Sign in to follow this  
DDon

Stop Yahoo Search Engine

Recommended Posts

I really appreciate past help with stubbon problems. This one is minor, but I am tired of having to Manage Search Engines in Fire Fox every time I reboot my comuter.

 

I have inventories my Add-ons, Extenstions, Plug-ins, and actual Programs, removing a few - anything associated with Yahoo to be sure, other than Messenger. Still tho, Yahoo keeps hijacking my Search box. I also tried some suggested changes in about:config but that failed.

 

What am I missing...?!

 

thanks!

Share this post


Link to post
Share on other sites

Ok thanks...

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014 01
Ran by Don (administrator) on DONS2009 on 08-11-2014 21:17:39
Running from C:\Users\Don\Documents\Working
Loaded Profile: Don (Available profiles: Don)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Abine Inc.) C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(The Weather Channel Interactive, Inc.) C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1394217651\ee\aolsoftware.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\shellmon.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1394217651\ee\aolupdates.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-05] (AVAST Software)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1394217651\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [AbineAutoUpdate] => C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe [127728 2014-11-05] (Abine Inc.)
HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [DW6] => C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe [822456 2012-07-30] (The Weather Channel Interactive, Inc.)
HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE [72296 2014-08-19] (AOL Inc.)
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_206_ActiveX.exe -update activex
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbaPuJho93q_rwYmLYBecCau0A8gUQbjoqmOnNhRG2FlxZ76a_gLLrQQBigcC9OVr12EQM35edDTzUcIFGethgqMUDp_7B_xixHFlBr_JgCQS3ggtwFP9vFZ5Y5ywSFoDyXN5geA4i2WPJCABdb3HHzIxhUT5MZge4QnR5DWJkUWabY7ezQ,&q={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {C0234695-9B49-4D17-8110-40D21CEC995B} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {C0234695-9B49-4D17-8110-40D21CEC995B} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Blur BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\4.5.1301\AbineBHO64.dll (Abine Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Blur BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\4.5.1301\AbineBHO.dll (Abine Inc.)
BHO-x32: No Name -> {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {3004627E-F8E9-4E8B-909D-316753CBA923} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: https://www.google.com/
FF Keyword.URL: https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Don\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\[email protected] [2014-11-08]
FF Extension: Xmarks - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\[email protected] [2014-11-03]
FF Extension: Flashblock - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-11-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-07]
FF Extension: No Name - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - [email protected] [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://www.google.com/
CHR StartupUrls: Default -> "https://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Yahoo Application State Plugin) - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
CHR Profile: C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-03-07]
CHR Extension: (Google Drive) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-07]
CHR Extension: (YouTube) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-07]
CHR Extension: (Adblock Plus) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-07]
CHR Extension: (Win7 Scrollbars) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifcnoebhbpdndjendfkpehpfbglgfkc [2014-03-07]
CHR Extension: (DoNotTrackMe Privacy Dashboard) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjidbdiahninbecbcigapoocbkfncobc [2014-11-07]
CHR Extension: (Google Search) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-07]
CHR Extension: (Search by Image (by Google)) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-03-07]
CHR Extension: (Blur (Formerly DoNotTrackMe)) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-11-07]
CHR Extension: (HTTPS Everywhere) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-06-13]
CHR Extension: (AdBlock) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-07]
CHR Extension: (FlashBlock) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2014-11-03]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-03-07]
CHR Extension: (Google Wallet) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-07]
CHR Extension: (Gmail) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-05] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-05] (Avast Software)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S2 TeamViewer9; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2014-09-17] (Advanced Micro Devices Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-05] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-11-05] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 21:17 - 2014-11-08 21:17 - 00000000 ____D () C:\FRST
2014-11-08 12:56 - 2014-11-08 12:56 - 00003182 _____ () C:\Windows\System32\Tasks\{EBB6AEEE-8E40-4826-9E0D-411D73435CDC}
2014-11-08 11:50 - 2014-11-08 15:22 - 00000708 _____ () C:\Windows\setupact.log
2014-11-08 11:50 - 2014-11-08 11:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-11-08 11:50 - 2014-11-08 11:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 23:07 - 2014-11-08 15:23 - 00000000 ____D () C:\Program Files (x86)\DoNotTrackMe
2014-11-06 23:52 - 2014-11-06 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-06 14:56 - 2014-11-06 14:57 - 00000197 _____ () C:\Windows\system32\2014-11-06-20-56-44.067-AvastVBoxSVC.exe-328.log
2014-11-06 14:56 - 2014-11-06 14:56 - 00000247 _____ () C:\Windows\system32\2014-11-06-20-56-52.051-aswFe.exe-2348.log
2014-11-06 14:50 - 2014-11-07 21:59 - 57475072 _____ () C:\Windows\system32\config\software.iodefrag
2014-11-06 14:50 - 2014-11-07 21:59 - 00278528 _____ () C:\Windows\system32\config\default.iodefrag
2014-11-06 14:50 - 2014-11-07 21:59 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag
2014-11-06 14:50 - 2014-11-07 21:59 - 00024576 _____ () C:\Windows\system32\config\sam.iodefrag
2014-11-06 14:04 - 2014-11-06 14:04 - 00000247 _____ () C:\Windows\system32\2014-11-06-20-04-04.074-aswFe.exe-6640.log
2014-11-06 13:53 - 2014-11-06 13:53 - 00000197 _____ () C:\Windows\system32\2014-11-06-19-53-03.037-AvastVBoxSVC.exe-6760.log
2014-11-06 12:37 - 2014-11-06 13:52 - 00000247 _____ () C:\Windows\system32\2014-11-06-18-37-17.046-aswFe.exe-2132.log
2014-11-06 12:27 - 2014-11-06 12:27 - 00000197 _____ () C:\Windows\system32\2014-11-06-18-27-03.030-AvastVBoxSVC.exe-7148.log
2014-11-06 11:11 - 2014-11-06 12:27 - 00000247 _____ () C:\Windows\system32\2014-11-06-17-11-03.081-aswFe.exe-6428.log
2014-11-06 00:01 - 2014-11-06 11:11 - 00000247 _____ () C:\Windows\system32\2014-11-06-06-01-36.098-aswFe.exe-1612.log
2014-11-06 00:01 - 2014-11-06 00:01 - 00000197 _____ () C:\Windows\system32\2014-11-06-06-01-15.058-AvastVBoxSVC.exe-1232.log
2014-11-05 23:46 - 2014-11-05 23:46 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-05 23:46 - 2014-11-05 23:46 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-05 23:35 - 2014-11-05 23:35 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-05 23:35 - 2014-11-05 23:35 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-05 22:51 - 2014-11-05 22:51 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-11-05 22:45 - 2014-11-05 22:45 - 00000000 __SHD () C:\Users\Don\AppData\Local\EmieUserList
2014-11-05 22:45 - 2014-11-05 22:45 - 00000000 __SHD () C:\Users\Don\AppData\Local\EmieSiteList
2014-11-05 01:36 - 2014-11-05 01:36 - 00000000 ____D () C:\Users\Don\AppData\Local\Free_Picture_Solutions
2014-11-05 01:32 - 2014-11-05 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Picture Resizer
2014-11-05 01:32 - 2014-11-05 01:32 - 00000000 ____D () C:\Program Files (x86)\Free Picture Resizer
2014-11-03 19:30 - 2014-11-03 19:30 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-11-03 19:30 - 2014-11-03 19:30 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-11-03 19:30 - 2014-11-03 19:30 - 00000000 ____D () C:\Windows\en
2014-11-03 19:29 - 2014-11-03 19:29 - 00000020 _____ () C:\Windows\$÷­
2014-11-03 19:29 - 2014-11-03 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-11-03 19:29 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-11-03 19:29 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-11-03 19:29 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-11-03 19:29 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-11-03 19:29 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-11-03 19:29 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-11-03 19:29 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-11-03 19:29 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-11-03 19:28 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-11-03 19:28 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-11-03 19:27 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-11-03 19:27 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-11-03 19:19 - 2014-11-03 19:19 - 00001257 _____ () C:\Users\Public\Desktop\The Weather Channel Desktop .lnk
2014-11-03 19:19 - 2014-11-03 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-03 17:26 - 2014-11-03 17:26 - 00003170 _____ () C:\Windows\System32\Tasks\{1964C532-CE81-4EC3-A6D6-81B0724504B0}
2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2014-11-03 17:16 - 2014-11-05 22:51 - 00000000 ____D () C:\Users\Don\AppData\Local\Citrix
2014-11-03 17:16 - 2014-11-03 18:53 - 00000000 ____D () C:\Users\Don\Tracing
2014-11-03 17:16 - 2014-11-03 18:35 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-11-03 16:58 - 2014-11-03 16:58 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-11-03 16:57 - 2014-11-03 16:57 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-11-03 16:56 - 2014-11-03 16:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-11-03 16:56 - 2014-11-03 16:56 - 00000000 ____D () C:\Windows\PCHEALTH
2014-11-03 16:56 - 2014-11-03 16:56 - 00000000 ____D () C:\Program Files\Windows Live
2014-11-03 16:56 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2014-11-03 16:55 - 2014-11-03 16:58 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-11-03 16:53 - 2014-11-03 16:53 - 00002130 _____ () C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-11-03 16:53 - 2014-11-03 16:53 - 00002100 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-11-03 16:53 - 2014-11-03 16:53 - 00002100 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-11-03 16:53 - 2014-11-03 16:53 - 00000000 ___RD () C:\Users\Don\OneDrive
2014-11-03 16:53 - 2014-11-03 16:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-11-03 16:52 - 2014-11-03 16:52 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-11-03 16:51 - 2014-11-03 16:51 - 00003150 _____ () C:\Windows\System32\Tasks\{7A8C627F-E2D7-4763-AD3E-9ABA67A1831C}
2014-11-03 16:49 - 2014-11-05 18:47 - 00000000 ____D () C:\Users\Don\AppData\Local\Windows Live
2014-11-03 14:04 - 2014-11-07 12:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-03 13:48 - 2014-11-03 18:47 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7a
2014-11-03 13:46 - 2014-11-03 13:51 - 00001738 ____H () C:\IPH.PH
2014-10-18 10:28 - 2014-10-06 20:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-18 10:28 - 2014-10-06 20:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-18 10:28 - 2014-09-28 18:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 10:28 - 2014-09-25 16:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-18 10:28 - 2014-09-25 16:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-18 10:28 - 2014-09-25 16:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-18 10:28 - 2014-09-25 16:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-18 10:28 - 2014-09-25 16:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-18 10:28 - 2014-09-25 16:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-18 10:28 - 2014-09-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-18 10:28 - 2014-09-18 19:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-18 10:28 - 2014-09-18 19:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-18 10:28 - 2014-09-18 19:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-18 10:28 - 2014-09-18 19:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-18 10:28 - 2014-09-18 19:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-18 10:28 - 2014-09-18 19:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-18 10:28 - 2014-09-18 19:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-18 10:28 - 2014-09-18 19:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-18 10:28 - 2014-09-18 19:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-18 10:28 - 2014-09-18 19:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-18 10:28 - 2014-09-18 19:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-18 10:28 - 2014-09-18 19:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-18 10:28 - 2014-09-18 19:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-18 10:28 - 2014-09-18 19:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-18 10:28 - 2014-09-18 19:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-18 10:28 - 2014-09-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-18 10:28 - 2014-09-18 18:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-18 10:28 - 2014-09-18 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-18 10:28 - 2014-09-18 18:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-18 10:28 - 2014-09-18 18:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-18 10:28 - 2014-09-18 18:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-18 10:28 - 2014-09-18 18:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-18 10:28 - 2014-09-18 18:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-18 10:28 - 2014-09-18 18:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-18 10:28 - 2014-09-18 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-18 10:28 - 2014-09-18 18:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-18 10:28 - 2014-09-18 18:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-18 10:28 - 2014-09-18 18:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-18 10:28 - 2014-09-18 18:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-18 10:28 - 2014-09-18 17:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-18 10:28 - 2014-09-18 17:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-18 10:28 - 2014-09-18 17:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 10:27 - 2014-09-25 16:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-18 10:27 - 2014-09-18 20:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-18 10:27 - 2014-09-18 19:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-18 10:27 - 2014-09-18 19:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-18 10:27 - 2014-09-18 19:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-18 10:27 - 2014-09-18 19:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-18 10:27 - 2014-09-18 19:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-18 10:27 - 2014-09-18 19:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-18 10:27 - 2014-09-18 19:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-18 10:27 - 2014-09-18 19:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-18 10:27 - 2014-09-18 19:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-18 10:27 - 2014-09-18 18:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-18 10:27 - 2014-09-18 18:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-18 10:27 - 2014-09-18 18:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-18 10:27 - 2014-09-18 17:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-18 10:26 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-18 10:26 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-18 10:26 - 2014-09-17 20:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-18 10:26 - 2014-09-17 19:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-18 10:26 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-18 10:26 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-18 10:26 - 2014-08-28 20:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-18 10:25 - 2014-09-12 19:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-18 10:25 - 2014-09-12 19:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-18 10:25 - 2014-09-04 20:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-18 10:25 - 2014-09-04 19:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-18 10:25 - 2014-07-16 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-18 10:25 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-18 10:25 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-18 10:25 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-18 10:25 - 2014-07-16 20:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-18 10:25 - 2014-07-16 20:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-18 10:25 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-18 10:25 - 2014-07-16 19:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-18 10:25 - 2014-07-16 19:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-18 10:25 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-18 10:25 - 2014-07-16 19:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 21:17 - 2014-03-08 00:20 - 00000000 ____D () C:\Users\Don\Documents\Working
2014-11-08 20:40 - 2014-03-07 12:18 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-08 20:35 - 2014-03-07 12:59 - 01623574 _____ () C:\Windows\WindowsUpdate.log
2014-11-08 20:20 - 2014-03-07 12:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 15:28 - 2009-07-13 23:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 15:23 - 2014-03-07 19:53 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-08 15:23 - 2014-03-07 12:18 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-08 15:22 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 22:02 - 2014-03-07 12:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-07 21:59 - 2014-03-07 22:32 - 57475072 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-11-07 21:59 - 2014-03-07 22:32 - 00278528 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-11-07 21:59 - 2014-03-07 22:32 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-11-07 21:59 - 2014-03-07 22:32 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-11-07 21:59 - 2014-03-07 11:49 - 00000000 ____D () C:\Users\Don
2014-11-07 12:32 - 2014-03-07 12:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-06 23:53 - 2014-03-07 19:56 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Skype
2014-11-06 23:52 - 2014-03-07 19:56 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-06 23:52 - 2014-03-07 19:56 - 00000000 ____D () C:\ProgramData\Skype
2014-11-05 23:50 - 2014-03-07 20:04 - 00000000 ___RD () C:\Users\Don\Desktop\Computer tools - security
2014-11-05 23:35 - 2014-04-30 22:53 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-05 10:14 - 2014-03-07 20:09 - 00000000 ___RD () C:\Users\Don\Desktop\Photo - Vids
2014-11-05 03:02 - 2014-03-08 00:27 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-11-05 03:02 - 2014-03-08 00:23 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-11-05 02:19 - 2014-04-08 20:07 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Dropbox
2014-11-04 02:53 - 2009-07-13 22:45 - 00017088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 02:53 - 2009-07-13 22:45 - 00017088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-03 19:19 - 2014-03-16 13:46 - 00000000 ____D () C:\Program Files (x86)\The Weather Channel FW
2014-11-03 19:16 - 2014-03-16 13:46 - 00000000 ____D () C:\Users\Don\AppData\Local\The Weather Channel
2014-11-03 18:49 - 2014-03-08 00:28 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-03 16:56 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-03 16:55 - 2011-04-12 01:51 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-03 13:51 - 2014-03-07 12:43 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL Desktop 9.7.lnk
2014-11-03 13:51 - 2014-03-07 12:43 - 00000000 ____D () C:\Users\Don\AppData\Roaming\AOL
2014-11-03 13:51 - 2014-03-07 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
2014-11-03 13:50 - 2014-03-07 12:43 - 00001034 _____ () C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
2014-11-03 13:50 - 2014-03-07 12:41 - 00000000 ____D () C:\Users\Don\AppData\Local\AOL
2014-11-03 13:48 - 2014-03-07 12:40 - 00000000 ____D () C:\ProgramData\AOL
2014-11-03 13:46 - 2014-03-07 12:58 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Mozilla
2014-11-03 11:54 - 2014-03-07 12:19 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-03 11:35 - 2014-03-07 12:18 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-03 11:35 - 2014-03-07 12:18 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-28 06:34 - 2010-11-20 21:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-18 13:12 - 2014-03-12 09:11 - 43929600 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-10-18 12:58 - 2014-03-07 12:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-18 12:58 - 2014-03-07 12:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-18 12:58 - 2014-03-07 12:50 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-18 12:36 - 2009-07-13 22:45 - 00295608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 12:20 - 2014-03-07 15:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 12:15 - 2014-03-07 15:48 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Don\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfyjdrl.dll
C:\Users\Don\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Don\AppData\Local\Temp\The_Weather_Channel_Application.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-26 19:35

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-11-2014 01
Ran by Don at 2014-11-08 21:19:05
Running from C:\Users\Don\Documents\Working
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Blur 4.5.1301 (HKLM-x32\...\DoNotTrackMe Add-on_is1) (Version: 4.5.1301 - Abine Inc)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
Free Picture Resizer version 1.0.1.2 (HKLM-x32\...\{53076EED-5E5F-47D7-BB90-9B061B524D17}_is1) (Version: 1.0.1.2 - Free Picture Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 en-US)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Weather Channel Desktop 6 (HKLM-x32\...\The Weather Channel Desktop 6) (Version: - )
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version: - )
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

20-03-2014 04:31:29 Windows Update
29-03-2014 15:39:31 Windows Update
02-04-2014 08:49:08 avast! antivirus system restore point
02-04-2014 08:51:55 Windows Update
09-04-2014 02:06:44 Windows Update
09-04-2014 02:13:33 Windows Update
13-04-2014 07:20:58 Windows Update
01-05-2014 04:50:54 avast! antivirus system restore point
01-05-2014 04:50:54 Windows Update
01-05-2014 23:16:26 Windows Update
05-05-2014 11:00:47 Windows Update
05-05-2014 17:47:59 Windows Modules Installer
30-05-2014 20:15:16 Windows Update
07-06-2014 04:36:56 Windows Update
08-06-2014 09:26:15 avast! antivirus system restore point
13-06-2014 00:24:08 Windows Update
13-06-2014 00:29:58 Windows Update
13-06-2014 14:29:08 Windows Backup
05-07-2014 17:25:21 Windows Backup
05-07-2014 17:27:22 avast! antivirus system restore point
05-07-2014 17:34:32 Windows Update
12-07-2014 15:48:07 Windows Update
12-07-2014 15:48:20 Windows Backup
26-07-2014 14:25:38 Windows Update
26-07-2014 14:29:15 Windows Backup
13-08-2014 15:06:06 Windows Update
13-08-2014 15:06:57 Windows Backup
17-09-2014 10:02:08 Windows Update
17-09-2014 10:04:52 Windows Backup
17-09-2014 10:31:28 Windows Update
17-09-2014 17:31:19 Driver Booster : Standard Dual Channel PCI IDE Controller
27-09-2014 19:33:15 Windows Update
27-09-2014 19:34:28 Windows Backup
18-10-2014 16:08:26 Windows Update
18-10-2014 16:18:19 Windows Backup
18-10-2014 18:15:13 Windows Update
03-11-2014 17:37:53 Windows Update
03-11-2014 17:39:37 Windows Backup
03-11-2014 22:50:24 Windows Live Essentials
03-11-2014 22:55:39 WLSetup
04-11-2014 01:26:06 Windows Live Essentials
04-11-2014 01:27:14 Installed DirectX
04-11-2014 01:28:03 Installed DirectX
04-11-2014 01:28:36 Installed DirectX
04-11-2014 01:29:18 WLSetup
05-11-2014 07:29:26 Image Resizer for Windows
05-11-2014 07:49:51 Image Resizer for Windows
06-11-2014 04:50:12 Removed Citrix Online Launcher
06-11-2014 05:32:54 avast! antivirus system restore point
07-11-2014 14:50:51 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {073B3D58-CBBE-4D9D-BAE1-1A3392F6FE97} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-08-22] (IObit)
Task: {36300A2A-5D1A-4CA9-AED8-E017C40CB422} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {3A742DD9-CB7B-477D-A5F7-18174D7ED9B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)
Task: {3AAC9B6F-3F67-4619-8161-A38ED0304592} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)
Task: {755F9B58-6ABC-4BA0-8880-B7B4270B8302} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-08-01] (IObit)
Task: {7DE1EC52-3EFC-4F9A-8316-39DC8EB28D54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-18] (Adobe Systems Incorporated)
Task: {7E32F53A-C31F-41FB-A8EF-7330CC0A3585} - System32\Tasks\Driver Booster SkipUAC (Don) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {8A3C7916-F643-4040-880F-682CE51BAF57} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-05] (AVAST Software)
Task: {9CDFE5B5-4DE5-491E-B5F5-0BA46E8DC77F} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {A35DBECF-1C62-47AD-848A-3AB5FD9A73E6} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-08-01] (IObit)
Task: {B6E64269-EE54-4142-9F4E-236D2FFF895A} - System32\Tasks\ASC7_SkipUac_Don => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-05 23:35 - 2014-11-05 23:35 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-05 23:35 - 2014-11-05 23:35 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-03-07 19:52 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-11-08 12:57 - 2014-11-08 12:57 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\14110809\algo.dll
2014-11-05 23:35 - 2014-11-05 23:35 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-03-07 19:52 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-03-07 19:52 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-03-07 19:52 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-03-07 19:52 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2014-08-19 12:34 - 2014-08-19 12:34 - 00048640 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\zlib.dll
2014-08-19 12:34 - 2014-08-19 12:34 - 21151232 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libcef.dll
2014-08-19 12:34 - 2014-08-19 12:34 - 00648704 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libglesv2.dll
2014-08-19 12:34 - 2014-08-19 12:34 - 00122880 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libegl.dll
2014-11-05 23:35 - 2014-11-05 23:35 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-03 14:04 - 2014-11-07 12:21 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-11-03 11:52 - 2014-10-21 22:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-03 11:52 - 2014-10-21 22:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-03 11:52 - 2014-10-21 22:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-03 11:52 - 2014-10-21 22:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-03 11:52 - 2014-10-21 22:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-686715638-536031369-4033485687-500 - Administrator - Disabled)
Don (S-1-5-21-686715638-536031369-4033485687-1000 - Administrator - Enabled) => C:\Users\Don
Guest (S-1-5-21-686715638-536031369-4033485687-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2014 03:22:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2014 03:22:17 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (11/07/2014 10:02:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 10:01:38 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (11/07/2014 00:34:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 00:34:07 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (11/06/2014 02:53:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/06/2014 02:52:28 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (11/05/2014 11:41:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/05/2014 11:40:39 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.


System errors:
=============
Error: (11/08/2014 08:17:51 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (11/08/2014 03:22:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TeamViewer 9 service failed to start due to the following error:
%%3

Error: (11/08/2014 03:21:54 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (11/08/2014 03:21:54 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (11/08/2014 00:21:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (11/08/2014 09:01:57 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (11/07/2014 10:03:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).

Error: (11/07/2014 10:01:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TeamViewer 9 service failed to start due to the following error:
%%3

Error: (11/07/2014 10:00:59 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (11/07/2014 10:00:59 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter


Microsoft Office Sessions:
=========================
Error: (11/08/2014 03:22:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2014 03:22:17 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (11/07/2014 10:02:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 10:01:38 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (11/07/2014 00:34:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 00:34:07 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (11/06/2014 02:53:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/06/2014 02:52:28 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (11/05/2014 11:41:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/05/2014 11:40:39 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000


==================== Memory info ===========================

Processor: AMD Turion X2 Dual-Core Mobile RM-74
Percentage of memory in use: 64%
Total physical RAM: 4093.83 MB
Available physical RAM: 1459.09 MB
Total Pagefile: 8185.84 MB
Available Pagefile: 4733.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:451.71 GB) (Free:301.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.05 GB) (Free:4.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0E285E0C)
Partition 1: (Active) - (Size=451.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=14.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Share this post


Link to post
Share on other sites

You're welcome :)

 

Please, save AdwCleaner by Xplode on the desktop: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Turn off all programs, including browsers.

Double-click on AdwCleaner to start the program.

 

Click on the Scan button.

Wait until the search has finished.

 

Click on the Report button.

A report will be displayed, copy its content and paste into your answer.

If the report isn't displayed, it exist as C:\AdwCleaner[R1].txt.

Share this post


Link to post
Share on other sites

Okee dokee, here it is....

 

# AdwCleaner v3.019 - Report created 18/02/2014 at 17:27:23
# Updated 17/02/2014 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (64 bits)
# Username : Don - 2009PC
# Running from : C:\Users\Don\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\Program Files (x86)\Viewpoint
Folder Found C:\ProgramData\Viewpoint

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\Viewpoint

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533


-\\ Mozilla Firefox v20.0.1 (en-US)

[ File : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14949 octets] - [17/02/2014 12:24:46]
AdwCleaner[R1].txt - [11376 octets] - [17/02/2014 13:07:50]
AdwCleaner[R2].txt - [1968 octets] - [18/02/2014 17:27:23]
AdwCleaner[s0].txt - [3252 octets] - [17/02/2014 12:41:48]
AdwCleaner[s1].txt - [11126 octets] - [17/02/2014 13:10:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2149 octets] ##########
# AdwCleaner v4.100 - Report created 09/11/2014 at 13:10:33
# Updated 08/11/2014 by Xplode
# Database : 2014-11-07.1
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Don - DONS2009
# Running from : C:\Users\Don\Documents\Working\adwcleaner_4.100.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\Viewpoint
Folder Found : C:\ProgramData\Viewpoint
Folder Found : C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
Folder Found : C:\Users\Don\AppData\Local\LPT
Folder Found : C:\Users\Don\AppData\Local\Smartbar
Folder Found : C:\Users\Don\AppData\Local\Temp\Smartbar
Folder Found : C:\Users\Don\AppData\LocalLow\Smartbar

***** [ Scheduled Tasks ] *****

Task Found : Driver Booster Scan
Task Found : Driver Booster Update

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\mysearchdial
Key Found : HKCU\Software\mysearchdial.com
Key Found : HKCU\Software\SearchProtectINT
Key Found : HKCU\Software\Smartbar
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\smartbarbackup
Key Found : HKCU\Software\smartbarlog
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Key Found : [x64] HKCU\Software\mysearchdial
Key Found : [x64] HKCU\Software\mysearchdial.com
Key Found : [x64] HKCU\Software\SearchProtectINT
Key Found : [x64] HKCU\Software\SmartBar
Key Found : [x64] HKCU\Software\Smartbar
Key Found : [x64] HKCU\Software\smartbarbackup
Key Found : [x64] HKCU\Software\smartbarlog
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Found : HKLM\SOFTWARE\InstallCore
Key Found : HKLM\SOFTWARE\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\SOFTWARE\Viewpoint
Key Found : HKLM\SOFTWARE\Vittalia
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344





-\\ Mozilla Firefox v33.0.3 (x86 en-US)


-\\ Google Chrome v38.0.2125.111



*************************

AdwCleaner[R0].txt - [23521 octets] - [17/02/2014 12:24:46]
AdwCleaner[R1].txt - [19948 octets] - [17/02/2014 13:07:50]
AdwCleaner[R2].txt - [10279 octets] - [18/02/2014 17:27:23]
AdwCleaner[R3].txt - [1262 octets] - [18/02/2014 17:36:11]
AdwCleaner[s0].txt - [3252 octets] - [17/02/2014 12:41:48]
AdwCleaner[s1].txt - [11126 octets] - [17/02/2014 13:10:25]
AdwCleaner[s2].txt - [2332 octets] - [18/02/2014 17:30:31]
AdwCleaner[s3].txt - [1201 octets] - [18/02/2014 18:59:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [10641 octets] ##########

Share this post


Link to post
Share on other sites

1. Please, turn off all programs, including browsers.
Double-click on AdwCleaner to start the program.

Click on the Scan button.
Wait until the search has finished.

Click on the Clean button.

Click on OK.
Click on OK on any message that pops up.
Restart the computer, if not done automatically.

A report will be displayed, copy its content and paste into your answer.
If the report isn't displayed, it exist as C:\AdwCleaner\AdwCleaner[s4].txt

 

 

2. Do a full scan with Ad-Aware.

 

 

3. Start FRST and let it scan the computer. Paste the content of the new FRST.txt into your answer.

 

 

4. Run an online scan with Eset (easiest with Internet Explorer): http://www.eset.com/onlinescan/
To shorten the scanning time disable your antivirus program while scanning.

Select Enable detection of potentially unwanted applications.
Click Advanced Settings.

Deselect Remove found threats.

Select:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Click Start.

When the scan is finished, click on List of found threats and then Export to text file. Copy the content of the text file and paste its content in your answer.

Share this post


Link to post
Share on other sites
Question: I quit Ad-Aware after years of use when one program was found to conflict with other anti-virus programs, like Avast. I disabled Avast while I ran these, but since this Ad-Aware program installed with the special notice of possible conflict, and in secondary defense - would it be safe to keep it with Avast now?
I ran all of these. I see that one of them installed Bing as my primary search engine plus home page and new tab page the Ad-Aware installation I think. More of the problem I came here about. I do try to watch out of these little tricks. The Ad-Aware scan only removed one object: The AdwCleaner.
I got my home page back from Bing and got it out of my search engine preferences. Can you tell me how to remove Bing from showing up on new tabs?
EditL OMG Now I have duckduckgo for a search engine/...?!
Eset froze on step 4. Ran again.

 

# AdwCleaner v3.019 - Report created 17/02/2014 at 12:41:48
# Updated 17/02/2014 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (64 bits)
# Username : Don - 2009PC
# Running from : C:\Users\Don\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Viewpoint Manager Service

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\AlawarWrapper
[!] Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
[!] Folder Deleted : C:\Program Files (x86)\Viewpoint
[!] Folder Deleted : C:\Users\Don\AppData\LocalLow\Viewpoint
[!] Folder Deleted : C:\Users\Don\AppData\LocalLow\IObitCom
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected]
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected]
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected](104).com
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected](539).com
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected](95).com
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected]
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected]
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected](105).com
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\[email protected]
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\staged(540)
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(169)
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(104)
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(105)
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(116)
[!] Folder Deleted : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(132)
# AdwCleaner v4.101 - Report created 09/11/2014 at 19:11:18
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Don - DONS2009
# Running from : C:\Users\Don\Documents\Working\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\Users\Don\AppData\Local\LPT
Folder Deleted : C:\Users\Don\AppData\Local\Smartbar
Folder Deleted : C:\Users\Don\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Don\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm

***** [ Scheduled Tasks ] *****

Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\mysearchdial.com
Key Deleted : HKCU\Software\SearchProtectINT
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Vittalia
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [searchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v33.0.3 (x86 en-US)


-\\ Google Chrome v38.0.2125.111



*************************

AdwCleaner[R0].txt - [23521 octets] - [17/02/2014 12:24:46]
AdwCleaner[R1].txt - [19948 octets] - [17/02/2014 13:07:50]
AdwCleaner[R2].txt - [10802 octets] - [18/02/2014 17:27:23]
AdwCleaner[R3].txt - [9841 octets] - [18/02/2014 17:36:11]
AdwCleaner[s0].txt - [10509 octets] - [17/02/2014 12:41:48]
AdwCleaner[s1].txt - [11126 octets] - [17/02/2014 13:10:25]
AdwCleaner[s2].txt - [2332 octets] - [18/02/2014 17:30:31]
AdwCleaner[s3].txt - [1201 octets] - [18/02/2014 18:59:18]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10751 octets] ##########

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Don (administrator) on DONS2009 on 10-11-2014 01:47:33
Running from C:\Users\Don\Documents\Working
Loaded Profile: Don (Available profiles: Don)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Abine Inc.) C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(The Weather Channel Interactive, Inc.) C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1394217651\ee\aolsoftware.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\shellmon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\aolbrowser.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1394217651\ee\aolupdates.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-05] (AVAST Software)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1394217651\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\RunOnce: [AbineAutoUpdate] => C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe [127728 2014-11-05] (Abine Inc.)
HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [DW6] => C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe [822456 2012-07-30] (The Weather Channel Interactive, Inc.)
HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE [72296 2014-08-19] (AOL Inc.)
HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1299776 2014-10-30] (Lavasoft)
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_206_ActiveX.exe -update activex
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?pc=COSP&ptag=D110914-AA9FED7399E21497DA0F&form=CONBDF&conlogo=CT3330947&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?pc=COSP&ptag=D110914-AA9FED7399E21497DA0F&form=CONBDF&conlogo=CT3330947&q={searchTerms}
SearchScopes: HKCU - {C0234695-9B49-4D17-8110-40D21CEC995B} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Blur BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\4.5.1301\AbineBHO64.dll (Abine Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Blur BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\4.5.1301\AbineBHO.dll (Abine Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240

FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: https://www.google.com
FF Keyword.URL: https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-686715638-536031369-4033485687-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Don\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\[email protected] [2014-11-08]
FF Extension: Xmarks - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\[email protected] [2014-11-03]
FF Extension: Flashblock - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-11-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-07]
FF Extension: No Name - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - [email protected] [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://www.google.com/
CHR StartupUrls: Default -> "https://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Yahoo Application State Plugin) - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
CHR Profile: C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-03-07]
CHR Extension: (Google Drive) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-07]
CHR Extension: (YouTube) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-07]
CHR Extension: (Adblock Plus) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-07]
CHR Extension: (Win7 Scrollbars) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifcnoebhbpdndjendfkpehpfbglgfkc [2014-03-07]
CHR Extension: (DoNotTrackMe Privacy Dashboard) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjidbdiahninbecbcigapoocbkfncobc [2014-11-07]
CHR Extension: (Google Search) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-07]
CHR Extension: (Blur (Formerly DoNotTrackMe)) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-11-07]
CHR Extension: (HTTPS Everywhere) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-06-13]
CHR Extension: (AdBlock) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-07]
CHR Extension: (FlashBlock) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2014-11-03]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-03-07]
CHR Extension: (Google Wallet) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-07]
CHR Extension: (Gmail) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-05] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-05] (Avast Software)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] ()
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [1351512 2014-10-30] (Lavasoft Limited)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2014-10-30] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S2 TeamViewer9; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2014-09-17] (Advanced Micro Devices Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-05] ()
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-11-05] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 01:46 - 2014-11-10 01:46 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-10 01:35 - 2014-11-10 01:35 - 00000056 _____ () C:\Windows\setupact.log
2014-11-10 01:35 - 2014-11-10 01:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-10 01:34 - 2014-11-10 01:34 - 00008806 _____ () C:\Windows\PFRO.log
2014-11-10 01:33 - 2014-11-10 01:33 - 00000000 _____ () C:\asc_rdflag
2014-11-09 19:47 - 2014-11-09 19:47 - 00000000 ____D () C:\Users\Don\AppData\Roaming\LavasoftStatistics
2014-11-09 19:46 - 2014-11-09 19:47 - 00000000 ____D () C:\Users\Don\AppData\Local\Lavasoft
2014-11-09 19:46 - 2014-11-09 19:46 - 00004648 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2014-11-09 19:46 - 2014-11-09 19:46 - 00002480 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2014-11-09 19:46 - 2014-11-09 19:46 - 00002480 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-11-09 19:45 - 2014-11-09 19:45 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-11-09 19:45 - 2014-10-30 16:15 - 00358736 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2014-11-09 19:45 - 2014-10-30 16:15 - 00312424 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2014-11-09 19:43 - 2014-11-10 01:37 - 00002265 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-11-09 19:43 - 2014-11-09 21:16 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Lavasoft
2014-11-09 19:43 - 2014-11-09 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-11-09 19:37 - 2014-11-09 19:37 - 00000000 ____D () C:\Program Files\Lavasoft
2014-11-09 19:25 - 2014-11-09 19:25 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-11-09 19:22 - 2014-11-09 19:43 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-11-09 01:54 - 2014-11-09 01:54 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-09 01:54 - 2014-11-09 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-09 01:53 - 2014-11-09 01:53 - 00000000 ____D () C:\Program Files\Java
2014-11-09 01:50 - 2014-11-09 01:50 - 00000000 ____D () C:\ProgramData\Sun
2014-11-09 01:48 - 2014-11-09 01:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-09 01:22 - 2014-11-09 01:23 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-11-09 01:22 - 2014-11-09 01:22 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-11-08 21:17 - 2014-11-10 01:47 - 00000000 ____D () C:\FRST
2014-11-08 12:56 - 2014-11-08 12:56 - 00003182 _____ () C:\Windows\System32\Tasks\{EBB6AEEE-8E40-4826-9E0D-411D73435CDC}
2014-11-08 11:50 - 2014-11-08 11:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-11-07 23:07 - 2014-11-10 01:37 - 00000000 ____D () C:\Program Files (x86)\DoNotTrackMe
2014-11-06 23:52 - 2014-11-06 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-06 14:56 - 2014-11-06 14:57 - 00000197 _____ () C:\Windows\system32\2014-11-06-20-56-44.067-AvastVBoxSVC.exe-328.log
2014-11-06 14:56 - 2014-11-06 14:56 - 00000247 _____ () C:\Windows\system32\2014-11-06-20-56-52.051-aswFe.exe-2348.log
2014-11-06 14:50 - 2014-11-10 01:33 - 58318848 _____ () C:\Windows\system32\config\software.iodefrag
2014-11-06 14:50 - 2014-11-10 01:33 - 00278528 _____ () C:\Windows\system32\config\default.iodefrag
2014-11-06 14:50 - 2014-11-10 01:33 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag
2014-11-06 14:50 - 2014-11-10 01:33 - 00024576 _____ () C:\Windows\system32\config\sam.iodefrag
2014-11-06 14:04 - 2014-11-06 14:04 - 00000247 _____ () C:\Windows\system32\2014-11-06-20-04-04.074-aswFe.exe-6640.log
2014-11-06 13:53 - 2014-11-06 13:53 - 00000197 _____ () C:\Windows\system32\2014-11-06-19-53-03.037-AvastVBoxSVC.exe-6760.log
2014-11-06 12:37 - 2014-11-06 13:52 - 00000247 _____ () C:\Windows\system32\2014-11-06-18-37-17.046-aswFe.exe-2132.log
2014-11-06 12:27 - 2014-11-06 12:27 - 00000197 _____ () C:\Windows\system32\2014-11-06-18-27-03.030-AvastVBoxSVC.exe-7148.log
2014-11-06 11:11 - 2014-11-06 12:27 - 00000247 _____ () C:\Windows\system32\2014-11-06-17-11-03.081-aswFe.exe-6428.log
2014-11-06 00:01 - 2014-11-06 11:11 - 00000247 _____ () C:\Windows\system32\2014-11-06-06-01-36.098-aswFe.exe-1612.log
2014-11-06 00:01 - 2014-11-06 00:01 - 00000197 _____ () C:\Windows\system32\2014-11-06-06-01-15.058-AvastVBoxSVC.exe-1232.log
2014-11-05 23:46 - 2014-11-05 23:46 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-05 23:46 - 2014-11-05 23:46 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-05 23:35 - 2014-11-05 23:35 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-05 23:35 - 2014-11-05 23:35 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-05 22:51 - 2014-11-05 22:51 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-11-05 22:45 - 2014-11-05 22:45 - 00000000 __SHD () C:\Users\Don\AppData\Local\EmieUserList
2014-11-05 22:45 - 2014-11-05 22:45 - 00000000 __SHD () C:\Users\Don\AppData\Local\EmieSiteList
2014-11-05 01:36 - 2014-11-05 01:36 - 00000000 ____D () C:\Users\Don\AppData\Local\Free_Picture_Solutions
2014-11-05 01:32 - 2014-11-05 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Picture Resizer
2014-11-05 01:32 - 2014-11-05 01:32 - 00000000 ____D () C:\Program Files (x86)\Free Picture Resizer
2014-11-03 19:30 - 2014-11-03 19:30 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-11-03 19:30 - 2014-11-03 19:30 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-11-03 19:30 - 2014-11-03 19:30 - 00000000 ____D () C:\Windows\en
2014-11-03 19:29 - 2014-11-03 19:29 - 00000020 _____ () C:\Windows\$÷­
2014-11-03 19:29 - 2014-11-03 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-11-03 19:29 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-11-03 19:29 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-11-03 19:29 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-11-03 19:29 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-11-03 19:29 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-11-03 19:29 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-11-03 19:29 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-11-03 19:29 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-11-03 19:28 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-11-03 19:28 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-11-03 19:27 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-11-03 19:27 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-11-03 19:19 - 2014-11-03 19:19 - 00001257 _____ () C:\Users\Public\Desktop\The Weather Channel Desktop .lnk
2014-11-03 19:19 - 2014-11-03 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-03 18:46 - 2014-11-03 18:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-03 17:26 - 2014-11-03 17:26 - 00003170 _____ () C:\Windows\System32\Tasks\{1964C532-CE81-4EC3-A6D6-81B0724504B0}
2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-11-03 17:22 - 2014-11-03 17:22 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2014-11-03 17:16 - 2014-11-05 22:51 - 00000000 ____D () C:\Users\Don\AppData\Local\Citrix
2014-11-03 17:16 - 2014-11-03 18:53 - 00000000 ____D () C:\Users\Don\Tracing
2014-11-03 17:16 - 2014-11-03 18:35 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-11-03 16:58 - 2014-11-03 16:58 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-11-03 16:57 - 2014-11-03 16:57 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-11-03 16:56 - 2014-11-03 16:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-11-03 16:56 - 2014-11-03 16:56 - 00000000 ____D () C:\Windows\PCHEALTH
2014-11-03 16:56 - 2014-11-03 16:56 - 00000000 ____D () C:\Program Files\Windows Live
2014-11-03 16:56 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2014-11-03 16:55 - 2014-11-03 16:58 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-11-03 16:53 - 2014-11-03 16:53 - 00002130 _____ () C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-11-03 16:53 - 2014-11-03 16:53 - 00002100 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-11-03 16:53 - 2014-11-03 16:53 - 00002100 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-11-03 16:53 - 2014-11-03 16:53 - 00000000 ___RD () C:\Users\Don\OneDrive
2014-11-03 16:53 - 2014-11-03 16:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-11-03 16:52 - 2014-11-03 16:52 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-11-03 16:51 - 2014-11-03 16:51 - 00003150 _____ () C:\Windows\System32\Tasks\{7A8C627F-E2D7-4763-AD3E-9ABA67A1831C}
2014-11-03 16:49 - 2014-11-05 18:47 - 00000000 ____D () C:\Users\Don\AppData\Local\Windows Live
2014-11-03 14:04 - 2014-11-07 12:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-03 13:48 - 2014-11-03 18:47 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7a
2014-11-03 13:46 - 2014-11-03 13:51 - 00001738 ____H () C:\IPH.PH
2014-10-18 10:28 - 2014-10-06 20:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-18 10:28 - 2014-10-06 20:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-18 10:28 - 2014-09-28 18:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 10:28 - 2014-09-25 16:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-18 10:28 - 2014-09-25 16:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-18 10:28 - 2014-09-25 16:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-18 10:28 - 2014-09-25 16:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-18 10:28 - 2014-09-25 16:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-18 10:28 - 2014-09-25 16:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-18 10:28 - 2014-09-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-18 10:28 - 2014-09-18 19:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-18 10:28 - 2014-09-18 19:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-18 10:28 - 2014-09-18 19:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-18 10:28 - 2014-09-18 19:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-18 10:28 - 2014-09-18 19:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-18 10:28 - 2014-09-18 19:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-18 10:28 - 2014-09-18 19:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-18 10:28 - 2014-09-18 19:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-18 10:28 - 2014-09-18 19:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-18 10:28 - 2014-09-18 19:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-18 10:28 - 2014-09-18 19:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-18 10:28 - 2014-09-18 19:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-18 10:28 - 2014-09-18 19:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-18 10:28 - 2014-09-18 19:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-18 10:28 - 2014-09-18 19:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-18 10:28 - 2014-09-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-18 10:28 - 2014-09-18 18:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-18 10:28 - 2014-09-18 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-18 10:28 - 2014-09-18 18:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-18 10:28 - 2014-09-18 18:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-18 10:28 - 2014-09-18 18:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-18 10:28 - 2014-09-18 18:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-18 10:28 - 2014-09-18 18:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-18 10:28 - 2014-09-18 18:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-18 10:28 - 2014-09-18 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-18 10:28 - 2014-09-18 18:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-18 10:28 - 2014-09-18 18:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-18 10:28 - 2014-09-18 18:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-18 10:28 - 2014-09-18 18:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-18 10:28 - 2014-09-18 17:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-18 10:28 - 2014-09-18 17:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-18 10:28 - 2014-09-18 17:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 10:28 - 2014-06-18 16:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 10:27 - 2014-09-25 16:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-18 10:27 - 2014-09-18 20:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-18 10:27 - 2014-09-18 19:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-18 10:27 - 2014-09-18 19:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-18 10:27 - 2014-09-18 19:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-18 10:27 - 2014-09-18 19:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-18 10:27 - 2014-09-18 19:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-18 10:27 - 2014-09-18 19:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-18 10:27 - 2014-09-18 19:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-18 10:27 - 2014-09-18 19:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-18 10:27 - 2014-09-18 19:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-18 10:27 - 2014-09-18 18:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-18 10:27 - 2014-09-18 18:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-18 10:27 - 2014-09-18 18:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-18 10:27 - 2014-09-18 17:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-18 10:26 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-18 10:26 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-18 10:26 - 2014-09-17 20:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-18 10:26 - 2014-09-17 19:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-18 10:26 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-18 10:26 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-18 10:26 - 2014-08-28 20:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-18 10:25 - 2014-09-12 19:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-18 10:25 - 2014-09-12 19:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-18 10:25 - 2014-09-04 20:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-18 10:25 - 2014-09-04 19:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-18 10:25 - 2014-07-16 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-18 10:25 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-18 10:25 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-18 10:25 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-18 10:25 - 2014-07-16 20:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-18 10:25 - 2014-07-16 20:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-18 10:25 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-18 10:25 - 2014-07-16 19:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-18 10:25 - 2014-07-16 19:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-18 10:25 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-18 10:25 - 2014-07-16 19:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 01:47 - 2014-03-08 00:20 - 00000000 ____D () C:\Users\Don\Documents\Working
2014-11-10 01:43 - 2014-03-07 12:59 - 01682228 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 01:43 - 2009-07-13 23:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-10 01:40 - 2014-03-07 12:18 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 01:38 - 2014-03-07 12:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-10 01:36 - 2014-03-07 12:18 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 01:35 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-10 01:33 - 2014-03-07 22:32 - 58318848 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-11-10 01:33 - 2014-03-07 22:32 - 00278528 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-11-10 01:33 - 2014-03-07 22:32 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-11-10 01:33 - 2014-03-07 22:32 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-11-10 01:33 - 2014-03-07 11:49 - 00000000 ____D () C:\Users\Don
2014-11-10 01:20 - 2014-03-07 12:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 19:16 - 2014-03-07 19:53 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-09 19:11 - 2014-02-17 12:24 - 00000000 ____D () C:\AdwCleaner
2014-11-09 13:21 - 2014-03-07 12:17 - 00064024 _____ () C:\Users\Don\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-09 01:46 - 2014-03-07 20:04 - 00000000 ___RD () C:\Users\Don\Desktop\Computer tools - security
2014-11-09 01:43 - 2009-07-13 22:45 - 00295608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-09 01:23 - 2014-03-11 00:53 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-11-09 01:17 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-07 12:32 - 2014-03-07 12:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-06 23:53 - 2014-03-07 19:56 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Skype
2014-11-06 23:52 - 2014-03-07 19:56 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-06 23:52 - 2014-03-07 19:56 - 00000000 ____D () C:\ProgramData\Skype
2014-11-05 23:35 - 2014-04-30 22:53 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-05 23:35 - 2014-03-07 12:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-05 10:14 - 2014-03-07 20:09 - 00000000 ___RD () C:\Users\Don\Desktop\Photo - Vids
2014-11-05 03:02 - 2014-03-08 00:27 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-11-05 03:02 - 2014-03-08 00:23 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-11-05 02:19 - 2014-04-08 20:07 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Dropbox
2014-11-04 02:53 - 2009-07-13 22:45 - 00017088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 02:53 - 2009-07-13 22:45 - 00017088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-03 19:19 - 2014-03-16 13:46 - 00000000 ____D () C:\Program Files (x86)\The Weather Channel FW
2014-11-03 19:16 - 2014-03-16 13:46 - 00000000 ____D () C:\Users\Don\AppData\Local\The Weather Channel
2014-11-03 18:49 - 2014-03-08 00:28 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-03 16:55 - 2011-04-12 01:51 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-03 13:51 - 2014-03-07 12:43 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL Desktop 9.7.lnk
2014-11-03 13:51 - 2014-03-07 12:43 - 00000000 ____D () C:\Users\Don\AppData\Roaming\AOL
2014-11-03 13:51 - 2014-03-07 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
2014-11-03 13:50 - 2014-03-07 12:43 - 00001034 _____ () C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
2014-11-03 13:50 - 2014-03-07 12:41 - 00000000 ____D () C:\Users\Don\AppData\Local\AOL
2014-11-03 13:48 - 2014-03-07 12:40 - 00000000 ____D () C:\ProgramData\AOL
2014-11-03 13:46 - 2014-03-07 12:58 - 00000000 ____D () C:\Users\Don\AppData\Roaming\Mozilla
2014-11-03 11:54 - 2014-03-07 12:19 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-03 11:35 - 2014-03-07 12:18 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-03 11:35 - 2014-03-07 12:18 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-28 06:34 - 2010-11-20 21:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-18 13:12 - 2014-03-12 09:11 - 43929600 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-10-18 12:58 - 2014-03-07 12:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-18 12:58 - 2014-03-07 12:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-18 12:58 - 2014-03-07 12:50 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-18 12:20 - 2014-03-07 15:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 12:15 - 2014-03-07 15:48 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Don\AppData\Local\Temp\6c037c40-8a06-4bb4-aac9-f23dfd142c03.exe
C:\Users\Don\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfyjdrl.dll
C:\Users\Don\AppData\Local\Temp\Quarantine.exe
C:\Users\Don\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Don\AppData\Local\Temp\SpOrder.dll
C:\Users\Don\AppData\Local\Temp\The_Weather_Channel_Application.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-26 19:35

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014 01
Ran by Don at 2014-11-10 01:49:04
Running from C:\Users\Don\Documents\Working
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
Ad-Aware Web Companion (x32 Version: 1.0.757.1446 - Lavasoft) Hidden
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Blur 4.5.1301 (HKLM-x32\...\DoNotTrackMe Add-on_is1) (Version: 4.5.1301 - Abine Inc)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Free Picture Resizer version 1.0.1.2 (HKLM-x32\...\{53076EED-5E5F-47D7-BB90-9B061B524D17}_is1) (Version: 1.0.1.2 - Free Picture Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LavasoftTcpService (x32 Version: 2.2.9.5 - Lavasoft) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 en-US)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Weather Channel Desktop 6 (HKLM-x32\...\The Weather Channel Desktop 6) (Version: - )
Web Companion (HKLM-x32\...\{DE20CE03-D4C1-4C3F-ACEB-86F731E1A358}_WebCompanion) (Version: 1.0.757.1446 - Lavasoft)
WinDirStat 1.1.2 (HKU\S-1-5-21-686715638-536031369-4033485687-1000\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-686715638-536031369-4033485687-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

20-03-2014 04:31:29 Windows Update
29-03-2014 15:39:31 Windows Update
02-04-2014 08:49:08 avast! antivirus system restore point
02-04-2014 08:51:55 Windows Update
09-04-2014 02:06:44 Windows Update
09-04-2014 02:13:33 Windows Update
13-04-2014 07:20:58 Windows Update
01-05-2014 04:50:54 avast! antivirus system restore point
01-05-2014 04:50:54 Windows Update
01-05-2014 23:16:26 Windows Update
05-05-2014 11:00:47 Windows Update
05-05-2014 17:47:59 Windows Modules Installer
30-05-2014 20:15:16 Windows Update
07-06-2014 04:36:56 Windows Update
08-06-2014 09:26:15 avast! antivirus system restore point
13-06-2014 00:24:08 Windows Update
13-06-2014 00:29:58 Windows Update
13-06-2014 14:29:08 Windows Backup
05-07-2014 17:25:21 Windows Backup
05-07-2014 17:27:22 avast! antivirus system restore point
05-07-2014 17:34:32 Windows Update
12-07-2014 15:48:07 Windows Update
12-07-2014 15:48:20 Windows Backup
26-07-2014 14:25:38 Windows Update
26-07-2014 14:29:15 Windows Backup
13-08-2014 15:06:06 Windows Update
13-08-2014 15:06:57 Windows Backup
17-09-2014 10:02:08 Windows Update
17-09-2014 10:04:52 Windows Backup
17-09-2014 10:31:28 Windows Update
17-09-2014 17:31:19 Driver Booster : Standard Dual Channel PCI IDE Controller
27-09-2014 19:33:15 Windows Update
27-09-2014 19:34:28 Windows Backup
18-10-2014 16:08:26 Windows Update
18-10-2014 16:18:19 Windows Backup
18-10-2014 18:15:13 Windows Update
03-11-2014 17:37:53 Windows Update
03-11-2014 17:39:37 Windows Backup
03-11-2014 22:50:24 Windows Live Essentials
03-11-2014 22:55:39 WLSetup
04-11-2014 01:26:06 Windows Live Essentials
04-11-2014 01:27:14 Installed DirectX
04-11-2014 01:28:03 Installed DirectX
04-11-2014 01:28:36 Installed DirectX
04-11-2014 01:29:18 WLSetup
05-11-2014 07:29:26 Image Resizer for Windows
05-11-2014 07:49:51 Image Resizer for Windows
06-11-2014 04:50:12 Removed Citrix Online Launcher
06-11-2014 05:32:54 avast! antivirus system restore point
07-11-2014 14:50:51 Windows Update
09-11-2014 07:18:14 Installed OpenOffice 4.1.1
09-11-2014 07:52:26 Removed Java 8 Update 25 (64-bit)
10-11-2014 01:00:46 Windows Backup
10-11-2014 01:22:52 AA11
10-11-2014 01:44:05 LavasoftWeCompanion

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {073B3D58-CBBE-4D9D-BAE1-1A3392F6FE97} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-08-22] (IObit)
Task: {36300A2A-5D1A-4CA9-AED8-E017C40CB422} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {3A742DD9-CB7B-477D-A5F7-18174D7ED9B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)
Task: {3AAC9B6F-3F67-4619-8161-A38ED0304592} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)
Task: {7DE1EC52-3EFC-4F9A-8316-39DC8EB28D54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-18] (Adobe Systems Incorporated)
Task: {7E32F53A-C31F-41FB-A8EF-7330CC0A3585} - System32\Tasks\Driver Booster SkipUAC (Don) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {8A3C7916-F643-4040-880F-682CE51BAF57} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-05] (AVAST Software)
Task: {9CDFE5B5-4DE5-491E-B5F5-0BA46E8DC77F} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {B6E64269-EE54-4142-9F4E-236D2FFF895A} - System32\Tasks\ASC7_SkipUac_Don => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-15 14:03 - 2014-10-15 14:03 - 02753360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareShellExtension.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:37 - 2014-10-15 13:37 - 00707888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 14:03 - 2014-10-15 14:03 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 12459344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02185560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00952152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00250696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00989016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01281344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 14:04 - 2014-10-15 14:04 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00976728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01092440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00893768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00845136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02887504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01264960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01179496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2014-11-05 23:35 - 2014-11-05 23:35 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-05 23:35 - 2014-11-05 23:35 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 08925504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 14:03 - 2014-10-15 14:03 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02132800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2014-11-10 01:46 - 2014-06-26 07:44 - 00358144 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2014-03-07 19:52 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-11-09 18:38 - 2014-11-09 18:38 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\14110901\algo.dll
2014-11-05 23:35 - 2014-11-05 23:35 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-03-07 19:52 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-03-07 19:52 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-03-07 19:52 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-03-07 19:52 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2014-10-30 16:14 - 2014-10-30 16:14 - 00047936 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2014-10-30 16:14 - 2014-10-30 16:14 - 00163688 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2014-10-30 16:14 - 2014-10-30 16:14 - 00236872 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Filtering.dll
2014-10-30 16:14 - 2014-10-30 16:14 - 00039256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2014-10-30 16:14 - 2014-10-30 16:14 - 00033136 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2014-10-30 16:14 - 2014-10-30 16:14 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2014-10-30 16:14 - 2014-10-30 16:14 - 00039768 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2014-11-05 23:35 - 2014-11-05 23:35 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-19 12:34 - 2014-08-19 12:34 - 00048640 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\zlib.dll
2014-08-19 12:34 - 2014-08-19 12:34 - 21151232 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libcef.dll
2014-08-19 12:34 - 2014-08-19 12:34 - 00648704 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libglesv2.dll
2014-08-19 12:34 - 2014-08-19 12:34 - 00122880 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libegl.dll
2014-11-03 14:04 - 2014-11-07 12:21 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-686715638-536031369-4033485687-500 - Administrator - Disabled)
Don (S-1-5-21-686715638-536031369-4033485687-1000 - Administrator - Enabled) => C:\Users\Don
Guest (S-1-5-21-686715638-536031369-4033485687-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2014 01:46:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/10/2014 01:46:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/10/2014 01:46:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/10/2014 01:43:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/10/2014 01:36:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 01:35:45 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (11/09/2014 07:15:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 07:15:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1896) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Don\AppData\Local\Microsoft\Windows\WebCache\V0100034.log.

Error: (11/09/2014 07:15:12 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (11/09/2014 07:07:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ASC.exe version 7.4.0.474 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15c4

Start Time: 01cffc6da00a58ad

Termination Time: 3806

Application Path: C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe

Report Id: f0147122-6875-11e4-8797-00038a000015


System errors:
=============
Error: (11/10/2014 01:36:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TeamViewer 9 service failed to start due to the following error:
%%3

Error: (11/10/2014 01:36:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the IE Search Set service to connect.

Error: (11/10/2014 01:34:54 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (11/10/2014 01:34:54 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (11/10/2014 01:34:18 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (11/09/2014 07:15:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TeamViewer 9 service failed to start due to the following error:
%%3

Error: (11/09/2014 07:14:30 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (11/09/2014 07:14:30 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (11/09/2014 07:11:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (11/09/2014 07:11:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Service service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (11/10/2014 01:46:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Documents\Working\esetsmartinstaller_enu.exe

Error: (11/10/2014 01:46:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Documents\Working\esetsmartinstaller_enu.exe

Error: (11/10/2014 01:46:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Documents\Working\esetsmartinstaller_enu.exe

Error: (11/10/2014 01:43:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Documents\Working\esetsmartinstaller_enu.exe

Error: (11/10/2014 01:36:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 01:35:45 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (11/09/2014 07:15:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 07:15:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost1896WebCacheLocal: C:\Users\Don\AppData\Local\Microsoft\Windows\WebCache\V0100034.log-1811

Error: (11/09/2014 07:15:12 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (11/09/2014 07:07:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ASC.exe7.4.0.47415c401cffc6da00a58ad3806C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exef0147122-6875-11e4-8797-00038a000015


==================== Memory info ===========================

Processor: AMD Turion X2 Dual-Core Mobile RM-74
Percentage of memory in use: 50%
Total physical RAM: 4093.83 MB
Available physical RAM: 2044.61 MB
Total Pagefile: 8185.84 MB
Available Pagefile: 5792.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:451.71 GB) (Free:282.1 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.05 GB) (Free:3.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0E285E0C)
Partition 1: (Active) - (Size=451.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=14.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF27.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF4.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF5.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF6.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF7.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF8.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\vbg40k0h.default\Extensions\{07C9260C-091F-057F-D5BC-0CB91299BEAE}\components\SystemKHlpFF9.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftLSPInstaller.exe Win32/AdWare.Loadshop.I application
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftLSPInstaller64.exe Win64/Adware.Loadshop.F application
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.dll Win32/AdWare.Loadshop.C application
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe Win32/AdWare.Loadshop.D application
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService64.dll Win64/Adware.Loadshop.C application
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpServiceCert.dll Win32/AdWare.Loadshop.F application
C:\Windows\Installer\aece7.msi multiple threats
C:\Windows\System32\LavasoftTcpService.dll Win32/AdWare.Loadshop.C application
C:\Windows\SysWOW64\LavasoftTcpService.dll Win32/AdWare.Loadshop.C application
Operating memory Win32/AdWare.Loadshop.C application

 

 

Edited by DDon

Share this post


Link to post
Share on other sites

1. Usually there are no conflicts between other antivirus programs and Ad-Aware, when it's installed as a secondary defence.

 

2. Together with Ad-Aware, Web Companion from Lavasoft was installed. It's possible that it configured Bing as primary search engine. You can read about it here:

http://webcompanion.com/

http://www.thewindowsclub.com/lavasoft-web-companion-review

As you can see, it's possible to configure the primary search engine in it. If you don't want to have Web Companion, you can uninstall it from Control Panel.

 

3. The Yahoo search page/engine seems to have to do with Avast, since the link is:

us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p=

It will be removed with the script below, but I don't know if Avast will restore it.

 

4. Please, start Notepad program.

Copy all text that is in the box:

HKLM\...\Run: [] => [X]
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.searc...simp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.searc...simp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.searc...simp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {C0234695-9B49-4D17-8110-40D21CEC995B} URL = https://search.yahoo...&type=198484&p={searchTerms}'>https://search.yahoo...&type=198484&p={searchTerms}
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://search.yahoo...&type=198484&p=
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml
FF Extension: No Name - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - [email protected] [Not Found]
and paste in Notepad. Check that no files have been split on two lines.

Save the file as fixlist.txt on the desktop.

 

It's necessary to have fixlist.txt and the FRST program in the same folder. Either you have to store fixlist.txt in C:\Users\Don\Documents\Working or you have to copy the FRST program file to the desktop, where fixlist.txt is.

 

Start FRST program, please.

Click the Fix button.

Wait until the tool has finished.

 

It creates a log file, called Fixlog.txt, in the same folder as fixlist.txt.

Please, paste the content of that file in your answer.

Share this post


Link to post
Share on other sites

Web Companion says it is not compatible with Google Chrome and Ad-Aware gives warnings about Avast. I am about to get busy on cotton harvest again, so for now - I removed them.

 

I saved that notepad with text to the same folder, ran Frst64 & fix, rebooted, and I still get Yahoo in search and Bing on new tabs. I repated the steps.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by Don at 2014-11-10 20:07:02 Run:2
Running from C:\Users\Don\Documents\Working
Loaded Profile: Don (Available profiles: Don)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Run: [] => [X]
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.searc...simp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.searc...simp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.searc...simp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {C0234695-9B49-4D17-8110-40D21CEC995B} URL = https://search.yahoo...&type=198484&p={searchTerms}
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://search.yahoo...&type=198484&p=
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml
FF Extension: No Name - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - [email protected] [Not Found]
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}" => Key not found.
"HKCR\Wow6432Node\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0234695-9B49-4D17-8110-40D21CEC995B}" => Key not found.
"HKCR\CLSID\{C0234695-9B49-4D17-8110-40D21CEC995B}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value not found.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox Keyword.URL deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key not found.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml => Moved successfully.
C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\656owfsi.default-1402220302240\extensions\[email protected] not found.
C:\Program Files (x86)\IObit Apps Toolbar\FF not found.
FF Extension: No Name - [email protected] [Not Found] not found.

==== End of Fixlog ====

Share this post


Link to post
Share on other sites

Ok, Bing stopped showing up on my new tabs, and this problem seems to be with Avast. I will pursue it with them.

 

thanks again...!!

Share this post


Link to post
Share on other sites

You're welcome :)

Time to remove the tools.

1. Please, turn off all programs, including browsers.
Double-click on AdwCleaner to start the program.

Click on the Uninstall button.

2. Please, download OTC http://oldtimer.geekstogo.com/OTC.exe
Close all programs.
Start OTC program.
Click the CleanUp! button and FRST will be uninstalled.

Please, restart the computer.

3. It is very important to keep Windows and all programs updated. An old version of, for example, Flash contains vulnerabilities that makes it easy to infect the computer from a web page. To help you with keeping everything updated you can use the program Secunia Personal Software Inspector (PSI). http://www.bleepingcomputer.com/tutorials/detect-vulnerable-programs-with-secunia-psi/ describes how to install and use the program.

  • Like 1

Share this post


Link to post
Share on other sites

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

 

If you're the topic starter, and need this topic reopened, please contact the staff member who was helping you with your issue.

 

Everyone else please begin a New Topic.

 

Thank you !

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this