Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to remove Spigot infection


  • Please log in to reply
47 replies to this topic

#1 dan1

dan1

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:18 PM

Posted 27 February 2014 - 03:24 PM

This is redirecting searches in both Chrome and Firefox to yahoo.  I have tried to remove it with AdwCleaner, Junkware Removal Tool, Malwarebytes Anti-Malware Free, and HitmanPro, but it is still there.  

 

Also, something that might be related, when I look at the Extensions installed in Chrome, following the description of Web of Trust (WOT) there are endless lines of meaningless characters (i.e.,ÃÃÆ....) I have to scroll quite far to get to the end of this.  The other Extensions appear as they normally should.  

 

Follows is the DDS 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by Dan at 14:52:23 on 2014-02-27
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3241.1508 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\BtwRSupportService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe
C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conhost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Users\Dan\AppData\Local\Viber\Viber.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
C:\Users\Dan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\igfxext.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Windows\system32\DllHost.exe
C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?type=541231&fr=spigot-yhp-ie
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = www.dell.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
BHO: AutorunsDisabled - <orphaned>
BHO: Genius Box: {709F3BE5-C718-4B6D-843C-95E8BE0E5E4A} - c:\program files\tgf interactive\genius box\TGFInteractive.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Ads Removal: {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - c:\program files\iobit\iobit malware fighter\adsremoval\ie\Adblock.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
uRun: [Viber] "c:\users\dan\appdata\local\viber\Viber.exe" StartMinimized
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [FreeFallProtection] c:\program files\stmicroelectronics\accelerometerp11\FF_Protection.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IgfxTray] "c:\windows\system32\igfxtray.exe"
mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [Copy] "c:\users\dan\appdata\roaming\copy\CopyAgent.exe"
dRun: [Advanced SystemCare 7] "c:\program files\iobit\advanced systemcare 7\ASCTray.exe" /Auto
StartupFolder: c:\users\dan\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\users\dan\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\dan\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\dan\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellsy~1.lnk - c:\program files\dell\dell system manager\DCPSysMgr.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: Customize Menu - C:/Program Files/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
IE: Fill Forms - C:/Program Files/Siber Systems/AI RoboForm/RoboFormComFillForms.html
IE: Save Forms - C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSavePass.html
IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: Show RoboForm Toolbar - C:/Program Files/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
TCP: NameServer = 10.90.0.50 10.90.0.48
TCP: Interfaces\{1A8C6F54-032F-4AAD-BA5B-B5C02EE98A1C} : DHCPNameServer = 10.90.0.50 10.90.0.48
TCP: Interfaces\{1A8C6F54-032F-4AAD-BA5B-B5C02EE98A1C}\16474777966696 : DHCPNameServer = 192.168.4.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{1A8C6F54-032F-4AAD-BA5B-B5C02EE98A1C}\458656742716977237 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{1A8C6F54-032F-4AAD-BA5B-B5C02EE98A1C}\5443230303 : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{53F4D17E-5DA8-4B50-8E8B-7B12E2819BD3} : DHCPNameServer = 209.222.18.222 209.222.18.218
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: AutorunsDisabled - <Clsid value has no data>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: spba - c:\program files\common files\spba\homefus2.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
LSA: Authentication Packages =  msv1_0 wvauth
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.117\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dan\appdata\roaming\mozilla\firefox\profiles\3vf3wwsm.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?type=541231&fr=spigot-yhp-ff
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\dan\appdata\local\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\users\dan\appdata\roaming\mozilla\firefox\profiles\3vf3wwsm.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_70.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-5-4 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-5-4 180248]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2014-2-23 18624]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\drivers\stdcfltn.sys [2012-2-7 17648]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-5-4 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-5-4 410528]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-10-10 120088]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\iobit\advanced systemcare 7\ASCService.exe [2013-11-28 881440]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2012-2-7 81920]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-5-4 67824]
R2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe [2013-10-2 1678040]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2010-10-25 826272]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2010-10-25 32160]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2013-4-22 822504]
R2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\dell\dell system manager\DCPSysMgrSvc.exe [2011-1-20 388464]
R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2013-7-19 341824]
R2 RosettaStoneLtdController;RosettaStoneLtdController;c:\program files\rosettastoneltdservices\RosettaStoneLtdController.exe [2008-9-16 352312]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2013-6-26 523944]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2012-2-7 43888]
R3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys [2013-10-2 174936]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\drivers\btwampfl.sys [2013-10-2 144600]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2012-2-7 33832]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2012-2-7 143968]
R3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2010-8-24 33832]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files\intel\intel® integrated clock controller service\ICCProxy.exe [2013-11-17 169752]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2012-2-7 269824]
R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-2-7 41088]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 104768]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
R3 O2SDJRDR;O2SDJRDR;c:\windows\system32\drivers\o2sdjxp.sys [2012-2-7 63976]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2013-6-26 583848]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2013-6-26 197800]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2013-6-26 24232]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2013-6-26 20136]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2013-6-26 207528]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-1-1 50344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\iobit\liveupdate\LiveUpdate.exe [2013-11-28 2151200]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2014-1-1 64168]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2012-2-7 134144]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-2-12 108032]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2012-2-7 132480]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2012-2-7 62208]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2012-2-7 141568]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\o2mdfw7.sys [2012-2-7 60904]
S3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7.sys [2012-2-7 62440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-10-24 14848]
S3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\RegFilter.sys [2013-8-21 32288]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-10-24 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-10-24 27136]
S3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\UrlFilter.sys [2013-8-21 20944]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-2-15 1343400]
S4 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\FileMonitor.sys [2013-8-21 21480]
S4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S4 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxWatch12OEM.exe [2010-11-25 219632]
.
=============== Created Last 30 ================
.
2014-02-27 19:18:40 765968 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a3314901-1728-4017-b3ae-796a5b04cb2d}\gapaengine.dll
2014-02-27 19:18:25 7947048 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{2cf05341-1874-429b-8612-1d4a44c6cee7}\mpengine.dll
2014-02-27 12:44:05 -------- d-----w- C:\FRST
2014-02-27 04:18:05 -------- d-----w- c:\programdata\HitmanPro
2014-02-27 04:06:03 -------- d-----w- c:\windows\ERUNT
2014-02-27 03:57:36 -------- d-----w- C:\AdwCleaner
2014-02-26 11:19:37 7947048 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-02-24 00:31:36 31008 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2014-02-24 00:30:43 109888 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2014-02-24 00:30:19 18624 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2014-02-21 11:43:16 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{65ebab81-19d9-4a60-b188-959c37c38e55}\gapaengine.dll
2014-02-15 15:59:52 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-02-15 15:58:50 -------- d-----w- c:\program files\iPod
2014-02-15 15:58:49 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-15 15:58:49 -------- d-----w- c:\program files\iTunes
2014-02-15 15:57:54 -------- d-----w- c:\users\dan\appdata\local\Apple
2014-02-15 15:57:18 -------- d-----w- c:\program files\Bonjour
2014-02-12 13:16:49 454656 ----a-w- c:\windows\system32\vbscript.dll
.
==================== Find3M  ====================
.
2014-02-22 03:44:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-22 03:44:20 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-12 13:19:48 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-02-12 13:19:48 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-02-12 13:19:48 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-02-12 13:19:48 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-02-12 13:19:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-02-12 13:19:48 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-02-12 13:19:48 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-12 13:19:48 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-02-12 13:19:48 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-02-12 13:19:48 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-02 04:13:18 64168 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-02 04:13:00 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-02 04:13:00 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-02 04:13:00 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-02 04:12:59 43152 ----a-w- c:\windows\avastSS.scr
2013-12-24 23:09:41 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2013-12-19 02:10:01 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-08 20:58:38 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-08 20:58:38 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-06 02:02:08 2048 ----a-w- c:\windows\system32\msxml3r.dll
2013-12-06 02:02:08 1237504 ----a-w- c:\windows\system32\msxml3.dll
2013-12-04 02:03:20 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- c:\windows\system32\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- c:\windows\system32\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- c:\windows\system32\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
.
============= FINISH: 14:53:29.95 ===============
 
Thanks for your help.

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:18 PM

Posted 27 February 2014 - 04:01 PM


Hello dan1

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 dan1

dan1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:18 PM

Posted 27 February 2014 - 07:05 PM

Hello Gringo,

 

Thank you very much for responding to my problem.  I have run the two programs you suggested and the results follow. I tried both Chrome and Firefox and they still directed the search to yahoo, so I changed the settings of each to uses google to search and I will restart my computer after sending these results to you and then get back to you.  Thanks, again.

 

# AdwCleaner v3.020 - Report created 27/02/2014 at 18:44:36
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Dan - MININT-7564J0J
# Running from : C:\Users\Dan\Downloads\AdwCleaner (2).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\Extensions\adsremoval@adsremoval.net
File Deleted : C:\Windows\Tasks\Driver Booster Update.job
File Deleted : C:\Windows\System32\Tasks\Driver Booster Update
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{446B1FCD-4DC5-4F78-BA69-8B8E683A7D1C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{446B1FCD-4DC5-4F78-BA69-8B8E683A7D1C}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.117
 
[ File : C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [5586 octets] - [26/02/2014 22:58:09]
AdwCleaner[R1].txt - [1502 octets] - [27/02/2014 18:33:35]
AdwCleaner[S0].txt - [5461 octets] - [26/02/2014 23:00:08]
AdwCleaner[S1].txt - [1458 octets] - [27/02/2014 18:44:36]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1518 octets] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x86
Ran by Dan on Thu 02/27/2014 at 18:51:54.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 02/27/2014 at 18:54:48.49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#4 dan1

dan1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:18 PM

Posted 27 February 2014 - 07:15 PM

After restarting, Firefox opens to the yahoo search and search in chrome is directed to yaho; whereas I had set both to use google for searching.  So no change, so far



#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:18 PM

Posted 28 February 2014 - 07:21 AM


Hello dan1

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 dan1

dan1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:18 PM

Posted 28 February 2014 - 11:14 AM

Good morning Gringo,

 

I ran ComboFix and the log follows.  No problems running ComboFix, but unfortunately the spigot redirect to yahoo is still there in both Firefox and Chrome

 

ComboFix 14-02-24.02 - Dan 02/28/2014  10:45:56.1.4 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3241.1989 [GMT -5:00]
Running from: c:\users\Dan\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Dan\AppData\Local\Temp\_MEI30602\_ctypes.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\_elementtree.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\_hashlib.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\_multiprocessing.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\_socket.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\_ssl.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\pyexpat.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\pysqlite2._sqlite.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\python27.dll
c:\users\Dan\AppData\Local\Temp\_MEI30602\pythoncom27.dll
c:\users\Dan\AppData\Local\Temp\_MEI30602\PyWinTypes27.dll
c:\users\Dan\AppData\Local\Temp\_MEI30602\select.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\unicodedata.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32api.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32com.shell.shell.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32crypt.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32event.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32file.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32inet.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32pdh.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32pipe.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32process.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32profile.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32security.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\win32ts.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\windows._lib_cacheinvalidation.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\wx._controls_.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\wx._core_.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\wx._gdi_.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\wx._html2.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\wx._misc_.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\wx._windows_.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\wx._wizard.pyd
c:\users\Dan\AppData\Local\Temp\_MEI30602\wxbase294u_net_vc90.dll
c:\users\Dan\AppData\Local\Temp\_MEI30602\wxbase294u_vc90.dll
c:\users\Dan\AppData\Local\Temp\_MEI30602\wxmsw294u_adv_vc90.dll
c:\users\Dan\AppData\Local\Temp\_MEI30602\wxmsw294u_core_vc90.dll
c:\users\Dan\AppData\Local\Temp\_MEI30602\wxmsw294u_html_vc90.dll
c:\users\Dan\AppData\Local\Temp\_MEI30602\wxmsw294u_webview_vc90.dll
c:\users\Dan\g2mdlhlpx.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-28 to 2014-02-28  )))))))))))))))))))))))))))))))
.
.
2014-02-27 19:18 . 2014-02-21 11:42 765968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3314901-1728-4017-B3AE-796A5B04CB2D}\gapaengine.dll
2014-02-27 19:18 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2CF05341-1874-429B-8612-1D4A44C6CEE7}\mpengine.dll
2014-02-27 12:44 . 2014-02-27 12:45 -------- d-----w- C:\FRST
2014-02-27 04:18 . 2014-02-27 04:26 -------- d-----w- c:\programdata\HitmanPro
2014-02-27 04:06 . 2014-02-27 04:06 -------- d-----w- c:\windows\ERUNT
2014-02-27 03:57 . 2014-02-27 23:45 -------- d-----w- C:\AdwCleaner
2014-02-26 11:19 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-24 00:31 . 2013-11-19 21:52 31008 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2014-02-24 00:30 . 2014-02-14 00:01 109888 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2014-02-24 00:30 . 2013-12-24 15:40 18624 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2014-02-15 15:59 . 2012-08-21 18:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-02-15 15:58 . 2014-02-15 15:58 -------- d-----w- c:\program files\iPod
2014-02-15 15:58 . 2014-02-15 15:59 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-15 15:58 . 2014-02-15 15:59 -------- d-----w- c:\program files\iTunes
2014-02-15 15:58 . 2014-02-15 15:58 -------- d-----w- c:\programdata\Apple Computer
2014-02-15 15:57 . 2014-02-15 15:57 -------- d-----w- c:\users\Dan\AppData\Local\Apple
2014-02-15 15:57 . 2014-02-15 15:57 -------- d-----w- c:\program files\Apple Software Update
2014-02-15 15:57 . 2014-02-15 15:57 -------- d-----w- c:\program files\Bonjour
2014-02-15 15:56 . 2014-02-15 15:58 -------- d-----w- c:\program files\Common Files\Apple
2014-02-15 15:56 . 2014-02-15 15:57 -------- d-----w- c:\programdata\Apple
2014-02-12 13:16 . 2014-02-12 13:16 454656 ----a-w- c:\windows\system32\vbscript.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-22 03:44 . 2012-02-15 14:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-22 03:44 . 2012-02-15 14:33 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-21 11:42 . 2012-06-13 10:02 765968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-19 07:32 . 2012-02-15 16:44 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-02 04:13 . 2014-01-02 04:13 64168 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-02 04:13 . 2013-05-04 13:33 410528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-02 04:13 . 2013-05-04 13:33 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-02 04:13 . 2013-05-04 13:33 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-02 04:13 . 2013-05-04 13:33 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-02 04:12 . 2013-05-04 13:33 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-02 04:12 . 2013-05-04 13:32 43152 ----a-w- c:\windows\avastSS.scr
2013-12-19 02:10 . 2014-01-17 12:39 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-08 20:58 . 2013-05-04 13:33 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-08 20:58 . 2013-05-04 13:33 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{709F3BE5-C718-4B6D-843C-95E8BE0E5E4A}]
2012-09-21 21:11 42944 ----a-w- c:\program files\TGF Interactive\Genius Box\TGFInteractive.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
2014-02-25 15:32 464720 ----a-w- c:\program files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Dan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Dan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Dan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2011-03-04 22:07 120184 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 20:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 20:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 20:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 20:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 20:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 20:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2011-03-04 22:07 120184 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 720064]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2014-01-30 21822128]
"Viber"="c:\users\Dan\AppData\Local\Viber\Viber.exe" [2013-07-31 912904]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-14 5625624]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2014-02-27 109784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-01-04 488816]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2011-01-25 536668]
"FreeFallProtection"="c:\program files\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-07 145880]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-07 181208]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-02-06 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-18 2285344]
.
c:\users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\Dan\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-2 30714328]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2011-1-20 1459056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2010-09-15 17:11 1971536 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ   msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2013-11-07 07:02 189912 ----a-w- c:\windows\System32\igfxpers.exe
.
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-01-02 64168]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-12 108032]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-07-27 132480]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-11-19 62208]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-11-19 141568]
R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7.sys [2011-01-04 60904]
R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7.sys [2011-01-04 62440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2013-11-19 32288]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2013-11-19 20944]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-15 1343400]
R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2013-03-23 21480]
R4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R4 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 18624]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 17648]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-01-02 775952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-01-02 410528]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-10-10 120088]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-01-02 67824]
S2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe [2013-10-02 1678040]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-10-25 826272]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-10-25 32160]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
S2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2011-01-20 388464]
S2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824]
S2 RosettaStoneLtdController;RosettaStoneLtdController;c:\program files\RosettaStoneLtdServices\RosettaStoneLtdController.exe [2008-09-16 352312]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 43888]
S3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys [2013-10-02 174936]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2013-10-02 144600]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-07 33832]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 143968]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2010-08-24 33832]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 269824]
S3 MEI;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjxp.sys [2011-03-23 63976]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-25 11:28 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-15 03:44]
.
2014-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-15 14:34]
.
2014-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-15 14:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.yahoo.com/?type=541231&fr=spigot-yhp-ie
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: Customize Menu - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Fill Forms - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComFillForms.html
IE: Save Forms - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSavePass.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Show RoboForm Toolbar - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
Trusted Zone: microsoft.com\office
TCP: DhcpNameServer = 10.90.0.50 10.90.0.48
FF - ProfilePath - c:\users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?type=541231&fr=spigot-yhp-ff
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKU-Default-Run-Copy - c:\users\Dan\AppData\Roaming\Copy\CopyAgent.exe
MSConfigStartUp-Copy - c:\users\dan\appdata\roaming\copy\copyagent.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3471523856-1942136725-2408105189-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-3471523856-1942136725-2408105189-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.14"
.
[HKEY_USERS\S-1-5-21-3471523856-1942136725-2408105189-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-3471523856-1942136725-2408105189-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(612)
c:\windows\system32\wvauth.DLL
.
- - - - - - - > 'Explorer.exe'(6132)
c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
c:\program files\FileZilla FTP Client\fzshellext.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\IDT\WDM\STacSV.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\SPBA\upeksvr.exe
c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\DRIVERS\o2flash.exe
c:\program files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\taskhost.exe
c:\program files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2014-02-28  10:57:15 - machine was rebooted
ComboFix-quarantined-files.txt  2014-02-28 15:57
.
Pre-Run: 132,001,763,328 bytes free
Post-Run: 131,700,535,296 bytes free
.
- - End Of File - - 4E9B90A765119F0D0627D0A4EC6161A3
A36C5E4F47E84449FF07ED3517B43A31


#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:18 PM

Posted 28 February 2014 - 11:34 AM


Hello dan1

We need to reset Chrome back to defaults to completely clear out what is going on.

We can keep the bookmarks by exporting them - Export Bookmarks


Then I need you to go Google Sync and sign into your account

scroll down untill you see the "Stop and Clear" button and click on button

At the prompt click on "Ok"

Now we need to uninstall chrome

I want you to uninstall Chrome and if asked about user data or settings then remove this also

restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome

After you have Chrome reinstalled please check things out and let me know how it is doing.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 dan1

dan1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:18 PM

Posted 28 February 2014 - 01:04 PM

Hi Gringo,

 

I went ot Chrome Sync, clicked on "stop and clear", then uninstalled Chrome and reinstalled it.  At first everything looked great, as soon as I closed Chrome a message poypped up that said something to the effect of "Whoa! Chrome has crashed" which it didn't since I closed it intentionally.  I reopened Chrome and when I enter a search term it redirects me to yahoo.  I didn't even try Firefox, since we didn't do anything to it.  I appreciate your help with this very much, and I am hoping you will continue to help me resolve this.  Thanks, again.



#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:18 PM

Posted 28 February 2014 - 01:14 PM

Now try to change the setting to chrome to open the web page that you want


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 dan1

dan1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:18 PM

Posted 28 February 2014 - 01:48 PM

I'm sorry I should have mentioned that I had done that.  I just checked the settings again and I have it set so that "On startup" google opens as the homepage; this remains unchanged.  Under the Settings, Search (where is says "Set which search engine is used when searching from the omnibox" I select Google, but as soon as I close and reopen Chrome it is changed back to Yahoo. Under this same section, if I click on "Manage search engines" and delete Yahoo, select Google as the default, close and then reopen Chrome, the Yahoo that I deleted is back and shown as the default.



#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:18 PM

Posted 28 February 2014 - 07:48 PM


Hello dan1



Please download Farbar Recovery Scan Tool and save it to your desktop.


Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 dan1

dan1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:18 PM

Posted 28 February 2014 - 10:27 PM

Hi Gringo,

 

Thanks for continuing to help with this problem.  Follows is the FRST.txt file and I will attach the addition.txt file as you directed in your last message.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-02-2014 02
Ran by Dan (administrator) on MININT-7564J0J on 28-02-2014 22:16:48
Running from C:\Users\Dan\Downloads
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\aestsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(O2Micro International) C:\Windows\system32\DRIVERS\o2flash.exe
(Rosetta Stone Ltd.) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe
(Rosetta Stone Ltd.) C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Users\Dan\AppData\Local\Viber\Viber.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Siber Systems) C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\Dan\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Intel Corporation) C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
(Intel Corporation) C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Dan\Downloads\FRST (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [488816 2011-01-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [536668 2011-01-24] (IDT, Inc.)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)
HKU\S-1-5-21-3471523856-1942136725-2408105189-1001\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3471523856-1942136725-2408105189-1001\...\Run: [GoogleDriveSync] - C:\Program Files\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3471523856-1942136725-2408105189-1001\...\Run: [Viber] - C:\Users\Dan\AppData\Local\Viber\Viber.exe [912904 2013-07-31] ()
HKU\S-1-5-21-3471523856-1942136725-2408105189-1001\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-14] (SUPERAntiSpyware)
HKU\S-1-5-21-3471523856-1942136725-2408105189-1001\...\Run: [RoboForm] - C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-02-27] (Siber Systems)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Dan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=541231&fr=spigot-yhp-ie
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {D904D2F3-996C-4ED9-9C86-77EDF50CBE9F} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=541231&p={searchTerms}
SearchScopes: HKCU - {91D6A25F-DFFF-4C0D-AC71-DB7AD29E0A95} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {D904D2F3-996C-4ED9-9C86-77EDF50CBE9F} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=541231&p={searchTerms}
BHO: Genius Box - {709F3BE5-C718-4B6D-843C-95E8BE0E5E4A} - C:\Program Files\TGF Interactive\Genius Box\TGFInteractive.dll (TGF Interactive)
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Handler: AutorunsDisabled\tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://search.yahoo.com/?type=541231&fr=spigot-yhp-ff
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p=
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Dan\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\searchplugins\yahoo_ff.xml
FF Extension: Garmin Communicator - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-12-04]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012-02-15]
FF Extension: Start Page - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} [2014-02-23]
FF Extension: HP Detect - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2012-02-15]
FF Extension: Send to Kindle for Mozilla Firefox - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\Extensions\sendtokindle@amazon.com.xpi [2013-06-24]
FF Extension: SEO For Firefox - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\Extensions\seo4firefox@seobook.com.xpi [2012-02-15]
FF Extension: Address Bar Search - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-26]
FF Extension: DownThemAll! - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-02-15]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2012-02-18]
 
Chrome: 
=======
CHR DefaultSearchKeyword: yahoo.com search
CHR DefaultSearchProvider: Yahoo
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-28]
CHR Extension: (Google Drive) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-28]
CHR Extension: (YouTube) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-28]
CHR Extension: (Google Search) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-28]
CHR Extension: (Google Wallet) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Gmail) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-28]
CHR Extension: (RoboForm) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-02-28]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-28]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-02-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-01] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1678040 2013-10-02] (Broadcom Corporation.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2013-11-07] (Intel Corporation)
R2 Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [826272 2010-10-25] (Broadcom Corporation)
R2 Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [32160 2010-10-25] (Broadcom Corporation)
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [388464 2011-01-20] (Dell Inc.)
R3 ICCS; C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72296 2010-02-10] (O2Micro International)
R2 RosettaStoneLtdController; C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe [352312 2008-09-16] (Rosetta Stone Ltd.)
S4 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-11-25] (Sonic Solutions)
S4 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-11-25] (Sonic Solutions)
S3 SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [1477632 2010-11-03] (Wave Systems Corp.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [274514 2011-01-24] (IDT, Inc.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1629696 2010-07-13] ()
R2 TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2337136 2011-03-04] (Wave Systems Corp.)
 
==================== Drivers (Whitelisted) ====================
 
R3 Acceler; C:\Windows\System32\DRIVERS\Accelern.sys [43888 2010-12-13] (ST Microelectronics)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-01] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-01-01] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-01] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [174936 2013-10-02] (Broadcom Corporation.)
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [144600 2013-10-02] (Broadcom Corporation.)
R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [33832 2010-08-24] (Broadcom Corporation)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [358224 2012-08-10] (Intel Corporation)
S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2013-03-23] (IObit)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 nusb3hub; C:\Windows\system32\drivers\nusb3hub.sys [62208 2010-11-19] (Renesas Electronics Corporation)
S3 nusb3xhc; C:\Windows\system32\drivers\nusb3xhc.sys [141568 2010-11-19] (Renesas Electronics Corporation)
S3 O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7.sys [60904 2011-01-04] (O2Micro )
S3 O2MDRRDR; C:\Windows\system32\drivers\O2MDRw7.sys [62440 2011-01-04] (O2Micro )
R3 O2SDJRDR; C:\Windows\System32\DRIVERS\o2sdjxp.sys [63976 2011-03-23] (O2Micro )
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2013-11-19] (IObit.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17648 2010-08-20] (ST Microelectronics)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2013-11-27] (The OpenVPN Project)
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2013-11-19] (IObit.com)
S3 catchme; \??\C:\Users\Dan\AppData\Local\Temp\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-28 22:16 - 2014-02-28 22:16 - 01143808 _____ (Farbar) C:\Users\Dan\Downloads\FRST (1).exe
2014-02-28 12:46 - 2014-02-28 12:46 - 00002211 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-28 10:57 - 2014-02-28 10:57 - 00027562 _____ () C:\ComboFix.txt
2014-02-28 10:43 - 2014-02-28 10:57 - 00000000 ____D () C:\Qoobox
2014-02-28 10:43 - 2014-02-28 10:56 - 00000000 ____D () C:\Windows\erdnt
2014-02-28 10:43 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-28 10:43 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-28 10:43 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-28 10:43 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-28 10:43 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-28 10:43 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-28 10:43 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-28 10:43 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-28 10:39 - 2014-02-28 10:43 - 05185084 ____R (Swearware) C:\Users\Dan\Downloads\ComboFix.exe
2014-02-27 19:01 - 2014-02-27 19:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-27 18:56 - 2014-02-27 18:56 - 01037734 _____ (Thisisu) C:\Users\Dan\Downloads\JRT (2).exe
2014-02-27 18:54 - 2014-02-27 18:54 - 00000631 _____ () C:\Users\Dan\Desktop\JRT.txt
2014-02-27 18:51 - 2014-02-27 18:51 - 01037734 _____ (Thisisu) C:\Users\Dan\Downloads\JRT (1).exe
2014-02-27 18:33 - 2014-02-27 18:33 - 01244192 _____ () C:\Users\Dan\Downloads\AdwCleaner (2).exe
2014-02-27 14:53 - 2014-02-27 18:55 - 00000000 ____D () C:\Users\Dan\Desktop\DDS
2014-02-27 14:51 - 2014-02-27 14:51 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.com
2014-02-27 07:45 - 2014-02-27 07:45 - 00036892 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-02-27 07:44 - 2014-02-28 22:16 - 00022519 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-02-27 07:44 - 2014-02-28 22:16 - 00000000 ____D () C:\FRST
2014-02-27 07:43 - 2014-02-27 07:43 - 01143808 _____ (Farbar) C:\Users\Dan\Downloads\FRST.exe
2014-02-27 06:03 - 2014-02-27 06:04 - 14834768 _____ (Siber Systems) C:\Users\Dan\Downloads\RoboForm-Setup (6).exe
2014-02-26 23:33 - 2014-02-28 12:49 - 00001226 _____ () C:\Windows\PFRO.log
2014-02-26 23:33 - 2014-02-28 12:49 - 00000392 _____ () C:\Windows\setupact.log
2014-02-26 23:33 - 2014-02-26 23:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-26 23:18 - 2014-02-26 23:26 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-26 23:16 - 2014-02-26 23:17 - 09988304 _____ (SurfRight B.V.) C:\Users\Dan\Downloads\HitmanPro.exe
2014-02-26 23:06 - 2014-02-26 23:06 - 00000000 ____D () C:\Windows\ERUNT
2014-02-26 23:05 - 2014-02-26 23:05 - 01037734 _____ (Thisisu) C:\Users\Dan\Downloads\JRT.exe
2014-02-26 22:57 - 2014-02-27 18:45 - 00000000 ____D () C:\AdwCleaner
2014-02-26 22:57 - 2014-02-26 22:57 - 01241834 _____ () C:\Users\Dan\Downloads\adwcleaner (1).exe
2014-02-25 06:35 - 2014-02-25 06:35 - 15530400 _____ (Siber Systems) C:\Users\Dan\Downloads\RoboForm-Setup (5).exe
2014-02-25 06:21 - 2014-02-25 06:21 - 00145360 _____ () C:\Users\Dan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-25 06:20 - 2014-02-25 06:20 - 00499208 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-24 22:33 - 2014-02-24 22:34 - 15992880 _____ (Innovative Solutions ) C:\Users\Dan\Downloads\Advanced_Uninstaller11 (1).exe
2014-02-24 20:38 - 2014-02-24 20:42 - 15992880 _____ (Innovative Solutions ) C:\Users\Dan\Downloads\Advanced_Uninstaller11.exe
2014-02-23 19:31 - 2013-11-19 16:52 - 00031008 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2014-02-23 19:30 - 2014-02-23 19:30 - 00001138 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-02-23 19:30 - 2014-02-13 19:01 - 00109888 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2014-02-23 19:30 - 2013-12-24 10:40 - 00018624 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2014-02-23 16:52 - 2014-02-23 16:52 - 00000000 ____D () C:\Users\Dan\Downloads\FMG008
2014-02-19 22:42 - 2014-02-19 22:42 - 15527936 _____ (Siber Systems) C:\Users\Dan\Downloads\RoboForm-Setup-cnetc.exe
2014-02-15 11:00 - 2014-02-15 11:00 - 00001759 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-15 10:59 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-02-15 10:58 - 2014-02-15 10:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-15 10:58 - 2014-02-15 10:59 - 00000000 ____D () C:\Program Files\iTunes
2014-02-15 10:58 - 2014-02-15 10:58 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-15 10:58 - 2014-02-15 10:58 - 00000000 ____D () C:\Program Files\iPod
2014-02-15 10:57 - 2014-02-15 10:57 - 00000000 ____D () C:\Users\Dan\AppData\Local\Apple
2014-02-15 10:57 - 2014-02-15 10:57 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-15 10:57 - 2014-02-15 10:57 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-02-15 10:56 - 2014-02-15 10:58 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-15 10:56 - 2014-02-15 10:57 - 00000000 ____D () C:\ProgramData\Apple
2014-02-15 10:33 - 2014-02-15 10:35 - 137694544 _____ (Apple Inc.) C:\Users\Dan\Downloads\iTunesSetup.exe
2014-02-12 08:19 - 2014-02-12 08:19 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 08:19 - 2014-02-12 08:19 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 08:19 - 2014-02-12 08:19 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 08:19 - 2014-02-12 08:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 08:19 - 2014-02-12 08:19 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 08:19 - 2014-02-12 08:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 08:16 - 2014-02-12 08:16 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 06:09 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 06:09 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 06:09 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 06:09 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 06:09 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 06:09 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 06:09 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 06:09 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 06:09 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 06:09 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 06:09 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 06:09 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 06:09 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 06:09 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
 
==================== One Month Modified Files and Folders =======
 
2014-02-28 22:16 - 2014-02-28 22:16 - 01143808 _____ (Farbar) C:\Users\Dan\Downloads\FRST (1).exe
2014-02-28 22:16 - 2014-02-27 07:44 - 00022519 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-02-28 22:16 - 2014-02-27 07:44 - 00000000 ____D () C:\FRST
2014-02-28 22:14 - 2012-02-15 09:34 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-28 22:13 - 2012-02-15 09:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-28 22:13 - 2012-02-07 16:53 - 02065942 _____ () C:\Windows\WindowsUpdate.log
2014-02-28 13:33 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-02-28 12:57 - 2009-07-13 23:34 - 00021504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-28 12:57 - 2009-07-13 23:34 - 00021504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-28 12:51 - 2013-10-05 16:07 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\ViberPC
2014-02-28 12:50 - 2013-10-05 16:06 - 00000000 ____D () C:\Users\Dan\AppData\Local\Viber
2014-02-28 12:50 - 2013-01-09 23:49 - 00000000 ___RD () C:\Users\Dan\Dropbox
2014-02-28 12:50 - 2013-01-09 23:45 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Dropbox
2014-02-28 12:49 - 2014-02-26 23:33 - 00001226 _____ () C:\Windows\PFRO.log
2014-02-28 12:49 - 2014-02-26 23:33 - 00000392 _____ () C:\Windows\setupact.log
2014-02-28 12:49 - 2012-10-16 16:21 - 00000000 ___RD () C:\Users\Dan\Google Drive
2014-02-28 12:49 - 2012-02-15 09:34 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-28 12:49 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-28 12:46 - 2014-02-28 12:46 - 00002211 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-28 12:46 - 2012-02-15 09:34 - 00000000 ____D () C:\Users\Dan\AppData\Local\Google
2014-02-28 12:46 - 2012-02-15 09:34 - 00000000 ____D () C:\Program Files\Google
2014-02-28 10:57 - 2014-02-28 10:57 - 00027562 _____ () C:\ComboFix.txt
2014-02-28 10:57 - 2014-02-28 10:43 - 00000000 ____D () C:\Qoobox
2014-02-28 10:57 - 2009-07-13 21:37 - 00000000 __RHD () C:\Users\Default
2014-02-28 10:57 - 2009-07-13 21:37 - 00000000 ___RD () C:\Users\Public
2014-02-28 10:56 - 2014-02-28 10:43 - 00000000 ____D () C:\Windows\erdnt
2014-02-28 10:53 - 2009-07-13 21:04 - 00000215 _____ () C:\Windows\system.ini
2014-02-28 10:52 - 2012-05-14 10:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-28 10:51 - 2012-02-15 08:54 - 00000000 ____D () C:\Users\Dan
2014-02-28 10:43 - 2014-02-28 10:39 - 05185084 ____R (Swearware) C:\Users\Dan\Downloads\ComboFix.exe
2014-02-28 06:44 - 2013-07-09 19:10 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\vlc
2014-02-27 19:01 - 2014-02-27 19:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-27 18:56 - 2014-02-27 18:56 - 01037734 _____ (Thisisu) C:\Users\Dan\Downloads\JRT (2).exe
2014-02-27 18:55 - 2014-02-27 14:53 - 00000000 ____D () C:\Users\Dan\Desktop\DDS
2014-02-27 18:54 - 2014-02-27 18:54 - 00000631 _____ () C:\Users\Dan\Desktop\JRT.txt
2014-02-27 18:51 - 2014-02-27 18:51 - 01037734 _____ (Thisisu) C:\Users\Dan\Downloads\JRT (1).exe
2014-02-27 18:45 - 2014-02-26 22:57 - 00000000 ____D () C:\AdwCleaner
2014-02-27 18:33 - 2014-02-27 18:33 - 01244192 _____ () C:\Users\Dan\Downloads\AdwCleaner (2).exe
2014-02-27 14:51 - 2014-02-27 14:51 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.com
2014-02-27 07:45 - 2014-02-27 07:45 - 00036892 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-02-27 07:43 - 2014-02-27 07:43 - 01143808 _____ (Farbar) C:\Users\Dan\Downloads\FRST.exe
2014-02-27 06:04 - 2014-02-27 06:03 - 14834768 _____ (Siber Systems) C:\Users\Dan\Downloads\RoboForm-Setup (6).exe
2014-02-26 23:33 - 2014-02-26 23:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-26 23:31 - 2013-11-28 10:12 - 00002161 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-02-26 23:26 - 2014-02-26 23:18 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-26 23:17 - 2014-02-26 23:16 - 09988304 _____ (SurfRight B.V.) C:\Users\Dan\Downloads\HitmanPro.exe
2014-02-26 23:06 - 2014-02-26 23:06 - 00000000 ____D () C:\Windows\ERUNT
2014-02-26 23:05 - 2014-02-26 23:05 - 01037734 _____ (Thisisu) C:\Users\Dan\Downloads\JRT.exe
2014-02-26 23:03 - 2013-11-17 21:12 - 00001072 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-02-26 23:02 - 2013-07-19 06:42 - 00000000 ____D () C:\ProgramData\IObit
2014-02-26 22:57 - 2014-02-26 22:57 - 01241834 _____ () C:\Users\Dan\Downloads\adwcleaner (1).exe
2014-02-26 07:11 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-02-25 07:48 - 2010-11-20 16:01 - 00798040 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 06:35 - 2014-02-25 06:35 - 15530400 _____ (Siber Systems) C:\Users\Dan\Downloads\RoboForm-Setup (5).exe
2014-02-25 06:21 - 2014-02-25 06:21 - 00145360 _____ () C:\Users\Dan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-25 06:20 - 2014-02-25 06:20 - 00499208 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-24 22:34 - 2014-02-24 22:33 - 15992880 _____ (Innovative Solutions ) C:\Users\Dan\Downloads\Advanced_Uninstaller11 (1).exe
2014-02-24 22:34 - 2013-11-06 20:54 - 00002391 _____ () C:\Users\Dan\Desktop\Advanced Uninstaller PRO 11.lnk
2014-02-24 20:42 - 2014-02-24 20:38 - 15992880 _____ (Innovative Solutions ) C:\Users\Dan\Downloads\Advanced_Uninstaller11.exe
2014-02-24 20:25 - 2009-07-13 23:52 - 00000000 ____D () C:\Windows\addins
2014-02-23 19:30 - 2014-02-23 19:30 - 00001138 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-02-23 19:30 - 2013-07-19 06:42 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\IObit
2014-02-23 19:30 - 2013-07-19 06:42 - 00000000 ____D () C:\Program Files\IObit
2014-02-23 16:52 - 2014-02-23 16:52 - 00000000 ____D () C:\Users\Dan\Downloads\FMG008
2014-02-21 22:44 - 2012-02-15 09:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 22:44 - 2012-02-15 09:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-19 22:42 - 2014-02-19 22:42 - 15527936 _____ (Siber Systems) C:\Users\Dan\Downloads\RoboForm-Setup-cnetc.exe
2014-02-18 22:30 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-15 11:09 - 2013-07-19 06:42 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Apple Computer
2014-02-15 11:00 - 2014-02-15 11:00 - 00001759 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-15 11:00 - 2013-11-27 06:05 - 00000000 ____D () C:\Users\Dan\AppData\Local\Apple Computer
2014-02-15 10:59 - 2014-02-15 10:58 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-15 10:59 - 2014-02-15 10:58 - 00000000 ____D () C:\Program Files\iTunes
2014-02-15 10:58 - 2014-02-15 10:58 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-15 10:58 - 2014-02-15 10:58 - 00000000 ____D () C:\Program Files\iPod
2014-02-15 10:58 - 2014-02-15 10:56 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-15 10:57 - 2014-02-15 10:57 - 00000000 ____D () C:\Users\Dan\AppData\Local\Apple
2014-02-15 10:57 - 2014-02-15 10:57 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-15 10:57 - 2014-02-15 10:57 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-02-15 10:57 - 2014-02-15 10:56 - 00000000 ____D () C:\ProgramData\Apple
2014-02-15 10:35 - 2014-02-15 10:33 - 137694544 _____ (Apple Inc.) C:\Users\Dan\Downloads\iTunesSetup.exe
2014-02-13 19:01 - 2014-02-23 19:30 - 00109888 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2014-02-13 06:54 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-13 06:12 - 2012-02-16 22:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 06:11 - 2013-08-09 06:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-13 06:08 - 2012-02-15 11:44 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 06:07 - 2009-07-13 21:04 - 00000478 _____ () C:\Windows\win.ini
2014-02-12 08:19 - 2014-02-12 08:19 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 08:19 - 2014-02-12 08:19 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 08:19 - 2014-02-12 08:19 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 08:19 - 2014-02-12 08:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 08:19 - 2014-02-12 08:19 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 08:19 - 2014-02-12 08:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 08:19 - 2014-02-12 08:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 08:16 - 2014-02-12 08:16 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-10 05:58 - 2013-11-18 05:44 - 00001034 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-02 21:45 - 2012-03-02 19:45 - 00000975 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-02 21:45 - 2012-03-02 19:45 - 00000000 ____D () C:\Program Files\CCleaner
 
Files to move or delete:
====================
C:\Users\Dan\Triple-S.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-28 13:26
 
==================== End Of Log ============================
 
 

Attached Files



#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:18 PM

Posted 01 March 2014 - 10:40 AM

Hello dan1



I need you to download this script I have made for you --> Attached File  fixlist.txt   458bytes   1 downloads

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

Run FRST again but this time press the Fix button just once and wait.


When finished, it will make a log (fixlog.txt) next to FRST. Please copy and paste the content of this file to your reply.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 dan1

dan1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:18 PM

Posted 01 March 2014 - 01:35 PM

Hi Gringo,

 

I just ran the script and here is the Fixlog

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-03-2014
Ran by Dan at 2014-03-01 13:22:23 Run:1
Running from C:\Users\Dan\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <http://search.yahoo.com/?type=541231&fr=spigot-yhp-ie>
FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\3vf3wwsm.default 
FF Homepage: hxxp://search.yahoo.com/?type=541231&fr=spigot-yhp-ff
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Dan\Triple-S.exe 
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default
 
 
 
 
 
 
 
 
 
 
 
 
*****************
 
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
 => Should not be moved.
Firefox homepage deleted successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Users\Dan\Triple-S.exe => Moved successfully.
 
"C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default" directory move:
 
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Archived History" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cookies" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Current Session" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Current Tabs => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Favicons" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\History" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\History-journal" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Last Tabs => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Login Data => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\QuotaManager" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\README => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Shortcuts" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Top Sites" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Visited Links" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Web Data" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000029.ldb" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000031.ldb" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000032.log" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000030" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\6ABPWRE2\macromedia.com\support\flashplayer\sys\settings.sol => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\6ABPWRE2\macromedia.com\support\flashplayer\sys\#s.ytimg.com\settings.sol => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.com_0.localstorage" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.com_0.localstorage-journal" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage-journal => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_forecast.weather.gov_0.localstorage => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_forecast.weather.gov_0.localstorage-journal => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onwardstate.com_0.localstorage => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onwardstate.com_0.localstorage-journal => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\A66A.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\A67C.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\A67D.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\A67E.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\A67F.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\A690.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\A6A2.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\A6B3.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\2FD4.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\2FE6.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\2FE8.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\2FFA.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\2FFB.tmp => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\000005.bak => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\000005.ldb => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\000006.log => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\CURRENT => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\LOCK => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\LOG => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\LOG.old => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\MANIFEST-000004 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\GPUCache\index => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000005.ldb" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000014.log" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOCK" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000013" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\.usage => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\000005.ldb" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\000012.log" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\LOCK" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\LOG" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\LOG.old => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000011" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000001 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\arrow.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\background.js => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\common.js => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\content.js => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\filler.js => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\horiz.ico => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\loading.gif => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\manifest.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\options.html => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\options.js => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\popup.html => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\popup.js => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\proxy-chrome-nm.js => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\rfdis19.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\robo128.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\robo16.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\robo32.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\robo48.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\search-history.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\search.ico => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\vert.ico => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\128.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\manifest.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_TW\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_CN\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\vi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\uk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\tr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\th\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\se\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ru\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ro\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_PT\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_BR\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\no\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\nl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lt\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ko\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ja\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\it\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\id\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hu\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fil\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\es\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\en\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\el\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\de\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\da\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\cs\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ca\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\bg\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ar\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\craw_background.js => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\craw_window.js => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\manifest.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\flapper.gif => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\icon_128.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\icon_16.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_close.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_hover.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_maximize.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_pressed.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html\craw_window.html => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css\craw_window.css => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\128.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\16.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\32.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\48.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\manifest.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_TW\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_CN\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\vi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\uk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\tr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\th\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ru\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ro\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_PT\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_BR\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\no\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\nl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lt\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ko\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ja\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\it\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\id\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hu\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\he\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fil\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\et\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es_419\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_US\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_GB\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\el\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\de\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\da\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\cs\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ca\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\bg\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ar\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\128.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\manifest.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\zh_TW\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\zh_CN\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\vi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\uk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\tr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\th\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ru\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ro\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\pt_PT\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\pt_BR\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\pl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\no\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\nl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\lv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\lt\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ko\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ja\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\it\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\id\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\hu\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\hr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\hi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\he\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\fr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\fil\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\fi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\es\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\en\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\el\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\de\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\da\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\cs\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ca\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\bg\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ar\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\128.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\manifest.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_TW\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_CN\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\vi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\uk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\tr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\th\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ru\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ro\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_PT\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_BR\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\no\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\nl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ms\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lt\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ko\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ja\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\it\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\id\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hu\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\he\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fil\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\eu\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\et\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es_419\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_US\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_GB\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\el\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\de\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\da\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\cs\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ca\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\bg\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ar\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\icon_128.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\icon_16.png => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\main.html => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\main.js => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\manifest.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\zh_TW\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\zh_CN\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\vi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\uk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\tr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\th\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sk\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ru\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ro\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pt_PT\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pt_BR\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\no\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\nl\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ms\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\lv\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\lt\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ko\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ja\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\it\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\id\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\hu\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\hi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\he\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fr\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fil\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fi\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\et\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\es_419\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\es\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\en_US\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\en_GB\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\el\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\de\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\da\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\cs\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ca\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\bg\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ar\messages.json => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\000029.ldb => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\000031.ldb" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\000032.log" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000030" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOCK" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000002" => Scheduled to move on reboot.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db" => Scheduled to move on reboot.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000b => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002a => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002c => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002d => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002e => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002f => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000031 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000034 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000035 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000037 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000038 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000039 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003b => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003c => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003d => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003e => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003f => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000040 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000042 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000043 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000044 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000049 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004a => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004e => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004f => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000050 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000053 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000054 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000056 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000057 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000058 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000059 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005a => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005b => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005c => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005d => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005e => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005f => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000060 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000061 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000062 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000063 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000064 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000065 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000066 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000067 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000068 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000069 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006a => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006b => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006c => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006d => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006e => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006f => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000070 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000071 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000072 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000073 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000074 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000075 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000076 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007b => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007c => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007d => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007e => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007f => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000080 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000081 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000082 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000083 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000084 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000085 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000086 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000087 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000088 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000089 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008a => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008b => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008c => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008d => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008e => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008f => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000090 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000091 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000092 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000093 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000094 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000095 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000096 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000097 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000098 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000099 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009a => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009b => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009c => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009d => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009e => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009f => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a0 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a1 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a2 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a3 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a4 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a5 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a6 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a7 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a8 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000aa => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ab => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ac => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ad => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ae => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000af => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b0 => Moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cache\index => Moved successfully.
Could not move "C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default" directory. => Scheduled to move on reboot.
 
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-03-01 13:24:04)<=
 
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Archived History => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cookies => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal => Is moved successfully.
"C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Current Session" => File could not move.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Favicons => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\History => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\History-journal => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\QuotaManager => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Shortcuts => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Top Sites => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Visited Links => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Web Data => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000029.ldb => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000031.ldb => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000032.log => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000030 => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.com_0.localstorage => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.com_0.localstorage-journal => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000005.ldb => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000014.log => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOCK => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000013 => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\000005.ldb => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\000012.log => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\LOCK => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\LOG => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000011 => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\000031.ldb => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\000032.log => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000030 => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOCK => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000002 => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db => Is moved successfully.
C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default => Is moved successfully.
 
==== End of Fixlog ====
 
I hope this is the result you were looking for. Just off hand Chrome is looking good so far ,but spigot is still present and redirecting things to yahoo in the Firefox browser


#15 dan1

dan1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:18 PM

Posted 01 March 2014 - 05:02 PM

Hi Gringo - just and update since my last post, spigot is still redirecting every search to yahoo in both Google and Firefox.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users