This topic is lockedThanks! Work AND school? Good for you!
WE'RE SURE THAT YOU'LL LOVE US!
We invite you to ask questions, share experiences, and learn. It's 100% free. Did we mention that it's free. It is. It's free. Join 91600 other members! Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
Browser Hangs Too Much! [Solved]
Started by
Bperkins7468
, Apr 06 2014 10:37 PM
Browser slow Computer slow Hanging browser
74 replies to this topic
Register to Remove
#17
jeffce
-
- Authentic Member
-
- 8,693 posts
Malware Guy
Posted 14 April 2014 - 08:17 PM
Thanks for your understanding....
Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the Desktop as fixlist.txt
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...7-025031DC0501}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
BHO: ValueApps - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - No File
BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SP6B97143B-82C1-4CBF-938B-534D73AE67ED&SSPV=
FF NewTab: hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP6B97143B-82C1-4CBF-938B-534D73AE67ED
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Byron\AppData\Local\funmoods.crx [2013-08-30]
C:\Users\Byron\AppData\Local\funmoods.crx
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Byron\AppData\Local\funmoods-speeddial_sf.crx [2013-08-30]
C:\Users\Byron\AppData\Local\funmoods-speeddial_sf.crx
C:\Users\Byron\AppData\Local\SearchProtect
C:\Users\Byron\AppData\Local\Conduit
C:\Users\Byron\AppData\Local\SearchProtect
C:\ProgramData\SpeedyPC Software
DeleteJunctionsIndirectory: C:\Windows\system64
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) please post it to your reply.
----------
- Bperkins7468 likes this
#18
Bperkins7468
-
- Authentic Member
-
- 92 posts
Authentic Member
Posted 15 April 2014 - 03:26 AM
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-04-2014
Ran by Byron at 2014-04-15 02:21:24 Run:1
Running from C:\Users\Byron\Desktop\New folder
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...7-025031DC0501}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
BHO: ValueApps - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - No File
BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SP6B97143B-82C1-4CBF-938B-534D73AE67ED&SSPV=
FF NewTab: hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP6B97143B-82C1-4CBF-938B-534D73AE67ED
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Byron\AppData\Local\funmoods.crx [2013-08-30]
C:\Users\Byron\AppData\Local\funmoods.crx
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Byron\AppData\Local\funmoods-speeddial_sf.crx [2013-08-30]
C:\Users\Byron\AppData\Local\funmoods-speeddial_sf.crx
C:\Users\Byron\AppData\Local\SearchProtect
C:\Users\Byron\AppData\Local\Conduit
C:\Users\Byron\AppData\Local\SearchProtect
C:\ProgramData\SpeedyPC Software
DeleteJunctionsIndirectory: C:\Windows\system64
*****************
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => Value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key deleted successfully.
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346} => Key deleted successfully.
HKCR\CLSID\{93DBF2BB-A2B3-4683-A92E-57E60751F346} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} => Key deleted successfully.
HKCR\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} => Value deleted successfully.
HKCR\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
Firefox newtab deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh => Key deleted successfully.
"C:\Users\Byron\AppData\Local\funmoods.crx" => File/Directory not found.
"C:\Users\Byron\AppData\Local\funmoods.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj => Key deleted successfully.
"C:\Users\Byron\AppData\Local\funmoods-speeddial_sf.crx" => File/Directory not found.
"C:\Users\Byron\AppData\Local\funmoods-speeddial_sf.crx" => File/Directory not found.
C:\Users\Byron\AppData\Local\SearchProtect => Moved successfully.
C:\Users\Byron\AppData\Local\Conduit => Moved successfully.
"C:\Users\Byron\AppData\Local\SearchProtect" => File/Directory not found.
C:\ProgramData\SpeedyPC Software => Moved successfully.
"C:\Windows\system64" => Deleting reparse point and unlocking started.
"C:\Windows\system64" => Deleting reparse point and unlocking done.
"C:\Windows\system64" => Deleting reparse point and unlocking completed.
The system needed a reboot.
==== End of Fixlog ====
#19
jeffce
-
- Authentic Member
-
- 8,693 posts
Malware Guy
Posted 15 April 2014 - 05:24 AM
Good job!
Run a new scan with FRST and post the new log made so we can see what other work we need to do. 
- Bperkins7468 likes this
#20
Bperkins7468
-
- Authentic Member
-
- 92 posts
Authentic Member
Posted 15 April 2014 - 01:24 PM
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by Byron (administrator) on BYRON-PC on 15-04-2014 12:24:43
Running from C:\Users\Byron\Desktop\New folder
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
() C:\Users\Byron\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(BitTorrent Inc.) C:\Users\Byron\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Windows\system32\SndVol.exe
(Google Inc.) C:\Users\Byron\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Byron\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Byron\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Byron\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Byron\AppData\Local\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\java.exe
(Google Inc.) C:\Users\Byron\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Byron\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Byron\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Byron\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-07] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3700817450-263443993-1340972289-1000\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Byron\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-3700817450-263443993-1340972289-1000\...\Run: [Amazon Cloud Player] => C:\Users\Byron\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-3700817450-263443993-1340972289-1000\...\Policies\Explorer: [NoInstrumentation] 1
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA3B23407861ECC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1024417699&ir=
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM-x32 - DefaultScope {D3245D6C-6383-4823-9EF2-FA463514A51C} URL =
SearchScopes: HKCU - {9E94E40B-C742-41CB-BAC0-BD5D590DCCA5} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {B4D84896-6918-41DD-B848-1268BE62AF29} URL = https://www.google.c...q={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.0.248\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.0.248\AVG Secure Search_toolbar.dll (AVG Secure Search)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Byron\AppData\Roaming\Mozilla\Firefox\Profiles\lbefp8bo.default
FF user.js: detected! => C:\Users\Byron\AppData\Roaming\Mozilla\Firefox\Profiles\lbefp8bo.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Byron\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @starfield.com/off - C:\Users\Byron\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)
FF Plugin HKCU: @starfield.com/off64 - C:\Users\Byron\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF Plugin HKCU: @starfield.com/wbe - C:\Users\Byron\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)
FF Plugin HKCU: @starfield.com/wbe64 - C:\Users\Byron\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Byron\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Byron\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Byron\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Byron\AppData\Roaming\mozilla\plugins\npoff.dll ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Byron\AppData\Roaming\mozilla\plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Byron\AppData\Roaming\mozilla\plugins\npwbe.dll (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Byron\AppData\Roaming\mozilla\plugins\npwbe64.dll (Starfield Technology, LLC)
FF SearchPlugin: C:\Users\Byron\AppData\Roaming\Mozilla\Firefox\Profiles\lbefp8bo.default\searchplugins\conduit-search.xml
FF Extension: WBE Paste - C:\Users\Byron\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\wbepaste@starfield [2011-06-14]
FF Extension: Workspace Email Zoom - C:\Users\Byron\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\zoomext@starfield [2011-06-14]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.0.0.248
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.0.0.248 [2014-03-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-15]
Chrome:
=======
CHR Extension: (avast! Online Security) - C:\Users\Byron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-31]
CHR Extension: (Google Wallet) - C:\Users\Byron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR HKCU\...\Chrome\Extension: [medkndcadfefmiifpnlapbeoajnjiahj] - C:\Users\Byron\AppData\Local\CRE\medkndcadfefmiifpnlapbeoajnjiahj.crx [2013-12-12]
CHR HKLM-x32\...\Chrome\Extension: [apgjagobplilmcdfelodhgefiidomnfl] - C:\Program Files (x86)\Inbox Toolbar\Chrome\ibxtoolbar_chr.crx [2013-12-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-07]
CHR HKLM-x32\...\Chrome\Extension: [medkndcadfefmiifpnlapbeoajnjiahj] - C:\Users\Byron\AppData\Local\CRE\medkndcadfefmiifpnlapbeoajnjiahj.crx [2013-12-12]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Byron\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2013-12-12]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx [2013-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S4 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-07] (AVAST Software)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited)
R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [1187040 2013-07-22] (Starfield Technologies)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-01-22] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1309696 2014-01-22] (Research In Motion Limited)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-10-13] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-10-13] (Secunia)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2099512 2013-10-12] (TuneUp Software)
S4 vToolbarUpdater18.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [1759768 2014-03-03] (AVG Secure Search)
S4 avgfws; No ImagePath
S4 AVGIDSAgent; No ImagePath
S4 avgwd; No ImagePath
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-07] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-07] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
S4 AVGIDSDriver; No ImagePath
S4 AVGIDSHA; No ImagePath
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
S4 Avgrkx64; No ImagePath
S4 Avgtdia; No ImagePath
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-03-03] (AVG Technologies)
S3 catchme; No ImagePath
S3 DIRECTIO; No ImagePath
S2 eamonm; No ImagePath
S1 ehdrv; No ImagePath
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 massfilter; No ImagePath
S3 PCTINDIS5X64; No ImagePath
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-04-26] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R3 tmobile_mf691_dc_enum; C:\Windows\System32\DRIVERS\tmobile_mf691_dc_enum.sys [75776 2010-04-09] (T-Mobile)
S3 TuneUpUtilitiesDrv; No ImagePath
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-11] (Microsoft Corporation)
S3 ZTEusbgps; C:\Windows\System32\DRIVERS\ZTEusbgps.sys [123520 2010-12-08] (ZTE Incorporated)
S3 ZTEusbMB; No ImagePath
S3 ZTEusbmdm6k; No ImagePath
S3 ZTEusbnmea; No ImagePath
S3 ZTEusbser6k; No ImagePath
S3 ZTEusbwwan; C:\Windows\System32\DRIVERS\ZTEusbwwan.sys [235008 2011-04-09] (ZTE Incorporated)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-15 08:52 - 2014-04-15 08:52 - 00001404 _____ () C:\Users\Byron\Downloads\agent (13).jnlp
2014-04-15 08:52 - 2014-04-15 08:52 - 00001404 _____ () C:\Users\Byron\Downloads\agent (12).jnlp
2014-04-15 08:33 - 2014-04-15 08:33 - 00000165 ____H () C:\Users\Byron\Desktop\~$Pipeline Report (2).xlsx
2014-04-15 08:24 - 2014-04-15 08:24 - 00001404 _____ () C:\Users\Byron\Downloads\agent (11).jnlp
2014-04-15 08:22 - 2014-04-15 08:22 - 00001404 _____ () C:\Users\Byron\Downloads\agent (10).jnlp
2014-04-15 02:19 - 2014-04-15 12:24 - 00000000 ____D () C:\Users\Byron\Desktop\New folder
2014-04-15 02:16 - 2014-04-15 02:16 - 00000000 ____D () C:\Users\Byron\Downloads\FRST-OlderVersion
2014-04-14 13:09 - 2014-04-14 13:09 - 00001404 _____ () C:\Users\Byron\Downloads\agent (9).jnlp
2014-04-14 08:26 - 2014-04-14 08:26 - 00001404 _____ () C:\Users\Byron\Downloads\agent (8).jnlp
2014-04-14 08:24 - 2014-04-14 08:24 - 00001404 _____ () C:\Users\Byron\Downloads\agent (7).jnlp
2014-04-14 08:23 - 2014-04-14 08:23 - 00001404 _____ () C:\Users\Byron\Downloads\agent (6).jnlp
2014-04-13 22:01 - 2014-04-13 22:01 - 00011491 _____ () C:\Users\Byron\Downloads\[kickass.to]mad.men.s07e01.hdtv.x264.killers.eztv.torrent
2014-04-13 22:00 - 2014-04-13 22:00 - 00010967 _____ () C:\Users\Byron\Downloads\[kickass.to]revenge.s03e19.hdtv.x264.lol.eztv.torrent
2014-04-13 18:13 - 2014-04-13 18:14 - 09247682 _____ () C:\Users\Byron\Downloads\1-10_USEN-2.key
2014-04-13 17:11 - 2014-04-13 17:11 - 01436160 _____ () C:\Users\Byron\Downloads\SanJose-Event-Promotion-USES.ppt
2014-04-13 14:29 - 2014-04-13 14:29 - 00021266 _____ () C:\Users\Byron\Downloads\[kickass.to]survivor.s28e07.hdtv.x264.w4f.eztv.torrent
2014-04-13 14:28 - 2014-04-13 14:42 - 726034030 _____ () C:\Users\Byron\Downloads\Boxing.Manny.Pacquiao.vs.Timothy.Bradley.12th.April.2014.PDTV.x264-Sir.Paul.mp4
2014-04-13 14:27 - 2014-04-13 14:27 - 00028462 _____ () C:\Users\Byron\Downloads\[kickass.to]boxing.manny.pacquiao.vs.timothy.bradley.12th.april.2014.pdtv.x264.sir.paul.torrent
2014-04-13 14:27 - 2014-04-13 14:27 - 00014917 _____ () C:\Users\Byron\Downloads\[kickass.to]zulu.2013.brrip.xvid.sam.etrg.torrent
2014-04-13 10:22 - 2014-04-13 10:22 - 00000127 _____ () C:\Users\Byron\Desktop\ckfiles.txt
2014-04-13 10:03 - 2014-04-13 10:03 - 00468480 _____ () C:\Users\Byron\Downloads\CKScanner (2).exe
2014-04-13 10:02 - 2014-04-13 10:02 - 00468480 _____ () C:\Users\Byron\Downloads\CKScanner (1).exe
2014-04-13 10:01 - 2014-04-13 10:01 - 00468480 _____ () C:\Users\Byron\Desktop\CKScanner.exe
2014-04-13 10:01 - 2014-04-13 10:01 - 00000000 _____ () C:\Users\Byron\Downloads\ckfiles.txt
2014-04-12 21:12 - 2014-04-12 21:12 - 00064837 _____ () C:\Users\Byron\Downloads\libsrpos_plugin-0.3.win.zip
2014-04-12 21:03 - 2014-04-12 21:10 - 00000000 ____D () C:\Users\Byron\Downloads\Suits.S03E16.720p.HDTV.x264-KILLERS [PublicHD]
2014-04-12 21:03 - 2014-04-12 21:03 - 00005886 _____ () C:\Users\Byron\Downloads\[kickass.to]suits.s03e16.720p.hdtv.x264.killers.publichd.torrent
2014-04-12 10:46 - 2014-04-12 10:46 - 00017133 _____ () C:\Users\Byron\Downloads\[kickass.to]hannibal.s02e07.hdtv.x264.lol.ettv.torrent
2014-04-11 22:55 - 2014-04-11 22:55 - 00221400 _____ () C:\Users\Byron\Downloads\[kickass.to]ufc.fight.night.40.nogueira.vs.nelson.720p.hdtv.x264.koenig.rartv.torrent
2014-04-11 22:54 - 2014-04-11 22:54 - 00014723 _____ () C:\Users\Byron\Downloads\[kickass.to]joe.2013.hdrip.xvid.ac3.aqos.torrent
2014-04-11 16:43 - 2014-04-11 16:43 - 01240576 _____ () C:\Users\Byron\Downloads\SanJose-Event-Promotion.ppt
2014-04-11 14:12 - 2014-04-11 14:12 - 00001404 _____ () C:\Users\Byron\Downloads\agent (5).jnlp
2014-04-11 14:08 - 2014-04-11 14:08 - 00001404 _____ () C:\Users\Byron\Downloads\agent (4).jnlp
2014-04-11 14:04 - 2014-04-11 14:04 - 00048707 _____ () C:\Users\Byron\Desktop\Addition.txt
2014-04-11 14:02 - 2014-04-12 21:26 - 00054162 _____ () C:\Users\Byron\Downloads\FRST.txt
2014-04-11 14:02 - 2014-04-11 14:03 - 00048707 _____ () C:\Users\Byron\Downloads\Addition.txt
2014-04-11 14:01 - 2014-04-15 12:24 - 00000000 ____D () C:\FRST
2014-04-11 13:57 - 2014-04-11 13:57 - 00027825 _____ () C:\ComboFix.txt
2014-04-11 13:57 - 2014-04-11 13:57 - 00001404 _____ () C:\Users\Byron\Downloads\agent (3).jnlp
2014-04-11 13:32 - 2014-04-11 13:32 - 05196025 ____R (Swearware) C:\Users\Byron\Downloads\ComboFix.exe
2014-04-11 12:11 - 2014-04-11 12:11 - 01056256 _____ () C:\Users\Byron\Desktop\NFL_ST_PROFIT_CALCULATOR.xls
2014-04-11 08:29 - 2014-04-11 08:29 - 00001404 _____ () C:\Users\Byron\Downloads\agent (2).jnlp
2014-04-11 08:29 - 2014-04-11 08:29 - 00001404 _____ () C:\Users\Byron\Downloads\agent (1).jnlp
2014-04-11 01:19 - 2014-04-11 01:19 - 00020502 _____ () C:\Users\Byron\Downloads\[kickass.to]the.amazing.race.s24e06.hdtv.x264.lol.eztv.torrent
2014-04-10 23:14 - 2014-04-10 23:14 - 00009606 _____ () C:\Users\Byron\Downloads\[kickass.to]the.blacklist.s01e18.hdtv.x264.lol.eztv.torrent
2014-04-10 23:12 - 2014-04-10 23:12 - 00045113 _____ () C:\Users\Byron\Downloads\[kickass.to]the.voice.s06e13.hdtv.x264.2hd.ettv.torrent
2014-04-10 23:12 - 2014-04-10 23:12 - 00027753 _____ () C:\Users\Byron\Downloads\[kickass.to]the.voice.s06e14.hdtv.x264.2hd.ettv.torrent
2014-04-10 23:11 - 2014-04-10 23:11 - 00025443 _____ () C:\Users\Byron\Downloads\[kickass.to]vikings.s02e07.hdtv.x264.excellence.ettv.torrent
2014-04-10 08:16 - 2014-04-10 08:16 - 00001404 _____ () C:\Users\Byron\Downloads\agent.jnlp
2014-04-09 22:10 - 2014-04-09 22:10 - 00000000 ____D () C:\Users\Byron\Documents\BLACKBERRY-C16E
2014-04-09 21:11 - 2014-04-09 21:12 - 00000000 ____D () C:\Users\Byron\AppData\Local\Amazon Cloud Player
2014-04-09 21:11 - 2014-04-09 21:11 - 00001212 _____ () C:\Users\Byron\Desktop\Amazon Cloud Player.lnk
2014-04-09 21:11 - 2014-04-09 21:11 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-04-09 21:10 - 2014-04-09 21:11 - 36335656 _____ (Amazon) C:\Users\Byron\Downloads\AmazonCloudPlayerInstaller_r26.exe
2014-04-08 21:20 - 2014-03-30 18:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 21:20 - 2014-03-30 18:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 21:20 - 2014-03-30 17:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 21:20 - 2014-03-30 16:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 21:19 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 21:19 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-08 21:19 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-08 21:19 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-08 21:19 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-08 21:19 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-08 21:19 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-08 21:19 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-08 21:19 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-08 21:19 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-08 21:19 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-08 21:19 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-08 21:19 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-08 21:19 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-08 21:19 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-08 21:19 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-08 21:19 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 11:04 - 2014-04-07 11:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-06 23:50 - 2014-04-06 23:50 - 03930783 _____ () C:\Users\Byron\Downloads\OnlineScanner.cab
2014-04-06 21:56 - 2014-04-06 21:56 - 00184282 _____ () C:\Users\Byron\Downloads\OTL.Txt
2014-04-06 21:41 - 2014-04-06 21:41 - 00602112 _____ (OldTimer Tools) C:\Users\Byron\Downloads\OTL.exe
2014-04-04 04:29 - 2014-04-11 13:47 - 00001700 _____ () C:\Windows\PFRO.log
2014-04-03 00:06 - 2014-04-03 00:06 - 00000875 _____ () C:\Users\Byron\Desktop\BitTorrent.lnk
2014-04-03 00:06 - 2014-04-03 00:06 - 00000855 _____ () C:\Users\Byron\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-04-03 00:04 - 2014-04-03 00:04 - 01615960 _____ (BitTorrent Inc.) C:\Users\Byron\Downloads\bittorrent (1).exe
2014-04-02 02:22 - 2014-04-15 08:52 - 00004710 _____ () C:\Windows\setupact.log
2014-04-02 02:22 - 2014-04-02 02:22 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-01 15:23 - 2014-04-01 15:23 - 00225686 _____ () C:\Users\Byron\Desktop\Internet is extremely slow - Browsers, Internet and email.htm
2014-04-01 15:23 - 2014-04-01 15:23 - 00000000 ____D () C:\Users\Byron\Desktop\Internet is extremely slow - Browsers, Internet and email_files
2014-04-01 10:22 - 2014-04-09 16:27 - 00112084 _____ () C:\Users\Byron\Desktop\Food 3 27 14.xlsx
2014-03-31 22:43 - 2014-03-31 22:43 - 01615960 _____ (BitTorrent Inc.) C:\Users\Byron\Downloads\bittorrent.exe
2014-03-30 23:40 - 2014-03-30 23:40 - 00422256 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-30 17:26 - 2014-03-30 17:27 - 06228992 _____ () C:\Users\Byron\Desktop\ACN_Comp.ppt
2014-03-30 17:12 - 2014-04-13 18:25 - 00000000 ____D () C:\Users\Byron\Desktop\Tools in Spanish
2014-03-29 02:00 - 2014-03-29 02:00 - 00110088 _____ () C:\Users\Byron\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-27 16:50 - 2014-04-11 16:00 - 00013058 _____ () C:\Users\Byron\Desktop\Pipeline Report (2).xlsx
2014-03-26 17:01 - 2014-04-11 16:51 - 00010159 _____ () C:\Users\Byron\Desktop\Byron Perkins Sales Chart (2).xlsx
2014-03-25 19:55 - 2014-03-25 19:55 - 08407552 _____ () C:\Users\Byron\Desktop\Powerpoint Presentation 2.pps
2014-03-21 18:11 - 2012-05-04 19:29 - 00772504 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2014-03-21 18:11 - 2012-05-04 19:29 - 00687504 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2014-03-21 14:17 - 2014-03-21 14:17 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-19 08:18 - 2014-03-25 17:04 - 00117630 _____ () C:\Users\Byron\Desktop\Mar14 Leads..xlsx
2014-03-19 08:17 - 2014-03-25 17:03 - 00010136 _____ () C:\Users\Byron\Desktop\Byron Perkins Sales Chart.xlsx
2014-03-18 23:21 - 2014-04-01 15:13 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-03-18 23:21 - 2014-03-18 23:21 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Optimizer Pro
2014-03-18 13:15 - 2014-03-18 13:15 - 00002211 _____ () C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
2014-03-18 13:15 - 2014-03-18 13:15 - 00002185 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-03-18 13:14 - 2014-03-18 13:15 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-18 13:11 - 2014-03-18 13:42 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-18 12:13 - 2014-03-18 12:29 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Nero
2014-03-18 12:12 - 2014-03-18 12:12 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2014-03-18 12:03 - 2014-03-18 12:11 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-03-18 02:02 - 2014-03-18 02:02 - 00000000 ____D () C:\Users\Byron\Documents\Optimizer Pro
2014-03-18 01:57 - 2014-03-18 01:57 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\IObit
2014-03-18 01:57 - 2014-03-18 01:57 - 00000000 ____D () C:\Program Files (x86)\Evonsoft Computer Repair
2014-03-17 20:34 - 2014-03-17 20:34 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Ahead
2014-03-17 13:43 - 2014-03-18 01:50 - 00000000 ____D () C:\Users\Byron\Downloads\Brain Sync - Attract Wealth
2014-03-16 22:13 - 2002-01-05 07:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-03-16 22:13 - 1998-06-18 01:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2014-03-16 16:55 - 2014-03-16 16:56 - 00000000 ____D () C:\Users\Byron\Downloads\Cheetah DVD Burner 2.51 + Serial-[HB]
==================== One Month Modified Files and Folders =======
2014-04-15 12:25 - 2012-09-16 15:32 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\BitTorrent
2014-04-15 12:24 - 2014-04-15 02:19 - 00000000 ____D () C:\Users\Byron\Desktop\New folder
2014-04-15 12:24 - 2014-04-11 14:01 - 00000000 ____D () C:\FRST
2014-04-15 12:17 - 2012-04-04 00:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 08:52 - 2014-04-15 08:52 - 00001404 _____ () C:\Users\Byron\Downloads\agent (13).jnlp
2014-04-15 08:52 - 2014-04-15 08:52 - 00001404 _____ () C:\Users\Byron\Downloads\agent (12).jnlp
2014-04-15 08:52 - 2014-04-02 02:22 - 00004710 _____ () C:\Windows\setupact.log
2014-04-15 08:33 - 2014-04-15 08:33 - 00000165 ____H () C:\Users\Byron\Desktop\~$Pipeline Report (2).xlsx
2014-04-15 08:24 - 2014-04-15 08:24 - 00001404 _____ () C:\Users\Byron\Downloads\agent (11).jnlp
2014-04-15 08:22 - 2014-04-15 08:22 - 00001404 _____ () C:\Users\Byron\Downloads\agent (10).jnlp
2014-04-15 02:30 - 2009-07-13 21:45 - 00010240 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 02:30 - 2009-07-13 21:45 - 00010240 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 02:24 - 2013-09-18 23:15 - 00000008 __RSH () C:\Users\Byron\ntuser.pol
2014-04-15 02:24 - 2011-04-29 19:50 - 00000000 ____D () C:\Users\Byron
2014-04-15 02:23 - 2013-12-22 02:45 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-15 02:23 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-15 02:22 - 2000-03-22 03:27 - 01806588 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 02:21 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-15 02:16 - 2014-04-15 02:16 - 00000000 ____D () C:\Users\Byron\Downloads\FRST-OlderVersion
2014-04-14 13:09 - 2014-04-14 13:09 - 00001404 _____ () C:\Users\Byron\Downloads\agent (9).jnlp
2014-04-14 08:26 - 2014-04-14 08:26 - 00001404 _____ () C:\Users\Byron\Downloads\agent (8).jnlp
2014-04-14 08:24 - 2014-04-14 08:24 - 00001404 _____ () C:\Users\Byron\Downloads\agent (7).jnlp
2014-04-14 08:23 - 2014-04-14 08:23 - 00001404 _____ () C:\Users\Byron\Downloads\agent (6).jnlp
2014-04-14 01:59 - 2011-06-24 23:24 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\vlc
2014-04-13 22:01 - 2014-04-13 22:01 - 00011491 _____ () C:\Users\Byron\Downloads\[kickass.to]mad.men.s07e01.hdtv.x264.killers.eztv.torrent
2014-04-13 22:00 - 2014-04-13 22:00 - 00010967 _____ () C:\Users\Byron\Downloads\[kickass.to]revenge.s03e19.hdtv.x264.lol.eztv.torrent
2014-04-13 18:25 - 2014-03-30 17:12 - 00000000 ____D () C:\Users\Byron\Desktop\Tools in Spanish
2014-04-13 18:14 - 2014-04-13 18:13 - 09247682 _____ () C:\Users\Byron\Downloads\1-10_USEN-2.key
2014-04-13 17:23 - 2012-08-26 23:40 - 03767808 ___SH () C:\Users\Byron\Desktop\Thumbs.db
2014-04-13 17:11 - 2014-04-13 17:11 - 01436160 _____ () C:\Users\Byron\Downloads\SanJose-Event-Promotion-USES.ppt
2014-04-13 15:38 - 2009-07-13 22:13 - 00006522 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-13 14:42 - 2014-04-13 14:28 - 726034030 _____ () C:\Users\Byron\Downloads\Boxing.Manny.Pacquiao.vs.Timothy.Bradley.12th.April.2014.PDTV.x264-Sir.Paul.mp4
2014-04-13 14:29 - 2014-04-13 14:29 - 00021266 _____ () C:\Users\Byron\Downloads\[kickass.to]survivor.s28e07.hdtv.x264.w4f.eztv.torrent
2014-04-13 14:27 - 2014-04-13 14:27 - 00028462 _____ () C:\Users\Byron\Downloads\[kickass.to]boxing.manny.pacquiao.vs.timothy.bradley.12th.april.2014.pdtv.x264.sir.paul.torrent
2014-04-13 14:27 - 2014-04-13 14:27 - 00014917 _____ () C:\Users\Byron\Downloads\[kickass.to]zulu.2013.brrip.xvid.sam.etrg.torrent
2014-04-13 10:22 - 2014-04-13 10:22 - 00000127 _____ () C:\Users\Byron\Desktop\ckfiles.txt
2014-04-13 10:03 - 2014-04-13 10:03 - 00468480 _____ () C:\Users\Byron\Downloads\CKScanner (2).exe
2014-04-13 10:02 - 2014-04-13 10:02 - 00468480 _____ () C:\Users\Byron\Downloads\CKScanner (1).exe
2014-04-13 10:01 - 2014-04-13 10:01 - 00468480 _____ () C:\Users\Byron\Desktop\CKScanner.exe
2014-04-13 10:01 - 2014-04-13 10:01 - 00000000 _____ () C:\Users\Byron\Downloads\ckfiles.txt
2014-04-12 21:26 - 2014-04-11 14:02 - 00054162 _____ () C:\Users\Byron\Downloads\FRST.txt
2014-04-12 21:12 - 2014-04-12 21:12 - 00064837 _____ () C:\Users\Byron\Downloads\libsrpos_plugin-0.3.win.zip
2014-04-12 21:10 - 2014-04-12 21:03 - 00000000 ____D () C:\Users\Byron\Downloads\Suits.S03E16.720p.HDTV.x264-KILLERS [PublicHD]
2014-04-12 21:03 - 2014-04-12 21:03 - 00005886 _____ () C:\Users\Byron\Downloads\[kickass.to]suits.s03e16.720p.hdtv.x264.killers.publichd.torrent
2014-04-12 10:46 - 2014-04-12 10:46 - 00017133 _____ () C:\Users\Byron\Downloads\[kickass.to]hannibal.s02e07.hdtv.x264.lol.ettv.torrent
2014-04-11 22:55 - 2014-04-11 22:55 - 00221400 _____ () C:\Users\Byron\Downloads\[kickass.to]ufc.fight.night.40.nogueira.vs.nelson.720p.hdtv.x264.koenig.rartv.torrent
2014-04-11 22:54 - 2014-04-11 22:54 - 00014723 _____ () C:\Users\Byron\Downloads\[kickass.to]joe.2013.hdrip.xvid.ac3.aqos.torrent
2014-04-11 16:51 - 2014-03-26 17:01 - 00010159 _____ () C:\Users\Byron\Desktop\Byron Perkins Sales Chart (2).xlsx
2014-04-11 16:43 - 2014-04-11 16:43 - 01240576 _____ () C:\Users\Byron\Downloads\SanJose-Event-Promotion.ppt
2014-04-11 16:00 - 2014-03-27 16:50 - 00013058 _____ () C:\Users\Byron\Desktop\Pipeline Report (2).xlsx
2014-04-11 14:12 - 2014-04-11 14:12 - 00001404 _____ () C:\Users\Byron\Downloads\agent (5).jnlp
2014-04-11 14:08 - 2014-04-11 14:08 - 00001404 _____ () C:\Users\Byron\Downloads\agent (4).jnlp
2014-04-11 14:04 - 2014-04-11 14:04 - 00048707 _____ () C:\Users\Byron\Desktop\Addition.txt
2014-04-11 14:03 - 2014-04-11 14:02 - 00048707 _____ () C:\Users\Byron\Downloads\Addition.txt
2014-04-11 13:57 - 2014-04-11 13:57 - 00027825 _____ () C:\ComboFix.txt
2014-04-11 13:57 - 2014-04-11 13:57 - 00001404 _____ () C:\Users\Byron\Downloads\agent (3).jnlp
2014-04-11 13:57 - 2012-04-17 08:17 - 00000000 ____D () C:\Qoobox
2014-04-11 13:49 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-11 13:47 - 2014-04-04 04:29 - 00001700 _____ () C:\Windows\PFRO.log
2014-04-11 13:32 - 2014-04-11 13:32 - 05196025 ____R (Swearware) C:\Users\Byron\Downloads\ComboFix.exe
2014-04-11 12:11 - 2014-04-11 12:11 - 01056256 _____ () C:\Users\Byron\Desktop\NFL_ST_PROFIT_CALCULATOR.xls
2014-04-11 08:29 - 2014-04-11 08:29 - 00001404 _____ () C:\Users\Byron\Downloads\agent (2).jnlp
2014-04-11 08:29 - 2014-04-11 08:29 - 00001404 _____ () C:\Users\Byron\Downloads\agent (1).jnlp
2014-04-11 01:19 - 2014-04-11 01:19 - 00020502 _____ () C:\Users\Byron\Downloads\[kickass.to]the.amazing.race.s24e06.hdtv.x264.lol.eztv.torrent
2014-04-10 23:14 - 2014-04-10 23:14 - 00009606 _____ () C:\Users\Byron\Downloads\[kickass.to]the.blacklist.s01e18.hdtv.x264.lol.eztv.torrent
2014-04-10 23:12 - 2014-04-10 23:12 - 00045113 _____ () C:\Users\Byron\Downloads\[kickass.to]the.voice.s06e13.hdtv.x264.2hd.ettv.torrent
2014-04-10 23:12 - 2014-04-10 23:12 - 00027753 _____ () C:\Users\Byron\Downloads\[kickass.to]the.voice.s06e14.hdtv.x264.2hd.ettv.torrent
2014-04-10 23:11 - 2014-04-10 23:11 - 00025443 _____ () C:\Users\Byron\Downloads\[kickass.to]vikings.s02e07.hdtv.x264.excellence.ettv.torrent
2014-04-10 08:16 - 2014-04-10 08:16 - 00001404 _____ () C:\Users\Byron\Downloads\agent.jnlp
2014-04-09 22:10 - 2014-04-09 22:10 - 00000000 ____D () C:\Users\Byron\Documents\BLACKBERRY-C16E
2014-04-09 21:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-04-09 21:12 - 2014-04-09 21:11 - 00000000 ____D () C:\Users\Byron\AppData\Local\Amazon Cloud Player
2014-04-09 21:11 - 2014-04-09 21:11 - 00001212 _____ () C:\Users\Byron\Desktop\Amazon Cloud Player.lnk
2014-04-09 21:11 - 2014-04-09 21:11 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-04-09 21:11 - 2014-04-09 21:10 - 36335656 _____ (Amazon) C:\Users\Byron\Downloads\AmazonCloudPlayerInstaller_r26.exe
2014-04-09 16:27 - 2014-04-01 10:22 - 00112084 _____ () C:\Users\Byron\Desktop\Food 3 27 14.xlsx
2014-04-09 03:07 - 2011-04-30 00:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 03:05 - 2013-07-28 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 03:02 - 2011-04-30 20:52 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 11:04 - 2014-04-07 11:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-07 11:04 - 2014-03-15 18:08 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-07 11:04 - 2014-03-15 18:08 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-07 11:04 - 2014-03-15 18:08 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-07 11:04 - 2014-03-15 18:08 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-07 11:04 - 2014-03-15 18:08 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-07 11:04 - 2014-03-15 18:08 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-07 11:04 - 2014-03-15 18:08 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-07 11:04 - 2014-03-15 18:08 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-07 11:04 - 2014-03-15 18:08 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-07 11:04 - 2014-03-15 18:08 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-06 23:50 - 2014-04-06 23:50 - 03930783 _____ () C:\Users\Byron\Downloads\OnlineScanner.cab
2014-04-06 21:56 - 2014-04-06 21:56 - 00184282 _____ () C:\Users\Byron\Downloads\OTL.Txt
2014-04-06 21:41 - 2014-04-06 21:41 - 00602112 _____ (OldTimer Tools) C:\Users\Byron\Downloads\OTL.exe
2014-04-06 21:20 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-03 00:06 - 2014-04-03 00:06 - 00000875 _____ () C:\Users\Byron\Desktop\BitTorrent.lnk
2014-04-03 00:06 - 2014-04-03 00:06 - 00000855 _____ () C:\Users\Byron\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-04-03 00:04 - 2014-04-03 00:04 - 01615960 _____ (BitTorrent Inc.) C:\Users\Byron\Downloads\bittorrent (1).exe
2014-04-02 02:22 - 2014-04-02 02:22 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-01 15:23 - 2014-04-01 15:23 - 00225686 _____ () C:\Users\Byron\Desktop\Internet is extremely slow - Browsers, Internet and email.htm
2014-04-01 15:23 - 2014-04-01 15:23 - 00000000 ____D () C:\Users\Byron\Desktop\Internet is extremely slow - Browsers, Internet and email_files
2014-04-01 15:13 - 2014-03-18 23:21 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-04-01 15:13 - 2013-11-11 19:33 - 00000000 ____D () C:\Users\Byron\AppData\Local\NativeMessaging
2014-03-31 22:43 - 2014-03-31 22:43 - 01615960 _____ (BitTorrent Inc.) C:\Users\Byron\Downloads\bittorrent.exe
2014-03-31 17:47 - 2013-02-12 00:43 - 00000000 ___RD () C:\Users\Byron\Desktop\Jim Rohn
2014-03-31 12:00 - 2011-06-21 12:40 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Dropbox
2014-03-30 23:42 - 2011-06-21 12:44 - 00000000 ___RD () C:\Users\Byron\Dropbox
2014-03-30 23:42 - 2011-04-29 19:50 - 00000000 ___RD () C:\Users\Byron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-30 23:40 - 2014-03-30 23:40 - 00422256 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-30 18:16 - 2014-04-08 21:20 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-30 18:13 - 2014-04-08 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-30 17:27 - 2014-03-30 17:26 - 06228992 _____ () C:\Users\Byron\Desktop\ACN_Comp.ppt
2014-03-30 17:13 - 2014-04-08 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-30 16:57 - 2014-04-08 21:20 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-29 02:00 - 2014-03-29 02:00 - 00110088 _____ () C:\Users\Byron\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-25 19:55 - 2014-03-25 19:55 - 08407552 _____ () C:\Users\Byron\Desktop\Powerpoint Presentation 2.pps
2014-03-25 17:04 - 2014-03-19 08:18 - 00117630 _____ () C:\Users\Byron\Desktop\Mar14 Leads..xlsx
2014-03-25 17:03 - 2014-03-19 08:17 - 00010136 _____ () C:\Users\Byron\Desktop\Byron Perkins Sales Chart.xlsx
2014-03-21 15:19 - 2012-03-17 16:46 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-21 15:12 - 2011-12-31 07:15 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-21 14:17 - 2014-03-21 14:17 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-20 22:49 - 2012-09-03 10:08 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3700817450-263443993-1340972289-1000UA.job
2014-03-20 22:49 - 2012-09-03 10:07 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3700817450-263443993-1340972289-1000Core.job
2014-03-20 22:47 - 2012-09-03 10:08 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3700817450-263443993-1340972289-1000UA
2014-03-20 22:47 - 2012-09-03 10:08 - 00003494 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3700817450-263443993-1340972289-1000Core
2014-03-20 22:28 - 2012-11-26 23:19 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3700817450-263443993-1340972289-1000UA.job
2014-03-20 22:28 - 2012-11-26 23:19 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3700817450-263443993-1340972289-1000Core.job
2014-03-19 20:24 - 2000-03-22 03:45 - 00003070 _____ () C:\Windows\System32\Tasks\ACMON
2014-03-19 20:19 - 2011-04-29 22:19 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-19 20:19 - 2011-04-29 22:19 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-19 20:13 - 2011-04-29 20:26 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Adobe
2014-03-19 20:13 - 2011-04-29 20:26 - 00000000 ____D () C:\Users\Byron\AppData\Local\Adobe
2014-03-18 23:21 - 2014-03-18 23:21 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Optimizer Pro
2014-03-18 23:15 - 2000-03-22 03:46 - 00003092 _____ () C:\Windows\System32\Tasks\WC3
2014-03-18 23:15 - 2000-03-22 03:45 - 00003112 _____ () C:\Windows\System32\Tasks\ASUSControlDeck
2014-03-18 23:15 - 2000-03-22 03:45 - 00003042 _____ () C:\Windows\System32\Tasks\ASUS P4G
2014-03-18 23:15 - 2000-03-22 03:45 - 00003004 _____ () C:\Windows\System32\Tasks\ASUS Live Update
2014-03-18 23:15 - 2000-03-22 03:45 - 00002988 _____ () C:\Windows\System32\Tasks\ASUS SmartLogon Console Sensor
2014-03-18 23:11 - 2012-11-26 23:19 - 00003916 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3700817450-263443993-1340972289-1000UA
2014-03-18 23:11 - 2012-11-26 23:19 - 00003548 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3700817450-263443993-1340972289-1000Core
2014-03-18 21:44 - 2012-01-08 22:30 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-18 21:44 - 2012-01-08 22:30 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-18 13:42 - 2014-03-18 13:11 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-18 13:42 - 2012-04-15 10:50 - 00000000 ____D () C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2014-03-18 13:42 - 2012-04-08 09:58 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\HpUpdate
2014-03-18 13:42 - 2012-03-11 01:29 - 00000000 ____D () C:\Users\Byron\AppData\Local\Downloaded Installations
2014-03-18 13:42 - 2012-02-14 18:58 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-03-18 13:42 - 2011-04-30 01:39 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-03-18 13:42 - 2011-04-30 00:39 - 00000000 ____D () C:\Users\Byron\AppData\Local\Microsoft Help
2014-03-18 13:34 - 2012-01-08 22:30 - 00003904 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-18 13:34 - 2012-01-08 22:30 - 00003652 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-18 13:17 - 2011-12-13 20:55 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-18 13:15 - 2014-03-18 13:15 - 00002211 _____ () C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
2014-03-18 13:15 - 2014-03-18 13:15 - 00002185 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-03-18 13:15 - 2014-03-18 13:14 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-18 13:14 - 2011-12-13 20:57 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\TuneUp Software
2014-03-18 12:29 - 2014-03-18 12:13 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Nero
2014-03-18 12:25 - 2000-03-22 03:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-18 12:12 - 2014-03-18 12:12 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2014-03-18 12:11 - 2014-03-18 12:03 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-03-18 12:06 - 2011-04-29 22:29 - 00000000 ____D () C:\ProgramData\Nero
2014-03-18 02:02 - 2014-03-18 02:02 - 00000000 ____D () C:\Users\Byron\Documents\Optimizer Pro
2014-03-18 01:57 - 2014-03-18 01:57 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\IObit
2014-03-18 01:57 - 2014-03-18 01:57 - 00000000 ____D () C:\Program Files (x86)\Evonsoft Computer Repair
2014-03-18 01:50 - 2014-03-17 13:43 - 00000000 ____D () C:\Users\Byron\Downloads\Brain Sync - Attract Wealth
2014-03-17 20:34 - 2014-03-17 20:34 - 00000000 ____D () C:\Users\Byron\AppData\Roaming\Ahead
2014-03-16 23:21 - 2011-05-01 01:33 - 00000000 ____D () C:\Windows\pss
2014-03-16 16:56 - 2014-03-16 16:55 - 00000000 ____D () C:\Users\Byron\Downloads\Cheetah DVD Burner 2.51 + Serial-[HB]
2014-03-16 16:36 - 2014-03-07 23:23 - 00000000 ____D () C:\Users\Byron\AppData\Local\Ahead
ZeroAccess:
C:\Windows\Installer\{cbcbd993-506d-96b9-6602-879c2385f055}
ZeroAccess:
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{cbcbd993-506d-96b9-6602-879c2385f055}
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-09 21:42
==================== End Of Log ============================
#21
jeffce
-
- Authentic Member
-
- 8,693 posts
Malware Guy
Posted 15 April 2014 - 02:17 PM
Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the Desktop as fixlist.txt
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1024417699&ir=
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Windows\Installer\{cbcbd993-506d-96b9-6602-879c2385f055}
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{cbcbd993-506d-96b9-6602-879c2385f055}
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) please post it to your reply.
----------
Post the new FRST log and let me know how your system is running now.
#22
Bperkins7468
-
- Authentic Member
-
- 92 posts
Authentic Member
Posted 15 April 2014 - 03:24 PM
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-04-2014
Ran by Byron at 2014-04-15 14:21:23 Run:2
Running from C:\Users\Byron\Desktop\New folder
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1024417699&ir=
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Windows\Installer\{cbcbd993-506d-96b9-6602-879c2385f055}
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{cbcbd993-506d-96b9-6602-879c2385f055}
*****************
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Windows\Installer\{cbcbd993-506d-96b9-6602-879c2385f055} => Moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{cbcbd993-506d-96b9-6602-879c2385f055} => Moved successfully.
==== End of Fixlog ====
*** My system appears to be running normal now. Why was the browser hanging? And what can i do to prevent it from happening again?
I have to add that based on the speedtest, I have a download speed of 19mbps. However, when I go to some sites to watch videos, the video still buffers an awful lot. Is 19 mbps too slow???
Edited by Bperkins7468, 15 April 2014 - 03:27 PM.
#23
jeffce
-
- Authentic Member
-
- 8,693 posts
Malware Guy
Posted 16 April 2014 - 10:13 AM
AdwCleaner
Please download AdwCleaner by Xplode and save to your Desktop.
- Double click on AdwCleaner.exe to run the tool
Vista/Windows 7/8 users right-click and select Run As Administrator. - Click on the Scan button.
- AdwCleaner will begin...be patient as the scan may take some time to complete.
- After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
- The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
- Copy and paste the contents of that logfile in your next reply.
- A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
----------
Let's keep looking and see what we find.....we removed the worst of the infection though.
#24
Bperkins7468
-
- Authentic Member
-
- 92 posts
Authentic Member
Posted 16 April 2014 - 10:17 AM
Jeff, I have another issue and I don't know if it relates to this or not. But My DNS server isn't responding sometimes. And I always have a "Resolving host" issue. I think that has something to do with my browser hanging too. Not sure.
#25
jeffce
-
- Authentic Member
-
- 8,693 posts
Malware Guy
Posted 16 April 2014 - 10:19 AM
You had an extremely bad infection that was on your system that does cause some damage....this may be a result of some of this damage.
Are you having this with all browsers? Or which one(s)?
Register to Remove
#26
Bperkins7468
-
- Authentic Member
-
- 92 posts
Authentic Member
Posted 16 April 2014 - 10:24 AM
All browsers same thing. I'm running the AdwCleaner now.
Edited by Bperkins7468, 16 April 2014 - 10:24 AM.
#27
Bperkins7468
-
- Authentic Member
-
- 92 posts
Authentic Member
Posted 16 April 2014 - 11:38 AM
# AdwCleaner v3.023 - Report created 16/04/2014 at 09:22:45
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Byron - BYRON-PC
# Running from : C:\Users\Byron\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Byron\AppData\Roaming\Mozilla\Firefox\Profiles\lbefp8bo.default\searchplugins\conduit-search.xml
File Found : C:\Users\Byron\AppData\Roaming\Mozilla\Firefox\Profiles\lbefp8bo.default\user.js
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
Folder Found C:\Program Files (x86)\AVG Secure Search
Folder Found C:\Program Files (x86)\Bench
Folder Found C:\Program Files (x86)\BTControlTest3
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Optimizer Pro
Folder Found C:\Program Files\Conduit
Folder Found C:\ProgramData\AVG Secure Search
Folder Found C:\ProgramData\Conduit
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Folder Found C:\ProgramData\Trymedia
Folder Found C:\Users\Byron\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\Users\Byron\AppData\Local\AVG Secure Search
Folder Found C:\Users\Byron\AppData\Local\iLivid
Folder Found C:\Users\Byron\AppData\Local\NativeMessaging
Folder Found C:\Users\Byron\AppData\Local\PackageAware
Folder Found C:\Users\Byron\AppData\Local\SwvUpdater
Folder Found C:\Users\Byron\AppData\Local\WhiteListing
Folder Found C:\Users\Byron\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\Users\Byron\AppData\LocalLow\AVG Secure Search
Folder Found C:\Users\Byron\AppData\LocalLow\BTControlTest3
Folder Found C:\Users\Byron\AppData\LocalLow\Conduit
Folder Found C:\Users\Byron\AppData\LocalLow\Inbox Toolbar
Folder Found C:\Users\Byron\AppData\Roaming\digitalsite
Folder Found C:\Users\Byron\AppData\Roaming\DriverCure
Folder Found C:\Users\Byron\AppData\Roaming\Optimizer Pro
Folder Found C:\Users\Byron\AppData\Roaming\registry mechanic
Folder Found C:\Users\Byron\AppData\Roaming\Systweak
Folder Found C:\Users\Byron\AppData\Roaming\ValueApps
Folder Found C:\Users\Byron\Documents\Optimizer Pro
Folder Found C:\Windows\SysWOW64\SearchProtect
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\BTControlTest3
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\wecarereminder
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\Software\Bench
Key Found : HKLM\Software\BTControlTest3
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\inbox.appserver
Key Found : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\CompeteInc
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{005C0065-3E60-44E4-A47F-528C16049BEA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1F5A019-C273-41FA-9656-B9E937C7FF1D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\Trymedia Systems
Key Found : HKLM\Software\Uniblue
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v27.0.1 (en-US)
[ File : C:\Users\Byron\AppData\Roaming\Mozilla\Firefox\Profiles\lbefp8bo.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Byron\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [15361 octets] - [16/04/2014 09:22:45]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15422 octets] ##########
#28
jeffce
-
- Authentic Member
-
- 8,693 posts
Malware Guy
Posted 16 April 2014 - 11:45 AM
AdwCleaner
Double click on AdwCleaner.exe to run the tool again.
- Click on the Scan button.
- AdwCleaner will begin to scan your computer like it did before.
- After the scan has finished...
- This time, click on the Clean button.
- Press OK when asked to close all programs and follow the onscreen prompts.
- Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
- After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
- Copy and paste the contents of that logfile in your next reply.
- A copy of that logfile will also be saved in the C:\AdwCleaner folder.
#29
Bperkins7468
-
- Authentic Member
-
- 92 posts
Authentic Member
Posted 16 April 2014 - 12:43 PM
# AdwCleaner v3.023 - Report created 16/04/2014 at 11:01:05
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Byron - BYRON-PC
# Running from : C:\Users\Byron\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Bench
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\BTControlTest3
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Users\Byron\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Byron\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Byron\AppData\Local\iLivid
Folder Deleted : C:\Users\Byron\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Byron\AppData\Local\PackageAware
Folder Deleted : C:\Users\Byron\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Byron\AppData\Local\WhiteListing
Folder Deleted : C:\Users\Byron\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Byron\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Byron\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Byron\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Byron\AppData\LocalLow\BTControlTest3
Folder Deleted : C:\Users\Byron\AppData\Roaming\digitalsite
Folder Deleted : C:\Users\Byron\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Byron\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Byron\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\Byron\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Byron\AppData\Roaming\ValueApps
Folder Deleted : C:\Users\Byron\Documents\Optimizer Pro
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Byron\AppData\Roaming\Mozilla\Firefox\Profiles\lbefp8bo.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\Byron\AppData\Roaming\Mozilla\Firefox\Profiles\lbefp8bo.default\user.js
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\inbox.appserver
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{005C0065-3E60-44E4-A47F-528C16049BEA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1F5A019-C273-41FA-9656-B9E937C7FF1D}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\BTControlTest3
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Bench
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\BTControlTest3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v27.0.1 (en-US)
[ File : C:\Users\Byron\AppData\Roaming\Mozilla\Firefox\Profiles\lbefp8bo.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Byron\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [15663 octets] - [16/04/2014 09:22:45]
AdwCleaner[R1].txt - [15724 octets] - [16/04/2014 10:51:23]
AdwCleaner[S0].txt - [15547 octets] - [16/04/2014 11:01:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15608 octets] ##########
#30
jeffce
-
- Authentic Member
-
- 8,693 posts
Malware Guy
Posted 16 April 2014 - 01:21 PM
How is your system running?
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
