Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected & Requesting Assistance


  • Please log in to reply
14 replies to this topic

#1 Miss Meek

Miss Meek

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 01 January 2014 - 04:09 AM

Hi-

 

I stupidly re-installed a old version of a Greesemonkey script from Userscripts.com.  I'm thinking that is when I was infected.  The script hadn't been updated in a long time, I had only realised it had stopped working.

 

Anyway, I noticed with firefox open, Norton kept popping up about some temp file that kept trying to install and disabling it.  that lasted for a few days.  I ran a full system scan with Norton, Adaware, and CCleaner.  I thought all was well, until norton popped up again saying a temp file was safe.  I didn't notice anything wrong until the next time I launched firefox and norton kept shutting it down.  Then I realised all of my add-ons had been deleted save for two I knew nothing about.  I deleted them, closed firefox, Installed my major addons and installed Malwarebytes.  It found quite a few things such as OpenCandy, SProtect.A, Silentinstall.A, Somoto.A, Wajam & Wajam.A.  I removed all, but want to make sure I'm completly clean.

 

All help is greatly appreciated, just let me know what you need from me.

Thanks

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:06 AM

Posted 01 January 2014 - 03:18 PM

Hello Miss Meek, see how it is after these.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Miss Meek

Miss Meek
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 02 January 2014 - 12:47 AM

Wow, that took some time. Here are my results:

 

MiniToolBox

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Tanisha2 (administrator) on 01-01-2014 at 21:13:56
Running from "C:\Users\Tanisha2\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



::1             localhost
127.0.0.1       localhost
127.0.0.1       activate.adobe.com

========================= IP Configuration: ================================

Broadcom 43225 802.11b/g/n = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?63 subinterface=ethernet_2 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : MissMeek2
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : C4-17-FE-4E-24-7C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Broadcom 43225 802.11b/g/n
   Physical Address. . . . . . . . . : C4-17-FE-4E-24-7C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ed44:6d0b:4810:d925%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, January 01, 2014 9:02:23 PM
   Lease Expires . . . . . . . . . . : Wednesday, January 08, 2014 9:02:46 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 331618302
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-05-82-EA-C8-0A-A9-0E-8E-71
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A8AC42F8-1F50-4FCD-959A-39F9BEC2E686}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:10cb:269d:b7b6:3df0(Preferred)
   Link-local IPv6 Address . . . . . : fe80::10cb:269d:b7b6:3df0%36(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  Broadcom.Home
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4006:802::1005
      173.194.43.7
      173.194.43.9
      173.194.43.1
      173.194.43.5
      173.194.43.4
      173.194.43.0
      173.194.43.2
      173.194.43.8
      173.194.43.3
      173.194.43.14
      173.194.43.6


Pinging google.com [173.194.43.5] with 32 bytes of data:
Reply from 173.194.43.5: bytes=32 time=22ms TTL=57
Reply from 173.194.43.5: bytes=32 time=18ms TTL=57

Ping statistics for 173.194.43.5:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 18ms, Maximum = 22ms, Average = 20ms
Server:  Broadcom.Home
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=130ms TTL=49
Reply from 206.190.36.45: bytes=32 time=214ms TTL=49

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 130ms, Maximum = 214ms, Average = 172ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=9ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 9ms, Average = 6ms
===========================================================================
Interface List
 16...c4 17 fe 4e 24 7c ......Microsoft Virtual WiFi Miniport Adapter
 11...c4 17 fe 4e 24 7c ......Broadcom 43225 802.11b/g/n
  1...........................Software Loopback Interface 1
 35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 36...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.6     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.6    281
      192.168.1.6  255.255.255.255         On-link       192.168.1.6    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.6    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.6    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.6    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 36     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 36     58 2001::/32                On-link
 36    306 2001:0:9d38:6abd:10cb:269d:b7b6:3df0/128
                                    On-link
 11    281 fe80::/64                On-link
 36    306 fe80::/64                On-link
 36    306 fe80::10cb:269d:b7b6:3df0/128
                                    On-link
 11    281 fe80::ed44:6d0b:4810:d925/128
                                    On-link
  1    306 ff00::/8                 On-link
 36    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/01/2014 11:14:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4134

Error: (01/01/2014 11:14:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4134

Error: (01/01/2014 11:14:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/01/2014 11:14:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3135

Error: (01/01/2014 11:14:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3135

Error: (01/01/2014 11:14:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/01/2014 11:14:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2043

Error: (01/01/2014 11:14:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2043

Error: (01/01/2014 11:14:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/01/2014 11:14:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014


System errors:
=============
Error: (01/01/2014 09:04:09 PM) (Source: Service Control Manager) (User: )
Description: The WD Drive Manager service failed to start due to the following error:
%%1053

Error: (01/01/2014 09:04:09 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the WD Drive Manager service to connect.

Error: (01/01/2014 08:56:28 PM) (Source: Service Control Manager) (User: )
Description: The Norton Identity Safe service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (01/01/2014 08:56:28 PM) (Source: Service Control Manager) (User: )
Description: The Norton Management service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (01/01/2014 08:56:28 PM) (Source: Service Control Manager) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/01/2014 08:51:34 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (01/01/2014 11:01:46 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (12/30/2013 10:42:41 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 1203.

Error: (12/30/2013 10:42:35 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 1203.

Error: (12/29/2013 05:48:38 PM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (07/16/2010 03:15:41 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 115015 seconds with 2580 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-02-06 07:35:14.729
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgfwd6a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-02-06 07:35:14.651
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgfwd6a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-02-06 03:10:49.484
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgfwd6a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-02-06 03:10:49.406
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgfwd6a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-12-07 11:59:14.129
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-12-07 11:59:14.079
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-12-07 11:59:14.030
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-12-07 11:59:13.972
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-04-01 02:19:12.094
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-04-01 02:19:12.080
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
5600 (Version: 130.0.365.000)
64 Bit HP CIO Components Installer (Version: 6.2.1)
abrMate version 1.0 (Version: 1.0)
Acrobat.com (Version: 1.6.65)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Ad-Aware Antivirus (Version: 11.1.5152.0)
AdAwareInstaller (Version: 11.1.5152.0)
AdAwareUpdater (Version: 11.1.5152.0)
Adobe AIR (Version: 3.7.0.2090)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe Community Help (Version: 3.5.23)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader X (10.1.8) (Version: 10.1.8)
Adobe Shockwave Player (Version: 11.5.1.601)
Adobe Shockwave Player 11.6 (Version: 11.6.7.637)
AdobeColorCommonSetRGB (Version: 2.0)
ahSolutions.mediaSync (Version: 1.0.0.5)
AIM 7
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Algebrator 5.0
Amazon Kindle
Android SDK Tools (Version: 1.16)
Angry Birds Space (Version: 1.4.1)
AntimalwareEngine (Version: 2.6.0.0)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.3.12 (Unicode)
AVG 2012 (Version: 12.0.2112)
AviSynth 2.5
Blurb add-in for Microsoft Word (Version: 2.0.0.4)
Bonjour (Version: 3.0.0.10)
Bonjour Print Services (Version: 2.0.2.0)
Book Collector
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
BufferChm (Version: 130.0.331.000)
calibre (Version: 1.17.0)
CCleaner (Version: 4.09)
Cheat Engine 6.2
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Copy (Version: 130.0.428.000)
Corel WinDVD 2010 (Version: 10.0.5.544)
Coupon Companion Plugin (Version: 1.24.151.151)
Coupon Printer for Windows (Version: 5.0.0.4)
CyberLink DVD Suite (Version: 7.0.2216)
CyberLink PhotoNow (Version: 1.1.6622)
CyberLink PowerDirector (Version: 9.0.0.2504)
CyberLink PowerDVD 10 (Version: 10.0.1705)
d2mp
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.465.000)
DHTML Editing Component (Version: 6.02.0001)
DIRECTV Player (Version: 4.00)
DIRECTV2PC™ (Version: 2.0.7507)
DocProc (Version: 13.0.0.0)
Download Updater (AOL LLC)
Dramatica Pro 4.0
Dropbox (Version: 2.4.10)
DVD Menu Pack for HP MediaSmart Video (Version: 3.1.3224)
Easy DVD Creator 2.5.2
ENE CIR Receiver Driver (Version: 2.7.4.0)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Fax (Version: 130.0.418.000)
FeedDemon (Version: 4.0.0.22)
Foxit Phantom (Version: 2.2.4.0225)
Foxit Reader 5.1 (Version: 5.1.3.1201)
Free Window Registry Repair
Gamers Unite! Snag Bar
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.4.2)
GetFLV 9.1.1.5
GoldWave v5.58
Google Chrome (Version: 31.0.1650.63)
Google Drive (Version: 1.13.5782.599)
Google Earth (Version: 7.1.2.2041)
Google Gears (Version: 0.5.3600)
Google Talk Plugin (Version: 4.9.1.16010)
Google Update Helper (Version: 1.3.22.3)
GPBaseService2 (Version: 130.0.371.000)
GPL Ghostscript (Version: 9.06)
H&R Block Deluxe + Efile + State 2009 (Version: 09.04.6901)
HandBrake 0.9.8 (Version: 0.9.8)
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.4.12850.3526)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Games (Version: 1.0.0.71)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP MediaSmart DVD (Version: 3.1.3509)
HP MediaSmart Internet TV (Version: 3.1.2125)
HP MediaSmart Live TV (Version: 3.1.2206)
HP MediaSmart Music/Photo/Video (Version: 3.1.3405)
HP MediaSmart SlingPlayer (Version: 3.0.1.64)
HP MediaSmart SmartMenu (Version: 3.1.0.1)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP MediaSmart Webcam (Version: 3.1.2207)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.2.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Product Detection (Version: 10.7.9.0)
HP Product Detection (Version: 11.14.0004)
HP Quick Launch Buttons (Version: 6.50.12.1)
HP Setup (Version: 1.2.3560.3170)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 5.2.9.2)
HP Update (Version: 5.002.006.003)
HP User Guides 0154 (Version: 1.01.0001)
HP Wireless Assistant (Version: 3.50.9.1)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
Hulu Desktop (Version: 0.9.14)
iCloud (Version: 3.1.0.40)
IDT Audio (Version: 1.0.6276.0)
ImageMagick 6.8.0-8 Q16 (2012-12-01) (Version: 6.8.0)
ImgBurn (Version: 2.5.7.0)
indii.org/tintii
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1968)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Matrix Storage Manager
Internet TV for Windows Media Center (Version: 4.2.2.0)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 11.1.3.8)
Jasc Animation Shop 3 (Version: 3.11)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
JavaFX 2.1.1 (Version: 2.1.1)
JDownloader 0.9 (Version: 0.9)
Junk Mail filter update (Version: 15.4.3502.0922)
KC Softwares VideoInspector
K-Lite Codec Pack 6.3.0 (64-bit) (Version: 6.3.0)
K-Lite Codec Pack 8.8.0 (Standard) (Version: 8.8.0)
LabelPrint (Version: 2.5.2215)
LAME v3.98.2 for Audacity
LightScribe System Software (Version: 1.18.8.1)
Lyrics Plugin for iTunes (Version: 0.4)
Magic ISO Maker v5.4 (build 0239)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mario Forever 4.0 (Version: 4.0)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Expression Web 4 (Version: 4.0.1460.0)
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Primary Interop Assemblies (Version: 14.0.4763.1024)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook Connector (Version: 14.0.6106.5001)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office SharePoint Designer 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer 2010 (Version: 14.0.7015.1000)
Microsoft Office SharePoint Designer MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft SharePoint Designer 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
mIRC (Version: 7.32)
MobileMe Control Panel (Version: 3.1.8.0)
Mobipocket Creator 4.2 (Version: 4.2.41)
Movie Theme Pack for HP MediaSmart Video (Version: 3.1.3310)
MozBackup 1.5.1
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MusicBrainz Picard (Version: 0.15.1)
MyFreeCodec
MyPhoneExplorer (Version: 1.8.4)
NetoCCoupoN
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
NOOK Study (Version: 2.1.1.27456)
Norton 360 (Version: 21.1.0.18)
Norton Identity Safe (Version: 2013.4.0.10)
Norton Management (Version: 3.2.2.12)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
ooVoo (Version: 2.8.0039)
P2PFilter 3.0.5 (Version: 3.0.5)
PDF Settings CS5 (Version: 10.0)
Performancer
Photo Art Studio 2.71
Picture Collage Maker Pro 2.3.4
PlayReady PC Runtime amd64 (Version: 1.3.0)
Power2Go (Version: 6.0.3415)
QLBCASL (Version: 6.40.17.2)
Quicken 2011 (Version: 20.1.8.6)
Quicken 2012 (Version: 21.1.7.18)
Quicken 2013 (Version: 22.1.12.7)
QuickTime (Version: 7.74.80.86)
Realtek Ethernet Controller  Driver (Version: 1.00.0008)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30104)
Recover My Files (Version: 5.1.0.1824)
Recovery Manager (Version: 5.5.2214)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 3.0.23.0)
Replay Media Catcher 4 (4.3.2) (Version: 4.3.2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Scan (Version: 140.0.80.000)
SceneGrabber.NET (Version: 1.0.0)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shop for HP Supplies (Version: 13.0)
SmartSound Quicktracks 5 (Version: 5.1.8)
SmartWebPrinting (Version: 140.0.186.000)
Snagit 10.0.1 (Version: 10.0.1)
Snagit 11 (Version: 11.2.0)
Snagit Stamps Accents (Version: 1.0.0.0)
Snagit Stamps Arrows-large (Version: 1.0.0.0)
Snagit Stamps Blue-Numbers (Version: 1.0.0.0)
Snagit Stamps Business (Version: 1.0.0.0)
Snagit Stamps Windows-Interface (Version: 1.0.0.0)
SolSuite 2010 v10.8
SolutionCenter (Version: 130.0.373.000)
Spotify (Version: 0.9.6.81.gd359a796)
Status (Version: 130.0.469.000)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
System Requirements Lab for Intel (Version: 4.3.1.0)
TaxCut New Jersey 2007 (Version: 1.07.3701)
TaxCut New Jersey 2008 (Version: 1.08.2901)
TaxCut Premium + State + Efile 2008 (Version: 08.07.7101)
TaxCut Premium + State 2007 (Version: 07.04.0000)
The KMPlayer (remove only)
Tipard MKV Video Converter 6.1.12
Tipard Video Converter 6.1.32
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
Tunatic
TurboTax Deluxe Deduction Maximizer 2006
TVersity Codec Pack 1.7 (Version: 1.7)
TVersity Media Server 1.9.7 (Version: 1.9.7)
TweetDeck (Version: 0.37.5)
U6012A (Version: 1.00.0000)
Ulead GIF Animator 5
UnloadSupport (Version: 11.0.0)
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Sharepoint Designer 2007 Help (KB963675)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Veetle TV (Version: 0.9.18)
Vegas Pro 10.0 (Version: 10.0.469)
Vertus Fluid Mask 3 3.0.2 (Version: 3.0.2)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.1.2 (Version: 2.1.2)
Vz In Home Agent (Version: 8.03.66)
WD Quick View (Version: 2.2.0.8)
WD SES Driver Setup (Version: 1.0.1.6)
WD SmartWare Installer (Version: 2.2.0.8)
WebReg (Version: 130.0.132.017)
WexTech AnswerWorks (Version: 1.00.000)
WIDCOMM Bluetooth Software (Version: 6.5.1.2700)
Wi-Fi Connect (Version: 2.20.0229.0817)
WildTangent Games App (HP Games) (Version: 4.0.5.25)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (Version: 06/15/2009 6.2.0.9000)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth  (03/16/2012 6.5.1.2600) (Version: 03/16/2012 6.5.1.2600)
Windows Driver Package - Broadcom Corporation Bluetooth  (03/16/2012 6.5.1.2600) (Version: 03/16/2012 6.5.1.2600)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Driver Package - Broadcom HIDClass  (09/11/2009 6.3.0.1500) (Version: 09/11/2009 6.3.0.1500)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - Microtune International Ltd. (AuviUADFilter) MEDIA  (11/13/2009 11.20221.175.201) (Version: 11/13/2009 11.20221.175.201)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinRAR archiver
Xilisoft Video Converter Ultimate (Version: 7.2.0.20120420)
Xilisoft Video Converter Ultimate 6 (Version: 6.8.0.1101)
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)
Youtube Music Downloader V3.6

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 7990.87 MB
Available physical RAM: 4745.83 MB
Total Pagefile: 15979.91 MB
Available Pagefile: 12723.7 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.6 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:284.67 GB) (Free:172.51 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:13.13 GB) (Free:2.15 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
4 Drive g: (Backup 2) (Fixed) (Total:455.75 GB) (Free:83.95 GB) NTFS
6 Drive i: (Old Files) (Fixed) (Total:10.01 GB) (Free:1.11 GB) NTFS
8 Drive k: (Backup 3) (Fixed) (Total:1862.98 GB) (Free:1748.34 GB) NTFS

========================= Users: ========================================

User accounts for \\MISSMEEK2

Administrator            Guest                    Tanisha2                 


**** End of log ****
 

TDSSKiller Results:

21:17:40.0169 0x1aac  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
21:17:46.0124 0x1aac  ============================================================
21:17:46.0125 0x1aac  Current date / time: 2014/01/01 21:17:46.0124
21:17:46.0125 0x1aac  SystemInfo:
21:17:46.0125 0x1aac  
21:17:46.0125 0x1aac  OS Version: 6.1.7601 ServicePack: 1.0
21:17:46.0125 0x1aac  Product type: Workstation
21:17:46.0125 0x1aac  ComputerName: MISSMEEK2
21:17:46.0125 0x1aac  UserName: Tanisha2
21:17:46.0125 0x1aac  Windows directory: C:\Windows
21:17:46.0125 0x1aac  System windows directory: C:\Windows
21:17:46.0125 0x1aac  Running under WOW64
21:17:46.0125 0x1aac  Processor architecture: Intel x64
21:17:46.0125 0x1aac  Number of processors: 4
21:17:46.0125 0x1aac  Page size: 0x1000
21:17:46.0125 0x1aac  Boot type: Normal boot
21:17:46.0125 0x1aac  ============================================================
21:17:47.0442 0x1aac  KLMD registered as C:\Windows\system32\drivers\26103770.sys
21:17:48.0012 0x1aac  System UUID: {C1BB2E1E-C2D6-8344-AF9C-65DC75E13AE2}
21:17:49.0174 0x1aac  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:17:49.0181 0x1aac  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:17:49.0749 0x1aac  Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 (1862.99 Gb), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:17:49.0756 0x1aac  ============================================================
21:17:49.0756 0x1aac  \Device\Harddisk0\DR0:
21:17:49.0756 0x1aac  MBR partitions:
21:17:49.0756 0x1aac  \Device\Harddisk1\DR1:
21:17:49.0757 0x1aac  MBR partitions:
21:17:49.0757 0x1aac  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38F80D41
21:17:49.0757 0x1aac  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x38F81000, BlocksNum 0x1404000
21:17:49.0758 0x1aac  \Device\Harddisk2\DR2:
21:17:49.0758 0x1aac  MBR partitions:
21:17:49.0759 0x1aac  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000
21:17:49.0759 0x1aac  ============================================================
21:17:49.0790 0x1aac  G: <-> \Device\Harddisk1\DR1\Partition1
21:17:49.0852 0x1aac  I: <-> \Device\Harddisk1\DR1\Partition2
21:17:49.0856 0x1aac  K: <-> \Device\Harddisk2\DR2\Partition1
21:17:49.0856 0x1aac  ============================================================
21:17:49.0857 0x1aac  Initialize success
21:17:49.0857 0x1aac  ============================================================
21:18:14.0479 0x05c4  ============================================================
21:18:14.0479 0x05c4  Scan started
21:18:14.0479 0x05c4  Mode: Manual;
21:18:14.0479 0x05c4  ============================================================
21:18:14.0479 0x05c4  KSN ping started
21:18:17.0400 0x05c4  KSN ping finished: true
21:18:18.0033 0x05c4  ================ Scan system memory ========================
21:18:18.0033 0x05c4  System memory - ok
21:18:18.0034 0x05c4  ================ Scan services =============================
21:18:18.0134 0x05c4  1394ohci - ok
21:18:18.0179 0x05c4  Accelerometer - ok
21:18:18.0189 0x05c4  ACPI - ok
21:18:18.0198 0x05c4  AcpiPmi - ok
21:18:18.0232 0x05c4  adfs - ok
21:18:18.0248 0x05c4  AdobeARMservice - ok
21:18:18.0273 0x05c4  AdobeFlashPlayerUpdateSvc - ok
21:18:18.0276 0x05c4  adp94xx - ok
21:18:18.0284 0x05c4  adpahci - ok
21:18:18.0289 0x05c4  adpu320 - ok
21:18:18.0297 0x05c4  AeLookupSvc - ok
21:18:18.0302 0x05c4  AESTFilters - ok
21:18:18.0318 0x05c4  AFD - ok
21:18:18.0323 0x05c4  agp440 - ok
21:18:18.0328 0x05c4  ALG - ok
21:18:18.0332 0x05c4  aliide - ok
21:18:18.0336 0x05c4  amdide - ok
21:18:18.0342 0x05c4  AmdK8 - ok
21:18:18.0347 0x05c4  AmdPPM - ok
21:18:18.0352 0x05c4  amdsata - ok
21:18:18.0356 0x05c4  amdsbs - ok
21:18:18.0361 0x05c4  amdxata - ok
21:18:18.0373 0x05c4  androidusb - ok
21:18:18.0376 0x05c4  AppID - ok
21:18:18.0380 0x05c4  AppIDSvc - ok
21:18:18.0385 0x05c4  Appinfo - ok
21:18:18.0390 0x05c4  Apple Mobile Device - ok
21:18:18.0409 0x05c4  appliand - ok
21:18:18.0433 0x05c4  appliandMP - ok
21:18:18.0447 0x05c4  arc - ok
21:18:18.0452 0x05c4  arcsas - ok
21:18:18.0468 0x05c4  aspnet_state - ok
21:18:18.0486 0x05c4  AsyncMac - ok
21:18:18.0491 0x05c4  atapi - ok
21:18:18.0496 0x05c4  AudioEndpointBuilder - ok
21:18:18.0500 0x05c4  AudioSrv - ok
21:18:18.0504 0x05c4  AuviUADFilter - ok
21:18:18.0510 0x05c4  AuviUATV - ok
21:18:18.0515 0x05c4  AuviUDTV - ok
21:18:18.0520 0x05c4  AxInstSV - ok
21:18:18.0527 0x05c4  b06bdrv - ok
21:18:18.0532 0x05c4  b57nd60a - ok
21:18:18.0538 0x05c4  BCM43XX - ok
21:18:18.0544 0x05c4  BDESVC - ok
21:18:18.0553 0x05c4  Beep - ok
21:18:18.0566 0x05c4  BFE - ok
21:18:18.0579 0x05c4  BHDrvx64 - ok
21:18:18.0584 0x05c4  BITS - ok
21:18:18.0595 0x05c4  blbdrive - ok
21:18:18.0616 0x05c4  Bonjour Service - ok
21:18:18.0620 0x05c4  bowser - ok
21:18:18.0626 0x05c4  BrFiltLo - ok
21:18:18.0630 0x05c4  BrFiltUp - ok
21:18:18.0635 0x05c4  Browser - ok
21:18:18.0639 0x05c4  Brserid - ok
21:18:18.0645 0x05c4  BrSerWdm - ok
21:18:18.0649 0x05c4  BrUsbMdm - ok
21:18:18.0653 0x05c4  BrUsbSer - ok
21:18:18.0670 0x05c4  BthEnum - ok
21:18:18.0681 0x05c4  BTHMODEM - ok
21:18:18.0686 0x05c4  BthPan - ok
21:18:18.0692 0x05c4  BTHPORT - ok
21:18:18.0695 0x05c4  bthserv - ok
21:18:18.0700 0x05c4  BTHUSB - ok
21:18:18.0704 0x05c4  btwampfl - ok
21:18:18.0708 0x05c4  btwaudio - ok
21:18:18.0714 0x05c4  btwavdt - ok
21:18:18.0726 0x05c4  btwdins - ok
21:18:18.0732 0x05c4  btwl2cap - ok
21:18:18.0737 0x05c4  btwrchid - ok
21:18:18.0752 0x05c4  ccSet_MCLIENT - ok
21:18:18.0771 0x05c4  ccSet_N360 - ok
21:18:18.0780 0x05c4  ccSet_NST - ok
21:18:18.0791 0x05c4  cdfs - ok
21:18:18.0796 0x05c4  cdrom - ok
21:18:18.0803 0x05c4  CertPropSvc - ok
21:18:18.0811 0x05c4  circlass - ok
21:18:18.0827 0x05c4  CLDTVHNService - ok
21:18:18.0831 0x05c4  CLFS - ok
21:18:18.0836 0x05c4  clr_optimization_v2.0.50727_32 - ok
21:18:18.0844 0x05c4  clr_optimization_v2.0.50727_64 - ok
21:18:18.0863 0x05c4  clr_optimization_v4.0.30319_32 - ok
21:18:18.0869 0x05c4  clr_optimization_v4.0.30319_64 - ok
21:18:18.0874 0x05c4  CmBatt - ok
21:18:18.0880 0x05c4  cmdide - ok
21:18:18.0894 0x05c4  CNG - ok
21:18:18.0901 0x05c4  CodeMeter.exe - ok
21:18:18.0918 0x05c4  Com4QLBEx - ok
21:18:18.0926 0x05c4  Compbatt - ok
21:18:18.0933 0x05c4  CompositeBus - ok
21:18:18.0941 0x05c4  COMSysApp - ok
21:18:18.0949 0x05c4  crcdisk - ok
21:18:18.0971 0x05c4  CryptSvc - ok
21:18:18.0985 0x05c4  dc3d - ok
21:18:18.0995 0x05c4  DcomLaunch - ok
21:18:19.0002 0x05c4  defragsvc - ok
21:18:19.0010 0x05c4  DfsC - ok
21:18:19.0025 0x05c4  dg_ssudbus - ok
21:18:19.0033 0x05c4  Dhcp - ok
21:18:19.0040 0x05c4  discache - ok
21:18:19.0050 0x05c4  Disk - ok
21:18:19.0064 0x05c4  Dnscache - ok
21:18:19.0071 0x05c4  dot3svc - ok
21:18:19.0078 0x05c4  Dot4 - ok
21:18:19.0085 0x05c4  Dot4Print - ok
21:18:19.0092 0x05c4  dot4usb - ok
21:18:19.0099 0x05c4  DPS - ok
21:18:19.0105 0x05c4  drmkaud - ok
21:18:19.0112 0x05c4  DXGKrnl - ok
21:18:19.0131 0x05c4  EapHost - ok
21:18:19.0137 0x05c4  ebdrv - ok
21:18:19.0143 0x05c4  eeCtrl - ok
21:18:19.0151 0x05c4  EFS - ok
21:18:19.0157 0x05c4  ehRecvr - ok
21:18:19.0164 0x05c4  ehSched - ok
21:18:19.0171 0x05c4  elxstor - ok
21:18:19.0177 0x05c4  enecir - ok
21:18:19.0185 0x05c4  EraserUtilRebootDrv - ok
21:18:19.0193 0x05c4  ErrDev - ok
21:18:19.0208 0x05c4  EventSystem - ok
21:18:19.0214 0x05c4  exfat - ok
21:18:19.0220 0x05c4  fastfat - ok
21:18:19.0229 0x05c4  Fax - ok
21:18:19.0236 0x05c4  fdc - ok
21:18:19.0242 0x05c4  fdPHost - ok
21:18:19.0248 0x05c4  FDResPub - ok
21:18:19.0254 0x05c4  FileInfo - ok
21:18:19.0260 0x05c4  Filetrace - ok
21:18:19.0267 0x05c4  flpydisk - ok
21:18:19.0273 0x05c4  FltMgr - ok
21:18:19.0285 0x05c4  FontCache - ok
21:18:19.0291 0x05c4  FontCache3.0.0.0 - ok
21:18:19.0297 0x05c4  FsDepends - ok
21:18:19.0323 0x05c4  fssfltr - ok
21:18:19.0337 0x05c4  fsssvc - ok
21:18:19.0343 0x05c4  Fs_Rec - ok
21:18:19.0351 0x05c4  fvevol - ok
21:18:19.0358 0x05c4  gagp30kx - ok
21:18:19.0367 0x05c4  GamesAppService - ok
21:18:19.0374 0x05c4  GEARAspiWDM - ok
21:18:19.0380 0x05c4  gpsvc - ok
21:18:19.0425 0x05c4  gupdate - ok
21:18:19.0435 0x05c4  gupdatem - ok
21:18:19.0439 0x05c4  hcw85cir - ok
21:18:19.0444 0x05c4  HdAudAddService - ok
21:18:19.0462 0x05c4  HDAudBus - ok
21:18:19.0469 0x05c4  HECIx64 - ok
21:18:19.0476 0x05c4  HidBatt - ok
21:18:19.0483 0x05c4  HidBth - ok
21:18:19.0491 0x05c4  HidIr - ok
21:18:19.0499 0x05c4  hidserv - ok
21:18:19.0507 0x05c4  HidUsb - ok
21:18:19.0513 0x05c4  hkmsvc - ok
21:18:19.0519 0x05c4  HomeGroupListener - ok
21:18:19.0526 0x05c4  HomeGroupProvider - ok
21:18:19.0532 0x05c4  HPDrvMntSvc.exe - ok
21:18:19.0539 0x05c4  hpdskflt - ok
21:18:19.0545 0x05c4  hpqcxs08 - ok
21:18:19.0551 0x05c4  hpqddsvc - ok
21:18:19.0557 0x05c4  HpqKbFiltr - ok
21:18:19.0563 0x05c4  hpqwmiex - ok
21:18:19.0570 0x05c4  HpSAMD - ok
21:18:19.0577 0x05c4  HPSLPSVC - ok
21:18:19.0585 0x05c4  hpsrv - ok
21:18:19.0619 0x05c4  HTTP - ok
21:18:19.0629 0x05c4  hwpolicy - ok
21:18:19.0638 0x05c4  i8042prt - ok
21:18:19.0668 0x05c4  iaStor - ok
21:18:19.0675 0x05c4  iaStorV - ok
21:18:19.0682 0x05c4  IDriverT - ok
21:18:19.0689 0x05c4  idsvc - ok
21:18:19.0696 0x05c4  IDSVia64 - ok
21:18:19.0710 0x05c4  IEEtwCollectorService - ok
21:18:19.0714 0x05c4  igfx - ok
21:18:19.0718 0x05c4  iirsp - ok
21:18:19.0722 0x05c4  IKEEXT - ok
21:18:19.0734 0x05c4  IntcDAud - ok
21:18:19.0738 0x05c4  intelide - ok
21:18:19.0743 0x05c4  intelppm - ok
21:18:19.0750 0x05c4  IPBusEnum - ok
21:18:19.0754 0x05c4  IpFilterDriver - ok
21:18:19.0758 0x05c4  iphlpsvc - ok
21:18:19.0763 0x05c4  IPMIDRV - ok
21:18:19.0767 0x05c4  IPNAT - ok
21:18:19.0777 0x05c4  iPod Service - ok
21:18:19.0786 0x05c4  IRENUM - ok
21:18:19.0791 0x05c4  isapnp - ok
21:18:19.0796 0x05c4  iScsiPrt - ok
21:18:19.0800 0x05c4  kbdclass - ok
21:18:19.0804 0x05c4  kbdhid - ok
21:18:19.0809 0x05c4  KeyIso - ok
21:18:19.0814 0x05c4  KSecDD - ok
21:18:19.0818 0x05c4  KSecPkg - ok
21:18:19.0822 0x05c4  ksthunk - ok
21:18:19.0827 0x05c4  KtmRm - ok
21:18:19.0832 0x05c4  LanmanServer - ok
21:18:19.0837 0x05c4  LanmanWorkstation - ok
21:18:19.0861 0x05c4  LavasoftAdAwareService11 - ok
21:18:19.0869 0x05c4  LightScribeService - ok
21:18:19.0873 0x05c4  lltdio - ok
21:18:19.0879 0x05c4  lltdsvc - ok
21:18:19.0883 0x05c4  lmhosts - ok
21:18:19.0889 0x05c4  LMS - ok
21:18:19.0897 0x05c4  LSI_FC - ok
21:18:19.0901 0x05c4  LSI_SAS - ok
21:18:19.0906 0x05c4  LSI_SAS2 - ok
21:18:19.0911 0x05c4  LSI_SCSI - ok
21:18:19.0917 0x05c4  luafv - ok
21:18:19.0921 0x05c4  MBAMProtector - ok
21:18:19.0926 0x05c4  MBAMScheduler - ok
21:18:19.0931 0x05c4  MBAMService - ok
21:18:19.0946 0x05c4  mcdbus - ok
21:18:19.0950 0x05c4  MCLIENT - ok
21:18:19.0972 0x05c4  Mcx2Svc - ok
21:18:19.0976 0x05c4  megasas - ok
21:18:19.0983 0x05c4  MegaSR - ok
21:18:19.0986 0x05c4  Microsoft SharePoint Workspace Audit Service - ok
21:18:19.0991 0x05c4  MMCSS - ok
21:18:19.0995 0x05c4  Modem - ok
21:18:20.0000 0x05c4  monitor - ok
21:18:20.0004 0x05c4  mouclass - ok
21:18:20.0008 0x05c4  mouhid - ok
21:18:20.0014 0x05c4  mountmgr - ok
21:18:20.0057 0x05c4  MozillaMaintenance - ok
21:18:20.0062 0x05c4  mpio - ok
21:18:20.0073 0x05c4  mpsdrv - ok
21:18:20.0077 0x05c4  MpsSvc - ok
21:18:20.0085 0x05c4  MRxDAV - ok
21:18:20.0089 0x05c4  mrxsmb - ok
21:18:20.0093 0x05c4  mrxsmb10 - ok
21:18:20.0099 0x05c4  mrxsmb20 - ok
21:18:20.0103 0x05c4  msahci - ok
21:18:20.0108 0x05c4  msdsm - ok
21:18:20.0112 0x05c4  MSDTC - ok
21:18:20.0121 0x05c4  Msfs - ok
21:18:20.0126 0x05c4  mshidkmdf - ok
21:18:20.0130 0x05c4  msisadrv - ok
21:18:20.0136 0x05c4  MSiSCSI - ok
21:18:20.0141 0x05c4  msiserver - ok
21:18:20.0145 0x05c4  MSKSSRV - ok
21:18:20.0151 0x05c4  MSPCLOCK - ok
21:18:20.0157 0x05c4  MSPQM - ok
21:18:20.0162 0x05c4  MsRPC - ok
21:18:20.0169 0x05c4  mssmbios - ok
21:18:20.0173 0x05c4  MSTEE - ok
21:18:20.0178 0x05c4  MTConfig - ok
21:18:20.0183 0x05c4  Mup - ok
21:18:20.0197 0x05c4  N360 - ok
21:18:20.0202 0x05c4  napagent - ok
21:18:20.0208 0x05c4  NativeWifiP - ok
21:18:20.0217 0x05c4  NAVENG - ok
21:18:20.0222 0x05c4  NAVEX15 - ok
21:18:20.0227 0x05c4  NCO - ok
21:18:20.0231 0x05c4  NDIS - ok
21:18:20.0241 0x05c4  NdisCap - ok
21:18:20.0246 0x05c4  NdisTapi - ok
21:18:20.0251 0x05c4  Ndisuio - ok
21:18:20.0256 0x05c4  NdisWan - ok
21:18:20.0260 0x05c4  NDProxy - ok
21:18:20.0264 0x05c4  Net Driver HPZ12 - ok
21:18:20.0271 0x05c4  NetBIOS - ok
21:18:20.0275 0x05c4  NetBT - ok
21:18:20.0279 0x05c4  Netlogon - ok
21:18:20.0285 0x05c4  Netman - ok
21:18:20.0290 0x05c4  NetMsmqActivator - ok
21:18:20.0294 0x05c4  NetPipeActivator - ok
21:18:20.0299 0x05c4  netprofm - ok
21:18:20.0304 0x05c4  NetTcpActivator - ok
21:18:20.0309 0x05c4  NetTcpPortSharing - ok
21:18:20.0317 0x05c4  netw5v64 - ok
21:18:20.0320 0x05c4  nfrd960 - ok
21:18:20.0325 0x05c4  NlaSvc - ok
21:18:20.0329 0x05c4  Npfs - ok
21:18:20.0335 0x05c4  nsi - ok
21:18:20.0339 0x05c4  nsiproxy - ok
21:18:20.0345 0x05c4  Ntfs - ok
21:18:20.0358 0x05c4  ntk_dtv - ok
21:18:20.0363 0x05c4  Null - ok
21:18:20.0369 0x05c4  nvraid - ok
21:18:20.0374 0x05c4  nvstor - ok
21:18:20.0378 0x05c4  nv_agp - ok
21:18:20.0391 0x05c4  odserv - ok
21:18:20.0396 0x05c4  ohci1394 - ok
21:18:20.0423 0x05c4  ose - ok
21:18:20.0429 0x05c4  osppsvc - ok
21:18:20.0437 0x05c4  p2pimsvc - ok
21:18:20.0443 0x05c4  p2psvc - ok
21:18:20.0448 0x05c4  Parport - ok
21:18:20.0454 0x05c4  partmgr - ok
21:18:20.0458 0x05c4  PcaSvc - ok
21:18:20.0462 0x05c4  pci - ok
21:18:20.0468 0x05c4  pciide - ok
21:18:20.0471 0x05c4  pcmcia - ok
21:18:20.0476 0x05c4  pcw - ok
21:18:20.0480 0x05c4  PEAUTH - ok
21:18:20.0488 0x05c4  PerfHost - ok
21:18:20.0498 0x05c4  pla - ok
21:18:20.0504 0x05c4  PlugPlay - ok
21:18:20.0509 0x05c4  Pml Driver HPZ12 - ok
21:18:20.0513 0x05c4  pneteth - ok
21:18:20.0517 0x05c4  PNRPAutoReg - ok
21:18:20.0523 0x05c4  PNRPsvc - ok
21:18:20.0527 0x05c4  PolicyAgent - ok
21:18:20.0533 0x05c4  Power - ok
21:18:20.0538 0x05c4  PptpMiniport - ok
21:18:20.0543 0x05c4  Processor - ok
21:18:20.0549 0x05c4  ProfSvc - ok
21:18:20.0554 0x05c4  ProtectedStorage - ok
21:18:20.0561 0x05c4  Psched - ok
21:18:20.0565 0x05c4  PSI_SVC_2 - ok
21:18:20.0571 0x05c4  ql2300 - ok
21:18:20.0575 0x05c4  ql40xx - ok
21:18:20.0580 0x05c4  QWAVE - ok
21:18:20.0586 0x05c4  QWAVEdrv - ok
21:18:20.0593 0x05c4  RasAcd - ok
21:18:20.0597 0x05c4  RasAgileVpn - ok
21:18:20.0601 0x05c4  RasAuto - ok
21:18:20.0606 0x05c4  Rasl2tp - ok
21:18:20.0610 0x05c4  RasMan - ok
21:18:20.0615 0x05c4  RasPppoe - ok
21:18:20.0619 0x05c4  RasSstp - ok
21:18:20.0624 0x05c4  rdbss - ok
21:18:20.0628 0x05c4  rdpbus - ok
21:18:20.0632 0x05c4  RDPCDD - ok
21:18:20.0641 0x05c4  RDPENCDD - ok
21:18:20.0648 0x05c4  RDPREFMP - ok
21:18:20.0652 0x05c4  RDPWD - ok
21:18:20.0660 0x05c4  rdyboost - ok
21:18:20.0664 0x05c4  regi - ok
21:18:20.0669 0x05c4  RemoteAccess - ok
21:18:20.0675 0x05c4  RemoteRegistry - ok
21:18:20.0697 0x05c4  RFCOMM - ok
21:18:20.0702 0x05c4  RpcEptMapper - ok
21:18:20.0707 0x05c4  RpcLocator - ok
21:18:20.0713 0x05c4  RpcSs - ok
21:18:20.0725 0x05c4  rspndr - ok
21:18:20.0750 0x05c4  RSUSBSTOR - ok
21:18:20.0766 0x05c4  RTL8167 - ok
21:18:20.0773 0x05c4  rusb3hub - ok
21:18:20.0780 0x05c4  rusb3xhc - ok
21:18:20.0784 0x05c4  SamSs - ok
21:18:20.0788 0x05c4  sbp2port - ok
21:18:20.0796 0x05c4  SCardSvr - ok
21:18:20.0801 0x05c4  scfilter - ok
21:18:20.0807 0x05c4  Schedule - ok
21:18:20.0811 0x05c4  SCPolicySvc - ok
21:18:20.0818 0x05c4  sdbus - ok
21:18:20.0824 0x05c4  SDRSVC - ok
21:18:20.0827 0x05c4  secdrv - ok
21:18:20.0831 0x05c4  seclogon - ok
21:18:20.0835 0x05c4  SENS - ok
21:18:20.0841 0x05c4  SensrSvc - ok
21:18:20.0845 0x05c4  Serenum - ok
21:18:20.0849 0x05c4  Serial - ok
21:18:20.0854 0x05c4  sermouse - ok
21:18:20.0866 0x05c4  SessionEnv - ok
21:18:20.0870 0x05c4  sffdisk - ok
21:18:20.0875 0x05c4  sffp_mmc - ok
21:18:20.0881 0x05c4  sffp_sd - ok
21:18:20.0885 0x05c4  sfloppy - ok
21:18:20.0890 0x05c4  SharedAccess - ok
21:18:20.0895 0x05c4  ShellHWDetection - ok
21:18:20.0899 0x05c4  SiSRaid2 - ok
21:18:20.0904 0x05c4  SiSRaid4 - ok
21:18:20.0909 0x05c4  Smb - ok
21:18:20.0919 0x05c4  SNMPTRAP - ok
21:18:20.0923 0x05c4  spldr - ok
21:18:20.0929 0x05c4  Spooler - ok
21:18:20.0934 0x05c4  sppsvc - ok
21:18:20.0938 0x05c4  sppuinotify - ok
21:18:20.0964 0x05c4  SRTSP - ok
21:18:20.0970 0x05c4  SRTSPX - ok
21:18:20.0976 0x05c4  srv - ok
21:18:20.0980 0x05c4  srv2 - ok
21:18:20.0985 0x05c4  SrvHsfHDA - ok
21:18:20.0989 0x05c4  SrvHsfV92 - ok
21:18:20.0993 0x05c4  SrvHsfWinac - ok
21:18:20.0998 0x05c4  srvnet - ok
21:18:21.0011 0x05c4  ssadbus - ok
21:18:21.0024 0x05c4  ssadmdfl - ok
21:18:21.0030 0x05c4  ssadmdm - ok
21:18:21.0035 0x05c4  SSDPSRV - ok
21:18:21.0039 0x05c4  SstpSvc - ok
21:18:21.0044 0x05c4  ssudmdm - ok
21:18:21.0049 0x05c4  STacSV - ok
21:18:21.0054 0x05c4  stexstor - ok
21:18:21.0063 0x05c4  STHDA - ok
21:18:21.0078 0x05c4  stisvc - ok
21:18:21.0083 0x05c4  swenum - ok
21:18:21.0112 0x05c4  SwitchBoard - ok
21:18:21.0117 0x05c4  swprv - ok
21:18:21.0121 0x05c4  sxuptp - ok
21:18:21.0126 0x05c4  SymDS - ok
21:18:21.0131 0x05c4  SymEFA - ok
21:18:21.0137 0x05c4  SymEvent - ok
21:18:21.0142 0x05c4  SymIM - ok
21:18:21.0147 0x05c4  SymIRON - ok
21:18:21.0152 0x05c4  SymNetS - ok
21:18:21.0160 0x05c4  SynTP - ok
21:18:21.0165 0x05c4  SysMain - ok
21:18:21.0170 0x05c4  TabletInputService - ok
21:18:21.0174 0x05c4  taphss - ok
21:18:21.0178 0x05c4  TapiSrv - ok
21:18:21.0183 0x05c4  TBS - ok
21:18:21.0187 0x05c4  Tcpip - ok
21:18:21.0197 0x05c4  TCPIP6 - ok
21:18:21.0204 0x05c4  tcpipreg - ok
21:18:21.0210 0x05c4  TDPIPE - ok
21:18:21.0216 0x05c4  TDTCP - ok
21:18:21.0221 0x05c4  tdx - ok
21:18:21.0225 0x05c4  TermDD - ok
21:18:21.0231 0x05c4  TermService - ok
21:18:21.0235 0x05c4  Themes - ok
21:18:21.0239 0x05c4  THREADORDER - ok
21:18:21.0242 0x05c4  TrkWks - ok
21:18:21.0249 0x05c4  Trufos - ok
21:18:21.0255 0x05c4  TrustedInstaller - ok
21:18:21.0261 0x05c4  tssecsrv - ok
21:18:21.0269 0x05c4  TsUsbFlt - ok
21:18:21.0278 0x05c4  tunnel - ok
21:18:21.0292 0x05c4  TVCapSvc - ok
21:18:21.0314 0x05c4  TVersityMediaServer - ok
21:18:21.0319 0x05c4  uagp35 - ok
21:18:21.0323 0x05c4  udfs - ok
21:18:21.0332 0x05c4  UI0Detect - ok
21:18:21.0337 0x05c4  uliagpkx - ok
21:18:21.0341 0x05c4  umbus - ok
21:18:21.0345 0x05c4  UmPass - ok
21:18:21.0365 0x05c4  UnlockerDriver5 - ok
21:18:21.0369 0x05c4  UNS - ok
21:18:21.0374 0x05c4  upnphost - ok
21:18:21.0384 0x05c4  USBAAPL64 - ok
21:18:21.0388 0x05c4  usbaudio - ok
21:18:21.0393 0x05c4  usbccgp - ok
21:18:21.0402 0x05c4  usbcir - ok
21:18:21.0408 0x05c4  usbehci - ok
21:18:21.0417 0x05c4  usbhub - ok
21:18:21.0422 0x05c4  usbohci - ok
21:18:21.0427 0x05c4  usbprint - ok
21:18:21.0432 0x05c4  usbscan - ok
21:18:21.0440 0x05c4  usbser - ok
21:18:21.0444 0x05c4  USBSTOR - ok
21:18:21.0449 0x05c4  usbuhci - ok
21:18:21.0453 0x05c4  usbvideo - ok
21:18:21.0458 0x05c4  UxSms - ok
21:18:21.0462 0x05c4  VaultSvc - ok
21:18:21.0484 0x05c4  VBoxNetAdp - ok
21:18:21.0492 0x05c4  VBoxNetFlt - ok
21:18:21.0500 0x05c4  vdrvroot - ok
21:18:21.0505 0x05c4  vds - ok
21:18:21.0509 0x05c4  vga - ok
21:18:21.0513 0x05c4  VgaSave - ok
21:18:21.0518 0x05c4  vhdmp - ok
21:18:21.0523 0x05c4  viaide - ok
21:18:21.0527 0x05c4  vmulti - ok
21:18:21.0531 0x05c4  volmgr - ok
21:18:21.0535 0x05c4  volmgrx - ok
21:18:21.0540 0x05c4  volsnap - ok
21:18:21.0544 0x05c4  vsmraid - ok
21:18:21.0548 0x05c4  VSS - ok
21:18:21.0553 0x05c4  vwifibus - ok
21:18:21.0557 0x05c4  vwififlt - ok
21:18:21.0561 0x05c4  vwifimp - ok
21:18:21.0566 0x05c4  W32Time - ok
21:18:21.0572 0x05c4  WacomPen - ok
21:18:21.0576 0x05c4  WANARP - ok
21:18:21.0581 0x05c4  Wanarpv6 - ok
21:18:21.0591 0x05c4  WatAdminSvc - ok
21:18:21.0597 0x05c4  wbengine - ok
21:18:21.0602 0x05c4  WbioSrvc - ok
21:18:21.0607 0x05c4  wcncsvc - ok
21:18:21.0611 0x05c4  WcsPlugInService - ok
21:18:21.0616 0x05c4  Wd - ok
21:18:21.0620 0x05c4  WDC_SAM - ok
21:18:21.0638 0x05c4  WDDriveService - ok
21:18:21.0642 0x05c4  Wdf01000 - ok
21:18:21.0656 0x05c4  WdiServiceHost - ok
21:18:21.0660 0x05c4  WdiSystemHost - ok
21:18:21.0664 0x05c4  WebClient - ok
21:18:21.0669 0x05c4  Wecsvc - ok
21:18:21.0674 0x05c4  wercplsupport - ok
21:18:21.0682 0x05c4  WerSvc - ok
21:18:21.0688 0x05c4  WfpLwf - ok
21:18:21.0693 0x05c4  WIMMount - ok
21:18:21.0697 0x05c4  WinDefend - ok
21:18:21.0706 0x05c4  WinHttpAutoProxySvc - ok
21:18:21.0711 0x05c4  Winmgmt - ok
21:18:21.0715 0x05c4  WinRM - ok
21:18:21.0723 0x05c4  WinUsb - ok
21:18:21.0728 0x05c4  Wlansvc - ok
21:18:21.0732 0x05c4  wlcrasvc - ok
21:18:21.0737 0x05c4  wlidsvc - ok
21:18:21.0742 0x05c4  WmiAcpi - ok
21:18:21.0749 0x05c4  wmiApSrv - ok
21:18:21.0754 0x05c4  WMPNetworkSvc - ok
21:18:21.0759 0x05c4  WPCSvc - ok
21:18:21.0763 0x05c4  WPDBusEnum - ok
21:18:21.0767 0x05c4  ws2ifsl - ok
21:18:21.0772 0x05c4  wscsvc - ok
21:18:21.0776 0x05c4  WSearch - ok
21:18:21.0782 0x05c4  wuauserv - ok
21:18:21.0786 0x05c4  WudfPf - ok
21:18:21.0795 0x05c4  WUDFRd - ok
21:18:21.0799 0x05c4  wudfsvc - ok
21:18:21.0803 0x05c4  WwanSvc - ok
21:18:21.0809 0x05c4  yukonw7 - ok
21:18:21.0832 0x05c4  ================ Scan global ===============================
21:18:21.0834 0x05c4  [ Global ] - ok
21:18:21.0838 0x05c4  ================ Scan MBR ==================================
21:18:21.0851 0x05c4  [ 5DD0F3D43648FB29F46E4CA108D4746D ] \Device\Harddisk0\DR0
21:18:22.0197 0x05c4  \Device\Harddisk0\DR0 - ok
21:18:22.0209 0x05c4  [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk1\DR1
21:18:22.0513 0x05c4  \Device\Harddisk1\DR1 - ok
21:18:23.0125 0x05c4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
21:18:23.0140 0x05c4  \Device\Harddisk2\DR2 - ok
21:18:23.0141 0x05c4  ================ Scan VBR ==================================
21:18:23.0147 0x05c4  [ A36452FB600DE488B2BD5882F3FFAF7D ] \Device\Harddisk1\DR1\Partition1
21:18:23.0151 0x05c4  \Device\Harddisk1\DR1\Partition1 - ok
21:18:23.0183 0x05c4  [ 80CEEA0B1EE513A1B21412F789F372FD ] \Device\Harddisk1\DR1\Partition2
21:18:23.0186 0x05c4  \Device\Harddisk1\DR1\Partition2 - ok
21:18:23.0191 0x05c4  [ 5DB2964D79F1D8BF196A1BFF5708EE05 ] \Device\Harddisk2\DR2\Partition1
21:18:23.0194 0x05c4  \Device\Harddisk2\DR2\Partition1 - ok
21:18:23.0273 0x05c4  AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareSecurityCenter.exe ( 11.1.5152.0 ), 0x40010 ( disabled : outofdate )
21:18:23.0274 0x05c4  AV detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51000 ( enabled : updated )
21:18:23.0275 0x05c4  FW detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled )
21:18:23.0276 0x05c4  FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareSecurityCenter.exe ( 11.1.5152.0 ), 0x40010 ( disabled )
21:18:25.0798 0x05c4  ============================================================
21:18:25.0798 0x05c4  Scan finished
21:18:25.0798 0x05c4  ============================================================
21:18:25.0812 0x1a44  Detected object count: 0
21:18:25.0812 0x1a44  Actual detected object count: 0
21:18:42.0959 0x1d0c  Deinitialize success
 

AdwCleaner Results:

# AdwCleaner v3.016 - Report created 01/01/2014 at 21:23:04
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tanisha2 - MISSMEEK2
# Running from : C:\Users\Tanisha2\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\ProgramData\NetoCCoupoN
Folder Deleted : C:\ProgramData\SeoarCh-NewTTabu
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeoarCh-NewTTabu
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\BrowseToSave
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Coupon Companion Plugin
Folder Deleted : C:\Program Files (x86)\myfree codec
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Program Files (x86)\NetoCCoupoN
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Users\Tanisha2\AppData\Local\Conduit
Folder Deleted : C:\Users\Tanisha2\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Tanisha2\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Tanisha2\AppData\Local\TempDir
Folder Deleted : C:\Users\Tanisha2\AppData\Local\thinstall
Folder Deleted : C:\Users\Tanisha2\AppData\Local\Wajam
Folder Deleted : C:\Users\Tanisha2\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Tanisha2\AppData\LocalLow\SeoarCh-NewTTabu
Folder Deleted : C:\Users\Tanisha2\AppData\Roaming\iWin
Folder Deleted : C:\Users\Tanisha2\AppData\Roaming\thinstall
Folder Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\uryalfvt.default\FCTB
Folder Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\vcywlefp.New1\FCTB
Folder Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\r84rlyvo.New2\Extensions\staged
Folder Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\uryalfvt.default\Extensions\staged
Folder Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\vcywlefp.New1\Extensions\staged
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2vhzowkr.default\Extensions\staged
Folder Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\vcywlefp.New1\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
Folder Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\vcywlefp.New1\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
Folder Deleted : C:\Users\Tanisha2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Folder Deleted : C:\Users\Tanisha2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\Tanisha2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bompabnphleefoblbnngoomlnbmpfofl
[!] Folder Deleted : C:\Users\Tanisha2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bompabnphleefoblbnngoomlnbmpfofl
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Tanisha2\AppData\Local\funmoods-speeddial.crx
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\uryalfvt.default\searchplugins\safesearch.xml
File Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\vcywlefp.New1\searchplugins\safesearch.xml
File Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\uryalfvt.default\searchplugins\WebSearch.xml
File Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\uryalfvt.default\user.js
File Deleted : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\vcywlefp.New1\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000062781.FCTB000062781Pos
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000062781.FCTB000062781Pos.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000062781.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000062781.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000062781.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000062781.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-movie-maker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-movie-maker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185504}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244184404}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185504}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\r84rlyvo.New2\prefs.js ]

Line Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", -1);

[ File : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\uryalfvt.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.helpmefindyour.info/?pid=377&r=2013/04/10&hid=2623760742&lg=EN&cc=US");
Line Deleted : user_pref("extensions.enabledAddons", "foxmarks%40kei.com:4.0.5,hxxps-everywhere%40eff.org:2.1,mintrayr%40tn123.ath.cx:1.0.1,savefileto%40mozdev.org:2.3.3,socialfixer%40mattkruse.com:6.741,%7B19503e42[...]
Line Deleted : user_pref("extensions.ffxtlbr@funmoods.com.install-event-fired", true);
Line Deleted : user_pref("extensions.funmoods.aflt", "axl");
Line Deleted : user_pref("extensions.funmoods.autoRvrt", false);
Line Deleted : user_pref("extensions.funmoods.cntry", "US");
Line Deleted : user_pref("extensions.funmoods.cv", "cv5");
Line Deleted : user_pref("extensions.funmoods.dfltLng", "");
Line Deleted : user_pref("extensions.funmoods.dfltSrch", false);
Line Deleted : user_pref("extensions.funmoods.dnsErr", true);
Line Deleted : user_pref("extensions.funmoods.envrmnt", "production");
Line Deleted : user_pref("extensions.funmoods.excTlbr", false);
Line Deleted : user_pref("extensions.funmoods.hdrMd5", "753AB84153DB0362B93180881FED6011");
Line Deleted : user_pref("extensions.funmoods.hmpg", false);
Line Deleted : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EyE0EtByEyB0C0ByE0AyDtN0D0Tzu0CtBtByDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=336292508");
Line Deleted : user_pref("extensions.funmoods.id", "C417FE4E247CB4A5");
Line Deleted : user_pref("extensions.funmoods.instlDay", "15564");
Line Deleted : user_pref("extensions.funmoods.instlRef", "axl");
Line Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true);
Line Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2213:59:14");
Line Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Line Deleted : user_pref("extensions.funmoods.newTab", true);
Line Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EyE0EtByEyB0C0ByE0AyDtN0D0Tzu0CtBtByDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=336292508");
Line Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Line Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Line Deleted : user_pref("extensions.funmoods.sg", "none");
Line Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Line Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EyE0EtByEyB0C0ByE0AyDtN0D0Tzu0CtBtByDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=336292508&q[...]
Line Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Line Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2213:59:14");
Line Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Line Deleted : user_pref("extensions.funmoods_i.newTab", true);
Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2213:59:14");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.AutoSearchEventData", "auto%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ClearCacheDate", 9);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DisplayEULA", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DnsCatchEventData", "dns%20catch");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.FirstLaunchShown", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.LoadLayoutDate.62781", 9);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.NewTabSearchEventData", "tab%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ShowRecommendedOptions", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.StateReportDate", "1333813357191");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.TopRightSearchEventData", "top%20right%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeInstallSaved", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.homepage", "hxxp%3A//home.verizon.yahoo.com/");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.search", "Google");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.customNewTab", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.helpUsImprove", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.hideOthers", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.processAddrBar", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.restoreSearch", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.revision", "36");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.searchHistory", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.session", "89C56E366B17235C5A130DD2CB9655DFD29F87140AF9600526282510C56CF3566DDA2C45629ABF697807A8F6D2A758BC8104320523F9EBC390AAD06D8CE4BBDD");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.showFirstLaunchOptions", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tb_lang", "en");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tool_id", "62781");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_id", "71466505");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_key", "16e2199a01018298740d578428e0ac90c8cc5765");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_layouts", "62781");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_lnames", "Gamers%20Unite%21%20Snag%20Bar");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.yahooSearch", false);
Line Deleted : user_pref("socialfixer.1641671630/cached_content/donate_pagelet", "{\"expires_on\":1340255900296,\"content\":\"<div style=\\\"background-color:#ffffcc;border:1px solid #cccc99;padding:5px;-moz-border-[...]
Line Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", 14);
Line Deleted : user_pref("browser.search.order.1", "WebSearch");
Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.helpmefindyour.info/?pid=377&r=2013/04/10&hid=2623760742&lg=EN&cc=US&l=1&q=");
Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Deleted : user_pref("keyword.URL", "hxxp://websearch.helpmefindyour.info/?pid=377&r=2013/04/10&hid=2623760742&lg=EN&cc=US&l=1&q=");

[ File : C:\Users\Tanisha2\AppData\Roaming\Mozilla\Firefox\Profiles\vcywlefp.New1\prefs.js ]

Line Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", 14);
Line Deleted : user_pref("extensions.ffxtlbr@funmoods.com.install-event-fired", true);
Line Deleted : user_pref("extensions.funmoods.aflt", "axl");
Line Deleted : user_pref("extensions.funmoods.autoRvrt", false);
Line Deleted : user_pref("extensions.funmoods.cntry", "US");
Line Deleted : user_pref("extensions.funmoods.cv", "cv5");
Line Deleted : user_pref("extensions.funmoods.dfltLng", "");
Line Deleted : user_pref("extensions.funmoods.dfltSrch", false);
Line Deleted : user_pref("extensions.funmoods.dnsErr", true);
Line Deleted : user_pref("extensions.funmoods.envrmnt", "production");
Line Deleted : user_pref("extensions.funmoods.excTlbr", false);
Line Deleted : user_pref("extensions.funmoods.hdrMd5", "753AB84153DB0362B93180881FED6011");
Line Deleted : user_pref("extensions.funmoods.hmpg", true);
Line Deleted : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EyE0EtByEyB0C0ByE0AyDtN0D0Tzu0CtBtByDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=336292508");
Line Deleted : user_pref("extensions.funmoods.id", "C417FE4E247CB4A5");
Line Deleted : user_pref("extensions.funmoods.instlDay", "15564");
Line Deleted : user_pref("extensions.funmoods.instlRef", "axl");
Line Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true);
Line Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2213:59:14");
Line Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Line Deleted : user_pref("extensions.funmoods.newTab", true);
Line Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EyE0EtByEyB0C0ByE0AyDtN0D0Tzu0CtBtByDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=336292508");
Line Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Line Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Line Deleted : user_pref("extensions.funmoods.sg", "none");
Line Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Line Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EyE0EtByEyB0C0ByE0AyDtN0D0Tzu0CtBtByDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=336292508&q[...]
Line Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Line Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2213:59:14");
Line Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Line Deleted : user_pref("extensions.funmoods_i.newTab", true);
Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2213:59:14");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.AutoSearchEventData", "auto%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ClearCacheDate", 9);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DisplayEULA", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DnsCatchEventData", "dns%20catch");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.FirstLaunchShown", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.LoadLayoutDate.62781", 9);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.NewTabSearchEventData", "tab%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ShowRecommendedOptions", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.StateReportDate", "1333813357191");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.TopRightSearchEventData", "top%20right%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeInstallSaved", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.homepage", "hxxp%3A//home.verizon.yahoo.com/");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.search", "Google");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.customNewTab", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.helpUsImprove", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.hideOthers", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.processAddrBar", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.restoreSearch", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.revision", "36");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.searchHistory", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.session", "89C56E366B17235C5A130DD2CB9655DFD29F87140AF9600526282510C56CF3566DDA2C45629ABF697807A8F6D2A758BC8104320523F9EBC390AAD06D8CE4BBDD");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.showFirstLaunchOptions", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tb_lang", "en");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tool_id", "62781");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_id", "71466505");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_key", "16e2199a01018298740d578428e0ac90c8cc5765");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_layouts", "62781");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_lnames", "Gamers%20Unite%21%20Snag%20Bar");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.yahooSearch", false);
Line Deleted : user_pref("socialfixer.1641671630/cached_content/donate_pagelet", "{\"expires_on\":1340255900296,\"content\":\"<div style=\\\"background-color:#ffffcc;border:1px solid #cccc99;padding:5px;-moz-border-[...]

[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2vhzowkr.default\prefs.js ]

Line Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", -1);

-\\ Google Chrome v

[ File : C:\Users\Tanisha2\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [35100 octets] - [01/01/2014 21:20:09]
AdwCleaner[S0].txt - [29706 octets] - [01/01/2014 21:23:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29767 octets] ##########
 

JRT Results:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tanisha2 on Wed 01/01/2014 at 21:36:31.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1674596979-1422155936-3064699010-1003\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\Tanisha2\AppData\LocalLow\FCTB000062781
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free window registry repair"
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{05FE0338-A828-4F71-8F73-E68AC836705F}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{0849EDBE-9691-4F80-A714-A4FAAA20ED01}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{0FECF417-3A60-480D-8426-C7140E42A096}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{107838D3-7168-4256-AA3F-4DF5C3DDF4CB}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{160767B5-2602-434A-A923-562DF7C61481}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{1EC5F018-447E-4989-96D2-C06E401CAABF}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{33527317-E77F-4FB7-8455-EF0CA86238C3}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{3D746C1D-8349-4F27-9775-3497CE406FDE}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{3E3CD4FD-1ED6-43A7-9FAE-64DAA3B1087D}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{4AB843F5-7DF1-4EA6-BFDA-57BEF2A49E6B}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{4FEE4878-C118-48D4-81A8-7144C2F9C338}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{51E5393D-FDA7-4484-9616-6B7223815D29}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{521E9F85-DD10-4D05-8D7C-3DBA6BE622CD}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{5800FAF5-FD39-4919-A4B1-0C8595A74E4A}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{5B64323D-E4BD-4F10-946F-32916072AD2B}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{5C409F0F-3366-4392-8BD9-F0F6B6EE556E}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{5DC8377B-0F31-488C-BD96-3E86309C38DD}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{62BF8715-1CD1-4CB9-8C4C-8EF72F912900}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{653FEA16-D9A4-4DA4-85F3-F99F1D285867}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{654D64E2-DB55-4596-8729-E2E4733A5515}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{657F08B7-2E84-42BD-AE1F-0AC8DC478BE9}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{6758C059-80A4-41E1-B2A9-173B2D25E148}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{6C00F30F-3B38-402C-98C5-DD5993B182A2}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{6EAC2953-F81D-4592-AD42-F809CF31B03A}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{72DE5601-15F9-42A9-BDD7-D0E1B02EF874}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{74FE4987-1A26-416A-A604-0FA0381725F3}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{7A71798A-BE7A-4D32-9122-5443320F413D}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{7F514EF2-37D0-44C7-8592-EE4D8C6E7D6A}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{806DD676-0E43-4621-9D4F-A3EAC208A306}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{833A0ADC-B45F-46D8-BBC5-767EA365D4E6}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{84D5D61B-B3D6-4F3B-A45D-0C8A8B48AC01}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{857A2674-EC53-47C0-9538-7A770F8DE8F7}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{89F182EB-6B8D-4850-9FF6-EEB10A40531C}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{8EB85ECF-4AD6-4085-93BC-3B0FA1DF4BD3}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{8F7AAA49-1792-4678-8EA8-B56A05FEC104}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{928C8D60-42A6-4829-B616-853AD700A9E2}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{93E4B479-7C87-4132-B3E1-6C33E66821FE}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{93FE8A94-AB8F-4A54-9F36-8BB8028C7FC1}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{958BEDE4-079B-46D9-BC20-F23A8B5266EA}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{99C5BDD1-9E93-451E-B13C-00776BDF2136}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{A1592C72-AFAE-4329-BA5D-DB31A6F1FF5E}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{A6613D66-F5F7-426D-BD68-422561F3FAA8}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{AA5E21F2-328A-4678-84CE-ED197A1022B9}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{B454C160-9213-4AE8-823A-B96D22386353}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{BA8ADC30-8361-4928-8005-E0F4B7BEF2A1}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{BC954FC2-BB2F-4EE5-ADEF-D870B9BF618C}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{C66F3443-CDA2-43A1-BD03-744D6438225E}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{C6833894-A636-456D-87E0-8F37A6872F68}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{CABB07DB-02F5-456B-ABD0-66175268DA0F}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{CCC7EAF8-D150-4968-AF62-F4B6E672031A}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{CEEF896B-5ADF-4C94-A7E4-A4692131F8A1}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{D244C634-4561-4805-82A0-7A6B4D3A4909}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{DFFEFC8F-360C-47DD-A7F0-B62A5938504C}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{E054CB9B-7225-4028-90A8-3A998B93BEAF}
Successfully deleted: [Empty Folder] C:\Users\Tanisha2\appdata\local\{EFADF9F0-51D1-478A-A1DA-CDAB54AF6746}



~~~ FireFox

Successfully deleted the following from C:\Users\Tanisha2\AppData\Roaming\mozilla\firefox\profiles\uryalfvt.default\prefs.js

user_pref("playbryte.defaultsearchprocessed", true);
user_pref("socialfixer.1641671630/cached_content/tips_pagelet", "{\"expires_on\":1339563777818,\"content\":[{\"id\":101,\"content\":\"<div style=\\\"border:2px solid #cccc99;p
Successfully deleted the following from C:\Users\Tanisha2\AppData\Roaming\mozilla\firefox\profiles\vcywlefp.New1\prefs.js

user_pref("extensions.playbryte@playbryte.com.install-event-fired", true);
user_pref("playbryte.installpixelfired", true);
user_pref("playbryte.pingdate", "Wed Oct 10 2012 12:08:32 GMT-0400 (Eastern Daylight Time)");
user_pref("socialfixer.1641671630/cached_content/tips_pagelet", "{\"expires_on\":1339563777818,\"content\":[{\"id\":101,\"content\":\"<div style=\\\"border:2px solid #cccc99;p
Emptied folder: C:\Users\Tanisha2\AppData\Roaming\mozilla\firefox\profiles\uryalfvt.default\minidumps [4 files]
Emptied folder: C:\Users\Tanisha2\AppData\Roaming\mozilla\firefox\profiles\vcywlefp.New1\minidumps [1005 files]
Emptied folder: C:\Users\Tanisha2\AppData\Roaming\mozilla\firefox\profiles\r84rlyvo.New2\minidumps [2 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Tanisha2\appdata\local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Folder] C:\Users\Tanisha2\appdata\local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj
Successfully deleted: [Folder] C:\Users\Tanisha2\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jneaojaoiajhnemidnjhoempalnidbhj



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/01/2014 at 21:47:31.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

ESET results:

 

C:\AdwCleaner\Quarantine\C\ProgramData\NetoCCoupoN\oR2.exe.vir    a variant of Win32/AdWare.MultiPlug.K.gen application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Tanisha2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bompabnphleefoblbnngoomlnbmpfofl\1\5165b5e0308f15.98905021.js.vir    Win32/Adware.MultiPlug.H application    cleaned by deleting - quarantined
C:\Users\Tanisha2\AppData\Local\Google\Chrome\User Data\Default\Extensions\omiijbjbfhfchljephefcjkdndmkaplp\1\5165b5c4147bf3.74281092.js    Win32/Adware.MultiPlug.H application    cleaned by deleting - quarantined
C:\Users\Tanisha2\Downloads\Software\sdupxd\smart.driver.updater.3.3.0.0.dc.23.02\driverupdater.exe    a variant of Win32/Adware.SpeedingUpMyPC.C application    cleaned by deleting - quarantined
 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:06 AM

Posted 02 January 2014 - 10:42 AM

OK, Uninstall this thru Control Panel

AVG 2012 (Version: 12.0.2112)... Restart the computer

How is it now that all that junk is out?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Miss Meek

Miss Meek
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 02 January 2014 - 03:49 PM

Theres no AVG 2012 listed in the Control Panel.  I do see a folder; the C:\Program Files (x86)\AVG directory



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:06 AM

Posted 02 January 2014 - 08:31 PM

If you right click on it is it empty?

You can most likely just delete it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Miss Meek

Miss Meek
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 02 January 2014 - 08:51 PM

The folder isn't empty

1-2-20148-37-31PM.jpg



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:06 AM

Posted 02 January 2014 - 09:19 PM

Let me get a second opinion
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:06 AM

Posted 02 January 2014 - 10:04 PM

MiniToolBox is showing AVG 2012 (Version: 12.0.2112) as an installed program.

Not all programs show up in Add/Remove Programs or Programs and Features. Some will have their own uninstaller, which can be found in the program's folder. If the program is not listed in Add/Remove or Programs and Features, look for an uninstall icon (shortcut) from within its program group. Click on StartBtn.gif > All Programs (or Program Files), look for the program folder by name, open it and use the program's uninstaller. If it's not there, the next step would be to open Window's Explorer, manually navigate to the program's folder itself, look for an uninstaller file (i.e. uninstall.exe) and double-click on it to run.

Another removal method if there is no entry in Add/Remove, is to launch (double-click on) the original setup.exe file used for installation. Some vendors use the setup file to offer options to repair, modify or uninstall as a separate choice from installation. Restart the Computer when done and delete the Program folder if it still exists.

You could also try using a third-party utility like Revo Uninstaller Free or Portable which provides a listing of all installed software by installation date and when removing a program, Revo does a more comprehensive job of searching for and removing related registry entries, files and folders.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Miss Meek

Miss Meek
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 04 January 2014 - 04:12 AM

I no longer have the AVG2012 installation software, nor is it listed under the start menu. the Revo uninstaller program could not find a uninstall solution as well.  This may be because I'd uninstalled the software some time ago but for some reason, the whole thing didn't uninstall.  If I delete the program files folder and instances of it in the registry, would that fix things.  I remember having to do that for another program on my old laptop.



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:06 AM

Posted 04 January 2014 - 08:24 AM

Anti-virus software components insert themselves deep into the operating systems core where they install kernel mode drivers that load at boot-up and create files/folders/registry entries in various locations. It is not uncommon for some anti-virus programs to not completely uninstall itself using the usual method of Programs and Features or Add/Remove Programs in Control Panel due to the presence of related servics running in the background.

In many cases anti-virus vendors provide clean-up utilities on their web sites to remove remnants left behind after unintalling or for a failed uninstall...you can download and use AVG's uninstall/cleanup utility instead of "mucking" around in the registry.

AVG Remover eliminates all the parts of your AVG installation from your computer, including registry items, installation files, user files, etc. AVG Remover is the last option to be used in case the AVG uninstall / repair installation process has failed repeatedly.

AVG Remover for 32-bit, 64-bit systems
alternate AVG Remover links
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 Miss Meek

Miss Meek
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 05 January 2014 - 05:35 AM

Run and done. Ironically, the folder I posted above still didn't delete itself so I went on and did it. most of the sub folders were empty anyway.  I rebooted and things seem to be running smoothly.  Are there any other places where things may be hiding?



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:06 AM

Posted 05 January 2014 - 08:38 AM

Yes in some cases you have to manually delete empty folders which may remain. There may also be a few remnants left in the registry but they are harmless and nothing to be concerned about.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Miss Meek

Miss Meek
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 05 January 2014 - 04:05 PM

OK, cool.  Well, if that is all, I just want to say a big THANK YOU! This is the second time you guys have bailed me out.  I'll probably be back to work on my moms computer but that's a headache for another day.

 

:hug:



#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:06 AM

Posted 05 January 2014 - 04:27 PM

You're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users