EF-7330CC0A3585} - System32\Tasks\Driver Booster SkipUAC (Don) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit) Task: {8A3C7916-F643-4040-880F-682CE51BAF57} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-05] (AVAST Software) Task: {9CDFE5B5-4DE5-491E-B5F5-0BA46E8DC77F} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit) Task: {A35DBECF-1C62-47AD-848A-3AB5FD9A73E6} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-08-01] (IObit) Task: {B6E64269-EE54-4142-9F4E-236D2FFF895A} - System32\Tasks\ASC7_SkipUac_Don => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-11-05 23:35 - 2014-11-05 23:35 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2014-11-05 23:35 - 2014-11-05 23:35 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2014-03-07 19:52 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll 2014-11-08 12:57 - 2014-11-08 12:57 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\14110809\algo.dll 2014-11-05 23:35 - 2014-11-05 23:35 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll 2014-03-07 19:52 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl 2014-03-07 19:52 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl 2014-03-07 19:52 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl 2014-03-07 19:52 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll 2014-08-19 12:34 - 2014-08-19 12:34 - 00048640 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\zlib.dll 2014-08-19 12:34 - 2014-08-19 12:34 - 21151232 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libcef.dll 2014-08-19 12:34 - 2014-08-19 12:34 - 00648704 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libglesv2.dll 2014-08-19 12:34 - 2014-08-19 12:34 - 00122880 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libegl.dll 2014-11-05 23:35 - 2014-11-05 23:35 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-11-03 14:04 - 2014-11-07 12:21 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-11-03 11:52 - 2014-10-21 22:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll 2014-11-03 11:52 - 2014-10-21 22:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll 2014-11-03 11:52 - 2014-10-21 22:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll 2014-11-03 11:52 - 2014-10-21 22:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll 2014-11-03 11:52 - 2014-10-21 22:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-686715638-536031369-4033485687-500 - Administrator - Disabled) Don (S-1-5-21-686715638-536031369-4033485687-1000 - Administrator - Enabled) => C:\Users\Don Guest (S-1-5-21-686715638-536031369-4033485687-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/08/2014 03:22:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/08/2014 03:22:17 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (11/07/2014 10:02:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/07/2014 10:01:38 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (11/07/2014 00:34:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/07/2014 00:34:07 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (11/06/2014 02:53:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/06/2014 02:52:28 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (11/05/2014 11:41:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/05/2014 11:40:39 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. System errors: ============= Error: (11/08/2014 08:17:51 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (11/08/2014 03:22:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The TeamViewer 9 service failed to start due to the following error: %%3 Error: (11/08/2014 03:21:54 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (11/08/2014 03:21:54 PM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (11/08/2014 00:21:40 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR3. Error: (11/08/2014 09:01:57 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (11/07/2014 10:03:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s). Error: (11/07/2014 10:01:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The TeamViewer 9 service failed to start due to the following error: %%3 Error: (11/07/2014 10:00:59 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (11/07/2014 10:00:59 PM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Microsoft Office Sessions: ========================= Error: (11/08/2014 03:22:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/08/2014 03:22:17 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (11/07/2014 10:02:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/07/2014 10:01:38 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (11/07/2014 00:34:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/07/2014 00:34:07 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (11/06/2014 02:53:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/06/2014 02:52:28 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (11/05/2014 11:41:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/05/2014 11:40:39 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 ==================== Memory info =========================== Processor: AMD Turion X2 Dual-Core Mobile RM-74 Percentage of memory in use: 64% Total physical RAM: 4093.83 MB Available physical RAM: 1459.09 MB Total Pagefile: 8185.84 MB Available Pagefile: 4733.19 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:451.71 GB) (Free:301.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVERY) (Fixed) (Total:14.05 GB) (Free:4.14 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0E285E0C) Partition 1: (Active) - (Size=451.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=14.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  6. I really appreciate past help with stubbon problems. This one is minor, but I am tired of having to Manage Search Engines in Fire Fox every time I reboot my comuter. I have inventories my Add-ons, Extenstions, Plug-ins, and actual Programs, removing a few - anything associated with Yahoo to be sure, other than Messenger. Still tho, Yahoo keeps hijacking my Search box. I also tried some suggested changes in about:config but that failed. What am I missing...?! thanks!
  7. It's holding as fixed, so I think we are good. Thanks...!!
  8. It seems to be fixed? I'll check again in a few days and come back to this if needed. thanks!
  9. The properties for the Chrome icon/shortcut show Target "C:\Program Files\Google\Chrome\Application\chrome.exe" The other user was signed into Google Plus. I signed out of that, went to Chrome settings, removed Trvoi search, closed and started Chrome - and it came back again. Amazing huh? One might think that almighty google would protect themselves better...?!
  10. Still got it on Chrome. I delete it from "Manage Search Engines" but when I close Chrome and reopen it, Trovi comes back.
  11. Did I do this right...? Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:25-05-2014 02 Ran by test at 2014-05-27 14:44:55 Run:1 Running from C:\Documents and Settings\test\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-05-14] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2014-05-14] S3 KCFdcDevice0; No ImagePath S0 Lbd; system32\DRIVERS\Lbd.sys [X] S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [30976 2014-05-01] () 2014-05-12 15:29 - 2014-05-12 17:24 - 00000000 ____D () C:\Program Files\Optimizer Pro(2) 2014-05-12 15:25 - 2014-05-19 12:25 - 00000412 _____ () C:\WINDOWS\Tasks\At1.job 2014-05-01 16:20 - 2014-05-01 16:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro 2014-05-01 16:17 - 2014-05-01 16:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Licenses 2014-05-01 16:16 - 2014-05-01 16:16 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Simply Super Software Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\test\APPLIC~1\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION C:\DOCUME~1\test\APPLIC~1\PRICEM~1 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:373E1720 ***************** C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => Moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} => Moved successfully. KCFdcDevice0 => Service deleted successfully. Lbd => Service deleted successfully. hitmanpro37 => Service deleted successfully. C:\Program Files\Optimizer Pro(2) => Moved successfully. C:\WINDOWS\Tasks\At1.job => Moved successfully. C:\Documents and Settings\All Users\Application Data\HitmanPro => Moved successfully. C:\Documents and Settings\All Users\Application Data\Licenses => Moved successfully. C:\Documents and Settings\All Users\Application Data\Simply Super Software => Moved successfully. C:\WINDOWS\Tasks\At1.job not found. "C:\DOCUME~1\test\APPLIC~1\PRICEM~1" => File/Directory not found. C:\Documents and Settings\All Users\Application Data\TEMP => ":373E1720" ADS removed successfully. ==== End of Fixlog ====
  12. OK, I downloaded FRST to desktop and ran again. Hope that's what you meant... Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-05-2014 Ran by test (administrator) on JERRY-BBD10ECC6 on 23-05-2014 13:23:13 Running from C:\Documents and Settings\test\Desktop Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AdAwareTray] => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe" HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2014-05-16] (Realtek Semiconductor Corp.) HKLM\...\Run: [] => [X] HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\.DEFAULT\...\Run: [AROReminder] => C:\Program Files\ARO 2011\aro.exe -rem HKU\.DEFAULT\...\Run: [Advanced SystemCare 4] => "C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe" ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAAEEF04EAF6FCF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us SearchScopes: HKLM - DefaultScope value is missing. BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit) BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\0u54w5zp.default FF Homepage: https://www.google.com/ FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer) FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-05-14] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-05-14] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2014-05-14] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-02-23] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-10] FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] Chrome: ======= CHR HomePage: https://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/", "https://www.google.com/" CHR Extension: (Google Docs) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01] CHR Extension: (Google Drive) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23] CHR Extension: (YouTube) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01] CHR Extension: (Win7 Scrollbars) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cifcnoebhbpdndjendfkpehpfbglgfkc [2014-05-01] CHR Extension: (Google Search) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01] CHR Extension: (Search by Image (by Google)) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-05-01] CHR Extension: (avast! Online Security) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-01] CHR Extension: (Google Wallet) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01] CHR Extension: (Gmail) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-04-28] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22] ========================== Services (Whitelisted) ================= R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit) S3 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC) R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-04-28] (AVAST Software) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation) S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit) S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [143360 2004-06-16] (Intel® Corporation) R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () S2 LavasoftAdAwareService11; "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe" [X] ==================== Drivers (Whitelisted) ==================== R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2014-03-14] (Meetinghouse Data Communications) R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2014-05-16] (Creative) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-04-28] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-04-28] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-05-15] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-04-28] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-04-28] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-04-28] () S3 AX88772; C:\WINDOWS\System32\DRIVERS\ax88772.sys [19072 2007-07-26] (ASIX Electronics Corp.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R3 E1000; C:\WINDOWS\System32\DRIVERS\e1000325.sys [171152 2008-08-20] (Intel Corporation) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [30976 2014-05-01] () R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [56352 2014-05-16] (HP) R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [22928 2014-05-16] (HP) R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [28000 2014-05-16] (HP) R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [83296 2014-01-14] (JMicron Technology Corp.) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-16] (Malwarebytes Corporation) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2014-05-16] (Creative Technology Ltd.) S3 motport; C:\WINDOWS\System32\DRIVERS\motport.sys [23680 2007-06-18] (Motorola) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [15808 2013-12-24] (IObit) S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [340624 2013-07-17] (BitDefender S.R.L.) R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.) R3 WinDriver6; C:\WINDOWS\System32\drivers\windrvr6.sys [194362 2006-10-16] (Jungo) S3 AtcL001; system32\DRIVERS\l151x86.sys [X] S3 KCFdcDevice0; No ImagePath S0 Lbd; system32\DRIVERS\Lbd.sys [X] U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-04-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-23 13:23 - 2014-05-23 13:23 - 00016736 _____ () C:\Documents and Settings\test\Desktop\FRST.txt 2014-05-23 13:19 - 2014-05-23 13:19 - 01056768 _____ (Farbar) C:\Documents and Settings\test\Desktop\FRST.exe 2014-05-21 15:08 - 2014-05-21 15:08 - 00001180 _____ () C:\Documents and Settings\test\Desktop\fixlist.txt 2014-05-19 13:17 - 2014-05-23 13:23 - 00000000 ____D () C:\FRST 2014-05-19 10:44 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll 2014-05-19 10:43 - 2014-05-19 10:46 - 00000000 ____D () C:\AdwCleaner 2014-05-19 10:17 - 2014-05-19 10:18 - 00004526 _____ () C:\INSTALLHELPER.LOG 2014-05-16 11:15 - 2014-05-16 11:15 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft 2014-05-16 10:55 - 2014-05-16 10:55 - 00000181 _____ () C:\Documents and Settings\test\My Documents\Ad-Aware_Report_Quick_Manual_2014-05-16T10-46-34.203125.xml 2014-05-16 10:42 - 2014-05-16 10:42 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Lavasoft 2014-05-16 10:36 - 2014-05-16 10:36 - 00000000 ____D () C:\Documents and Settings\test\Application Data\LavasoftStatistics 2014-05-16 10:31 - 2014-05-23 09:30 - 00000280 _____ () C:\WINDOWS\Tasks\SmartDefrag3_Update.job 2014-05-16 10:30 - 2014-05-16 10:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 3 2014-05-16 10:30 - 2014-03-10 18:17 - 00109856 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll 2014-05-16 10:30 - 2013-12-24 10:40 - 00015808 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys 2014-05-16 10:28 - 2014-05-16 10:28 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Driver Booster 2014-05-16 10:27 - 2014-05-19 10:42 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Ad-Aware Antivirus 2014-05-16 10:26 - 2014-05-16 15:34 - 00035569 _____ () C:\WINDOWS\setupapi.log 2014-05-16 10:26 - 2014-05-16 10:26 - 00000000 ____D () C:\Program Files\Lavasoft 2014-05-16 10:25 - 2014-05-16 10:25 - 00017507 _____ () C:\WINDOWS\KB942288-v3.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00006729 _____ () C:\WINDOWS\iis6.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00006182 _____ () C:\WINDOWS\FaxSetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002956 _____ () C:\WINDOWS\ocgen.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002821 _____ () C:\WINDOWS\tsoc.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002095 _____ () C:\WINDOWS\comsetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001906 _____ () C:\WINDOWS\msmqinst.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001374 _____ () C:\WINDOWS\imsins.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001266 _____ () C:\WINDOWS\ntdtcsetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001083 _____ () C:\WINDOWS\netfxocm.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000425 _____ () C:\WINDOWS\MedCtrOC.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000342 _____ () C:\WINDOWS\ocmsn.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000311 _____ () C:\WINDOWS\tabletoc.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000309 _____ () C:\WINDOWS\msgsocm.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$ 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-05-16 10:07 - 2014-05-16 10:08 - 00000000 ____D () C:\Avenger 2014-05-16 09:06 - 2014-05-23 13:16 - 00032574 _____ () C:\WINDOWS\SchedLgU.Txt 2014-05-16 09:06 - 2014-05-23 09:30 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-05-16 09:06 - 2014-05-23 09:30 - 00000049 _____ () C:\WINDOWS\wiaservc.log 2014-05-16 09:06 - 2014-05-16 09:06 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log 2014-05-15 13:47 - 2014-05-23 12:52 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf706e2f6a68d0.job 2014-05-15 13:47 - 2014-05-23 09:30 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf706e2ef7f7f0.job 2014-05-15 09:22 - 2014-05-15 09:22 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Sun 2014-05-14 16:01 - 2014-05-14 16:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java 2014-05-14 16:01 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-05-14 16:01 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-05-14 16:01 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-05-14 16:01 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-05-14 16:01 - 2014-04-14 19:47 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-05-14 15:57 - 2014-05-14 16:01 - 00003966 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log 2014-05-14 15:33 - 2014-05-14 15:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-14 15:01 - 2014-05-14 15:01 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Google 2014-05-14 14:59 - 2014-05-14 14:59 - 00000803 _____ () C:\Documents and Settings\test\Desktop\Internet Explorer.lnk 2014-05-12 17:29 - 2014-05-12 17:29 - 00000000 ____D () C:\Documents and Settings\Jerry Richardson\Application Data\IObit 2014-05-12 17:27 - 2014-05-12 17:27 - 00000000 ____D () C:\b352f5a442b9f53f13d073d5 2014-05-12 17:26 - 2014-05-12 17:26 - 00000000 ____D () C:\Documents and Settings\test\Desktop\Florence woman of year - raw 2014-05-12 17:14 - 2014-05-12 17:14 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.tmp 2014-05-12 15:29 - 2014-05-12 17:24 - 00000000 ____D () C:\Program Files\Optimizer Pro(2) 2014-05-12 15:25 - 2014-05-23 12:25 - 00000412 _____ () C:\WINDOWS\Tasks\At1.job 2014-05-12 15:18 - 2014-05-12 15:18 - 00000000 ____D () C:\Program Files\VideoLAN 2014-05-12 11:18 - 2014-05-23 09:31 - 00000272 _____ () C:\WINDOWS\Tasks\Driver Booster Scan.job 2014-05-12 10:53 - 2014-05-12 10:53 - 00000000 __SHD () C:\Documents and Settings\test\IECompatCache 2014-05-12 10:46 - 2014-05-12 10:46 - 00000000 __SHD () C:\Documents and Settings\test\PrivacIE 2014-05-08 17:08 - 2014-05-08 17:08 - 00000000 ____D () C:\Documents and Settings\test\Application Data\RealNetworks 2014-05-08 16:33 - 2014-05-08 16:33 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Mozilla 2014-05-08 14:02 - 2014-05-22 15:40 - 00000478 _____ () C:\WINDOWS\Tasks\Driver Support-RTMScan.job 2014-05-08 14:02 - 2014-05-21 12:32 - 00000476 _____ () C:\WINDOWS\Tasks\Driver Support-RTMUpdater.job 2014-05-08 14:02 - 2014-05-08 14:02 - 00047136 _____ () C:\Documents and Settings\test\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-05-08 14:02 - 2014-05-08 14:02 - 00000466 _____ () C:\WINDOWS\Tasks\Driver Support-RTMRules.job 2014-05-08 14:02 - 2014-05-08 14:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Driver Support 2014-05-08 14:01 - 2014-05-14 14:59 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Mozilla 2014-05-08 14:01 - 2014-05-08 14:01 - 00000000 ____D () C:\Program Files\Driver Support 2014-05-07 08:58 - 2014-05-07 08:58 - 35348480 _____ () C:\WINDOWS\system32\config\software.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 05349376 _____ () C:\WINDOWS\system32\config\default.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 00065536 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak 2014-05-02 13:58 - 2014-05-02 13:58 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2014-05-01 16:55 - 2014-05-01 16:55 - 00000577 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\LMIR0001.tmp.bat 2014-05-01 16:55 - 2014-05-01 16:55 - 00000502 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\LMIR0001.tmp_r.bat 2014-05-01 16:41 - 2014-05-01 16:41 - 00030976 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2014-05-01 16:39 - 2014-05-01 16:39 - 00036222 _____ () C:\WINDOWS\system32\.crusader 2014-05-01 16:20 - 2014-05-01 16:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro 2014-05-01 16:17 - 2014-05-01 16:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Licenses 2014-05-01 16:16 - 2014-05-01 16:16 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Simply Super Software 2014-05-01 14:50 - 2014-05-01 14:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla 2014-05-01 14:50 - 2014-05-01 14:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Mozilla 2014-05-01 14:02 - 2014-05-01 14:03 - 00000738 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk 2014-05-01 14:02 - 2014-05-01 14:02 - 00000803 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk 2014-05-01 14:00 - 2014-05-01 14:00 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IObit 2014-05-01 13:46 - 2014-05-02 09:08 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Rescue Applet 2014-05-01 13:45 - 2014-05-01 13:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google 2014-05-01 13:43 - 2014-05-12 17:27 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-05-01 13:43 - 2014-05-01 18:15 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-05-01 13:43 - 2014-05-01 14:02 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk 2014-05-01 13:43 - 2014-05-01 14:02 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories 2014-05-01 13:43 - 2013-10-17 12:07 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache 2014-05-01 13:43 - 2013-02-12 10:29 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Sun 2014-05-01 13:43 - 2010-11-01 17:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Macromedia 2014-05-01 13:43 - 2010-11-01 17:19 - 00001599 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk 2014-05-01 13:03 - 2014-05-15 13:47 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Google 2014-05-01 13:02 - 2014-05-01 13:02 - 00051712 ___SH () C:\Documents and Settings\test\My Documents\Thumbs.db 2014-05-01 13:01 - 2014-05-14 15:33 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Adobe 2014-05-01 12:58 - 2014-05-01 13:02 - 00005632 _____ () C:\Documents and Settings\test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-05-01 12:52 - 2014-05-01 12:52 - 00000000 ____D () C:\Documents and Settings\test\My Documents\x delete 2014-05-01 12:52 - 2014-05-01 12:52 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Updater5 2014-05-01 12:52 - 2011-09-29 13:28 - 00001506 _____ () C:\Documents and Settings\test\My Documents\Bio-station-Alpha.kml 2014-05-01 12:52 - 2011-07-06 14:17 - 177211566 _____ () C:\Documents and Settings\test\My Documents\ece316e18e75785dfb29f870f3436b74.mp4 2014-05-01 12:52 - 2011-07-01 13:42 - 00000085 _____ () C:\Documents and Settings\test\My Documents\harrington.ram 2014-05-01 12:52 - 2011-06-21 17:17 - 160585367 _____ () C:\Documents and Settings\test\My Documents\9f5a147a4a56b7494ccc332b3227d7c6.mp4 2014-05-01 12:49 - 2014-05-01 12:49 - 00000000 ____D () C:\Documents and Settings\test\My Documents\TomTom 2014-05-01 12:47 - 2014-05-01 12:49 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Scuba trips 2014-05-01 12:41 - 2014-05-01 12:47 - 00000000 ___RD () C:\Documents and Settings\test\My Documents\pics and videos need sorting 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ___RD () C:\Documents and Settings\test\My Documents\office files 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ____D () C:\Documents and Settings\test\My Documents\My Smilebox Creations 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Masons Folder 2014-05-01 12:29 - 2014-05-19 10:30 - 00000000 ___RD () C:\Documents and Settings\test\Desktop\Security & Tools Folder 2014-05-01 12:29 - 2014-05-15 18:49 - 00000000 ___RD () C:\Documents and Settings\test\Desktop\Photo & Video Tools 2014-05-01 12:29 - 2014-04-29 15:50 - 00001812 _____ () C:\Documents and Settings\test\Desktop\Tweaking.com - Windows Repair (All in One).lnk 2014-05-01 12:29 - 2014-04-25 13:50 - 00000770 _____ () C:\Documents and Settings\test\Desktop\Video Performer.lnk 2014-05-01 12:29 - 2014-01-20 15:41 - 00000075 _____ () C:\Documents and Settings\test\Desktop\product-gear-ring.php.url 2014-05-01 12:29 - 2013-07-19 16:34 - 00000382 _____ () C:\Documents and Settings\test\Desktop\attpass.txt 2014-05-01 12:29 - 2013-07-16 14:47 - 00000396 _____ () C:\Documents and Settings\test\Desktop\Shortcut to Wireless Network Connection.lnk 2014-05-01 12:28 - 2014-05-01 12:29 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Florence woman of year - raw 2014-05-01 12:12 - 2014-05-19 10:20 - 00000000 ____D () C:\Documents and Settings\test\Application Data\IObit 2014-05-01 12:00 - 2014-05-14 15:33 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Adobe 2014-05-01 12:00 - 2014-05-01 12:00 - 00000803 _____ () C:\Documents and Settings\test\Start Menu\Programs\Internet Explorer.lnk 2014-05-01 12:00 - 2014-05-01 12:00 - 00000738 _____ () C:\Documents and Settings\test\Start Menu\Programs\Outlook Express.lnk 2014-05-01 12:00 - 2014-05-01 12:00 - 00000000 ____D () C:\Documents and Settings\test\Application Data\AVAST Software 2014-05-01 11:59 - 2014-05-22 17:27 - 00000178 ___SH () C:\Documents and Settings\test\ntuser.ini 2014-05-01 11:59 - 2014-05-22 17:27 - 00000000 ____D () C:\Documents and Settings\test 2014-05-01 11:59 - 2014-05-01 12:00 - 00000792 _____ () C:\Documents and Settings\test\Start Menu\Programs\Windows Media Player.lnk 2014-05-01 11:59 - 2014-05-01 12:00 - 00000000 ___RD () C:\Documents and Settings\test\Start Menu\Programs\Accessories 2014-05-01 11:59 - 2014-05-01 11:59 - 00000000 ____D () C:\IObit 2014-05-01 11:59 - 2013-10-17 12:07 - 00000000 __SHD () C:\Documents and Settings\test\IETldCache 2014-05-01 11:59 - 2013-02-12 10:29 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Sun 2014-05-01 11:59 - 2010-11-01 17:27 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Macromedia 2014-05-01 11:59 - 2010-11-01 17:19 - 00001599 _____ () C:\Documents and Settings\test\Start Menu\Programs\Remote Assistance.lnk 2014-05-01 11:38 - 2014-05-23 12:02 - 01750257 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-01 10:32 - 2014-05-01 10:32 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk 2014-05-01 10:32 - 2014-05-01 10:32 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-01 10:32 - 2014-05-01 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner 2014-04-29 16:19 - 2014-04-29 16:19 - 00000000 ____D () C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories 2014-04-29 15:52 - 2014-04-29 16:23 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE 2014-04-29 15:51 - 2014-04-29 15:51 - 00000000 ____D () C:\RegBackup 2014-04-29 15:50 - 2014-04-29 15:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com 2014-04-29 15:46 - 2014-04-29 15:46 - 00000000 ____D () C:\Program Files\Tweaking.com 2014-04-29 14:04 - 2014-04-29 15:38 - 00000000 ____D () C:\Documents and Settings\abc 2014-04-29 13:35 - 2014-04-29 13:35 - 00000000 _____ () C:\WINDOWS\system32\앀ɗ㹨Ɋlotserviceruntime.log 2014-04-29 13:27 - 2014-04-29 13:27 - 00000000 __SHD () C:\WINDOWS\CSC 2014-04-29 12:14 - 2014-04-29 13:52 - 00000000 ____D () C:\WINDOWS\pss 2014-04-28 09:17 - 2014-04-28 09:17 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-04-28 09:17 - 2014-04-28 09:17 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys ==================== One Month Modified Files and Folders ======= 2014-05-23 13:23 - 2014-05-23 13:23 - 00016736 _____ () C:\Documents and Settings\test\Desktop\FRST.txt 2014-05-23 13:23 - 2014-05-19 13:17 - 00000000 ____D () C:\FRST 2014-05-23 13:21 - 2010-11-01 17:24 - 00000444 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{EC2759DA-ABCC-4E4B-9CFF-0762D0C18332}.job 2014-05-23 13:19 - 2014-05-23 13:19 - 01056768 _____ (Farbar) C:\Documents and Settings\test\Desktop\FRST.exe 2014-05-23 13:17 - 2010-11-02 15:00 - 00000488 _____ () C:\hpfr5550.xml 2014-05-23 13:16 - 2014-05-16 09:06 - 00032574 _____ () C:\WINDOWS\SchedLgU.Txt 2014-05-23 12:52 - 2014-05-15 13:47 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf706e2f6a68d0.job 2014-05-23 12:25 - 2014-05-12 15:25 - 00000412 _____ () C:\WINDOWS\Tasks\At1.job 2014-05-23 12:25 - 2012-03-30 16:28 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-05-23 12:02 - 2014-05-01 11:38 - 01750257 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-23 12:00 - 2013-07-16 18:12 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-05-23 12:00 - 2011-10-13 13:11 - 00000304 _____ () C:\WINDOWS\Tasks\SmartDefrag_Schedule.job 2014-05-23 12:00 - 2010-11-03 17:01 - 00000406 _____ () C:\WINDOWS\Tasks\SmartDefrag.job 2014-05-23 12:00 - 2010-11-01 17:15 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-05-23 09:31 - 2014-05-12 11:18 - 00000272 _____ () C:\WINDOWS\Tasks\Driver Booster Scan.job 2014-05-23 09:31 - 2012-07-02 15:26 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-05-23 09:30 - 2014-05-16 10:31 - 00000280 _____ () C:\WINDOWS\Tasks\SmartDefrag3_Update.job 2014-05-23 09:30 - 2014-05-16 09:06 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-05-23 09:30 - 2014-05-16 09:06 - 00000049 _____ () C:\WINDOWS\wiaservc.log 2014-05-23 09:30 - 2014-05-15 13:47 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf706e2ef7f7f0.job 2014-05-23 09:30 - 2014-03-17 09:14 - 00000244 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2014-05-23 09:30 - 2013-11-20 10:37 - 00000266 _____ () C:\WINDOWS\Tasks\ASC7_PerformanceMonitor.job 2014-05-23 09:30 - 2013-06-13 12:02 - 00000300 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-329068152-813497703-1801674531-1003.job 2014-05-23 09:30 - 2011-08-01 09:09 - 00000280 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-18.job 2014-05-23 09:30 - 2011-07-01 13:46 - 00000300 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-329068152-813497703-1801674531-1003.job 2014-05-23 09:30 - 2011-03-07 11:59 - 00000398 _____ () C:\WINDOWS\Tasks\AWC AutoSweep.job 2014-05-23 09:30 - 2010-11-01 17:25 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-05-23 09:30 - 2008-04-14 07:00 - 00001374 _____ () C:\WINDOWS\system32\wpa.dbl 2014-05-22 17:27 - 2014-05-01 11:59 - 00000178 ___SH () C:\Documents and Settings\test\ntuser.ini 2014-05-22 17:27 - 2014-05-01 11:59 - 00000000 ____D () C:\Documents and Settings\test 2014-05-22 15:40 - 2014-05-08 14:02 - 00000478 _____ () C:\WINDOWS\Tasks\Driver Support-RTMScan.job 2014-05-22 09:54 - 2013-08-29 10:41 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2014-05-21 15:08 - 2014-05-21 15:08 - 00001180 _____ () C:\Documents and Settings\test\Desktop\fixlist.txt 2014-05-21 14:43 - 2011-08-01 09:09 - 00000288 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-18.job 2014-05-21 14:05 - 2010-11-03 17:37 - 00000486 _____ () C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job 2014-05-21 12:32 - 2014-05-08 14:02 - 00000476 _____ () C:\WINDOWS\Tasks\Driver Support-RTMUpdater.job 2014-05-21 09:15 - 2013-11-20 10:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ProductData 2014-05-20 10:49 - 2012-12-21 16:34 - 00000308 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-329068152-813497703-1801674531-1003.job 2014-05-19 16:30 - 2011-07-01 13:46 - 00000308 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-813497703-1801674531-1003.job 2014-05-19 10:46 - 2014-05-19 10:43 - 00000000 ____D () C:\AdwCleaner 2014-05-19 10:42 - 2014-05-16 10:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Ad-Aware Antivirus 2014-05-19 10:42 - 2013-05-06 16:28 - 00000000 ____D () C:\WINDOWS\system32\appmgmt 2014-05-19 10:30 - 2014-05-01 12:29 - 00000000 ___RD () C:\Documents and Settings\test\Desktop\Security & Tools Folder 2014-05-19 10:20 - 2014-05-01 12:12 - 00000000 ____D () C:\Documents and Settings\test\Application Data\IObit 2014-05-19 10:20 - 2010-11-03 16:58 - 00000000 ____D () C:\Program Files\IObit 2014-05-19 10:18 - 2014-05-19 10:17 - 00004526 _____ () C:\INSTALLHELPER.LOG 2014-05-16 15:34 - 2014-05-16 10:26 - 00035569 _____ () C:\WINDOWS\setupapi.log 2014-05-16 11:15 - 2014-05-16 11:15 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft 2014-05-16 10:55 - 2014-05-16 10:55 - 00000181 _____ () C:\Documents and Settings\test\My Documents\Ad-Aware_Report_Quick_Manual_2014-05-16T10-46-34.203125.xml 2014-05-16 10:42 - 2014-05-16 10:42 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Lavasoft 2014-05-16 10:40 - 2014-01-14 14:56 - 00000000 ____D () C:\Documents and Settings\NetworkService\Application Data\IObit 2014-05-16 10:36 - 2014-05-16 10:36 - 00000000 ____D () C:\Documents and Settings\test\Application Data\LavasoftStatistics 2014-05-16 10:32 - 2011-05-24 10:48 - 00606440 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\RTL8192su.sys 2014-05-16 10:32 - 2010-11-02 13:55 - 00000000 ____D () C:\WINDOWS\system32\RTCOM 2014-05-16 10:32 - 2010-11-01 16:39 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups 2014-05-16 10:31 - 2014-01-14 14:42 - 00087256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoInstIIXP.dll 2014-05-16 10:31 - 2014-01-14 14:42 - 00026084 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2014-05-16 10:31 - 2011-01-07 17:58 - 01691480 _____ (Creative) C:\WINDOWS\system32\Drivers\Ambfilt.sys 2014-05-16 10:31 - 2011-01-07 17:58 - 01395800 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\Monfilt.sys 2014-05-16 10:31 - 2011-01-07 17:58 - 00359016 _____ (Realtek Semiconductor Crop.) C:\WINDOWS\vncutil.exe 2014-05-16 10:31 - 2011-01-07 17:58 - 00129640 _____ (Realtek Semiconductor) C:\WINDOWS\RtkAudioService.exe 2014-05-16 10:31 - 2005-09-23 19:56 - 05630168 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtkHDAud.sys 2014-05-16 10:31 - 2005-09-22 14:36 - 20145368 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE 2014-05-16 10:31 - 2005-09-21 17:29 - 01523416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlUpd.exe 2014-05-16 10:31 - 2005-09-21 16:32 - 02815592 _____ (RealTek Semicoductor Corp.) C:\WINDOWS\ALCWZRD.EXE 2014-05-16 10:31 - 2005-09-21 16:23 - 09721960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RTLCPL.EXE 2014-05-16 10:31 - 2005-09-21 11:25 - 00285288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\ALSNDMGR.CPL 2014-05-16 10:31 - 2005-09-21 11:24 - 00084584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE 2014-05-16 10:31 - 2005-09-15 18:26 - 00891976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSndMgr.CPL 2014-05-16 10:31 - 2005-09-07 11:40 - 02180712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\MicCal.exe 2014-05-16 10:31 - 2005-05-03 19:43 - 00064104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\ALCMTR.EXE 2014-05-16 10:30 - 2014-05-16 10:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 3 2014-05-16 10:30 - 2010-11-02 13:04 - 00056352 _____ (HP) C:\WINDOWS\system32\Drivers\HPZid412.sys 2014-05-16 10:30 - 2010-11-02 13:04 - 00028000 _____ (HP) C:\WINDOWS\system32\Drivers\HPZius12.sys 2014-05-16 10:30 - 2010-11-02 13:04 - 00022928 _____ (HP) C:\WINDOWS\system32\Drivers\HPZipr12.sys 2014-05-16 10:28 - 2014-05-16 10:28 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Driver Booster 2014-05-16 10:26 - 2014-05-16 10:26 - 00000000 ____D () C:\Program Files\Lavasoft 2014-05-16 10:25 - 2014-05-16 10:25 - 00017507 _____ () C:\WINDOWS\KB942288-v3.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00006729 _____ () C:\WINDOWS\iis6.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00006182 _____ () C:\WINDOWS\FaxSetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002956 _____ () C:\WINDOWS\ocgen.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002821 _____ () C:\WINDOWS\tsoc.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002095 _____ () C:\WINDOWS\comsetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001906 _____ () C:\WINDOWS\msmqinst.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001374 _____ () C:\WINDOWS\imsins.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001266 _____ () C:\WINDOWS\ntdtcsetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001083 _____ () C:\WINDOWS\netfxocm.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000425 _____ () C:\WINDOWS\MedCtrOC.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000342 _____ () C:\WINDOWS\ocmsn.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000311 _____ () C:\WINDOWS\tabletoc.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000309 _____ () C:\WINDOWS\msgsocm.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$ 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-05-16 10:25 - 2010-11-01 11:02 - 00000000 ____D () C:\WINDOWS\system32\mui 2014-05-16 10:24 - 2010-11-03 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lavasoft 2014-05-16 10:12 - 2014-01-14 14:19 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2014-05-16 10:08 - 2014-05-16 10:07 - 00000000 ____D () C:\Avenger 2014-05-16 10:08 - 2011-04-07 14:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IObit 2014-05-16 09:06 - 2014-05-16 09:06 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log 2014-05-15 18:49 - 2014-05-01 12:29 - 00000000 ___RD () C:\Documents and Settings\test\Desktop\Photo & Video Tools 2014-05-15 18:43 - 2013-10-14 17:26 - 35348480 _____ () C:\WINDOWS\system32\config\software.iobit 2014-05-15 18:43 - 2013-10-14 17:26 - 05349376 _____ () C:\WINDOWS\system32\config\default.iobit 2014-05-15 18:43 - 2013-10-14 17:26 - 00065536 _____ () C:\WINDOWS\system32\config\SECURITY.iobit 2014-05-15 18:43 - 2013-10-14 17:26 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iobit 2014-05-15 18:43 - 2010-11-01 17:25 - 00000000 __SHD () C:\Documents and Settings\LocalService 2014-05-15 18:43 - 2010-11-01 17:22 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2014-05-15 13:47 - 2014-05-01 13:03 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Google 2014-05-15 09:22 - 2014-05-15 09:22 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Sun 2014-05-15 09:17 - 2011-02-23 16:03 - 00777488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2014-05-15 09:17 - 2010-11-01 17:02 - 00411680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2014-05-15 09:17 - 2010-11-01 17:02 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys 2014-05-14 16:01 - 2014-05-14 16:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java 2014-05-14 16:01 - 2014-05-14 15:57 - 00003966 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log 2014-05-14 16:01 - 2012-03-02 15:14 - 00000000 ____D () C:\Program Files\Java 2014-05-14 15:50 - 2012-07-02 15:51 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-05-14 15:40 - 2012-03-30 16:28 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-05-14 15:40 - 2011-06-28 14:31 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-05-14 15:36 - 2012-12-03 16:25 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-14 15:36 - 2010-11-01 17:29 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-05-14 15:33 - 2014-05-14 15:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-14 15:33 - 2014-05-01 13:01 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Adobe 2014-05-14 15:33 - 2014-05-01 12:00 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Adobe 2014-05-14 15:33 - 2010-11-01 17:27 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR 2014-05-14 15:01 - 2014-05-14 15:01 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Google 2014-05-14 14:59 - 2014-05-14 14:59 - 00000803 _____ () C:\Documents and Settings\test\Desktop\Internet Explorer.lnk 2014-05-14 14:59 - 2014-05-08 14:01 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Mozilla 2014-05-12 17:29 - 2014-05-12 17:29 - 00000000 ____D () C:\Documents and Settings\Jerry Richardson\Application Data\IObit 2014-05-12 17:27 - 2014-05-12 17:27 - 00000000 ____D () C:\b352f5a442b9f53f13d073d5 2014-05-12 17:27 - 2014-05-01 13:43 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-05-12 17:27 - 2010-11-01 17:16 - 00000000 ____D () C:\WINDOWS\Registration 2014-05-12 17:26 - 2014-05-12 17:26 - 00000000 ____D () C:\Documents and Settings\test\Desktop\Florence woman of year - raw 2014-05-12 17:24 - 2014-05-12 15:29 - 00000000 ____D () C:\Program Files\Optimizer Pro(2) 2014-05-12 17:19 - 2008-04-14 07:00 - 00000823 _____ () C:\WINDOWS\win.ini 2014-05-12 17:14 - 2014-05-12 17:14 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.tmp 2014-05-12 17:14 - 2010-11-01 17:13 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-05-12 15:34 - 2013-10-18 17:45 - 00131072 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt 2014-05-12 15:18 - 2014-05-12 15:18 - 00000000 ____D () C:\Program Files\VideoLAN 2014-05-12 10:53 - 2014-05-12 10:53 - 00000000 __SHD () C:\Documents and Settings\test\IECompatCache 2014-05-12 10:46 - 2014-05-12 10:46 - 00000000 __SHD () C:\Documents and Settings\test\PrivacIE 2014-05-08 20:21 - 2011-03-07 11:59 - 00000410 _____ () C:\WINDOWS\Tasks\AWC Update.job 2014-05-08 17:28 - 2010-11-01 11:02 - 00000000 ____D () C:\WINDOWS\pchealth 2014-05-08 17:08 - 2014-05-08 17:08 - 00000000 ____D () C:\Documents and Settings\test\Application Data\RealNetworks 2014-05-08 16:33 - 2014-05-08 16:33 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Mozilla 2014-05-08 15:00 - 2014-03-17 09:13 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2014-05-08 14:02 - 2014-05-08 14:02 - 00047136 _____ () C:\Documents and Settings\test\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-05-08 14:02 - 2014-05-08 14:02 - 00000466 _____ () C:\WINDOWS\Tasks\Driver Support-RTMRules.job 2014-05-08 14:02 - 2014-05-08 14:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Driver Support 2014-05-08 14:01 - 2014-05-08 14:01 - 00000000 ____D () C:\Program Files\Driver Support 2014-05-07 08:59 - 2010-11-01 11:08 - 00065536 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.old 2014-05-07 08:59 - 2010-11-01 11:07 - 35389440 _____ () C:\WINDOWS\system32\config\software.iodefrag.old 2014-05-07 08:58 - 2014-05-07 08:58 - 35348480 _____ () C:\WINDOWS\system32\config\software.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 05349376 _____ () C:\WINDOWS\system32\config\default.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 00065536 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak 2014-05-06 17:35 - 2010-11-01 11:08 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.old 2014-05-06 17:35 - 2010-11-01 11:07 - 05349376 _____ () C:\WINDOWS\system32\config\default.iodefrag.old 2014-05-02 13:58 - 2014-05-02 13:58 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2014-05-02 10:14 - 2010-11-01 17:26 - 00000000 ____D () C:\Documents and Settings\Jerry Richardson 2014-05-02 09:08 - 2014-05-01 13:46 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Rescue Applet 2014-05-01 18:15 - 2014-05-01 13:43 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-05-01 16:55 - 2014-05-01 16:55 - 00000577 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\LMIR0001.tmp.bat 2014-05-01 16:55 - 2014-05-01 16:55 - 00000502 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\LMIR0001.tmp_r.bat 2014-05-01 16:51 - 2010-11-01 17:16 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-05-01 16:41 - 2014-05-01 16:41 - 00030976 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2014-05-01 16:40 - 2010-11-01 11:07 - 00000221 ___SH () C:\boot.ini 2014-05-01 16:39 - 2014-05-01 16:39 - 00036222 _____ () C:\WINDOWS\system32\.crusader 2014-05-01 16:38 - 2014-05-01 16:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro 2014-05-01 16:17 - 2014-05-01 16:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Licenses 2014-05-01 16:16 - 2014-05-01 16:16 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Simply Super Software 2014-05-01 15:29 - 2008-04-14 07:00 - 00000227 _____ () C:\WINDOWS\system.ini 2014-05-01 14:53 - 2010-11-03 16:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes 2014-05-01 14:50 - 2014-05-01 14:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla 2014-05-01 14:50 - 2014-05-01 14:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Mozilla 2014-05-01 14:03 - 2014-05-01 14:02 - 00000738 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk 2014-05-01 14:02 - 2014-05-01 14:02 - 00000803 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk 2014-05-01 14:02 - 2014-05-01 13:43 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk 2014-05-01 14:02 - 2014-05-01 13:43 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories 2014-05-01 14:00 - 2014-05-01 14:00 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IObit 2014-05-01 13:45 - 2014-05-01 13:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google 2014-05-01 13:02 - 2014-05-01 13:02 - 00051712 ___SH () C:\Documents and Settings\test\My Documents\Thumbs.db 2014-05-01 13:02 - 2014-05-01 12:58 - 00005632 _____ () C:\Documents and Settings\test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-05-01 12:52 - 2014-05-01 12:52 - 00000000 ____D () C:\Documents and Settings\test\My Documents\x delete 2014-05-01 12:52 - 2014-05-01 12:52 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Updater5 2014-05-01 12:49 - 2014-05-01 12:49 - 00000000 ____D () C:\Documents and Settings\test\My Documents\TomTom 2014-05-01 12:49 - 2014-05-01 12:47 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Scuba trips 2014-05-01 12:47 - 2014-05-01 12:41 - 00000000 ___RD () C:\Documents and Settings\test\My Documents\pics and videos need sorting 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ___RD () C:\Documents and Settings\test\My Documents\office files 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ____D () C:\Documents and Settings\test\My Documents\My Smilebox Creations 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Masons Folder 2014-05-01 12:29 - 2014-05-01 12:28 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Florence woman of year - raw 2014-05-01 12:00 - 2014-05-01 12:00 - 00000803 _____ () C:\Documents and Settings\test\Start Menu\Programs\Internet Explorer.lnk 2014-05-01 12:00 - 2014-05-01 12:00 - 00000738 _____ () C:\Documents and Settings\test\Start Menu\Programs\Outlook Express.lnk 2014-05-01 12:00 - 2014-05-01 12:00 - 00000000 ____D () C:\Documents and Settings\test\Application Data\AVAST Software 2014-05-01 12:00 - 2014-05-01 11:59 - 00000792 _____ () C:\Documents and Settings\test\Start Menu\Programs\Windows Media Player.lnk 2014-05-01 12:00 - 2014-05-01 11:59 - 00000000 ___RD () C:\Documents and Settings\test\Start Menu\Programs\Accessories 2014-05-01 11:59 - 2014-05-01 11:59 - 00000000 ____D () C:\IObit 2014-05-01 10:32 - 2014-05-01 10:32 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk 2014-05-01 10:32 - 2014-05-01 10:32 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-01 10:32 - 2014-05-01 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner 2014-04-30 03:13 - 2008-04-14 07:00 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll 2014-04-30 03:13 - 2008-04-14 07:00 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-04-29 16:27 - 2010-11-01 11:08 - 00214472 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-04-29 16:23 - 2014-04-29 15:52 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE 2014-04-29 16:22 - 2010-11-01 11:11 - 00513832 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-04-29 16:19 - 2014-04-29 16:19 - 00000000 ____D () C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories 2014-04-29 16:19 - 2010-11-01 17:19 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb 2014-04-29 16:19 - 2010-11-01 17:19 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb 2014-04-29 15:51 - 2014-04-29 15:51 - 00000000 ____D () C:\RegBackup 2014-04-29 15:51 - 2010-11-01 11:02 - 00000000 ____D () C:\WINDOWS\repair 2014-04-29 15:50 - 2014-05-01 12:29 - 00001812 _____ () C:\Documents and Settings\test\Desktop\Tweaking.com - Windows Repair (All in One).lnk 2014-04-29 15:50 - 2014-04-29 15:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com 2014-04-29 15:46 - 2014-04-29 15:46 - 00000000 ____D () C:\Program Files\Tweaking.com 2014-04-29 15:38 - 2014-04-29 14:04 - 00000000 ____D () C:\Documents and Settings\abc 2014-04-29 13:52 - 2014-04-29 12:14 - 00000000 ____D () C:\WINDOWS\pss 2014-04-29 13:37 - 2013-08-26 15:31 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2014-04-29 13:35 - 2014-04-29 13:35 - 00000000 _____ () C:\WINDOWS\system32\앀ɗ㹨Ɋlotserviceruntime.log 2014-04-29 13:27 - 2014-04-29 13:27 - 00000000 __SHD () C:\WINDOWS\CSC 2014-04-29 13:20 - 2013-08-26 15:43 - 00458752 _____ () C:\WINDOWS\system32\config\SpybotSD.evt 2014-04-29 13:03 - 2012-05-30 15:41 - 00001323 _____ () C:\WINDOWS\wininit.ini 2014-04-28 09:17 - 2014-04-28 09:17 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-04-28 09:17 - 2014-04-28 09:17 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2014-04-28 09:17 - 2013-03-01 17:22 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2014-04-28 09:17 - 2013-03-01 17:22 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys 2014-04-28 09:17 - 2013-03-01 17:22 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2014-04-28 09:17 - 2011-02-23 16:03 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1400163468437 2014-04-28 09:17 - 2010-11-01 17:02 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-04-28 09:17 - 2010-11-01 17:02 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2014-04-28 09:17 - 2010-11-01 17:02 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys.1400163468437 2014-04-25 13:50 - 2014-05-01 12:29 - 00000770 _____ () C:\Documents and Settings\test\Desktop\Video Performer.lnk 2014-04-23 09:17 - 2010-11-01 17:25 - 00000178 ___SH () C:\Documents and Settings\LocalService\ntuser.ini Files to move or delete: ==================== C:\Windows\Tasks\At1.job Some content of TEMP: ==================== C:\Documents and Settings\test\Local Settings\Temp\210f4088-0b95-4280-8112-3f8dd51aea03.exe C:\Documents and Settings\test\Local Settings\Temp\BackupSetup.exe C:\Documents and Settings\test\Local Settings\Temp\f.exe C:\Documents and Settings\test\Local Settings\Temp\Quarantine.exe C:\Documents and Settings\test\Local Settings\Temp\System.Data.SQLite.dll C:\Documents and Settings\test\Local Settings\Temp\vcredist_x86.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe => MD5 is legit C:\WINDOWS\system32\winlogon.exe => MD5 is legit C:\WINDOWS\system32\svchost.exe => MD5 is legit C:\WINDOWS\system32\services.exe => MD5 is legit C:\WINDOWS\system32\User32.dll => MD5 is legit C:\WINDOWS\system32\userinit.exe => MD5 is legit C:\WINDOWS\system32\rpcss.dll => MD5 is legit C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================
  13. Sorry to take so long getting back. I am only at this computer every few days. The start settings and extensions look good, altho Trovi Search keeps reloading as an option - altho it doesn't hijack. I ran FRST scan. The Fix button doesn't have anything to fix, or I may have misunderstood? Here is the log... Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-05-2014 Ran by test (administrator) on JERRY-BBD10ECC6 on 21-05-2014 15:13:44 Running from C:\Documents and Settings\test\My Documents\Downloads Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (IObit) C:\Program Files\IObit\Advanced SystemCare 7\DelayLoad.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) C:\Documents and Settings\test\My Documents\Downloads\FRST(1).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AdAwareTray] => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe" HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2014-05-16] (Realtek Semiconductor Corp.) HKLM\...\Run: [] => [X] HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\.DEFAULT\...\Run: [AROReminder] => C:\Program Files\ARO 2011\aro.exe -rem HKU\.DEFAULT\...\Run: [Advanced SystemCare 4] => "C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe" ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAAEEF04EAF6FCF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us SearchScopes: HKLM - DefaultScope value is missing. BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit) BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\0u54w5zp.default FF Homepage: https://www.google.com/ FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer) FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-05-14] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-05-14] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2014-05-14] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-02-23] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-10] FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] Chrome: ======= CHR HomePage: https://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/", "https://www.google.com/" CHR DefaultNewTabURL: CHR Extension: (Google Docs) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01] CHR Extension: (Google Drive) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01] CHR Extension: (YouTube) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01] CHR Extension: (Win7 Scrollbars) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cifcnoebhbpdndjendfkpehpfbglgfkc [2014-05-01] CHR Extension: (Google Search) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01] CHR Extension: (Search by Image (by Google)) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-05-01] CHR Extension: (avast! Online Security) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-01] CHR Extension: (Google Wallet) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01] CHR Extension: (Gmail) - C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-04-28] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22] ========================== Services (Whitelisted) ================= R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit) S3 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC) R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-04-28] (AVAST Software) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation) S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit) S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [143360 2004-06-16] (Intel® Corporation) R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () S2 LavasoftAdAwareService11; "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe" [X] ==================== Drivers (Whitelisted) ==================== R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2014-03-14] (Meetinghouse Data Communications) R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2014-05-16] (Creative) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-04-28] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-04-28] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-05-15] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-04-28] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-04-28] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-04-28] () S3 AX88772; C:\WINDOWS\System32\DRIVERS\ax88772.sys [19072 2007-07-26] (ASIX Electronics Corp.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R3 E1000; C:\WINDOWS\System32\DRIVERS\e1000325.sys [171152 2008-08-20] (Intel Corporation) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [30976 2014-05-01] () R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [56352 2014-05-16] (HP) R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [22928 2014-05-16] (HP) R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [28000 2014-05-16] (HP) R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [83296 2014-01-14] (JMicron Technology Corp.) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-16] (Malwarebytes Corporation) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2014-05-16] (Creative Technology Ltd.) S3 motport; C:\WINDOWS\System32\DRIVERS\motport.sys [23680 2007-06-18] (Motorola) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [15808 2013-12-24] (IObit) S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [340624 2013-07-17] (BitDefender S.R.L.) R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.) R3 WinDriver6; C:\WINDOWS\System32\drivers\windrvr6.sys [194362 2006-10-16] (Jungo) S3 AtcL001; system32\DRIVERS\l151x86.sys [X] S3 KCFdcDevice0; No ImagePath S0 Lbd; system32\DRIVERS\Lbd.sys [X] U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-04-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-21 15:08 - 2014-05-21 15:08 - 00001180 _____ () C:\Documents and Settings\test\Desktop\fixlist.txt 2014-05-19 13:17 - 2014-05-21 15:13 - 00000000 ____D () C:\FRST 2014-05-19 10:44 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll 2014-05-19 10:43 - 2014-05-19 10:46 - 00000000 ____D () C:\AdwCleaner 2014-05-19 10:17 - 2014-05-19 10:18 - 00004526 _____ () C:\INSTALLHELPER.LOG 2014-05-16 11:15 - 2014-05-16 11:15 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft 2014-05-16 10:55 - 2014-05-16 10:55 - 00000181 _____ () C:\Documents and Settings\test\My Documents\Ad-Aware_Report_Quick_Manual_2014-05-16T10-46-34.203125.xml 2014-05-16 10:42 - 2014-05-16 10:42 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Lavasoft 2014-05-16 10:36 - 2014-05-16 10:36 - 00000000 ____D () C:\Documents and Settings\test\Application Data\LavasoftStatistics 2014-05-16 10:31 - 2014-05-21 15:02 - 00000280 _____ () C:\WINDOWS\Tasks\SmartDefrag3_Update.job 2014-05-16 10:30 - 2014-05-16 10:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 3 2014-05-16 10:30 - 2014-03-10 18:17 - 00109856 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll 2014-05-16 10:30 - 2013-12-24 10:40 - 00015808 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys 2014-05-16 10:28 - 2014-05-16 10:28 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Driver Booster 2014-05-16 10:27 - 2014-05-19 10:42 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Ad-Aware Antivirus 2014-05-16 10:26 - 2014-05-16 15:34 - 00035569 _____ () C:\WINDOWS\setupapi.log 2014-05-16 10:26 - 2014-05-16 10:26 - 00000000 ____D () C:\Program Files\Lavasoft 2014-05-16 10:25 - 2014-05-16 10:25 - 00017507 _____ () C:\WINDOWS\KB942288-v3.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00006729 _____ () C:\WINDOWS\iis6.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00006182 _____ () C:\WINDOWS\FaxSetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002956 _____ () C:\WINDOWS\ocgen.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002821 _____ () C:\WINDOWS\tsoc.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002095 _____ () C:\WINDOWS\comsetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001906 _____ () C:\WINDOWS\msmqinst.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001374 _____ () C:\WINDOWS\imsins.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001266 _____ () C:\WINDOWS\ntdtcsetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001083 _____ () C:\WINDOWS\netfxocm.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000425 _____ () C:\WINDOWS\MedCtrOC.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000342 _____ () C:\WINDOWS\ocmsn.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000311 _____ () C:\WINDOWS\tabletoc.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000309 _____ () C:\WINDOWS\msgsocm.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$ 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-05-16 10:07 - 2014-05-16 10:08 - 00000000 ____D () C:\Avenger 2014-05-16 09:06 - 2014-05-21 15:02 - 00032654 _____ () C:\WINDOWS\SchedLgU.Txt 2014-05-16 09:06 - 2014-05-21 15:02 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-05-16 09:06 - 2014-05-21 15:02 - 00000049 _____ () C:\WINDOWS\wiaservc.log 2014-05-16 09:06 - 2014-05-16 09:06 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log 2014-05-15 13:47 - 2014-05-21 15:02 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf706e2ef7f7f0.job 2014-05-15 13:47 - 2014-05-21 14:53 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf706e2f6a68d0.job 2014-05-15 09:22 - 2014-05-15 09:22 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Sun 2014-05-14 16:01 - 2014-05-14 16:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java 2014-05-14 16:01 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-05-14 16:01 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-05-14 16:01 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-05-14 16:01 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-05-14 16:01 - 2014-04-14 19:47 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-05-14 15:57 - 2014-05-14 16:01 - 00003966 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log 2014-05-14 15:33 - 2014-05-14 15:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-14 15:01 - 2014-05-14 15:01 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Google 2014-05-14 14:59 - 2014-05-14 14:59 - 00000803 _____ () C:\Documents and Settings\test\Desktop\Internet Explorer.lnk 2014-05-12 17:29 - 2014-05-12 17:29 - 00000000 ____D () C:\Documents and Settings\Jerry Richardson\Application Data\IObit 2014-05-12 17:27 - 2014-05-12 17:27 - 00000000 ____D () C:\b352f5a442b9f53f13d073d5 2014-05-12 17:26 - 2014-05-12 17:26 - 00000000 ____D () C:\Documents and Settings\test\Desktop\Florence woman of year - raw 2014-05-12 17:14 - 2014-05-12 17:14 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.tmp 2014-05-12 15:29 - 2014-05-12 17:24 - 00000000 ____D () C:\Program Files\Optimizer Pro(2) 2014-05-12 15:25 - 2014-05-21 14:25 - 00000412 _____ () C:\WINDOWS\Tasks\At1.job 2014-05-12 15:18 - 2014-05-12 15:18 - 00000000 ____D () C:\Program Files\VideoLAN 2014-05-12 11:18 - 2014-05-21 15:02 - 00000272 _____ () C:\WINDOWS\Tasks\Driver Booster Scan.job 2014-05-12 10:53 - 2014-05-12 10:53 - 00000000 __SHD () C:\Documents and Settings\test\IECompatCache 2014-05-12 10:46 - 2014-05-12 10:46 - 00000000 __SHD () C:\Documents and Settings\test\PrivacIE 2014-05-08 17:08 - 2014-05-08 17:08 - 00000000 ____D () C:\Documents and Settings\test\Application Data\RealNetworks 2014-05-08 16:33 - 2014-05-08 16:33 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Mozilla 2014-05-08 14:02 - 2014-05-21 12:32 - 00000476 _____ () C:\WINDOWS\Tasks\Driver Support-RTMUpdater.job 2014-05-08 14:02 - 2014-05-08 14:02 - 00047136 _____ () C:\Documents and Settings\test\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-05-08 14:02 - 2014-05-08 14:02 - 00000478 _____ () C:\WINDOWS\Tasks\Driver Support-RTMScan.job 2014-05-08 14:02 - 2014-05-08 14:02 - 00000466 _____ () C:\WINDOWS\Tasks\Driver Support-RTMRules.job 2014-05-08 14:02 - 2014-05-08 14:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Driver Support 2014-05-08 14:01 - 2014-05-14 14:59 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Mozilla 2014-05-08 14:01 - 2014-05-08 14:01 - 00000000 ____D () C:\Program Files\Driver Support 2014-05-07 08:58 - 2014-05-07 08:58 - 35348480 _____ () C:\WINDOWS\system32\config\software.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 05349376 _____ () C:\WINDOWS\system32\config\default.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 00065536 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak 2014-05-02 13:58 - 2014-05-02 13:58 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2014-05-01 16:55 - 2014-05-01 16:55 - 00000577 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\LMIR0001.tmp.bat 2014-05-01 16:55 - 2014-05-01 16:55 - 00000502 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\LMIR0001.tmp_r.bat 2014-05-01 16:41 - 2014-05-01 16:41 - 00030976 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2014-05-01 16:39 - 2014-05-01 16:39 - 00036222 _____ () C:\WINDOWS\system32\.crusader 2014-05-01 16:20 - 2014-05-01 16:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro 2014-05-01 16:17 - 2014-05-01 16:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Licenses 2014-05-01 16:16 - 2014-05-01 16:16 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Simply Super Software 2014-05-01 14:50 - 2014-05-01 14:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla 2014-05-01 14:50 - 2014-05-01 14:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Mozilla 2014-05-01 14:02 - 2014-05-01 14:03 - 00000738 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk 2014-05-01 14:02 - 2014-05-01 14:02 - 00000803 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk 2014-05-01 14:00 - 2014-05-01 14:00 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IObit 2014-05-01 13:46 - 2014-05-02 09:08 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Rescue Applet 2014-05-01 13:45 - 2014-05-01 13:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google 2014-05-01 13:43 - 2014-05-12 17:27 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-05-01 13:43 - 2014-05-01 18:15 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-05-01 13:43 - 2014-05-01 14:02 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk 2014-05-01 13:43 - 2014-05-01 14:02 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories 2014-05-01 13:43 - 2013-10-17 12:07 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache 2014-05-01 13:43 - 2013-02-12 10:29 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Sun 2014-05-01 13:43 - 2010-11-01 17:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Macromedia 2014-05-01 13:43 - 2010-11-01 17:19 - 00001599 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk 2014-05-01 13:03 - 2014-05-15 13:47 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Google 2014-05-01 13:02 - 2014-05-01 13:02 - 00051712 ___SH () C:\Documents and Settings\test\My Documents\Thumbs.db 2014-05-01 13:01 - 2014-05-14 15:33 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Adobe 2014-05-01 12:58 - 2014-05-01 13:02 - 00005632 _____ () C:\Documents and Settings\test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-05-01 12:52 - 2014-05-01 12:52 - 00000000 ____D () C:\Documents and Settings\test\My Documents\x delete 2014-05-01 12:52 - 2014-05-01 12:52 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Updater5 2014-05-01 12:52 - 2011-09-29 13:28 - 00001506 _____ () C:\Documents and Settings\test\My Documents\Bio-station-Alpha.kml 2014-05-01 12:52 - 2011-07-06 14:17 - 177211566 _____ () C:\Documents and Settings\test\My Documents\ece316e18e75785dfb29f870f3436b74.mp4 2014-05-01 12:52 - 2011-07-01 13:42 - 00000085 _____ () C:\Documents and Settings\test\My Documents\harrington.ram 2014-05-01 12:52 - 2011-06-21 17:17 - 160585367 _____ () C:\Documents and Settings\test\My Documents\9f5a147a4a56b7494ccc332b3227d7c6.mp4 2014-05-01 12:49 - 2014-05-01 12:49 - 00000000 ____D () C:\Documents and Settings\test\My Documents\TomTom 2014-05-01 12:47 - 2014-05-01 12:49 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Scuba trips 2014-05-01 12:41 - 2014-05-01 12:47 - 00000000 ___RD () C:\Documents and Settings\test\My Documents\pics and videos need sorting 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ___RD () C:\Documents and Settings\test\My Documents\office files 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ____D () C:\Documents and Settings\test\My Documents\My Smilebox Creations 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Masons Folder 2014-05-01 12:29 - 2014-05-19 10:30 - 00000000 ___RD () C:\Documents and Settings\test\Desktop\Security & Tools Folder 2014-05-01 12:29 - 2014-05-15 18:49 - 00000000 ___RD () C:\Documents and Settings\test\Desktop\Photo & Video Tools 2014-05-01 12:29 - 2014-04-29 15:50 - 00001812 _____ () C:\Documents and Settings\test\Desktop\Tweaking.com - Windows Repair (All in One).lnk 2014-05-01 12:29 - 2014-04-25 13:50 - 00000770 _____ () C:\Documents and Settings\test\Desktop\Video Performer.lnk 2014-05-01 12:29 - 2014-01-20 15:41 - 00000075 _____ () C:\Documents and Settings\test\Desktop\product-gear-ring.php.url 2014-05-01 12:29 - 2013-07-19 16:34 - 00000382 _____ () C:\Documents and Settings\test\Desktop\attpass.txt 2014-05-01 12:29 - 2013-07-16 14:47 - 00000396 _____ () C:\Documents and Settings\test\Desktop\Shortcut to Wireless Network Connection.lnk 2014-05-01 12:28 - 2014-05-01 12:29 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Florence woman of year - raw 2014-05-01 12:12 - 2014-05-19 10:20 - 00000000 ____D () C:\Documents and Settings\test\Application Data\IObit 2014-05-01 12:00 - 2014-05-14 15:33 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Adobe 2014-05-01 12:00 - 2014-05-01 12:00 - 00000803 _____ () C:\Documents and Settings\test\Start Menu\Programs\Internet Explorer.lnk 2014-05-01 12:00 - 2014-05-01 12:00 - 00000738 _____ () C:\Documents and Settings\test\Start Menu\Programs\Outlook Express.lnk 2014-05-01 12:00 - 2014-05-01 12:00 - 00000000 ____D () C:\Documents and Settings\test\Application Data\AVAST Software 2014-05-01 11:59 - 2014-05-21 15:01 - 00000178 ___SH () C:\Documents and Settings\test\ntuser.ini 2014-05-01 11:59 - 2014-05-21 15:01 - 00000000 ____D () C:\Documents and Settings\test 2014-05-01 11:59 - 2014-05-01 12:00 - 00000792 _____ () C:\Documents and Settings\test\Start Menu\Programs\Windows Media Player.lnk 2014-05-01 11:59 - 2014-05-01 12:00 - 00000000 ___RD () C:\Documents and Settings\test\Start Menu\Programs\Accessories 2014-05-01 11:59 - 2014-05-01 11:59 - 00000000 ____D () C:\IObit 2014-05-01 11:59 - 2013-10-17 12:07 - 00000000 __SHD () C:\Documents and Settings\test\IETldCache 2014-05-01 11:59 - 2013-02-12 10:29 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Sun 2014-05-01 11:59 - 2010-11-01 17:27 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Macromedia 2014-05-01 11:59 - 2010-11-01 17:19 - 00001599 _____ () C:\Documents and Settings\test\Start Menu\Programs\Remote Assistance.lnk 2014-05-01 11:38 - 2014-05-21 15:03 - 01683333 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-01 10:32 - 2014-05-01 10:32 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk 2014-05-01 10:32 - 2014-05-01 10:32 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-01 10:32 - 2014-05-01 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner 2014-04-29 16:19 - 2014-04-29 16:19 - 00000000 ____D () C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories 2014-04-29 15:52 - 2014-04-29 16:23 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE 2014-04-29 15:51 - 2014-04-29 15:51 - 00000000 ____D () C:\RegBackup 2014-04-29 15:50 - 2014-04-29 15:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com 2014-04-29 15:46 - 2014-04-29 15:46 - 00000000 ____D () C:\Program Files\Tweaking.com 2014-04-29 14:04 - 2014-04-29 15:38 - 00000000 ____D () C:\Documents and Settings\abc 2014-04-29 13:35 - 2014-04-29 13:35 - 00000000 _____ () C:\WINDOWS\system32\앀ɗ㹨Ɋlotserviceruntime.log 2014-04-29 13:27 - 2014-04-29 13:27 - 00000000 __SHD () C:\WINDOWS\CSC 2014-04-29 12:14 - 2014-04-29 13:52 - 00000000 ____D () C:\WINDOWS\pss 2014-04-28 09:17 - 2014-04-28 09:17 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-04-28 09:17 - 2014-04-28 09:17 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys ==================== One Month Modified Files and Folders ======= 2014-05-21 15:13 - 2014-05-19 13:17 - 00000000 ____D () C:\FRST 2014-05-21 15:11 - 2010-11-01 17:24 - 00000444 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{EC2759DA-ABCC-4E4B-9CFF-0762D0C18332}.job 2014-05-21 15:08 - 2014-05-21 15:08 - 00001180 _____ () C:\Documents and Settings\test\Desktop\fixlist.txt 2014-05-21 15:03 - 2014-05-01 11:38 - 01683333 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-21 15:02 - 2014-05-16 10:31 - 00000280 _____ () C:\WINDOWS\Tasks\SmartDefrag3_Update.job 2014-05-21 15:02 - 2014-05-16 09:06 - 00032654 _____ () C:\WINDOWS\SchedLgU.Txt 2014-05-21 15:02 - 2014-05-16 09:06 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-05-21 15:02 - 2014-05-16 09:06 - 00000049 _____ () C:\WINDOWS\wiaservc.log 2014-05-21 15:02 - 2014-05-15 13:47 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf706e2ef7f7f0.job 2014-05-21 15:02 - 2014-05-12 11:18 - 00000272 _____ () C:\WINDOWS\Tasks\Driver Booster Scan.job 2014-05-21 15:02 - 2014-03-17 09:14 - 00000244 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2014-05-21 15:02 - 2013-11-20 10:37 - 00000266 _____ () C:\WINDOWS\Tasks\ASC7_PerformanceMonitor.job 2014-05-21 15:02 - 2013-06-13 12:02 - 00000300 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-329068152-813497703-1801674531-1003.job 2014-05-21 15:02 - 2012-07-02 15:26 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-05-21 15:02 - 2011-08-01 09:09 - 00000280 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-18.job 2014-05-21 15:02 - 2011-07-01 13:46 - 00000300 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-329068152-813497703-1801674531-1003.job 2014-05-21 15:02 - 2011-03-07 11:59 - 00000398 _____ () C:\WINDOWS\Tasks\AWC AutoSweep.job 2014-05-21 15:02 - 2010-11-01 17:25 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-05-21 15:02 - 2008-04-14 07:00 - 00001374 _____ () C:\WINDOWS\system32\wpa.dbl 2014-05-21 15:01 - 2014-05-01 11:59 - 00000178 ___SH () C:\Documents and Settings\test\ntuser.ini 2014-05-21 15:01 - 2014-05-01 11:59 - 00000000 ____D () C:\Documents and Settings\test 2014-05-21 14:53 - 2014-05-15 13:47 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf706e2f6a68d0.job 2014-05-21 14:43 - 2011-08-01 09:09 - 00000288 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-18.job 2014-05-21 14:25 - 2014-05-12 15:25 - 00000412 _____ () C:\WINDOWS\Tasks\At1.job 2014-05-21 14:25 - 2012-03-30 16:28 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-05-21 14:05 - 2010-11-03 17:37 - 00000486 _____ () C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job 2014-05-21 12:32 - 2014-05-08 14:02 - 00000476 _____ () C:\WINDOWS\Tasks\Driver Support-RTMUpdater.job 2014-05-21 12:00 - 2011-10-13 13:11 - 00000304 _____ () C:\WINDOWS\Tasks\SmartDefrag_Schedule.job 2014-05-21 12:00 - 2010-11-03 17:01 - 00000406 _____ () C:\WINDOWS\Tasks\SmartDefrag.job 2014-05-21 09:15 - 2013-11-20 10:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ProductData 2014-05-20 10:49 - 2012-12-21 16:34 - 00000308 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-329068152-813497703-1801674531-1003.job 2014-05-19 16:30 - 2011-07-01 13:46 - 00000308 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-813497703-1801674531-1003.job 2014-05-19 16:00 - 2010-11-02 15:00 - 00000488 _____ () C:\hpfr5550.xml 2014-05-19 10:46 - 2014-05-19 10:43 - 00000000 ____D () C:\AdwCleaner 2014-05-19 10:42 - 2014-05-16 10:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Ad-Aware Antivirus 2014-05-19 10:42 - 2013-05-06 16:28 - 00000000 ____D () C:\WINDOWS\system32\appmgmt 2014-05-19 10:30 - 2014-05-01 12:29 - 00000000 ___RD () C:\Documents and Settings\test\Desktop\Security & Tools Folder 2014-05-19 10:20 - 2014-05-01 12:12 - 00000000 ____D () C:\Documents and Settings\test\Application Data\IObit 2014-05-19 10:20 - 2010-11-03 16:58 - 00000000 ____D () C:\Program Files\IObit 2014-05-19 10:18 - 2014-05-19 10:17 - 00004526 _____ () C:\INSTALLHELPER.LOG 2014-05-16 15:34 - 2014-05-16 10:26 - 00035569 _____ () C:\WINDOWS\setupapi.log 2014-05-16 11:15 - 2014-05-16 11:15 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft 2014-05-16 10:55 - 2014-05-16 10:55 - 00000181 _____ () C:\Documents and Settings\test\My Documents\Ad-Aware_Report_Quick_Manual_2014-05-16T10-46-34.203125.xml 2014-05-16 10:42 - 2014-05-16 10:42 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Lavasoft 2014-05-16 10:40 - 2014-01-14 14:56 - 00000000 ____D () C:\Documents and Settings\NetworkService\Application Data\IObit 2014-05-16 10:36 - 2014-05-16 10:36 - 00000000 ____D () C:\Documents and Settings\test\Application Data\LavasoftStatistics 2014-05-16 10:32 - 2011-05-24 10:48 - 00606440 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\RTL8192su.sys 2014-05-16 10:32 - 2010-11-02 13:55 - 00000000 ____D () C:\WINDOWS\system32\RTCOM 2014-05-16 10:32 - 2010-11-01 16:39 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups 2014-05-16 10:31 - 2014-01-14 14:42 - 00087256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoInstIIXP.dll 2014-05-16 10:31 - 2014-01-14 14:42 - 00026084 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2014-05-16 10:31 - 2011-01-07 17:58 - 01691480 _____ (Creative) C:\WINDOWS\system32\Drivers\Ambfilt.sys 2014-05-16 10:31 - 2011-01-07 17:58 - 01395800 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\Monfilt.sys 2014-05-16 10:31 - 2011-01-07 17:58 - 00359016 _____ (Realtek Semiconductor Crop.) C:\WINDOWS\vncutil.exe 2014-05-16 10:31 - 2011-01-07 17:58 - 00129640 _____ (Realtek Semiconductor) C:\WINDOWS\RtkAudioService.exe 2014-05-16 10:31 - 2005-09-23 19:56 - 05630168 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtkHDAud.sys 2014-05-16 10:31 - 2005-09-22 14:36 - 20145368 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE 2014-05-16 10:31 - 2005-09-21 17:29 - 01523416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlUpd.exe 2014-05-16 10:31 - 2005-09-21 16:32 - 02815592 _____ (RealTek Semicoductor Corp.) C:\WINDOWS\ALCWZRD.EXE 2014-05-16 10:31 - 2005-09-21 16:23 - 09721960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RTLCPL.EXE 2014-05-16 10:31 - 2005-09-21 11:25 - 00285288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\ALSNDMGR.CPL 2014-05-16 10:31 - 2005-09-21 11:24 - 00084584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE 2014-05-16 10:31 - 2005-09-15 18:26 - 00891976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSndMgr.CPL 2014-05-16 10:31 - 2005-09-07 11:40 - 02180712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\MicCal.exe 2014-05-16 10:31 - 2005-05-03 19:43 - 00064104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\ALCMTR.EXE 2014-05-16 10:30 - 2014-05-16 10:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 3 2014-05-16 10:30 - 2010-11-02 13:04 - 00056352 _____ (HP) C:\WINDOWS\system32\Drivers\HPZid412.sys 2014-05-16 10:30 - 2010-11-02 13:04 - 00028000 _____ (HP) C:\WINDOWS\system32\Drivers\HPZius12.sys 2014-05-16 10:30 - 2010-11-02 13:04 - 00022928 _____ (HP) C:\WINDOWS\system32\Drivers\HPZipr12.sys 2014-05-16 10:28 - 2014-05-16 10:28 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Driver Booster 2014-05-16 10:26 - 2014-05-16 10:26 - 00000000 ____D () C:\Program Files\Lavasoft 2014-05-16 10:25 - 2014-05-16 10:25 - 00017507 _____ () C:\WINDOWS\KB942288-v3.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00006729 _____ () C:\WINDOWS\iis6.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00006182 _____ () C:\WINDOWS\FaxSetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002956 _____ () C:\WINDOWS\ocgen.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002821 _____ () C:\WINDOWS\tsoc.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00002095 _____ () C:\WINDOWS\comsetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001906 _____ () C:\WINDOWS\msmqinst.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001374 _____ () C:\WINDOWS\imsins.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001266 _____ () C:\WINDOWS\ntdtcsetup.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00001083 _____ () C:\WINDOWS\netfxocm.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000425 _____ () C:\WINDOWS\MedCtrOC.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000342 _____ () C:\WINDOWS\ocmsn.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000311 _____ () C:\WINDOWS\tabletoc.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000309 _____ () C:\WINDOWS\msgsocm.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$ 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-05-16 10:25 - 2014-05-16 10:25 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-05-16 10:25 - 2010-11-01 11:02 - 00000000 ____D () C:\WINDOWS\system32\mui 2014-05-16 10:24 - 2010-11-03 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lavasoft 2014-05-16 10:12 - 2014-01-14 14:19 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2014-05-16 10:08 - 2014-05-16 10:07 - 00000000 ____D () C:\Avenger 2014-05-16 10:08 - 2011-04-07 14:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IObit 2014-05-16 09:06 - 2014-05-16 09:06 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log 2014-05-15 18:49 - 2014-05-01 12:29 - 00000000 ___RD () C:\Documents and Settings\test\Desktop\Photo & Video Tools 2014-05-15 18:43 - 2013-10-14 17:26 - 35348480 _____ () C:\WINDOWS\system32\config\software.iobit 2014-05-15 18:43 - 2013-10-14 17:26 - 05349376 _____ () C:\WINDOWS\system32\config\default.iobit 2014-05-15 18:43 - 2013-10-14 17:26 - 00065536 _____ () C:\WINDOWS\system32\config\SECURITY.iobit 2014-05-15 18:43 - 2013-10-14 17:26 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iobit 2014-05-15 18:43 - 2010-11-01 17:25 - 00000000 __SHD () C:\Documents and Settings\LocalService 2014-05-15 18:43 - 2010-11-01 17:22 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2014-05-15 13:48 - 2013-08-29 10:41 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2014-05-15 13:47 - 2014-05-01 13:03 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Google 2014-05-15 09:22 - 2014-05-15 09:22 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Sun 2014-05-15 09:17 - 2011-02-23 16:03 - 00777488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2014-05-15 09:17 - 2010-11-01 17:02 - 00411680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2014-05-15 09:17 - 2010-11-01 17:02 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys 2014-05-14 16:01 - 2014-05-14 16:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java 2014-05-14 16:01 - 2014-05-14 15:57 - 00003966 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log 2014-05-14 16:01 - 2012-03-02 15:14 - 00000000 ____D () C:\Program Files\Java 2014-05-14 15:50 - 2012-07-02 15:51 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-05-14 15:40 - 2012-03-30 16:28 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-05-14 15:40 - 2011-06-28 14:31 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-05-14 15:36 - 2012-12-03 16:25 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-14 15:36 - 2010-11-01 17:29 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-05-14 15:33 - 2014-05-14 15:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-14 15:33 - 2014-05-01 13:01 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Adobe 2014-05-14 15:33 - 2014-05-01 12:00 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Adobe 2014-05-14 15:33 - 2010-11-01 17:27 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR 2014-05-14 15:01 - 2014-05-14 15:01 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Google 2014-05-14 14:59 - 2014-05-14 14:59 - 00000803 _____ () C:\Documents and Settings\test\Desktop\Internet Explorer.lnk 2014-05-14 14:59 - 2014-05-08 14:01 - 00000000 ____D () C:\Documents and Settings\test\Application Data\Mozilla 2014-05-12 17:29 - 2014-05-12 17:29 - 00000000 ____D () C:\Documents and Settings\Jerry Richardson\Application Data\IObit 2014-05-12 17:27 - 2014-05-12 17:27 - 00000000 ____D () C:\b352f5a442b9f53f13d073d5 2014-05-12 17:27 - 2014-05-01 13:43 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-05-12 17:27 - 2010-11-01 17:16 - 00000000 ____D () C:\WINDOWS\Registration 2014-05-12 17:26 - 2014-05-12 17:26 - 00000000 ____D () C:\Documents and Settings\test\Desktop\Florence woman of year - raw 2014-05-12 17:24 - 2014-05-12 15:29 - 00000000 ____D () C:\Program Files\Optimizer Pro(2) 2014-05-12 17:19 - 2008-04-14 07:00 - 00000823 _____ () C:\WINDOWS\win.ini 2014-05-12 17:14 - 2014-05-12 17:14 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.tmp 2014-05-12 17:14 - 2010-11-01 17:13 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-05-12 15:34 - 2013-10-18 17:45 - 00131072 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt 2014-05-12 15:18 - 2014-05-12 15:18 - 00000000 ____D () C:\Program Files\VideoLAN 2014-05-12 10:53 - 2014-05-12 10:53 - 00000000 __SHD () C:\Documents and Settings\test\IECompatCache 2014-05-12 10:46 - 2014-05-12 10:46 - 00000000 __SHD () C:\Documents and Settings\test\PrivacIE 2014-05-08 20:21 - 2011-03-07 11:59 - 00000410 _____ () C:\WINDOWS\Tasks\AWC Update.job 2014-05-08 17:28 - 2010-11-01 11:02 - 00000000 ____D () C:\WINDOWS\pchealth 2014-05-08 17:08 - 2014-05-08 17:08 - 00000000 ____D () C:\Documents and Settings\test\Application Data\RealNetworks 2014-05-08 16:33 - 2014-05-08 16:33 - 00000000 ____D () C:\Documents and Settings\test\Local Settings\Application Data\Mozilla 2014-05-08 15:00 - 2014-03-17 09:13 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2014-05-08 14:02 - 2014-05-08 14:02 - 00047136 _____ () C:\Documents and Settings\test\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-05-08 14:02 - 2014-05-08 14:02 - 00000478 _____ () C:\WINDOWS\Tasks\Driver Support-RTMScan.job 2014-05-08 14:02 - 2014-05-08 14:02 - 00000466 _____ () C:\WINDOWS\Tasks\Driver Support-RTMRules.job 2014-05-08 14:02 - 2014-05-08 14:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Driver Support 2014-05-08 14:01 - 2014-05-08 14:01 - 00000000 ____D () C:\Program Files\Driver Support 2014-05-07 08:59 - 2010-11-01 11:08 - 00065536 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.old 2014-05-07 08:59 - 2010-11-01 11:07 - 35389440 _____ () C:\WINDOWS\system32\config\software.iodefrag.old 2014-05-07 08:58 - 2014-05-07 08:58 - 35348480 _____ () C:\WINDOWS\system32\config\software.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 05349376 _____ () C:\WINDOWS\system32\config\default.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 00065536 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak 2014-05-07 08:58 - 2014-05-07 08:58 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak 2014-05-06 17:35 - 2010-11-01 11:08 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.old 2014-05-06 17:35 - 2010-11-01 11:07 - 05349376 _____ () C:\WINDOWS\system32\config\default.iodefrag.old 2014-05-02 13:58 - 2014-05-02 13:58 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2014-05-02 10:14 - 2010-11-01 17:26 - 00000000 ____D () C:\Documents and Settings\Jerry Richardson 2014-05-02 09:08 - 2014-05-01 13:46 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Rescue Applet 2014-05-01 18:15 - 2014-05-01 13:43 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-05-01 16:55 - 2014-05-01 16:55 - 00000577 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\LMIR0001.tmp.bat 2014-05-01 16:55 - 2014-05-01 16:55 - 00000502 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\LMIR0001.tmp_r.bat 2014-05-01 16:51 - 2010-11-01 17:16 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-05-01 16:41 - 2014-05-01 16:41 - 00030976 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2014-05-01 16:40 - 2010-11-01 11:07 - 00000221 ___SH () C:\boot.ini 2014-05-01 16:39 - 2014-05-01 16:39 - 00036222 _____ () C:\WINDOWS\system32\.crusader 2014-05-01 16:38 - 2014-05-01 16:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro 2014-05-01 16:17 - 2014-05-01 16:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Licenses 2014-05-01 16:16 - 2014-05-01 16:16 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Simply Super Software 2014-05-01 15:29 - 2008-04-14 07:00 - 00000227 _____ () C:\WINDOWS\system.ini 2014-05-01 14:53 - 2010-11-03 16:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes 2014-05-01 14:50 - 2014-05-01 14:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla 2014-05-01 14:50 - 2014-05-01 14:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Mozilla 2014-05-01 14:03 - 2014-05-01 14:02 - 00000738 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk 2014-05-01 14:02 - 2014-05-01 14:02 - 00000803 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk 2014-05-01 14:02 - 2014-05-01 13:43 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk 2014-05-01 14:02 - 2014-05-01 13:43 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories 2014-05-01 14:00 - 2014-05-01 14:00 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IObit 2014-05-01 13:45 - 2014-05-01 13:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google 2014-05-01 13:02 - 2014-05-01 13:02 - 00051712 ___SH () C:\Documents and Settings\test\My Documents\Thumbs.db 2014-05-01 13:02 - 2014-05-01 12:58 - 00005632 _____ () C:\Documents and Settings\test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-05-01 12:52 - 2014-05-01 12:52 - 00000000 ____D () C:\Documents and Settings\test\My Documents\x delete 2014-05-01 12:52 - 2014-05-01 12:52 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Updater5 2014-05-01 12:49 - 2014-05-01 12:49 - 00000000 ____D () C:\Documents and Settings\test\My Documents\TomTom 2014-05-01 12:49 - 2014-05-01 12:47 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Scuba trips 2014-05-01 12:47 - 2014-05-01 12:41 - 00000000 ___RD () C:\Documents and Settings\test\My Documents\pics and videos need sorting 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ___RD () C:\Documents and Settings\test\My Documents\office files 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ____D () C:\Documents and Settings\test\My Documents\My Smilebox Creations 2014-05-01 12:41 - 2014-05-01 12:41 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Masons Folder 2014-05-01 12:29 - 2014-05-01 12:28 - 00000000 ____D () C:\Documents and Settings\test\My Documents\Florence woman of year - raw 2014-05-01 12:00 - 2014-05-01 12:00 - 00000803 _____ () C:\Documents and Settings\test\Start Menu\Programs\Internet Explorer.lnk 2014-05-01 12:00 - 2014-05-01 12:00 - 00000738 _____ () C:\Documents and Settings\test\Start Menu\Programs\Outlook Express.lnk 2014-05-01 12:00 - 2014-05-01 12:00 - 00000000 ____D () C:\Documents and Settings\test\Application Data\AVAST Software 2014-05-01 12:00 - 2014-05-01 11:59 - 00000792 _____ () C:\Documents and Settings\test\Start Menu\Programs\Windows Media Player.lnk 2014-05-01 12:00 - 2014-05-01 11:59 - 00000000 ___RD () C:\Documents and Settings\test\Start Menu\Programs\Accessories 2014-05-01 11:59 - 2014-05-01 11:59 - 00000000 ____D () C:\IObit 2014-05-01 10:32 - 2014-05-01 10:32 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk 2014-05-01 10:32 - 2014-05-01 10:32 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-01 10:32 - 2014-05-01 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner 2014-04-30 03:13 - 2008-04-14 07:00 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll 2014-04-30 03:13 - 2008-04-14 07:00 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-04-29 16:27 - 2010-11-01 11:08 - 00214472 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-04-29 16:23 - 2014-04-29 15:52 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE 2014-04-29 16:22 - 2010-11-01 11:11 - 00513832 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-04-29 16:19 - 2014-04-29 16:19 - 00000000 ____D () C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories 2014-04-29 16:19 - 2010-11-01 17:19 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb 2014-04-29 16:19 - 2010-11-01 17:19 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb 2014-04-29 15:51 - 2014-04-29 15:51 - 00000000 ____D () C:\RegBackup 2014-04-29 15:51 - 2010-11-01 11:02 - 00000000 ____D () C:\WINDOWS\repair 2014-04-29 15:50 - 2014-05-01 12:29 - 00001812 _____ () C:\Documents and Settings\test\Desktop\Tweaking.com - Windows Repair (All in One).lnk 2014-04-29 15:50 - 2014-04-29 15:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com 2014-04-29 15:46 - 2014-04-29 15:46 - 00000000 ____D () C:\Program Files\Tweaking.com 2014-04-29 15:38 - 2014-04-29 14:04 - 00000000 ____D () C:\Documents and Settings\abc 2014-04-29 13:52 - 2014-04-29 12:14 - 00000000 ____D () C:\WINDOWS\pss 2014-04-29 13:37 - 2013-08-26 15:31 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2014-04-29 13:35 - 2014-04-29 13:35 - 00000000 _____ () C:\WINDOWS\system32\앀ɗ㹨Ɋlotserviceruntime.log 2014-04-29 13:27 - 2014-04-29 13:27 - 00000000 __SHD () C:\WINDOWS\CSC 2014-04-29 13:20 - 2013-08-26 15:43 - 00458752 _____ () C:\WINDOWS\system32\config\SpybotSD.evt 2014-04-29 13:03 - 2012-05-30 15:41 - 00001323 _____ () C:\WINDOWS\wininit.ini 2014-04-28 09:17 - 2014-04-28 09:17 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-04-28 09:17 - 2014-04-28 09:17 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2014-04-28 09:17 - 2013-03-01 17:22 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2014-04-28 09:17 - 2013-03-01 17:22 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys 2014-04-28 09:17 - 2013-03-01 17:22 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2014-04-28 09:17 - 2011-02-23 16:03 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1400163468437 2014-04-28 09:17 - 2010-11-01 17:02 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-04-28 09:17 - 2010-11-01 17:02 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2014-04-28 09:17 - 2010-11-01 17:02 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys.1400163468437 2014-04-25 13:50 - 2014-05-01 12:29 - 00000770 _____ () C:\Documents and Settings\test\Desktop\Video Performer.lnk 2014-04-23 09:17 - 2010-11-01 17:25 - 00000178 ___SH () C:\Documents and Settings\LocalService\ntuser.ini Files to move or delete: ==================== C:\Windows\Tasks\At1.job Some content of TEMP: ==================== C:\Documents and Settings\test\Local Settings\Temp\210f4088-0b95-4280-8112-3f8dd51aea03.exe C:\Documents and Settings\test\Local Settings\Temp\BackupSetup.exe C:\Documents and Settings\test\Local Settings\Temp\f.exe C:\Documents and Settings\test\Local Settings\Temp\Quarantine.exe C:\Documents and Settings\test\Local Settings\Temp\System.Data.SQLite.dll C:\Documents and Settings\test\Local Settings\Temp\vcredist_x86.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe => MD5 is legit C:\WINDOWS\system32\winlogon.exe => MD5 is legit C:\WINDOWS\system32\svchost.exe => MD5 is legit C:\WINDOWS\system32\services.exe => MD5 is legit C:\WINDOWS\system32\User32.dll => MD5 is legit C:\WINDOWS\system32\userinit.exe => MD5 is legit C:\WINDOWS\system32\rpcss.dll => MD5 is legit C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================
  14. Okee dokee... Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-05-2014 Ran by test (administrator) on JERRY-BBD10ECC6 on 19-05-2014 13:17:08 Running from C:\Documents and Settings\test\My Documents\Downloads Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.adobe.com) Adobe® Photoshop® Album Starter Edition 3.2 (Version: 3.2.0 - Adobe Systems, Inc.) Hidden Advanced SystemCare 7 (HKLM\...\Advanced SystemCare 7_is1) (Version: 7.2.1 - IObit) AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - AOL Inc.) Atheros Communications Inc.® L1 Gigabit Ethernet Driver (HKLM\...\{6E19F210-3813-4002-B561-94D66AA182B6}) (Version: 1.0.11.2 - Atheros Communications Inc.) avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2018 - Avast Software) Belkin 54Mbps Wireless Network Adapter (HKLM\...\{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}) (Version: 3.00.07 - Belkin) CCleaner (HKLM\...\CCleaner) (Version: 3.07 - Piriform) Chinese Traditional Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-2448-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated) Cisco Connect (HKLM\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Driver Booster (HKLM\...\Driver Booster_is1) (Version: 1.3 - IObit) ExFriendAlert (HKLM\...\ExFriendAlert) (Version: 2.5.77 - ExFriendAlert) Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden HP Memories Disc (HKLM\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company) HP Photo and Imaging 2.0 - All-in-One (Version: 1.10.0000 - Hewlett-Packard Company) Hidden HP Photo and Imaging 2.0 - All-in-One Drivers (Version: 1.10.0000 - Hewlett-Packard Company) Hidden HP Photo and Imaging 2.0 - hp psc 2200 series (HKLM\...\HP PSC 2200 Series) (Version: - ) hp psc 2200 series (HKLM\...\hp psc 2200 series_Driver) (Version: - ) hp psc 2200 series (Version: 1.10.0000 - Hewlett-Packard Company) Hidden Image Resizer Powertoy for Windows XP (HKLM\...\{1CB92574-96F2-467B-B793-5CEB35C40C29}) (Version: 1.00.0001 - Microsoft Corporation) Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 6.14.10.5218 - Intel Corporation) Intel® PROSet for Wired Connections (HKLM\...\{7A915C5D-0ECE-4013-ABB5-39D82C572533}) (Version: 9.00.0000 - Intel) IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.1.8.2434 - IObit) IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan) Japanese Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated) Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Magical Jelly Bean KeyFinder (HKLM\...\KeyFinder_is1) (Version: 2.0.9.8 - Magical Jelly Bean) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation) Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version: - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation) Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL Inc.) Hidden Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 20.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 20.0.1 (x86 en-US)) (Version: 20.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSN (HKLM\...\MSNINST) (Version: - ) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden PDF Repair Toolbox 1.0 (HKLM\...\PDF Repair Toolbox_is1) (Version: - Recovery Toolbox, Inc.) RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7111 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group) Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.1 - IObit) TomTom HOME 2.8.4.2596 (HKLM\...\TomTom HOME) (Version: 2.8.4.2596 - TomTom) TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.7.0 - Tweaking.com) Uninstall AOL Emergency Connect Utility 1.0 (HKLM\...\AOL Emergency Connect Utility 1.0) (Version: - ) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Update for Microsoft Windows (KB971513) (HKLM\...\KB971513) (Version: - Microsoft Corporation) Update for Windows Internet Explorer 8 (KB2447568) (HKLM\...\KB2447568-IE8) (Version: 1 - Microsoft Corporation) Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation) Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation) Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation) Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden Wisdom-soft Set up ScreenHunter 5.1 Free (HKLM\...\Wisdom-soft Set up ScreenHunter 5.1 Free) (Version: - Wisdom Software Inc.) ==================== Restore Points ========================= 19-02-2014 16:07:43 System Checkpoint 20-02-2014 17:10:02 System Checkpoint 21-02-2014 17:19:16 System Checkpoint 24-02-2014 17:39:24 System Checkpoint 25-02-2014 18:00:45 System Checkpoint 26-02-2014 18:20:19 System Checkpoint 27-02-2014 19:14:38 System Checkpoint 28-02-2014 20:44:49 System Checkpoint 03-03-2014 15:54:49 System Checkpoint 04-03-2014 18:18:03 System Checkpoint 05-03-2014 18:45:15 System Checkpoint 06-03-2014 19:35:35 System Checkpoint 07-03-2014 20:08:35 System Checkpoint 10-03-2014 15:24:12 System Checkpoint 11-03-2014 16:24:31 System Checkpoint 12-03-2014 14:23:16 Software Distribution Service 3.0 13-03-2014 15:36:02 System Checkpoint 13-03-2014 17:00:15 Software Distribution Service 3.0 14-03-2014 14:29:58 Software Distribution Service 3.0 14-03-2014 22:43:23 Installed Windows XP KB2934207. 17-03-2014 16:13:30 System Checkpoint 18-03-2014 16:16:50 System Checkpoint 18-03-2014 17:00:16 Software Distribution Service 3.0 19-03-2014 17:25:00 System Checkpoint 20-03-2014 18:41:32 System Checkpoint 21-03-2014 19:33:59 System Checkpoint 24-03-2014 15:43:13 System Checkpoint 25-03-2014 17:04:10 System Checkpoint 26-03-2014 14:22:36 Software Distribution Service 3.0 27-03-2014 17:29:09 System Checkpoint 28-03-2014 18:51:42 System Checkpoint 31-03-2014 14:15:43 avast! antivirus system restore point 01-04-2014 15:08:59 System Checkpoint 02-04-2014 17:12:52 System Checkpoint 03-04-2014 17:19:13 System Checkpoint 04-04-2014 19:25:02 System Checkpoint 07-04-2014 14:48:35 System Checkpoint 08-04-2014 16:07:03 System Checkpoint 09-04-2014 16:43:51 System Checkpoint 09-04-2014 17:00:27 Software Distribution Service 3.0 10-04-2014 17:00:16 Software Distribution Service 3.0 11-04-2014 17:25:58 System Checkpoint 14-04-2014 16:24:12 System Checkpoint 15-04-2014 16:53:48 System Checkpoint 16-04-2014 17:10:20 System Checkpoint 17-04-2014 17:21:55 System Checkpoint 18-04-2014 14:24:52 Software Distribution Service 3.0 19-04-2014 14:59:04 System Checkpoint 20-04-2014 15:56:58 System Checkpoint 21-04-2014 17:02:47 System Checkpoint 22-04-2014 17:16:32 System Checkpoint 23-04-2014 17:19:27 System Checkpoint 24-04-2014 18:07:51 System Checkpoint 25-04-2014 18:21:54 System Checkpoint 28-04-2014 14:16:33 avast! antivirus system restore point 29-04-2014 14:32:12 System Checkpoint 29-04-2014 17:55:28 29th April 29-04-2014 18:39:58 Restore Operation 29-04-2014 20:51:26 Tweaking.com - Windows Repair 30-04-2014 17:00:35 Software Distribution Service 3.0 01-05-2014 21:51:33 Software Distribution Service 3.0 02-05-2014 18:58:52 Installed Windows XP KB2618444. 05-05-2014 14:52:41 System Checkpoint 06-05-2014 14:57:55 System Checkpoint 07-05-2014 15:03:38 System Checkpoint 08-05-2014 15:25:06 System Checkpoint 08-05-2014 22:23:53 Software Distribution Service 3.0 09-05-2014 21:01:38 Restore Operation 12-05-2014 16:21:19 Driver Booster : Airlink101 Wireless N USB Adapter 12-05-2014 22:23:57 Restore Operation 12-05-2014 22:29:25 avast! antivirus system restore point 13-05-2014 22:39:30 System Checkpoint 14-05-2014 20:56:55 Installed Java 7 Update 55 15-05-2014 17:00:15 Software Distribution Service 3.0 16-05-2014 15:25:19 Installed Windows XP KB942288-v3. 16-05-2014 15:25:36 AA11 16-05-2014 15:30:37 Driver Booster : psc 2200 (DOT4) 16-05-2014 16:13:36 AA11 16-05-2014 16:15:28 AA11 19-05-2014 15:21:25 Removed IObit Apps Toolbar v9.2. 19-05-2014 15:25:33 Removed Ask Toolbar 19-05-2014 15:42:15 Removed Windows Live ID Sign-in Assistant ==================== Hosts content: ========================== 2008-04-14 07:00 - 2014-04-29 16:20 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\ASC7_PerformanceMonitor.job => C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\test\APPLIC~1\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe Task: C:\WINDOWS\Tasks\AWC AutoSweep.job => C:\Program Files\IObit\Advanced SystemCare 3\AutoSweep.exe Task: C:\WINDOWS\Tasks\AWC Update.job => C:\Program Files\IObit\Advanced SystemCare 3\IObitUpdate.exe Task: C:\WINDOWS\Tasks\Driver Booster Scan.job => C:\Program Files\IObit\Driver Booster\Scheduler.exe Task: C:\WINDOWS\Tasks\Driver Support-RTMRules.job => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe Task: C:\WINDOWS\Tasks\Driver Support-RTMScan.job => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe Task: C:\WINDOWS\Tasks\Driver Support-RTMUpdater.job => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe Task: C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1289599611.job => C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf706e2ef7f7f0.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf706e2f6a68d0.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-329068152-813497703-1801674531-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-329068152-813497703-1801674531-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-18.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-329068152-813497703-1801674531-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-18.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-813497703-1801674531-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\SmartDefrag.job => C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe Task: C:\WINDOWS\Tasks\SmartDefrag3_Update.job => C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe Task: C:\WINDOWS\Tasks\SmartDefrag_Schedule.job => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{EC2759DA-ABCC-4E4B-9CFF-0762D0C18332}.job => C:\WINDOWS\system32\msfeedssync.exe ==================== Loaded Modules (whitelisted) ============= 2013-11-20 10:21 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll 2014-05-19 11:09 - 2014-05-19 11:09 - 02253312 _____ () C:\Program Files\Alwil Software\Avast5\defs\14051901\algo.dll 2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 2010-11-02 13:03 - 2003-03-09 15:31 - 00561152 ____R () C:\WINDOWS\system32\hpotscl.dll 2013-11-20 10:22 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madExcept_.bpl 2013-11-20 10:22 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madBasic_.bpl 2013-11-20 10:22 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madDisAsm_.bpl 2013-11-20 10:21 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 7\webres.dll 2014-05-14 15:33 - 2014-05-14 15:33 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:373E1720 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service" ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Photo Downloader => "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto MSCONFIG\startupreg: Amazing3DAquariumWallpaper => MSCONFIG\startupreg: AOL Fast Start => "C:\program files\aol desktop 9.6\AOL.EXE" -b MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe MSCONFIG\startupreg: F5D7050v3 => C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe MSCONFIG\startupreg: HostManager => C:\Program Files\Common Files\AOL\1288819274\ee\AOLSoftware.exe MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart MSCONFIG\startupreg: Malwarebytes' Anti-Malware => MSCONFIG\startupreg: Optimizer Pro => C:\Program Files\Optimizer Pro\OptProLauncher.exe MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe MSCONFIG\startupreg: PRONoMgrWired => C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" MSCONFIG\startupreg: TkBellExe => "C:\program files\real\realplayer\update\realsched.exe" -osboot ==================== Faulty Device Manager Devices ============= Name: Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller Description: Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Atheros Service: AtcL001 Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39) Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. Name: Description: Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Microsoft PS/2 Mouse Description: Microsoft PS/2 Mouse Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (05/19/2014 10:25:33 AM) (Source: MsiInstaller) (EventID: 11316) (User: JERRY-BBD10ECC6) Description: Product: Ask Toolbar -- Error 1316. A network error occurred while attempting to read from the file: C:\WINDOWS\Installer\AskToolbarInstaller-12.10.6_ORJ-V7C.msi Error: (05/16/2014 11:15:26 AM) (Source: MsiInstaller) (EventID: 11721) (User: JERRY-BBD10ECC6) Description: Product: AdAwareInstaller -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: UnInstallSecurityCenterApp, location: C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\\AdAwareSecurityCenter.exe, command: --uninstall Error: (05/16/2014 11:13:34 AM) (Source: MsiInstaller) (EventID: 11721) (User: JERRY-BBD10ECC6) Description: Product: AdAwareInstaller -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: UnInstallSecurityCenterApp, location: C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\\AdAwareSecurityCenter.exe, command: --uninstall Error: (05/12/2014 03:26:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: JERRY-BBD10ECC6) Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\PriceMeterLiveUpdate\Update\1.3.23.0\GoogleUpdateHelper.msi Error: (05/08/2014 05:29:24 PM) (Source: MsiInstaller) (EventID: 1024) (User: JERRY-BBD10ECC6) Description: Product: Microsoft Office Professional Edition 2003 - Update 'Security Update for Word 2003 (KB2878303): WINWORD' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (05/08/2014 05:29:24 PM) (Source: MsiInstaller) (EventID: 11706) (User: JERRY-BBD10ECC6) Description: Product: Microsoft Office Professional Edition 2003 -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\OFFICE11\1033\SETUP.CHM. Error: (05/08/2014 05:29:08 PM) (Source: MsiInstaller) (EventID: 1024) (User: JERRY-BBD10ECC6) Description: Product: Microsoft Office Professional Edition 2003 - Update 'Security Update for Publisher 2003 (KB2878299): MSPUB' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (05/08/2014 05:29:08 PM) (Source: MsiInstaller) (EventID: 11706) (User: JERRY-BBD10ECC6) Description: Product: Microsoft Office Professional Edition 2003 -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\OFFICE11\1033\SETUP.CHM. Error: (05/08/2014 05:28:53 PM) (Source: MsiInstaller) (EventID: 1024) (User: JERRY-BBD10ECC6) Description: Product: Microsoft Office Professional Edition 2003 - Update 'Update for Outlook 2003 Junk E-mail Filter (KB2863822): OUTLFLTR' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (05/08/2014 05:28:53 PM) (Source: MsiInstaller) (EventID: 11706) (User: JERRY-BBD10ECC6) Description: Product: Microsoft Office Professional Edition 2003 -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\OFFICE11\1033\SETUP.CHM. System errors: ============= Error: (05/19/2014 00:25:00 PM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Error: (05/19/2014 11:25:00 AM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Error: (05/19/2014 11:08:28 AM) (Source: 0) (EventID: 4311) (User: ) Description: Error: (05/19/2014 10:48:51 AM) (Source: Dhcp) (EventID: 1000) (User: ) Description: Your computer has lost the lease to its IP address 192.168.1.70 on the Network Card with network address 001B21481A83. Error: (05/19/2014 10:48:09 AM) (Source: 0) (EventID: 4311) (User: ) Description: Error: (05/19/2014 10:29:06 AM) (Source: Dhcp) (EventID: 1000) (User: ) Description: Your computer has lost the lease to its IP address 192.168.1.65 on the Network Card with network address 00212F396E7A. Error: (05/19/2014 10:29:06 AM) (Source: Dhcp) (EventID: 1000) (User: ) Description: Your computer has lost the lease to its IP address 192.168.1.70 on the Network Card with network address 001B21481A83. Error: (05/19/2014 10:27:59 AM) (Source: 0) (EventID: 4311) (User: ) Description: Error: (05/19/2014 10:25:00 AM) (Source: Schedule) (EventID: 7901) (User: ) Description: The At1.job command failed to start due to the following error: %%2147942403 Error: (05/19/2014 10:21:26 AM) (Source: PlugPlayManager) (EventID: 11) (User: ) Description: The device Root\LEGACY_URLFILTER\0000 disappeared from the system without first being prepared for removal. Microsoft Office Sessions: ========================= Error: (05/19/2014 10:25:33 AM) (Source: MsiInstaller) (EventID: 11316) (User: JERRY-BBD10ECC6) Description: Product: Ask Toolbar -- Error 1316. A network error occurred while attempting to read from the file: C:\WINDOWS\Installer\AskToolbarInstaller-12.10.6_ORJ-V7C.msi(NULL)(NULL)(NULL)(NULL) Error: (05/16/2014 11:15:26 AM) (Source: MsiInstaller) (EventID: 11721) (User: JERRY-BBD10ECC6) Description: Product: AdAwareInstaller -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: UnInstallSecurityCenterApp, location: C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\\AdAwareSecurityCenter.exe, command: --uninstall(NULL)(NULL)(NULL)(NULL) Error: (05/16/2014 11:13:34 AM) (Source: MsiInstaller) (EventID: 11721) (User: JERRY-BBD10ECC6) Description: Product: AdAwareInstaller -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: UnInstallSecurityCenterApp, location: C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\\AdAwareSecurityCenter.exe, command: --uninstall(NULL)(NULL)(NULL)(NULL) Error: (05/12/2014 03:26:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: JERRY-BBD10ECC6) Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\PriceMeterLiveUpdate\Update\1.3.23.0\GoogleUpdateHelper.msi(NULL)(NULL)(NULL) Error: (05/08/2014 05:29:24 PM) (Source: MsiInstaller) (EventID: 1024) (User: JERRY-BBD10ECC6) Description: Microsoft Office Professional Edition 2003Security Update for Word 2003 (KB2878303): WINWORD1603(NULL) Error: (05/08/2014 05:29:24 PM) (Source: MsiInstaller) (EventID: 11706) (User: JERRY-BBD10ECC6) Description: Product: Microsoft Office Professional Edition 2003 -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\OFFICE11\1033\SETUP.CHM.(NULL)(NULL)(NULL) Error: (05/08/2014 05:29:08 PM) (Source: MsiInstaller) (EventID: 1024) (User: JERRY-BBD10ECC6) Description: Microsoft Office Professional Edition 2003Security Update for Publisher 2003 (KB2878299): MSPUB1603(NULL) Error: (05/08/2014 05:29:08 PM) (Source: MsiInstaller) (EventID: 11706) (User: JERRY-BBD10ECC6) Description: Product: Microsoft Office Professional Edition 2003 -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\OFFICE11\1033\SETUP.CHM.(NULL)(NULL)(NULL) Error: (05/08/2014 05:28:53 PM) (Source: MsiInstaller) (EventID: 1024) (User: JERRY-BBD10ECC6) Description: Microsoft Office Professional Edition 2003Update for Outlook 2003 Junk E-mail Filter (KB2863822): OUTLFLTR1603(NULL) Error: (05/08/2014 05:28:53 PM) (Source: MsiInstaller) (EventID: 11706) (User: JERRY-BBD10ECC6) Description: Product: Microsoft Office Professional Edition 2003 -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\OFFICE11\1033\SETUP.CHM.(NULL)(NULL)(NULL) ==================== Memory info =========================== Percentage of memory in use: 23% Total physical RAM: 3319.04 MB Available physical RAM: 2536.98 MB Total Pagefile: 5202.89 MB Available Pagefile: 4567.66 MB Total Virtual: 2047.88 MB Available Virtual: 1962.87 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:149.04 GB) (Free:107.36 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 42394238) Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  15. Okay, thanks. Got all that done. I'd removed the ALOT toolbar, but the Adwcleaner found and removed more of it. The Trovi search is still in my Chrome page tho...? # AdwCleaner v3.209 - Report created 19/05/2014 at 10:45:50 # Updated 18/05/2014 by Xplode # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) # Username : test - JERRY-BBD10ECC6 # Running from : C:\Documents and Settings\test\My Documents\Downloads\adwcleaner_3.209.exe # Option : Clean ***** [ Services ] ***** [#] Service Deleted : AlotService ***** [ Files / Folders ] ***** Folder Deleted : C:\Documents and Settings\All Users\Application Data\PriceMeterLiveUpdate Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint Folder Deleted : C:\Program Files\003 Folder Deleted : C:\Program Files\AnyProtectEx Folder Deleted : C:\Program Files\ConstaSurf Folder Deleted : C:\Program Files\Crawler Folder Deleted : C:\Program Files\RegClean Pro Folder Deleted : C:\Program Files\Settings Manager Folder Deleted : C:\Program Files\Video Performer Folder Deleted : C:\Program Files\Viewpoint Folder Deleted : C:\Program Files\webget Folder Deleted : C:\Program Files\Common Files\Software Update Utility Folder Deleted : C:\Program Files\Common Files\Spigot Folder Deleted : C:\Documents and Settings\Jerry Richardson\Application Data\alotservice Folder Deleted : C:\Documents and Settings\test\Local Settings\Application Data\SearchProtect Folder Deleted : C:\DOCUME~1\test\LOCALS~1\Temp\ConstaSurf Folder Deleted : C:\DOCUME~1\test\LOCALS~1\Temp\webget Folder Deleted : C:\Documents and Settings\test\AppData\LocalLow\DataMngr Folder Deleted : C:\Documents and Settings\test\Application Data\Settings Manager Folder Deleted : C:\Documents and Settings\test\Application Data\Systweak Folder Deleted : C:\Documents and Settings\test\Start Menu\Programs\PriceMeter Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wtes0oy2.default\Extensions\[email protected] [!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pljcgbedjplidkdjahbaalanadmjfgop File Deleted : C:\alotserviceruntime.log File Deleted : C:\Documents and Settings\test\Application Data\aps.scan.quick.results File Deleted : C:\Documents and Settings\test\Application Data\aps.scan.results File Deleted : C:\Documents and Settings\test\Application Data\aps.uninstall.scan.results File Deleted : C:\Documents and Settings\test\Desktop\Free Games.lnk File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt File Deleted : C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\0u54w5zp.default\user.js File Deleted : C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\ao7agwz8.default\user.js File Deleted : C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\vqjv3w6s.default\user.js File Deleted : C:\WINDOWS\Tasks\APSnotifierPP1.job File Deleted : C:\WINDOWS\Tasks\APSnotifierPP2.job File Deleted : C:\WINDOWS\Tasks\APSnotifierPP3.job File Deleted : C:\WINDOWS\Tasks\Driver Booster Update.job ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1 Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1 Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Key Deleted : HKCU\Software\alotservice Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings Key Deleted : HKLM\Software\MetaStream Key Deleted : HKLM\Software\PerformerSoft Key Deleted : HKLM\Software\Viewpoint Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Performer Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\alotAppbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Free Games 111 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Video Performer Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Mozilla Firefox v20.0.1 (en-US) [ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wtes0oy2.default\prefs.js ] [ File : C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\0u54w5zp.default\prefs.js ] [ File : C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\ao7agwz8.default\prefs.js ] Line Deleted : user_pref("browser.search.defaultenginename", "default-search.net"); Line Deleted : user_pref("browser.search.order.1", "default-search.net"); [ File : C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\vqjv3w6s.default\prefs.js ] -\\ Google Chrome v34.0.1847.137 [ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] Deleted [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp Deleted [Extension] : pljcgbedjplidkdjahbaalanadmjfgop [ File : C:\Documents and Settings\test\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb Deleted [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod Deleted [Extension] : pljcgbedjplidkdjahbaalanadmjfgop ************************* AdwCleaner[R0].txt - [10358 octets] - [19/05/2014 10:43:55] AdwCleaner[s0].txt - [10512 octets] - [19/05/2014 10:45:50] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10573 octets] ##########