Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

bombarded by ads


  • This topic is locked This topic is locked
13 replies to this topic

#1 Snow731

Snow731

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 02 May 2014 - 06:14 PM

I recently downloaded this program called Photobie from downloads.com because I needed a photo editing software that didn't cost a bunch like photoshop, but I think it might have come with malware because now I keep being bombarded by pop up ads. I already deleted photobie from my computer.

 

Ive run spybot and ccleaner but the problem still persists. Ive used this website before for help so I'm hoping someone can still help me with this problem. 

 

Thank you



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:59 PM

Posted 03 May 2014 - 04:16 PM





Hello Snow731

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Snow731

Snow731
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 04 May 2014 - 12:10 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014
Ran by Owner (administrator) on HOMEPC on 03-05-2014 23:51:08
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Quest Software) C:\WINDOWS\system32\pnssosvr.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Quest Software) C:\WINDOWS\system32\pnusbvirtualhubwssrv.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
() C:\Program Files\RrFilter\RrFilterService.exe
() C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Quest Software) C:\WINDOWS\system32\PNUSBCLITRAY.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Quest Software) C:\WINDOWS\system32\pntray.exe
(AOL Inc.) C:\Program Files\Common Files\AOL\1391561092\ee\aolsoftware.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Smilebox, Inc.) C:\Documents and Settings\Owner\Application Data\Smilebox\SmileboxTray.exe
() C:\Program Files\002\yewimmxqbs32.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Documents and Settings\Owner\Application Data\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
() C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
() C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(AOL Inc.) C:\Program Files\Common Files\AOL\1391561092\ee\aolupdates.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [InstantAccess] => C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe [37376 1999-12-14] ()
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\redirector.exe [130232 2012-07-27] (Citrix Systems, Inc.)
HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-13] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-13] ()
HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-13] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-13] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [pnusbclitray] => C:\WINDOWS\system32\pnusbclitray.exe [67448 2012-01-19] (Quest Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [HostManager] => C:\Program Files\Common Files\AOL\1391561092\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2557976 2014-04-28] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-02] (AVAST Software)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1482476501-299502267-725345543-1003\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [1040712 2012-06-14] ()
HKU\S-1-5-21-1482476501-299502267-725345543-1003\...\Run: [cdloader] => C:\Documents and Settings\Owner\Application Data\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKU\S-1-5-21-1482476501-299502267-725345543-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1482476501-299502267-725345543-1003\...\Run: [SmileboxTray] => C:\Documents and Settings\Owner\Application Data\Smilebox\SmileboxTray.exe [342312 2014-04-23] (Smilebox, Inc.)
HKU\S-1-5-21-1482476501-299502267-725345543-1003\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-1482476501-299502267-725345543-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20918432 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1482476501-299502267-725345543-1003\...\Policies\Explorer: [HideSCAHealth] 1
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
ShortcutTarget: VPN Client.lnk -> C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()
Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Owner\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -  No File
SearchScopes: HKLM - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM - {3D3D54A4-07CA-4E9F-98FE-0B095E120179} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {337CD6A3-33A9-4A74-A485-3EDA18E327C1} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: AOL Toolbar Loader - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
Toolbar: HKLM - No Name - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - AOL Toolbar - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
DPF: {1241F20B-0688-45A5-ADB2-208AFE4A5DDC} https://goglobal.missionrmc.org/plugins/gg-activex.cab
DPF: {319B9BA1-E335-4F8D-96CA-A89A1DFE778D} https://ikm10.usoncology.com/downloads/ikmSoundPlayer.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {9A0F2B30-FEFF-42C8-9C56-F4FE3215C00C} https://ikm10.usoncology.com/downloads/ikmPrinter.cab
DPF: {BB609657-8E59-4175-9E74-86BD28208880} https://ikm10.usoncology.com/downloads/ieWrapper.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File
FF Plugin: @canon.com/MycameraPlugin - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin: @Citrix.com/npican - C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/DownloadManager,version=1.1 - C:\WINDOWS\ ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
 
Chrome: 
=======
CHR HomePage: hxxp://www.msn.com/?pc=AV01
CHR RestoreOnStartup: "translate_accepted_count"
CHR StartupUrls: "hxxp://www.msn.com/?pc=AV01"
CHR Extension: (No Name) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-01]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-11-28]
CHR Extension: (No Name) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-02]
CHR HKLM\...\Chrome\Extension: [hepfenndjoibhgfopdfkohmnbdmpgapk] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\hepfenndjoibhgfopdfkohmnbdmpgapk.crx [2014-05-02]
CHR HKLM\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-03-04]
CHR HKLM\...\Chrome\Extension: [lcnnhcneegeeojhgpfijnlnocjdmlaon] - C:\Documents and Settings\All Users\Application Data\ValueApps\CH\ValueApps.crx [2014-01-10]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [pmcmflmkceipgecmhoddphflfndnfbbe] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx [2013-10-02]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\DOCUME~1\Owner\LOCALS~1\APPLIC~1\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-03-27]
CHR HKCU\...\Chrome\Extension: [hepfenndjoibhgfopdfkohmnbdmpgapk] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\hepfenndjoibhgfopdfkohmnbdmpgapk.crx [2014-03-27]
CHR HKCU\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-03-04]
CHR HKCU\...\Chrome\Extension: [lcnnhcneegeeojhgpfijnlnocjdmlaon] - C:\Documents and Settings\All Users\Application Data\ValueApps\CH\ValueApps.crx [2014-01-10]
CHR HKCU\...\Chrome\Extension: [pmcmflmkceipgecmhoddphflfndnfbbe] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\pmcmflmkceipgecmhoddphflfndnfbbe.crx [2013-10-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-02] (AVAST Software)
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-11-08] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2011-05-04] (Memeo)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195400 2012-07-09] (NETGEAR)
R2 pnusbvirtualhubwssrv; C:\WINDOWS\system32\pnusbvirtualhubwssrv.exe [591904 2013-11-07] (Quest Software)
R2 RrFilterService; c:\Program Files\RrFilter\RrFilterService.exe [149504 2014-03-13] ()
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 vToolbarUpdater18.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-04-28] (AVG Secure Search)
R2 yewimmxqbs32; C:\Program Files\002\yewimmxqbs32.exe [541696 2014-05-01] ()
 
==================== Drivers (Whitelisted) ====================
 
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-05-02] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-05-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-05-02] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-05-02] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [776976 2014-05-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411552 2014-05-02] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-05-02] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-05-02] ()
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42272 2014-04-28] (AVG Technologies)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [308859 2010-03-23] (Cisco Systems, Inc.)
R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R3 ICAM5USB; C:\WINDOWS\System32\Drivers\Icam5USB.sys [100992 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 MpKsl92564d03; C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FA45E1E3-B286-4468-BBD5-2EE0BBB9A109}\MpKsl92564d03.sys [39464 2014-05-03] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R1 NEOFLTR_7110_21187; C:\WINDOWS\system32\Drivers\NEOFLTR_7110_21187.SYS [85680 2012-06-11] (Juniper Networks)
R1 netfilter; C:\WINDOWS\System32\drivers\netfilter.sys [47488 2014-02-13] (NetFilterSDK.com)
S3 pmxscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-02] (Microsoft Corporation)
R2 pnpnptool; C:\WINDOWS\system32\Drivers\pnpnptool.sys [35448 2013-11-07] (Quest Software)
S3 pnusbd; C:\WINDOWS\system32\Drivers\pnusbd.sys [20472 2013-11-07] (Quest Software)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2014-02-28] ()
R1 tStLib; C:\WINDOWS\System32\drivers\tStLib.sys [55224 2014-03-26] (StdLib)
R1 tStLibG; C:\WINDOWS\System32\drivers\tStLibG.sys [55232 2014-03-28] (StdLib)
S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC)
R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U3 TlntSvr; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-03 23:50 - 2014-05-03 23:51 - 00000000 ____D () C:\FRST
2014-05-03 23:49 - 2014-05-03 23:49 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Computer Clean up
2014-05-03 22:33 - 2014-05-03 22:33 - 00001878 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-05-03 22:33 - 2014-05-03 22:33 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-03 22:33 - 2014-05-03 22:33 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\Skype
2014-05-03 22:33 - 2014-05-03 22:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-05-02 21:13 - 2014-05-03 22:40 - 00000217 _____ () C:\WINDOWS\TWAIN.LOG
2014-05-02 21:04 - 2014-05-02 21:04 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-05-02 21:04 - 2014-05-02 21:04 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-05-02 20:50 - 2014-05-02 20:50 - 00001626 _____ () C:\WINDOWS\setupapi.log
2014-05-02 20:31 - 2014-05-02 20:31 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\AVAST Software
2014-05-02 20:29 - 2014-05-02 21:06 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-05-02 20:28 - 2014-05-02 20:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-05-02 20:26 - 2014-05-03 22:46 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-05-02 20:24 - 2014-05-02 21:04 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-05-02 20:24 - 2014-05-02 21:04 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-05-02 20:24 - 2014-05-02 21:04 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-05-02 20:24 - 2014-05-02 21:04 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-05-02 20:24 - 2014-05-02 21:04 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-05-02 20:24 - 2014-05-02 21:04 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-05-02 20:24 - 2014-05-02 21:04 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-05-02 20:24 - 2014-05-02 21:04 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-05-02 20:20 - 2014-05-02 20:20 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-02 20:17 - 2014-05-02 20:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-05-02 15:01 - 2014-05-02 15:02 - 00231762 _____ () C:\Documents and Settings\Owner\My Documents\cc_20140502_150139.reg
2014-05-01 18:53 - 2014-05-02 18:08 - 00000000 ____D () C:\Program Files\Photobie
2014-05-01 18:52 - 2014-05-03 23:45 - 00000000 ____D () C:\Program Files\RrFilter
2014-05-01 18:52 - 2014-05-01 18:52 - 00000000 ____D () C:\Program Files\rrsavings
2014-05-01 18:52 - 2014-05-01 18:52 - 00000000 ____D () C:\Program Files\Rr Savings
2014-05-01 18:50 - 2014-05-01 18:51 - 00000000 ____D () C:\Program Files\002
2014-05-01 00:20 - 2014-05-04 00:00 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Family Video
2014-04-10 03:11 - 2014-04-10 03:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-04 13:14 - 2014-04-04 13:14 - 00001542 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-04-04 13:14 - 2014-04-04 13:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-04-04 13:10 - 2014-04-04 13:14 - 00000000 ____D () C:\Program Files\iTunes
2014-04-04 13:10 - 2014-04-04 13:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-04-04 13:10 - 2014-04-04 13:10 - 00000000 ____D () C:\Program Files\iPod
2014-04-04 12:35 - 2014-04-04 12:35 - 00000000 ____D () C:\Documents and Settings\NetworkService\Application Data\Apple Computer
 
==================== One Month Modified Files and Folders =======
 
2014-05-04 00:04 - 2013-10-13 05:23 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\vlc
2014-05-04 00:00 - 2014-05-01 00:20 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Family Video
2014-05-03 23:54 - 2012-10-16 18:20 - 00032256 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-03 23:51 - 2014-05-03 23:50 - 00000000 ____D () C:\FRST
2014-05-03 23:49 - 2014-05-03 23:49 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Computer Clean up
2014-05-03 23:45 - 2014-05-01 18:52 - 00000000 ____D () C:\Program Files\RrFilter
2014-05-03 23:42 - 2012-10-18 20:18 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Skype
2014-05-03 23:36 - 2012-10-16 17:44 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-03 23:26 - 2012-10-16 19:42 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-03 23:16 - 2014-03-28 10:16 - 00000414 _____ () C:\WINDOWS\Tasks\At2.job
2014-05-03 22:49 - 2012-10-13 16:28 - 01233500 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-03 22:48 - 2013-07-06 23:17 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Dropbox
2014-05-03 22:47 - 2014-04-03 03:12 - 00000384 ____H () C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-05-03 22:47 - 2013-07-06 23:24 - 00000000 ___RD () C:\Documents and Settings\Owner\My Documents\Dropbox
2014-05-03 22:46 - 2014-05-02 20:26 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-05-03 22:45 - 2014-03-21 11:40 - 00000000 ___RD () C:\Documents and Settings\Owner\My Documents\Google Drive
2014-05-03 22:40 - 2014-05-02 21:13 - 00000217 _____ () C:\WINDOWS\TWAIN.LOG
2014-05-03 22:40 - 2013-12-28 17:18 - 00000004 _____ () C:\WINDOWS\Twain001.Mtx
2014-05-03 22:39 - 2013-12-28 17:18 - 00000156 _____ () C:\WINDOWS\Twunk001.MTX
2014-05-03 22:39 - 2012-10-13 10:38 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-05-03 22:39 - 2012-10-13 10:38 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-05-03 22:38 - 2014-03-27 18:25 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-05-03 22:38 - 2012-10-22 17:31 - 00000394 _____ () C:\WINDOWS\Tasks\ProgramUpdateCheck.job
2014-05-03 22:38 - 2012-10-22 17:31 - 00000378 _____ () C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job
2014-05-03 22:38 - 2012-10-16 17:44 - 00000880 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-03 22:37 - 2012-10-13 15:47 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-03 22:35 - 2012-10-13 15:52 - 00032448 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-03 22:35 - 2012-10-13 15:52 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-05-03 22:33 - 2014-05-03 22:33 - 00001878 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-05-03 22:33 - 2014-05-03 22:33 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-03 22:33 - 2014-05-03 22:33 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\Skype
2014-05-03 22:33 - 2014-05-03 22:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-05-03 22:33 - 2013-05-11 22:49 - 00000000 ___RD () C:\Program Files\Skype
2014-05-03 22:33 - 2012-10-18 20:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-05-03 22:33 - 2012-10-16 17:43 - 00000785 _____ () C:\Documents and Settings\Owner\Desktop\Internet Explorer.lnk
2014-05-03 22:32 - 2013-07-14 10:26 - 00002407 _____ () C:\Documents and Settings\Owner\Desktop\Pandora.lnk
2014-05-03 22:32 - 2012-12-16 10:43 - 00002557 _____ () C:\Documents and Settings\Owner\Desktop\TuneIn_ Listen to Online Radio, Music and Talk Stations.lnk
2014-05-03 22:32 - 2012-11-16 16:25 - 00002267 _____ () C:\Documents and Settings\Owner\Desktop\Google.lnk
2014-05-03 22:20 - 2004-04-12 03:13 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-03 22:19 - 2012-10-13 15:52 - 00000000 ____D () C:\Documents and Settings\Owner
2014-05-03 21:17 - 2014-03-26 17:19 - 00000354 _____ () C:\WINDOWS\Tasks\At1.job
2014-05-02 21:10 - 2014-03-29 10:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-05-02 21:06 - 2014-05-02 20:29 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-05-02 21:04 - 2014-05-02 21:04 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-05-02 21:04 - 2014-05-02 21:04 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-05-02 21:04 - 2014-05-02 20:24 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-05-02 21:04 - 2014-05-02 20:24 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-05-02 21:04 - 2014-05-02 20:24 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-05-02 21:04 - 2014-05-02 20:24 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-05-02 21:04 - 2014-05-02 20:24 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-05-02 21:04 - 2014-05-02 20:24 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-05-02 21:04 - 2014-05-02 20:24 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-05-02 21:04 - 2014-05-02 20:24 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-05-02 20:53 - 2014-03-29 10:11 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2014
2014-05-02 20:52 - 2014-03-29 10:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-05-02 20:50 - 2014-05-02 20:50 - 00001626 _____ () C:\WINDOWS\setupapi.log
2014-05-02 20:31 - 2014-05-02 20:31 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\AVAST Software
2014-05-02 20:29 - 2014-05-02 20:28 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-05-02 20:20 - 2014-05-02 20:20 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-02 20:19 - 2014-05-02 20:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-05-02 18:10 - 2012-10-16 18:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-05-02 18:08 - 2014-05-01 18:53 - 00000000 ____D () C:\Program Files\Photobie
2014-05-02 17:52 - 2013-09-16 17:08 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-05-02 15:02 - 2014-05-02 15:01 - 00231762 _____ () C:\Documents and Settings\Owner\My Documents\cc_20140502_150139.reg
2014-05-02 14:54 - 2013-07-06 23:24 - 00001008 _____ () C:\Documents and Settings\Owner\Desktop\Dropbox.lnk
2014-05-02 14:54 - 2013-07-06 23:19 - 00000000 ____D () C:\Documents and Settings\Owner\Start Menu\Programs\Dropbox
2014-05-02 14:43 - 2013-10-13 00:03 - 00000000 ____D () C:\Program Files\SearchProtect
2014-05-02 03:16 - 2013-11-09 15:55 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2014-05-02 03:00 - 2012-10-13 17:03 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-05-02 01:34 - 2013-08-08 21:50 - 00007724 _____ () C:\WINDOWS\wininit.ini
2014-05-01 18:52 - 2014-05-01 18:52 - 00000000 ____D () C:\Program Files\rrsavings
2014-05-01 18:52 - 2014-05-01 18:52 - 00000000 ____D () C:\Program Files\Rr Savings
2014-05-01 18:51 - 2014-05-01 18:50 - 00000000 ____D () C:\Program Files\002
2014-04-30 03:13 - 2009-03-08 04:41 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-04-30 03:13 - 2004-04-12 03:04 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 08:26 - 2012-10-16 19:42 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-04-29 08:26 - 2012-10-16 19:42 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-04-28 05:26 - 2014-03-04 14:02 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\AVG SafeGuard toolbar
2014-04-28 01:26 - 2014-03-14 02:18 - 00000000 ____D () C:\WINDOWS\system32\cache
2014-04-28 01:26 - 2014-03-04 13:57 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-04-28 01:24 - 2014-03-04 13:58 - 00042272 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2014-04-27 07:11 - 2012-12-25 15:02 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Smilebox
2014-04-22 15:49 - 2014-03-29 10:14 - 00000000 ___HD () C:\$AVG
2014-04-18 01:51 - 2014-03-27 10:59 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\Start Savin
2014-04-14 18:03 - 2012-10-16 19:40 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\NETGEARGenie
2014-04-14 17:49 - 2013-11-09 15:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-04-14 15:03 - 2012-10-13 10:38 - 00000367 ____N () C:\WINDOWS\Sti_Trace.log
2014-04-10 03:32 - 2012-10-13 16:29 - 00100528 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-04-10 03:30 - 2012-10-13 10:36 - 03729784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-10 03:11 - 2014-04-10 03:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-10 03:06 - 2013-08-04 14:24 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-10 03:02 - 2012-10-13 17:00 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-09 17:53 - 2014-03-29 10:47 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-04-09 17:51 - 2013-11-26 01:13 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\WMTools Downloaded Files
2014-04-08 15:00 - 2014-03-27 18:25 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-04-07 20:25 - 2012-10-18 18:10 - 00002473 _____ () C:\Documents and Settings\Owner\Desktop\Microsoft Word.lnk
2014-04-04 13:14 - 2014-04-04 13:14 - 00001542 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-04-04 13:14 - 2014-04-04 13:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-04-04 13:14 - 2014-04-04 13:10 - 00000000 ____D () C:\Program Files\iTunes
2014-04-04 13:14 - 2014-04-04 13:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-04-04 13:10 - 2014-04-04 13:10 - 00000000 ____D () C:\Program Files\iPod
2014-04-04 13:10 - 2013-09-16 17:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple Computer
2014-04-04 13:10 - 2013-09-16 17:07 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-04 12:35 - 2014-04-04 12:35 - 00000000 ____D () C:\Documents and Settings\NetworkService\Application Data\Apple Computer
2014-04-04 12:35 - 2013-09-16 17:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
 
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
 
 
Some content of TEMP:
====================
C:\Documents and Settings\NetworkService\Local Settings\temp\mpam-e9219946.exe
C:\Documents and Settings\Owner\Local Settings\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpo6mnqf.dll
C:\Documents and Settings\Owner\Local Settings\temp\DseShExt-x86.dll
C:\Documents and Settings\Owner\Local Settings\temp\nse1FAB.exe
C:\Documents and Settings\Owner\Local Settings\temp\nse1FAE.exe
C:\Documents and Settings\Owner\Local Settings\temp\nsq1FB7.exe
C:\Documents and Settings\Owner\Local Settings\temp\nsq1FBA.exe
C:\Documents and Settings\Owner\Local Settings\temp\pcspeedmaxsetup.exe
C:\Documents and Settings\Owner\Local Settings\temp\SDShelEx-win32.dll
C:\Documents and Settings\Owner\Local Settings\temp\vlc-2.1.3-win32.exe
C:\Documents and Settings\Owner\Local Settings\temp\VuuPC.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-05-2014
Ran by Owner at 2014-05-04 00:09:24
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG AntiVirus 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AOL Toolbar (HKLM\...\AOL Toolbar) (Version:  - AOL Inc.)
AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version:  - AOL Inc.)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2018 - Avast Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Camera Access Library (HKLM\...\CAL) (Version: 8.5.0.2 - Canon Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.4.0.3 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CCleaner Packages (HKCU\...\CCleaner Packages) (Version:  - ) <==== ATTENTION
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}) (Version: 5.0.6 - Cisco Systems, Inc.)
Citrix Authentication Manager (Version: 3.0.0.47031 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 13.3.0.55 - Citrix Systems, Inc.)
Citrix Receiver Inside (Version: 3.3.0.17208 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (Version: 3.3.0.17207 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Download Updater (AOL Inc.) (HKLM\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
Easy Photo Scan (HKLM\...\{F2132D5C-4C3F-41A9-865B-68966A06B01C}) (Version: 1.00.0000 - Seiko Epson Corporation)
Epson Copy Utility 3.5 (HKLM\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version:  - Trusted Software) <==== ATTENTION
Free File Viewer 2012 (HKLM\...\FreeFileViewer_is1) (Version: 2012.10.9.0 - Bitberry Software)
Freeze.com NetAssistant (HKCU\...\NetAssistant 3.8.3) (Version: 3.8.3 - Freeze.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Drive (HKLM\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth Free Download Packages (HKCU\...\Google Earth Free Download Packages) (Version:  - ) <==== ATTENTION
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
GoToMeeting 5.4.0.1082 (HKCU\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
Intel® Extreme Graphics 2 Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4396 - )
Intel® PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version:  - )
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 18 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 7.1.10.21187 - Juniper Networks)
Juniper Networks Secure Application Manager (HKLM\...\Neoteris_Secure_Application_Manager) (Version: 7.1.10.21187 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.10.21853 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
magicJack (HKCU\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Memeo Instant Backup (HKLM\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7923 - Memeo Inc.)
Memorex 6136 U Scanner Driver (HKLM\...\Memorex 6136 U Scanner Driver) (Version:  - )
MGI PhotoSuite III SE (Remove Only) (HKLM\...\MGI_PRISM_V3_0) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Download Manager (HKLM\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Excel 97 (HKLM\...\Excel) (Version:  - )
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2000 SR-1 (HKLM\...\{00170409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
NetAssistant (Version: 3.8.3 - Freeze.com) Hidden
NETGEAR Genie (HKLM\...\NETGEAR Genie) (Version: 2.2.26.50  - NETGEAR Inc.)
Online Plug-in (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
OpenOffice.org 3.4.1 (HKLM\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Perfection V550 Photo Scanner Driver Update version 3.0.2.0 (HKLM\...\ScannerDriverUpdatePerfection V550 Photo_is1) (Version: 3.0.2.0 - Epson America Inc.)
Perfection V550 User’s Guide version 1.0 (HKLM\...\UsersGuidePerfection V550 User’s Guide_is1) (Version: 1.0 - )
Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
RrFilter (Version: 1.0.0.0 - RrFilter) Hidden
rrsavings (HKLM\...\rrsavings) (Version: 2.0.1 - rrsavings) <==== ATTENTION
RrSavings (Version: 1.0.0.0 - RrSavings) Hidden <==== ATTENTION
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Secure Download Manager (HKLM\...\{B4E55DB1-CABE-49B3-B5B4-C9761A78455D}) (Version: 3.1.20 - Kivuto Solutions Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Smilebox (HKCU\...\Smilebox) (Version: 1.1.1.1 - Smilebox, Inc.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.12.01.5246 - Analog Devices)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Start Savin (HKLM\...\35450_Start Savin) (Version: 1.0 - Smart Apps)
TextBridge Pro 8.0 (HKLM\...\TextBridge Pro 8.0) (Version:  - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
ValueApps (HKLM\...\ValueApps) (Version: 1.1.1.1 - Conduit LTD) <==== ATTENTION
VideoDownloader bundle uninstaller (HKLM\...\bndle_VideoDownloader_is2) (Version: 1.9.4.11 - Video Downloader)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
vWorkspace Connector for Web Access (HKLM\...\{2F592C28-8F7C-414E-A07A-74FDE6726857}) (Version: 7.5.0.648 - Quest Software)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
2004-04-12 03:01 - 2014-03-27 11:06 - 00000075 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
54.225.95.126 imfpmncmbojnbdhnogcegojocabhpbnh
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\At1.job => c:\Program Files\pcreg\service.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\At2.job => C:\DOCUME~1\Owner\APPLIC~1\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\ProgramUpdateCheck.job => C:\Program Files\File Type Assistant\tsassist.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-05-03 21:01 - 2014-05-03 21:02 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14050301\algo.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-10-18 18:44 - 1998-12-10 13:40 - 00119808 _____ () C:\Program Files\TextBridge Pro 8.0\Bin\Tbmhook.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\WINDOWS\system32\vpnapi.dll
2014-03-13 16:34 - 2014-03-13 16:34 - 00149504 _____ () c:\Program Files\RrFilter\RrFilterService.exe
2014-03-04 14:25 - 2014-03-04 14:25 - 00102400 _____ () c:\Program Files\RrFilter\nfapi.dll
2014-03-04 14:25 - 2014-03-04 14:25 - 00233472 _____ () c:\Program Files\RrFilter\ProtocolFilters.dll
2012-10-18 18:44 - 1999-12-14 10:12 - 00037376 _____ () C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe
2012-10-18 18:44 - 1998-12-10 13:43 - 00022016 _____ () C:\Program Files\TextBridge Pro 8.0\Bin\REGDATA.DLL
2012-10-18 18:44 - 1999-12-22 10:14 - 00031744 _____ () C:\Program Files\TextBridge Pro 8.0\Bin\OfficeAccess.dll
2012-10-18 18:44 - 2000-01-14 13:13 - 00045568 _____ () C:\Program Files\TextBridge Pro 8.0\Bin\WordAccess.dll
2012-10-18 18:44 - 1998-12-10 13:47 - 00008704 _____ () C:\Program Files\TextBridge Pro 8.0\Bin\MSAppAccess.dll
2012-10-18 18:44 - 2000-01-14 13:16 - 00034816 _____ () C:\Program Files\TextBridge Pro 8.0\Bin\ExcelAccess.dll
2012-10-18 18:44 - 1998-12-10 13:47 - 00130560 _____ () C:\Program Files\TextBridge Pro 8.0\Bin\IAResENG.dll
2014-03-04 13:57 - 2014-04-28 01:24 - 02557976 _____ () C:\Program Files\AVG SafeGuard toolbar\vprot.exe
2014-04-28 01:26 - 2014-04-28 01:24 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll
2014-05-02 20:23 - 2014-05-02 20:23 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-06-14 22:42 - 2012-06-14 22:42 - 01040712 _____ () C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
2012-05-11 01:24 - 2012-05-11 01:24 - 02537472 _____ () C:\Program Files\NETGEAR Genie\bin\QtCore4.dll
2012-05-09 21:34 - 2012-05-09 21:34 - 00011362 _____ () C:\Program Files\NETGEAR Genie\bin\mingwm10.dll
2012-05-09 21:34 - 2012-05-09 21:34 - 00043008 _____ () C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2012-05-11 01:24 - 2012-05-11 01:24 - 09814016 _____ () C:\Program Files\NETGEAR Genie\bin\QtGui4.dll
2012-07-25 00:48 - 2012-07-25 00:48 - 00412160 _____ () C:\Program Files\NETGEAR Genie\bin\Genie.dll
2012-07-25 00:48 - 2012-07-25 00:48 - 01550848 _____ () C:\Program Files\NETGEAR Genie\bin\SvtNetworkTool.dll
2012-05-11 01:24 - 2012-05-11 01:24 - 01140224 _____ () C:\Program Files\NETGEAR Genie\bin\QtNetwork4.dll
2012-05-11 01:24 - 2012-05-11 01:24 - 00399360 _____ () C:\Program Files\NETGEAR Genie\bin\QtXml4.dll
2012-07-12 00:23 - 2012-07-12 00:23 - 00231424 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2012-07-12 02:24 - 2012-07-12 02:24 - 01061376 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2012-07-23 02:08 - 2012-07-23 02:08 - 01567744 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll
2012-07-23 02:36 - 2012-07-23 02:36 - 00499200 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2012-07-23 02:36 - 2012-07-23 02:36 - 00186368 _____ () C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll
2012-07-25 03:00 - 2012-07-25 03:00 - 01132032 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2012-07-26 04:29 - 2012-07-26 04:29 - 08299520 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2012-07-25 05:42 - 2012-07-25 05:42 - 01084416 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2012-07-25 05:42 - 2012-07-25 05:42 - 00088064 _____ () C:\Program Files\NETGEAR Genie\bin\QRCode.dll
2012-07-23 02:25 - 2012-07-23 02:25 - 00641536 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2012-07-26 04:44 - 2012-07-26 04:44 - 00915968 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2012-07-24 22:45 - 2012-07-24 22:45 - 00433152 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2012-05-11 01:24 - 2012-05-11 01:24 - 00083456 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qgif4.dll
2012-05-11 01:24 - 2012-05-11 01:24 - 00083456 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qico4.dll
2012-05-11 01:24 - 2012-05-11 01:24 - 00287232 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg4.dll
2012-07-12 02:24 - 2012-07-12 02:24 - 00136704 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll
2012-07-12 02:24 - 2012-07-12 02:24 - 00150528 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll
2012-07-23 02:08 - 2012-07-23 02:08 - 00082432 _____ () C:\Program Files\NETGEAR Genie\bin\SVTUtils.dll
2012-07-23 02:08 - 2012-07-23 02:08 - 00083968 _____ () C:\Program Files\NETGEAR Genie\bin\NetcardApi.dll
2012-07-12 00:23 - 2012-07-12 00:23 - 00138752 _____ () C:\Program Files\NETGEAR Genie\bin\airprintdll.dll
2012-07-23 02:21 - 2012-07-23 02:21 - 00701440 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_Update.dll
2012-07-12 01:51 - 2012-07-12 01:51 - 00504832 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2012-07-12 01:51 - 2012-07-12 01:51 - 00116224 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll
2012-07-12 01:51 - 2012-07-12 01:51 - 00076288 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll
2014-05-01 18:51 - 2014-05-01 18:51 - 00541696 _____ () C:\Program Files\002\yewimmxqbs32.exe
2014-04-28 01:26 - 2014-04-28 01:24 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
2004-04-12 03:00 - 2008-04-14 05:41 - 00059904 _____ () C:\WINDOWS\System32\devenum.dll
2004-04-12 03:03 - 2008-04-14 05:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-05-03 22:43 - 2014-05-03 22:43 - 00041984 _____ () C:\Documents and Settings\Owner\Local Settings\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpo6mnqf.dll
2013-10-18 18:55 - 2013-10-18 18:55 - 25100288 _____ () C:\Documents and Settings\Owner\Application Data\Dropbox\bin\libcef.dll
2012-08-10 17:51 - 2013-01-26 00:52 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2014-05-03 22:40 - 2014-05-03 22:40 - 00098816 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32api.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00110080 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\PyWinTypes27.dll
2014-05-03 22:40 - 2014-05-03 22:40 - 00364544 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\pythoncom27.dll
2014-05-03 22:40 - 2014-05-03 22:40 - 00044032 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\_socket.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 01157120 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\_ssl.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00320512 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32com.shell.shell.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00712192 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\_hashlib.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 01175040 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\wx._core_.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00805888 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\wx._gdi_.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00811008 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\wx._windows_.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 01062400 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\wx._controls_.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00735232 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\wx._misc_.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00128512 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\_elementtree.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00127488 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\pyexpat.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00557056 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\pysqlite2._sqlite.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00087040 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\_ctypes.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00119808 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32file.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00108544 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32security.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00018432 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32event.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00038912 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32inet.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00122368 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\wx._wizard.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00070656 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\wx._html2.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00026624 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\_multiprocessing.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00010240 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\select.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00024064 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32pipe.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00686080 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\unicodedata.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00025600 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32pdh.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00525640 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\windows._lib_cacheinvalidation.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00011264 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32crypt.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00035840 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32process.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00017408 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32profile.pyd
2014-05-03 22:40 - 2014-05-03 22:40 - 00022528 _____ () C:\Documents and Settings\Owner\Local Settings\temp\_MEI38442\win32ts.pyd
2012-06-14 22:42 - 2012-06-14 22:42 - 00122696 _____ () C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
2014-04-27 21:43 - 2014-04-23 19:33 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-27 21:43 - 2014-04-23 19:33 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-27 21:43 - 2014-04-23 19:33 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-27 21:43 - 2014-04-23 19:33 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-11 14:28 - 2014-02-10 13:44 - 04592128 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-11 14:28 - 2014-02-10 13:44 - 00112128 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-04-27 21:43 - 2014-04-23 19:33 - 13692232 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Microsoft Find Fast.lnk => C:\WINDOWS\pss\Microsoft Find Fast.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Office Startup.lnk => C:\WINDOWS\pss\Office Startup.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^reminder-ScanSoft Product Registration.lnk => C:\WINDOWS\pss\reminder-ScanSoft Product Registration.lnkStartup
MSCONFIG\startupreg: cdloader => "C:\Documents and Settings\Owner\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
MSCONFIG\startupreg: Memeo Instant Backup => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/02/2014 08:40:39 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry, P4 1.1.10502.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
 
Error: (05/02/2014 08:11:33 PM) (Source: Application Hang) (User: )
Description: Hanging application avgui.exe, version 14.0.0.4353, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (04/30/2014 00:27:47 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile, P4 4.5.216.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
 
Error: (04/25/2014 00:18:57 AM) (Source: Microsoft Office 14) (User: )
Description: EventType officefilevalidationperf, P1 winword.exe, P2 14.0.7011.1000, P3 passed, P4 NIL, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 officefilevalidationperf0, P10 officefilevalidationperf1.
 
Error: (04/24/2014 03:18:19 PM) (Source: Application Error) (User: )
Description: Fault bucket 192258987.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.
 
Error: (04/24/2014 10:31:38 AM) (Source: Application Error) (User: )
Description: Faulting application MsMpEng.exe, version 4.5.216.0, faulting module mpengine.dll, version 1.1.10501.0, fault address 0x003d684d.
Processing media-specific event for [MsMpEng.exe!ws!]
 
Error: (04/22/2014 11:50:31 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Skype Click to Call -- Installation cannot proceed on this operating system.
 
Error: (04/22/2014 03:49:16 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC007022F): Driver installation failed
 
Error: (04/22/2014 03:49:16 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallationFun(0xC007022F): Driver installation failed
 
Error: (04/22/2014 02:36:11 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC007022F): Driver installation failed
 
 
System errors:
=============
Error: (05/03/2014 11:16:00 PM) (Source: Schedule) (User: )
Description: The At2.job command failed to start due to the following error: 
%%2147942403
 
Error: (05/03/2014 10:47:37 PM) (Source: Microsoft Antimalware) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.
 
Error: (05/03/2014 10:40:46 PM) (Source: Service Control Manager) (User: )
Description: The NETGEARGenieDaemon service failed to start due to the following error: 
%%1053
 
Error: (05/03/2014 10:40:46 PM) (Source: Service Control Manager) (User: )
Description: Timeout (120000 milliseconds) waiting for the NETGEARGenieDaemon service to connect.
 
Error: (05/03/2014 10:37:41 PM) (Source: Microsoft Antimalware) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.
 
Error: (05/03/2014 10:31:25 PM) (Source: Microsoft Antimalware) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.
 
Error: (05/03/2014 10:26:42 PM) (Source: Service Control Manager) (User: )
Description: The NETGEARGenieDaemon service failed to start due to the following error: 
%%1053
 
Error: (05/03/2014 10:26:42 PM) (Source: Service Control Manager) (User: )
Description: Timeout (120000 milliseconds) waiting for the NETGEARGenieDaemon service to connect.
 
Error: (05/03/2014 10:21:27 PM) (Source: Microsoft Antimalware) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.
 
Error: (05/03/2014 10:16:00 PM) (Source: Schedule) (User: )
Description: The At2.job command failed to start due to the following error: 
%%2147942403
 
 
Microsoft Office Sessions:
=========================
Error: (05/02/2014 08:40:39 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070490remediationremediationfailuretelemetry1.1.10502.0mpengine0unspecifiedNILNILNIL
 
Error: (05/02/2014 08:11:33 PM) (Source: Application Hang)(User: )
Description: avgui.exe14.0.0.4353hungapp0.0.0.000000000
 
Error: (04/30/2014 00:27:47 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry2152759308unspecifiedscanfile4.5.216.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)unspecifiedunspecifiedNILNILNIL
 
Error: (04/25/2014 00:18:57 AM) (Source: Microsoft Office 14)(User: )
Description: officefilevalidationperfwinword.exe14.0.7011.1000passedNILNILNILNILNILNILNIL
 
Error: (04/24/2014 03:18:19 PM) (Source: Application Error)(User: )
Description: 192258987
 
Error: (04/24/2014 10:31:38 AM) (Source: Application Error)(User: )
Description: MsMpEng.exe4.5.216.0mpengine.dll1.1.10501.0003d684d
 
Error: (04/22/2014 11:50:31 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Skype Click to Call -- Installation cannot proceed on this operating system.(NULL)(NULL)(NULL)
 
Error: (04/22/2014 03:49:16 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC007022F): Driver installation failed(NULL)(NULL)(NULL)
 
Error: (04/22/2014 03:49:16 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallationFun(0xC007022F): Driver installation failed(NULL)(NULL)(NULL)
 
Error: (04/22/2014 02:36:11 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC007022F): Driver installation failed(NULL)(NULL)(NULL)
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 89%
Total physical RAM: 2045.98 MB
Available physical RAM: 218.96 MB
Total Pagefile: 3942.41 MB
Available Pagefile: 2047.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1954.38 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:74.5 GB) (Free:29.39 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (DVD Video Recording) (CDROM) (Total:0.51 GB) (Free:0 GB) UDF
Drive e: () (Fixed) (Total:7.45 GB) (Free:7.28 GB) FAT32
Drive g: () (Removable) (Total:3.81 GB) (Free:1.3 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: D0F4738C)
Partition 1: (Active) - (Size=74 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: C654EBF5)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
 
========================================================
Disk: 2 (Size: 4 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:59 PM

Posted 04 May 2014 - 05:25 AM



Hello Snow731

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Snow731

Snow731
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 05 May 2014 - 09:14 AM

# AdwCleaner v3.207 - Report created 05/05/2014 at 03:17:23
# Updated 05/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - HOMEPC
# Running from : C:\Documents and Settings\Owner\Desktop\Computer Clean up\AdwCleaner (2).exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : tStLibG
 
***** [ Files / Folders ] *****
 
File Found : C:\WINDOWS\system32\drivers\tStLibG.sys
File Found : C:\WINDOWS\Tasks\ProgramUpdateCheck.job
Folder Found : C:\Documents and Settings\All Users\Application Data\AOL Toolbar
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\All Users\Application Data\Conduit
Folder Found : C:\Documents and Settings\All Users\Application Data\ValueApps
Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar
Folder Found : C:\Documents and Settings\Owner\Application Data\ValueApps
Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\AOL Toolbar
Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\AVG SafeGuard toolbar
Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\FileTypeAssistant
Folder Found : C:\Documents and Settings\Owner\My Documents\PC Speed Maximizer
Folder Found : C:\Program Files\002
Folder Found : C:\Program Files\AOL Toolbar
Folder Found : C:\Program Files\AVG SafeGuard toolbar
Folder Found : C:\Program Files\Bench
Folder Found : C:\Program Files\BonanzaDeals
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\Software Update Utility
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\File Type Assistant
Folder Found : C:\Program Files\RrFilter
Folder Found : C:\Program Files\RrSavings
Folder Found : C:\Program Files\SearchProtect
Folder Found : C:\Program Files\Viewpoint
Folder Found : C:\WINDOWS\Installer\{813BA625-B0FA-48D8-9B75-59759C88C219}
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Rr Savings
Key Found : HKCU\Software\AppDataLow\Software\RrSavings
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\deded8e769ec10
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\NetAssistant 3.8.3
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\NetAssistant 3.8.3
Key Found : HKCU\Software\RrSavings
Key Found : HKCU\Software\SmartBar
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\Software\Bench
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\Software\Classes\Installer\Features\07BF6653227E2814286618E5EA689289
Key Found : HKLM\Software\Classes\Installer\Features\526AB318AF0B8D84B9579557C9882C91
Key Found : HKLM\Software\Classes\Installer\Products\07BF6653227E2814286618E5EA689289
Key Found : HKLM\Software\Classes\Installer\Products\526AB318AF0B8D84B9579557C9882C91
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1E8FC16F-4C51-49C4-BC9B-4FC24BDDCEE7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\deded8e769ec10
Key Found : HKLM\Software\firstsearch
Key Found : HKLM\Software\LevelQualityWatcher
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PC Speed Maximizer_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RrSavings
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VOPackage
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DA746012E6D4F488AAD113D6FA4A44
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF767AE36C8829547ACD71A4249A42B9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\07BF6653227E2814286618E5EA689289
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\526AB318AF0B8D84B9579557C9882C91
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3566FB70-E722-4182-8266-815EAE862998}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{813BA625-B0FA-48D8-9B75-59759C88C219}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C792A75A-2A1F-4991-9B85-291745478A79}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RrSavings
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\Rr Savings
Key Found : HKLM\Software\RrSavings
Key Found : HKLM\Software\Tarma Installer
Key Found : HKLM\Software\Viewpoint
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\File Type Assistant\tsassist.exe]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Google Chrome v34.0.1847.131
 
[ File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Found [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN28169629262087025&ctid=CT2737658&UM=2
Found [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=suma_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtDtCtAtBtDtCyCtD0E0D0C0C0EtD0AtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBzzyEyD0BtA0C0EtG0CtCtCyDtGtDyBtB0CtGtAtBtDtCtGtBtDtDtCyDzz0A0C0F0EyE0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0AyEtC0FtB0EyBtG0ByBzytBtG0A0F0EtCtGzz0Ezy0CtGtD0DtAyE0ByE0ByDzzzy0C0A2Q&cr=599501302&ir=
Found [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MB1A8E066-37FD-468A-B867-0FC48022D9E5&SearchSource=58&CUI=&UM=5&UP=SPE2989DE8-F01B-4195-A059-64B36B041CF7&q={searchTerms}&SSPV=
Found [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Found [Extension] : flpcjncodpafbgdpnkljologafpionhb
Found [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
AdwCleaner[R0].txt - [15880 octets] - [05/05/2014 03:17:23]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15941 octets] ##########


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:59 PM

Posted 05 May 2014 - 10:01 AM


Hello Snow731

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:59 PM

Posted 13 May 2014 - 07:50 AM


Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Snow731

Snow731
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 13 May 2014 - 08:55 PM

hi sorry im out of town right now and wont be back for another week. my dad said hes been running some anti malware and it looks better. But when I get back ill reply and we can still run your tests if u recommend it

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:59 PM

Posted 15 May 2014 - 07:30 AM

Hello

No problem and I will check back with you later

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:59 PM

Posted 18 May 2014 - 05:44 AM


Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Snow731

Snow731
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 18 May 2014 - 07:06 AM

Hi thanks for checking up but I'm still out of town and wont be back until the end of the month



#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:59 PM

Posted 18 May 2014 - 08:17 AM

I will keep checking in on you



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:59 PM

Posted 08 June 2014 - 01:49 PM


Hello

48 Hour bump

It has been more than 48 hours since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:59 PM

Posted 14 June 2014 - 08:31 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users