Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removing Default-search.net from search engines Firefox


  • This topic is locked This topic is locked
18 replies to this topic

#1 BadWeather

BadWeather

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:03 AM

Posted 27 October 2014 - 12:05 PM

Hi, experts,

 

I got default-search.net when downloading from a large reputable download site which I thought was a safe bet. Wrong.

My antivirus picked up about 20 problems (the laptop was going mad with its AVG dings advising of a detection. I got AVG to clean up those problems. However, the laptop was running very slowly, so I investigated and deleted the program that I had just installed. Using Iorbit uninstaller, I deleted the program but just at the end of the uninstall process (and before the Iorbit could run its advanced uninstall to make sure that no pieces of the install were remaining in the registry, the program froze and that process was not completed.

 

I then noticed that default-search.net was had become my default search engine. So I then ran MalwareBytes. This removed the problem but on reboot D-F.net was back again. Then I went into my Firefox profile and found an entry for D-S.net and deleted the line. All was perfect until a reboot. I then installed Spybot but that has not found D-S.net.

 

What file is re-activating D-S.net in my Firefox browserand how do I remove it?

 

Long before this, I de-activated MS Internet Explorer as I do not use it - unfortunately you can't delete it as it is part of the Windows system.

 

Many thanks in advance.

 

Notes:

Lenovo G465 laptop

Windows 7 Home Editon

AVG antivirus installed

Maywarebytes installed

Spyboy search and destroy installed after the problem.


Edited by BadWeather, 27 October 2014 - 12:11 PM.


BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:03 AM

Posted 31 October 2014 - 12:38 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 BadWeather

BadWeather
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:03 AM

Posted 31 October 2014 - 03:11 PM

Hey, hey Jürgen.

Copied and pasted as you requested.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2014 01
Ran by George (administrator) on GEORGE-PC on 31-10-2014 19:14:47
Running from C:\Users\George\Desktop
Loaded Profile: George (Available profiles: George & Invitado)
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Español (España, internacional)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\GuardAgent.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(KARPOLAN) C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\SAgent4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHAE.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2841896 2011-10-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3649040 2014-10-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\Run: [KeyboardLeds.exe] => C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe [912896 2012-09-06] (KARPOLAN)
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {4183be01-046c-11e2-a542-70f3954cc1e5} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {586e2a52-c5fc-11e3-8119-1c75085dca4c} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {966f00b0-faf6-11e2-8e15-806e6f6e6963} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {9f634f79-5f8b-11e4-be2b-70f3954cc1e5} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {e0a2737c-5c71-11e4-8cac-70f3954cc1e5} - H:\AutoRun.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=192.168.1.1:80
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
URLSearchHook: HKCU - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
URLSearchHook: HKCU - (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms}
SearchScopes: HKLM-x32 - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {AF4630AC-49CC-4C02-89CC-B95111B6D219} URL = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
SearchScopes: HKCU - {01460647-2EDB-40E4-8632-DE877CFCF668} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKCU - {0AA82ECD-3B1E-4CD8-AE3D-A5503EFA13DE} URL = http://search.findwide.com/serp?guid={6D91C237-8153-4DAA-85D4-F8701683CF91}&action=default_search&serpv=22&k={searchTerms}
SearchScopes: HKCU - {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=60b4be56000000000000ac8112283d86&tlver=1.4.19.19&affID=17161
SearchScopes: HKCU - {3B467EF2-1719-4F86-AB52-EF8A2EF3CBA8} URL = http://ar.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=685749&p={searchTerms}
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=OB_BDiXgD4x4q-_ePUrWquXF8p0?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - {A644E28F-D616-4792-806B-3838D725B196} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10809
SearchScopes: HKCU - {AF4630AC-49CC-4C02-89CC-B95111B6D219} URL = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://isearch.avg.com/search?cid={26B1570A-F350-4AB1-93B4-C07EF616700E}&mid=e0a56a23174447d0ad8ba1bad3a82816-0000310c44d8a65d4648b457c1b748d09f6258bc&lang=en&ds=pd011&pr=sa&d=2012-10-28 20:27:08&v=13.2.0.4&sap=dsp&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Octh Class -> {000123B4-9B42-4900-B3F7-F4B073EFC214} -> C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - No Name - {4D2A1E5E-0C20-4D58-BC21-43FE72BEC807} -  No File
Toolbar: HKLM - No Name - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -  No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKCU - No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} -  No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - No CLSID Value -
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - No CLSID Value -
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
ShellExecuteHooks-x32: Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - C:\Windows\SysWOW64\ieframe.dll [10990080 2011-03-07] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: default-search.net
FF Homepage: hxxp://localhost:2605/|hxxp://uk.my.yahoo.com/
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=107&itype=n&ver=14348&tm=512&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF user.js: detected! => C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\user.js
FF user.js: detected! => C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF Extension: Ads Removal - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\adremoveext@adremoveext.net [2014-08-19]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\ascsurfingprotection@iobit.com [2014-09-25]
FF Extension: TVU Web Player - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\firefox@tvunetworks.com [2012-06-23]
FF Extension: Flagfox - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011-06-20]
FF Extension: No Name - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\{411beae9-8c58-477c-8903-201536f61512} [2012-12-25]
FF Extension: FindWide Toolbar - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\toolbar10809@findwide.com.xpi [2014-02-26]
FF Extension: NoScript - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-03-25]
FF Extension: Ads Removal - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\adremoveext@adremoveext.net [2014-08-19]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\artur.dubovoy@gmail.com [2014-08-04]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\ascsurfingprotection@iobit.com [2014-09-25]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\donottrackplus@abine.com [2014-07-11]
FF Extension: British English Dictionary - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\en-GB@dictionaries.addons.mozilla.org [2014-03-16]
FF Extension: British English Dictionary (Updated) - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\en-gb@flyingtophat.co.uk [2014-03-16]
FF Extension: Xmarks - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\foxmarks@kei.com [2014-10-09]
FF Extension: Classic Theme Restorer - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-09]
FF Extension: To Google Translate - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2014-02-28]
FF Extension: Really Simple Sticky - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\reallysimplesticky@omtv.se.xpi [2014-03-07]
FF Extension: No Name - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-02-28]
FF Extension: Yahoo Mail Hide Ad Panel - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2014-06-10]
FF Extension: Internote - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\{e3631030-7c02-11da-a72b-0800200c9a66}.xpi [2014-02-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-08-17]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\George\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ads Removal) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3487248 2014-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-10-16] (AVG Technologies CZ, s.r.o.)
R2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [85435 2011-11-19] () [File not signed]
R2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [141466 2011-11-19] () [File not signed]
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [68168 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [450904 2014-09-18] (Garmin Ltd or its subsidiaries)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2013-11-16] (Google)
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 StatusAgent4; C:\windows\SysWOW64\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2014-05-25] (Advanced Micro Devices Inc.)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [262424 2014-10-07] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 Btcsrusb; C:\Windows\SysWOW64\Drivers\btcusb.sys [23000 2005-05-31] (IVT Corporation) [File not signed]
S3 cpuz136; No ImagePath
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [59976 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-05-10] () [File not signed]
R1 EUDSKACS; C:\windows\system32\drivers\eudskacs.sys [18504 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\windows\system32\drivers\EuFdDisk.sys [189000 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-04-29] (Qualcomm Atheros Co., Ltd.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [38392 2012-11-23] (IObit Information Technology)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [555224 2013-11-18] (Realtek Semiconductor Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-07-14] (IObit)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [207232 2009-11-09] (Vimicro Corporation)
U3 BcmSqlStartupSvc; No ImagePath
S1 FldSafe; system32\DRIVERS\FldSafe.sys [X]
U2 IAStorDataMgrSvc; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U3 SQLWriter; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-31 19:14 - 2014-10-31 19:16 - 00032697 _____ () C:\Users\George\Desktop\FRST.txt
2014-10-31 19:14 - 2014-10-31 19:14 - 00000000 ____D () C:\FRST
2014-10-31 19:06 - 2014-10-31 19:10 - 02113536 _____ (Farbar) C:\Users\George\Desktop\FRST64.exe
2014-10-31 16:10 - 2014-10-31 16:20 - 16251703 _____ () C:\Users\George\Downloads\4.2 HowdoyoudoMaritimeArchaeology.mp4
2014-10-31 15:53 - 2014-10-31 15:53 - 00117264 _____ () C:\Users\George\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-31 11:53 - 2014-10-31 11:53 - 00028572 _____ () C:\Users\George\Documents\cc_20141031_115259.reg
2014-10-31 11:38 - 2014-10-31 11:38 - 04977216 _____ (Piriform Ltd) C:\Users\George\Downloads\ccsetup419.exe
2014-10-27 21:27 - 2014-10-27 21:27 - 00000000 _____ () C:\asc_rdflag
2014-10-27 15:14 - 2014-10-27 15:14 - 00688992 ____R (Swearware) C:\Users\George\Downloads\dds.com
2014-10-27 13:35 - 2014-10-27 13:30 - 00450713 ____R () C:\windows\system32\Drivers\etc\hosts.20141027-133512.backup
2014-10-27 13:30 - 2009-06-10 21:00 - 00000824 _____ () C:\windows\system32\Drivers\etc\hosts.20141027-133021.backup
2014-10-27 13:02 - 2014-10-27 13:02 - 00000451 _____ () C:\windows\wininit.ini
2014-10-27 11:40 - 2014-10-27 13:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-27 11:40 - 2014-10-27 11:47 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-27 11:40 - 2014-10-27 11:40 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-27 11:40 - 2014-10-27 11:40 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-10-27 11:40 - 2014-10-27 11:40 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-10-27 11:40 - 2014-10-27 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-27 11:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-10-27 11:28 - 2014-10-27 11:38 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\George\Downloads\spybot-2.4.exe
2014-10-27 11:14 - 2014-10-31 14:14 - 00286729 _____ () C:\windows\WindowsUpdate.log
2014-10-27 10:03 - 2014-10-27 11:03 - 00023389 _____ () C:\Users\George\Downloads\hijackthis.log
2014-10-27 10:01 - 2014-10-27 10:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\George\Downloads\HijackThis.exe
2014-10-27 00:29 - 2014-10-27 00:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\George\Downloads\SpyHunter-Installer.exe
2014-10-26 15:30 - 2014-10-26 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-10-26 15:29 - 2014-10-26 15:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-10-26 15:04 - 2014-10-10 02:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-26 15:04 - 2014-10-10 02:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-26 15:04 - 2014-10-10 02:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-26 15:02 - 2013-12-10 02:28 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-26 15:02 - 2013-12-10 02:02 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-26 14:38 - 2014-07-08 22:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-10-26 14:38 - 2014-07-08 22:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-10-26 08:30 - 2014-10-26 11:55 - 00000000 ____D () C:\Users\George\AppData\Roaming\FirefoxToolbar
2014-10-26 08:28 - 2014-10-26 14:18 - 00000000 ____D () C:\Users\George\AppData\Roaming\KastorAllVideoDownloader
2014-10-24 21:14 - 2014-10-24 21:14 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-24 21:14 - 2014-10-24 21:14 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-24 21:11 - 2014-10-24 21:11 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-24 21:11 - 2014-10-24 21:11 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-24 21:10 - 2014-10-24 21:10 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-24 21:09 - 2014-10-24 21:09 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-24 21:09 - 2014-10-24 21:09 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-24 21:02 - 2014-10-24 21:02 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-24 21:00 - 2014-10-24 21:00 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-24 21:00 - 2014-10-24 21:00 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-24 21:00 - 2014-10-24 21:00 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-24 20:56 - 2014-10-24 20:56 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-24 20:56 - 2014-10-24 20:56 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-23 20:10 - 2014-10-23 20:10 - 00000000 ____D () C:\Users\George\AppData\Roaming\AVG2015
2014-10-23 20:09 - 2014-10-25 08:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-23 20:09 - 2014-10-23 20:09 - 00000000 ____D () C:\Users\George\AppData\Roaming\TuneUp Software
2014-10-23 20:07 - 2014-10-23 20:07 - 00000000 ___HD () C:\$AVG
2014-10-23 20:05 - 2014-10-31 11:29 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-23 20:05 - 2014-10-23 20:05 - 00000000 ____D () C:\Users\George\AppData\Local\MFAData
2014-10-23 09:52 - 2014-10-23 10:17 - 166267560 _____ (AVG Technologies) C:\Users\George\Downloads\avg_free_x64_all_2015_5315a8160.exe
2014-10-22 20:46 - 2014-10-22 20:46 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\George\Downloads\avg_remover_stf_x64_2014_4116.exe
2014-10-22 08:26 - 2014-10-22 08:26 - 00006516 _____ () C:\Users\George\Documents\cc_20141022_092612.reg
2014-10-21 15:35 - 2014-10-21 15:35 - 02769385 _____ () C:\Users\George\Documents\AVGInstLog.cab
2014-10-21 15:24 - 2014-10-21 15:24 - 00000000 ____D () C:\Users\Invitado.George-PC\AppData\Local\Avg
2014-10-21 15:23 - 2014-10-23 20:09 - 00000000 ____D () C:\ProgramData\AVG2015
2014-10-21 15:00 - 2014-10-23 21:11 - 00000000 ____D () C:\Users\George\AppData\Local\Avg2015
2014-10-18 21:47 - 2014-10-26 15:30 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-10-18 21:47 - 2014-10-26 15:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-10-18 21:42 - 2014-10-18 21:47 - 00000000 ____D () C:\Users\George\AppData\Local\Adobe
2014-10-16 10:41 - 2011-03-15 02:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\windows\system32\E_ID4BHAE.DLL
2014-10-16 10:41 - 2007-04-10 00:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\windows\system32\E_GCINST.DLL
2014-10-15 15:50 - 2014-10-15 15:56 - 24156724 _____ () C:\Users\George\Downloads\3-9_b_intro_to_experimental_archaeology.mp4
2014-10-14 18:24 - 2014-10-14 18:27 - 01860906 _____ () C:\Users\George\Downloads\VfGnGuides.zip
2014-10-14 14:31 - 2014-10-14 16:49 - 00000466 _____ () C:\Users\George\Documents\Garmin free space.txt
2014-10-14 09:17 - 2014-10-14 09:24 - 37785788 _____ () C:\Users\George\Downloads\3-4_the-classical-world.mp4
2014-10-12 23:15 - 2014-10-12 23:15 - 00000000 ____D () C:\Users\George\Documents\Garmin
2014-10-12 23:09 - 2014-10-12 23:09 - 00000000 ____D () C:\Users\George\AppData\Local\Garmin
2014-10-12 23:08 - 2014-10-12 23:11 - 00000000 ____D () C:\Users\George\AppData\Roaming\Garmin
2014-10-12 23:06 - 2014-10-27 09:29 - 00003558 _____ () C:\windows\System32\Tasks\GarminUpdaterTask
2014-10-12 23:06 - 2014-10-12 23:09 - 00000000 ____D () C:\ProgramData\Garmin
2014-10-12 23:06 - 2014-10-12 23:07 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-10-12 23:06 - 2014-10-12 23:06 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-10-12 23:06 - 2014-10-12 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-10-12 20:48 - 2014-10-12 21:06 - 36034936 _____ (Garmin Ltd or its subsidiaries) C:\Users\George\Downloads\GarminExpress.exe
2014-10-10 14:14 - 2014-10-10 14:14 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2014-10-07 20:43 - 2014-10-07 20:43 - 00262424 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-10-05 20:41 - 2014-10-05 20:41 - 00124184 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-10-05 19:08 - 2014-10-05 19:34 - 00001578 _____ () C:\Users\George\Desktop\BK6.lnk
2014-10-05 19:03 - 2014-10-22 08:29 - 00003236 _____ () C:\windows\System32\Tasks\Bk6w
2014-10-05 15:43 - 2014-10-27 09:43 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-05 15:43 - 2014-10-26 15:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-05 15:43 - 2014-10-26 10:53 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-05 15:43 - 2014-10-26 10:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-05 15:43 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-05 15:43 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-05 15:43 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-05 14:41 - 2014-10-05 15:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\George\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-04 10:24 - 2014-10-04 10:24 - 00004096 ___SH () C:\{92CCD29B-A4DB-41AC-9938-955D9B0D51DD}.CBM
2014-10-04 00:07 - 2014-10-04 00:08 - 00044026 _____ () C:\Users\George\Documents\cc_20141004_010752.reg
2014-10-04 00:02 - 2014-10-31 11:42 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-04 00:02 - 2014-10-31 11:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-04 00:02 - 2014-10-04 00:02 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-10-04 00:02 - 2014-10-04 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-04 00:00 - 2014-10-04 00:01 - 04965896 _____ (Piriform Ltd) C:\Users\George\Downloads\ccsetup418.exe
2014-10-03 22:06 - 2014-10-27 09:30 - 00002890 _____ () C:\windows\System32\Tasks\Uninstaller_SkipUac_George
2014-10-03 22:06 - 2014-10-03 22:06 - 00001256 _____ () C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-10-03 22:06 - 2014-10-03 22:06 - 00001232 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-10-03 21:51 - 2014-10-03 22:03 - 17606432 _____ (IObit) C:\Users\George\Downloads\iobituninstaller.exe
2014-10-03 21:08 - 2014-10-03 21:08 - 00000000 ____D () C:\Users\George\AppData\Roaming\GrabPro
2014-10-03 21:07 - 2014-10-22 08:29 - 00002862 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-10-03 19:17 - 2014-10-03 19:17 - 00001097 _____ () C:\Users\George\Desktop\Windows Explorer.lnk
2014-10-03 19:15 - 2014-10-31 11:44 - 00000000 ____D () C:\Users\George\AppData\Local\CrashDumps
2014-10-03 18:35 - 2014-06-27 02:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-10-03 18:35 - 2014-06-27 01:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-10-03 18:22 - 2014-08-01 11:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-10-03 18:22 - 2014-08-01 11:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-10-03 18:20 - 2014-07-07 02:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-10-03 18:20 - 2014-07-07 02:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-10-03 18:20 - 2014-07-07 01:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-10-03 18:20 - 2014-07-07 01:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-10-03 18:20 - 2014-07-07 01:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-10-03 18:17 - 2014-09-25 02:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-03 18:17 - 2014-09-25 01:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-10-03 18:17 - 2014-09-09 22:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-10-03 18:17 - 2014-09-09 21:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-10-03 18:17 - 2014-08-23 02:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-10-03 18:17 - 2014-08-23 01:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-10-03 18:17 - 2014-06-24 03:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-10-03 18:17 - 2014-06-24 02:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-31 19:17 - 2012-11-22 15:05 - 00000000 ____D () C:\ProgramData\BitMeterOS
2014-10-31 19:11 - 2012-04-03 11:32 - 00000838 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-10-31 16:23 - 2014-02-25 16:16 - 00000000 ____D () C:\Users\George\AppData\Roaming\Media Player Classic
2014-10-31 14:53 - 2010-12-24 15:05 - 00752448 _____ () C:\windows\system32\perfh00A.dat
2014-10-31 14:53 - 2010-12-24 15:05 - 00163696 _____ () C:\windows\system32\perfc00A.dat
2014-10-31 14:53 - 2009-07-14 05:13 - 01678290 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-31 11:52 - 2011-03-25 12:45 - 00003986 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{BE647D94-2E12-43D4-806A-D1A5F83B83C6}
2014-10-31 11:32 - 2009-07-14 04:45 - 00020208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-31 11:32 - 2009-07-14 04:45 - 00020208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-31 11:25 - 2013-11-04 22:14 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-31 11:23 - 2009-07-14 05:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-30 09:39 - 2014-09-25 20:41 - 00002213 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-10-28 07:34 - 2011-03-25 17:57 - 00003072 _____ () C:\windows\MKDEWE.TRN
2014-10-28 00:08 - 2014-08-13 21:05 - 00045056 ___SH () C:\Users\George\AppData\Roaming\Thumbs.db
2014-10-27 21:27 - 2014-02-18 09:30 - 90423296 _____ () C:\windows\system32\config\SOFTWARE.iodefrag.bak
2014-10-27 21:27 - 2014-02-18 09:30 - 05177344 _____ () C:\windows\system32\config\DEFAULT.iodefrag.bak
2014-10-27 21:27 - 2014-02-18 09:30 - 00061440 _____ () C:\windows\system32\config\SAM.iodefrag.bak
2014-10-27 21:27 - 2014-02-18 09:30 - 00028672 _____ () C:\windows\system32\config\SECURITY.iodefrag.bak
2014-10-27 21:27 - 2011-03-25 12:39 - 00000000 ____D () C:\Users\George
2014-10-27 13:43 - 2009-07-14 02:34 - 00450713 ____R () C:\windows\system32\Drivers\etc\hosts.20141027-135016.backup
2014-10-27 13:35 - 2009-07-14 02:34 - 00450713 ____R () C:\windows\system32\Drivers\etc\hosts.20141027-134308.backup
2014-10-27 13:02 - 2011-08-02 21:43 - 00000000 ____D () C:\Program Files (x86)\Windows jZip Toolbar
2014-10-27 09:35 - 2011-07-01 02:05 - 00001036 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-27 09:35 - 2011-07-01 02:05 - 00001032 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-27 09:30 - 2014-08-20 19:26 - 00003168 _____ () C:\windows\System32\Tasks\SmartDefrag3_Update
2014-10-27 09:29 - 2014-08-20 19:26 - 00003170 _____ () C:\windows\System32\Tasks\SmartDefrag3_Startup
2014-10-27 09:29 - 2013-09-06 13:38 - 00003346 _____ () C:\windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2271938275-1303805652-3004356550-1000
2014-10-27 09:29 - 2013-09-05 17:03 - 00003214 _____ () C:\windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2271938275-1303805652-3004356550-1000
2014-10-27 09:29 - 2011-07-01 02:05 - 00004044 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-27 09:29 - 2011-07-01 02:05 - 00003792 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-27 09:25 - 2013-08-01 16:40 - 00000000 ____D () C:\windows\pss
2014-10-27 02:03 - 2011-03-25 18:52 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-26 23:50 - 2012-06-23 09:22 - 00000000 ____D () C:\windows\SysWOW64\TVUAx
2014-10-26 15:21 - 2011-03-25 14:06 - 00000000 ____D () C:\windows\SHELLNEW
2014-10-26 15:18 - 2011-06-21 00:45 - 00000000 ____D () C:\Users\George\AppData\Roaming\Orbit
2014-10-26 15:17 - 2014-04-27 07:44 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-26 15:17 - 2013-08-14 10:41 - 00000000 ____D () C:\windows\system32\MRT
2014-10-26 15:06 - 2011-03-29 19:30 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-25 14:47 - 2009-07-14 03:20 - 00000000 ____D () C:\windows\rescache
2014-10-24 21:14 - 2009-07-14 05:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-10-22 16:12 - 2014-08-17 22:17 - 00018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys
2014-10-22 08:30 - 2014-08-20 20:51 - 00002954 _____ () C:\windows\System32\Tasks\{ACB8DD12-B9E7-4B8E-AA73-19A0FD1B5B1C}
2014-10-22 08:29 - 2014-03-26 10:07 - 00002858 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (George)
2014-10-22 08:29 - 2013-11-20 15:00 - 00003166 _____ () C:\windows\System32\Tasks\Driver Booster Update
2014-10-22 08:16 - 2013-11-20 15:00 - 00003222 _____ () C:\windows\System32\Tasks\Driver Booster Scan
2014-10-21 15:23 - 2013-08-03 10:28 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-18 21:47 - 2012-04-03 11:32 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-18 21:47 - 2012-04-03 11:32 - 00003776 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-10-18 21:47 - 2011-05-14 18:00 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-18 21:47 - 2010-12-25 00:20 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-16 19:12 - 2013-08-03 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-10-16 10:31 - 2013-07-30 10:05 - 00000000 ____D () C:\ProgramData\EPSON
2014-10-16 10:20 - 2013-11-22 12:04 - 00000000 ____D () C:\Users\George\Documents\RE_ Otro 1933478 PO Otras consultas_files
2014-10-16 08:06 - 2012-07-02 19:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-15 08:29 - 2014-09-25 20:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-12 23:08 - 2014-01-11 19:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-10 14:31 - 2009-07-29 07:00 - 00000000 ____D () C:\windows\Panther
2014-10-10 14:17 - 2014-06-12 13:24 - 00000000 ____D () C:\Users\George\AppData\Roaming\Naturalsoft
2014-10-10 14:17 - 2014-06-12 13:22 - 00000000 ____D () C:\Users\George\Documents\Naturalsoft
2014-10-08 17:14 - 2013-05-11 12:43 - 00000000 ____D () C:\ProgramData\Soluto
2014-10-08 17:12 - 2013-05-11 12:45 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
2014-10-08 14:45 - 2014-08-17 18:51 - 00054272 ___SH () C:\Users\George\Documents\Thumbs.db
2014-10-08 14:43 - 2011-04-22 21:19 - 00000000 ____D () C:\Users\George\Documents\Lenovo
2014-10-06 22:07 - 2013-08-11 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LocK-A-FoLdeR
2014-10-06 22:03 - 2011-07-01 00:37 - 00007609 _____ () C:\Users\George\AppData\Local\Resmon.ResmonCfg
2014-10-06 10:44 - 2009-07-14 03:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-10-06 09:59 - 2011-03-25 14:12 - 00000376 _____ () C:\windows\ODBC.INI
2014-10-06 08:43 - 2011-03-25 17:18 - 00000000 ___RD () C:\Brothers Keeper
2014-10-06 08:32 - 2009-07-14 05:08 - 00032630 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-10-05 16:57 - 2011-07-02 21:45 - 00000000 ____D () C:\Users\George\AppData\Local\Windows Live
2014-10-04 09:58 - 2013-08-04 17:02 - 00280576 ___SH () C:\EUMONBMP.SYS
2014-10-03 21:07 - 2013-11-27 09:36 - 00001098 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-10-03 21:07 - 2013-11-20 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-10-03 18:50 - 2011-03-25 12:50 - 01641746 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-10-03 17:58 - 2012-09-19 16:52 - 00000000 ____D () C:\ProgramData\Freemake
2014-10-03 17:49 - 2014-01-16 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-10-03 17:49 - 2014-01-16 14:57 - 00000000 ____D () C:\Program Files (x86)\AnvSoft

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.5440.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 12:24

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2014 01
Ran by George at 2014-10-31 19:17:32
Running from C:\Users\George\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.15.58233 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.00.15.58233 - ABBYY) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Agent Ransack 2010 (64-bit) (HKLM\...\Agent Ransack (64-bit)_is1) (Version:  - )
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{6CADC615-64C7-7366-A49A-342E8B7D3C9B}) (Version: 3.0.786.0 - ATI Technologies, Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5557 - AVG Technologies)
AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5557 - AVG Technologies) Hidden
AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
Basic Operation Guide EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Bog) (Version:  - )
BitMeter OS (HKLM-x32\...\BitMeterOS) (Version:  - )
Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Brother's Keeper 6.6 (HKLM-x32\...\Brother's Keeper 6.6) (Version:  - )
Brother's Keeper 7.0 (HKLM-x32\...\Brother's Keeper 7.0) (Version:  - )
Bullzip PDF Printer 9.1.0.1454 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.1.0.1454 - Bullzip)
ccc-core-static (x32 Version: 2010.0719.1349.22889 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPU Speed Pro version 3 (HKLM-x32\...\{E0E0C30A-89AF-11E0-951E-11904824019B}_is1) (Version: 3 - CPU Speed Pro)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2420.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2420.0 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.3030 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
EASEUS Data Recovery Wizard Free Edition 5.5.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Free Edition 5.5.1_is1) (Version:  - EASEUS)
EASEUS Deleted File Recovery 3.0.1 (HKLM-x32\...\EASEUS Deleted File Recovery 3.0.1_is1) (Version:  - EASEUS)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 6.0 (HKLM-x32\...\EaseUS Todo Backup Free 6.0_is1) (Version: 6.0 - CHENGDU YIWO Tech Development Co., Ltd)
Elevated Installer (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.1.9 - Lenovo)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.33 - Lenovo)
Energy Manager (x32 Version: 1.0.0.33 - Lenovo) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
e-Sword (HKLM-x32\...\{9B98010C-A6E2-40D4-A69D-7EA024EAEC79}) (Version: 9.09.0001 - Rick Meyers)
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Maker 7.0 (HKLM-x32\...\Game Maker 7.0) (Version:  - )
GameMaker 8.1 (HKCU\...\GameMaker81) (Version:  - )
Garmin Express (HKLM-x32\...\{447c27b7-3a63-4cb2-a49c-864050f9a50f}) (Version: 3.2.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
GENViewer Lite 1.14 (HKLM-x32\...\GENViewerLite_is1) (Version:  - )
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
ieSpell (HKLM-x32\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.1 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Keyboard LEDs (HKLM-x32\...\Keyboard LEDs) (Version: 2.7 - KARPOLAN)
K-Lite Codec Pack 7.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - Nombre de su organización)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 1.9.1106.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Lenovo PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.00 - CyberLink Corp.)
Lenovo PowerDVD 9 (x32 Version: 9.0.2829.00 - CyberLink Corp.) Hidden
LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 0.38.0.3C - Lenovo)
LockKey (x32 Version: 0.38.0.3C - Lenovo) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.3 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Network Guide EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Netg) (Version:  - )
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Orbit Downloader (HKLM-x32\...\Orbit_is1) (Version:  - www.orbitdownloader.com)
Paquete de controladores de Windows - Broadcom (BCM43XX) Net  (12/13/2013 6.30.223.215) (HKLM\...\A5E73046BA905B7B0235AB40FA98A4E3AB96E00E) (Version: 12/13/2013 6.30.223.215 - Broadcom)
Paquete de controladores de Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo)
Paquete de controladores de Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
PDF-XChange Lite 2012 (HKLM\...\{25CFCE3C-5C95-49CB-B63A-E2861E6C0C98}_is1) (Version: 5.0.272.1 - Tracker Software Products Ltd)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PhotoFiltre (HKCU\...\PhotoFiltre) (Version:  - )
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version:  - )
PhotoFiltre Studio X (HKCU\...\PhotoFiltre Studio X) (Version:  - )
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d4 - CyberLink Corp.)
PowerXpressHybrid (x32 Version: 1.00.0000 - ATI) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version:  - IObit)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30116 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3 Pro_is1) (Version: 3.2 - IObit)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.31.1 - Synaptics Incorporated)
Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version:  - File Recovery Ltd.)
User's Guide EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Useg) (Version:  - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Essentials Media Codec Pack 4.0 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.0 - Media Codec)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WordTalkInstall (HKLM-x32\...\{D4481AFF-4218-4CF0-A68C-87E9EBAE3B86}) (Version: 1.0.0 - WordTalk)
ZipGenius 6.3 (HKLM-x32\...\{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1) (Version: 6.3 - Wininizio.it Software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

31-10-2014 13:54:25 Punto de control programado

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2014-10-27 13:50 - 00450713 ____R C:\windows\system32\Drivers\etc\hosts
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03D79B6C-3BE9-4301-AF94-3F889EB4871A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {1EB4F449-8037-40C9-9080-AAEB35CECD8F} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {35B8A4A8-CE80-4F23-B105-6D4D5F1F5FDE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {35D0D6C9-7C2E-40D6-A680-B51180A312D3} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-14] (IObit)
Task: {36270679-7934-42B8-BFFF-A365C54BD02C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2271938275-1303805652-3004356550-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {374238FF-F931-419F-8250-3AC32418F4F5} - System32\Tasks\{ACB8DD12-B9E7-4B8E-AA73-19A0FD1B5B1C} => C:\Users\George\Desktop\bluesol\Setup.exe
Task: {4BE1A9DA-58E1-4C8A-9902-EF87C3EE43C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {64EADD16-BEC7-42F2-9855-A572EFBFE233} - System32\Tasks\Windows Codec Update Service => C:\Program Files (x86)\Essentials Codec Pack\WECPUpdate.exe [2012-02-03] (MediaCodec.Org)
Task: {66E09EA4-1A04-44EC-9B4B-FE1D41583493} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {6BE9CF6A-3077-43FA-9AD4-76FDF9E6CFBB} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-08-01] (IObit)
Task: {7AEE3757-4991-461E-BD2D-1119DDB52BE8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-09-18] ()
Task: {862B981F-C8D9-4F7B-89C0-36BD4DDF82D7} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2271938275-1303805652-3004356550-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {87211CE0-3802-43E2-8348-83FC31BB389C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {95928194-F9BA-4FA8-974A-B971509F434C} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-08-01] (IObit)
Task: {9B4D1D67-E20A-4FA3-B567-16A05A1662F3} - System32\Tasks\ASC7_SkipUac_George => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {A56C72CC-1E21-4833-BD53-DB1CD2FF57D5} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-18] (Adobe Systems Incorporated)
Task: {BB88E001-99F6-4CF6-8594-37482BB96A71} - System32\Tasks\Uninstaller_SkipUac_George => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-03] (IObit)
Task: {BD712E9E-AE4A-4B89-8E57-C0A249069B39} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {D036D896-C273-4D89-807D-8AF3D9699584} - System32\Tasks\Bk6w => cmd.exe /c start "Bk6w" "C:\Brothers Keeper"\Bk6w.exe"
Task: {D666FEB5-A839-4556-967B-E79D03B32AFF} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-07-15] (IObit)
Task: {DF23D9FD-BE5A-41DC-90CA-85A76BDD1203} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {E821CAAA-1124-4A76-950A-D3EB01EDE40D} - System32\Tasks\Driver Booster SkipUAC (George) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {EB73EAE2-8D58-4322-BD10-B93F6D183D89} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-29 12:33 - 2011-02-28 22:37 - 00095008 _____ () C:\windows\System32\Primomonnt.dll
2011-11-19 07:27 - 2011-11-19 07:27 - 00085435 _____ () C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
2011-11-19 07:27 - 2011-11-19 07:27 - 00141466 _____ () C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
2014-02-26 22:01 - 2012-08-08 21:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-25 20:41 - 2014-02-13 15:44 - 01214240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
2010-12-25 00:36 - 2009-07-15 15:55 - 00054088 _____ () C:\PROGRAM FILES (X86)\LENOVO\ENERGY MANAGEMENT\HookLib.dll
2010-12-25 00:36 - 2009-07-15 15:55 - 00054088 _____ () C:\PROGRAM FILES (X86)\LENOVO\ENERGY MANAGEMENT\kbdhook.dll
2010-07-19 13:48 - 2010-07-19 13:48 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-09-25 20:41 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00029768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2013-08-04 16:43 - 2008-11-25 16:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2013-08-04 16:44 - 2004-10-05 02:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2013-08-04 16:44 - 2013-05-10 11:08 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2013-08-04 16:43 - 2013-05-22 15:25 - 00093256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2013-08-04 16:43 - 2013-05-22 15:25 - 00030280 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00293960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00578632 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00468040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00068680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2013-08-04 16:44 - 2013-05-10 11:09 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2013-08-04 16:43 - 2013-05-20 16:44 - 00022600 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2013-08-04 16:44 - 2013-05-20 16:44 - 00135240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2013-08-04 16:44 - 2013-05-10 11:08 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2014-09-25 20:41 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-09-25 20:41 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-09-25 20:41 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-09-25 20:41 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2014-10-27 11:40 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-27 11:40 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-27 11:40 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-22 09:49 - 2014-07-14 09:17 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2014-09-25 20:47 - 2014-10-15 08:28 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:96D0C06F
AlternateDataStreams: C:\ProgramData\Temp:DBC416F8
AlternateDataStreams: C:\Users\George\Documents\RE_ Otro 1933478 PO Otras consultas.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: ABBYY Screenshot Reader Bonus =>
MSCONFIG\startupreg: ApnTBMon =>
MSCONFIG\startupreg: APSDaemon => c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
MSCONFIG\startupreg: Boxoft Tools => "c:\programdata\boxtools\boxofttoolbox.exe" -autorun
MSCONFIG\startupreg: CCleaner Monitoring => "c:\program files\ccleaner\ccleaner64.exe" /monitor
MSCONFIG\startupreg: DATAMNGR =>
MSCONFIG\startupreg: EaseUS EPM tray => c:\program files (x86)\easeus\easeus partition master 9.2.2\bin\epmnews.exe
MSCONFIG\startupreg: EaseUs Tray => c:\program files (x86)\easeus\todo backup\bin\traynotify.exe
MSCONFIG\startupreg: EaseUs Watch => c:\program files (x86)\easeus\todo backup\bin\euwatch.exe
MSCONFIG\startupreg: EEventManager => c:\program files (x86)\epson software\event manager\eeventmanager.exe
MSCONFIG\startupreg: Energy Management => c:\program files (x86)\lenovo\energy management\energy management.exe
MSCONFIG\startupreg: Energy Manager => c:\program files (x86)\lenovo\energy manager\energy manager.exe
MSCONFIG\startupreg: EnergyUtility => c:\program files (x86)\lenovo\energy management\utility.exe
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: EvtMgr6 => c:\program files\logitech\setpointp\setpoint.exe /launchgaming
MSCONFIG\startupreg: GarminExpressTrayApp => c:\program files (x86)\garmin\express tray\expresstray.exe
MSCONFIG\startupreg: Google Desktop Search => "c:\program files (x86)\google\google desktop search\googledesktop.exe" /startup
MSCONFIG\startupreg: Google Update =>
MSCONFIG\startupreg: KeyboardLeds.exe =>
MSCONFIG\startupreg: Lenovo Utility => c:\program files (x86)\lenovo\energy manager\utility.exe
MSCONFIG\startupreg: LockKey => C:\Program Files (x86)\LockKey\LockKey.exe
MSCONFIG\startupreg: msnmsgr =>
MSCONFIG\startupreg: NetLimiter =>
MSCONFIG\startupreg: PDFPrint =>
MSCONFIG\startupreg: QuickTime Task => "c:\program files (x86)\quicktime\qttask.exe" -atboottime
MSCONFIG\startupreg: RtHDVBg => c:\program files\realtek\audio\hda\ravbg64.exe /forpcee3
MSCONFIG\startupreg: RtHDVBg_Dolby => "c:\program files\realtek\audio\hda\ravbg64.exe" /forpcee3
MSCONFIG\startupreg: RtHDVBg_LENOVO_MICPKEY => "c:\program files\realtek\audio\hda\ravbg64.exe" /lenovo_micpkey
MSCONFIG\startupreg: RtHDVCpl => c:\program files\realtek\audio\hda\ravcpl64.exe -s
MSCONFIG\startupreg: SearchSettings =>
MSCONFIG\startupreg: Skype => "c:\program files (x86)\skype\phone\skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe" msrun
MSCONFIG\startupreg: SunJavaUpdateSched => c:\program files (x86)\common files\java\java update\jusched.exe
MSCONFIG\startupreg: SynTPEnh => %programfiles%\synaptics\syntp\syntpenh.exe
MSCONFIG\startupreg: UpdateP2GShortCut => c:\program files (x86)\lenovo\power2go\muitransfer\muistartmenu.exe" "c:\program files (x86)\lenovo\power2go" updatewithcreateonce "software\cyberlink\power2go\5.0
MSCONFIG\startupreg: uTray =>
MSCONFIG\startupreg: Wondershare Helper Compact.exe =>

========================= Accounts: ==========================

Administrador (S-1-5-21-2271938275-1303805652-3004356550-500 - Administrator - Disabled)
George (S-1-5-21-2271938275-1303805652-3004356550-1000 - Administrator - Enabled) => C:\Users\George
HomeGroupUser$ (S-1-5-21-2271938275-1303805652-3004356550-1002 - Limited - Enabled)
Invitado (S-1-5-21-2271938275-1303805652-3004356550-501 - Limited - Disabled) => C:\Users\Invitado.George-PC

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-08-02 14:09:35.943
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 11:51:53.170
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:57:15.590
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:55:08.279
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:44:38.373
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:11:18.531
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 09:52:21.559
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 09:26:47.797
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 00:22:09.780
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 00:14:16.749
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


==================== Memory info ===========================

Processor: AMD Athlon™ II P360 Dual-Core Processor
Percentage of memory in use: 60%
Total physical RAM: 3834.9 MB
Available physical RAM: 1533.36 MB
Total Pagefile: 7667.98 MB
Available Pagefile: 4819.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.37 GB) (Free:11.76 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.85 GB) NTFS
Drive e: (Linux) (Fixed) (Total:14.74 GB) (Free:14.63 GB) NTFS
Drive g: (Work) (Fixed) (Total:244.14 GB) (Free:18.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ABA69D84)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.8 GB) - (Type=12)
Partition 4: (Not Active) - (Size=382.4 GB) - (Type=OF Extended)

==================== End Of Log ============================

 

Tak tak.



#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:03 AM

Posted 31 October 2014 - 03:30 PM

Hi,

Step 1

Please uninstall some programs:

  • Windows 7w7.png: Click on the Start Menu button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall:

        Advanced SystemCare 7, IObit Uninstaller, Spybot - Search & Destroy

  • Reboot your computer.

Step 2

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

Step 3

51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your Desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    systemspecs;
    iedefaults;
    FFdefaults;
    emptyclsid;
    autoclean;
    
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Reboot your PC:

Step 4

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 BadWeather

BadWeather
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:03 AM

Posted 03 November 2014 - 11:12 AM

Many thanks to beepingcomputer and to Jürgen. default.search.net seems to have been cleared from my computer as it is no longer showing in the search engines even after a reboot.

 

I have pasted all the logs requested, but I do not think it was necessary  to do so.

 

Thanks again,

 

George.

 

Results from Adware cleaner.

 

# AdwCleaner v3.311 - Reporte Creado 31/10/2014 en 22:14:46
# Actualizado 30/09/2014 por Xplode
# Sistema Operativo : Windows 7 Home Basic Service Pack 1 (64 bits)
# Nombre de usuario : George - GEORGE-PC
# Ejecutado desde : C:\Users\George\Desktop\AdwCleaner.exe
# Opción : Limpiar

***** [ Servicios ] *****


***** [ Archivos / Carpetas ] *****

Carpeta Borrar : C:\ProgramData\apn
Carpeta Borrar : C:\Program Files (x86)\orbitdownloader
Carpeta Borrar : C:\Program Files (x86)\Windows jZip Toolbar
Carpeta Borrar : C:\Users\George\AppData\Local\AskPartnerNetwork
Carpeta Borrar : C:\Users\George\AppData\Local\Mobogenie
Carpeta Borrar : C:\Users\George\AppData\LocalLow\Conduit
Carpeta Borrar : C:\Users\George\AppData\Roaming\DriverCure
Carpeta Borrar : C:\Users\George\AppData\Roaming\DSite
Carpeta Borrar : C:\Users\George\AppData\Roaming\FirefoxToolbar
Carpeta Borrar : C:\Users\George\AppData\Roaming\GrabPro
Carpeta Borrar : C:\Users\George\AppData\Roaming\ParetoLogic
Carpeta Borrar : C:\Users\George\AppData\Roaming\pdfforge
Carpeta Borrar : C:\Users\Invitado.George-PC\AppData\LocalLow\AVG Secure Search
Carpeta Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\mediabarim
Carpeta Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\staged\ffxtlbr@zonealarm.com
Carpeta Borrar : C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Archivo Borrar : C:\Program Files (x86)\Mozilla Firefox\Extensions\wtxpcom@mybrowserbar.com
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\searchplugins\ask-search.xml
Archivo Borrar : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\searchplugins\SearchResults.xml
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\searchplugins\zonealarm.xml
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\user.js
Archivo Borrar : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\user.js

***** [ Tareas ] *****

Tarea Borrar : Driver Booster Scan
Tarea Borrar : Driver Booster Update

***** [ Accesos directos ] *****


***** [ Registro ] *****

Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Clave Borrar : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Clave Borrar : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\DownTangoFTToolbar_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\DownTangoFTToolbar_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_all-video-downloader_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_all-video-downloader_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_orbit-downloader_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_orbit-downloader_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Clave Borrar : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Clave Borrar : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Clave Borrar : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Clave Borrar : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Valor Borrar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Valor Borrar : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Orbitdownloader\orbitdm.exe]
Valor Borrar : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Orbitdownloader\orbitnet.exe]
Clave Borrar : HKCU\Software\Ask&Record
Clave Borrar : HKCU\Software\AskPartnerNetwork
Clave Borrar : HKCU\Software\Orbit
Clave Borrar : HKCU\Software\ParetoLogic
Clave Borrar : HKCU\Software\powerpack
Clave Borrar : HKCU\Software\ProtectedSearch
Clave Borrar : HKCU\Software\UpdateStar
Clave Borrar : HKCU\Software\usyndication.com
Clave Borrar : HKCU\Software\YahooPartnerToolbar
Clave Borrar : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clave Borrar : HKCU\Software\AppDataLow\Software\Conduit
Clave Borrar : HKCU\Software\AppDataLow\Software\ShoppingReport2
Clave Borrar : HKCU\Software\AppDataLow\Software\simplytech
Clave Borrar : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Clave Borrar : HKLM\SOFTWARE\AskPartnerNetwork
Clave Borrar : HKLM\SOFTWARE\Conduit
Clave Borrar : HKLM\SOFTWARE\Orbit
Clave Borrar : HKLM\SOFTWARE\ParetoLogic
Clave Borrar : HKLM\SOFTWARE\Search Settings
Clave Borrar : HKLM\SOFTWARE\systweak
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Navegadores ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v33.0 (x86 en-US)

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\prefs.js ]


[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\prefs.js ]


[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\prefs.js ]


[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\prefs.js ]


[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\prefs.js ]


[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\prefs.js ]

Linea borrada : user_pref("browser.search.selectedEngine", "default-search.net");
Linea borrada : user_pref("extensions.fvd_single.__surfcanyon_disable_time", "1");
Linea borrada : user_pref("extensions.fvd_single.seopack.b_surfcanyon", true);
Linea borrada : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394107107078");
Linea borrada : user_pref("extensions.toolbar_ORJ-SPE@apn.ask.com.install-event-fired", true);
Linea borrada : user_pref("keyword.url", "hxxp://www.default-search.net/search?sid=476&aid=107&itype=n&ver=14348&tm=512&src=ds&p=");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\prefs.js ]

Linea borrada : user_pref("browser.search.defaultengine", "Web Search");
Linea borrada : user_pref("browser.search.order.1", "Web Search");

[ Archivo : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\prefs.js ]

Linea borrada : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Linea borrada : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Linea borrada : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Linea borrada : user_pref("browser.search.defaultengine", "Web Search");

[ Archivo : C:\Users\Invitado.George-PC\AppData\Roaming\Mozilla\Firefox\Profiles\57cyhk8a.default\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [21211 octets] - [31/10/2014 22:08:52]
AdwCleaner[S0].txt - [19142 octets] - [31/10/2014 22:14:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19203 octets] ##########
 



#6 BadWeather

BadWeather
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:03 AM

Posted 03 November 2014 - 11:14 AM

Results from Zoek.

 

Zoek.exe v5.0.0.0 Updated 29-10-2014
Tool run by George on 31/10/2014 at 22:29:27.18.
Microsoft Windows 7 Home Basic  6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\George\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

31/10/2014 22:31:19 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2271938275-1303805652-3004356550-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0AA82ECD-3B1E-4CD8-AE3D-A5503EFA13DE} deleted successfully
HKEY_USERS\S-1-5-21-2271938275-1303805652-3004356550-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3B467EF2-1719-4F86-AB52-EF8A2EF3CBA8} deleted successfully
HKEY_USERS\S-1-5-21-2271938275-1303805652-3004356550-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A644E28F-D616-4792-806B-3838D725B196} deleted successfully
HKEY_USERS\S-1-5-21-2271938275-1303805652-3004356550-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AF4630AC-49CC-4C02-89CC-B95111B6D219} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-2271938275-1303805652-3004356550-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-2271938275-1303805652-3004356550-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_USERS\S-1-5-21-2271938275-1303805652-3004356550-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_USERS\S-1-5-21-2271938275-1303805652-3004356550-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\S-1-5-21-2271938275-1303805652-3004356550-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{1392B8D2-5C05-419F-A8F6-B9F15A596612} deleted successfully
HKEY_USERS\S-1-5-21-2271938275-1303805652-3004356550-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{1392B8D2-5C05-419F-A8F6-B9F15A596612} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4D2A1E5E-0C20-4D58-BC21-43FE72BEC807} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\prefs.js:
user_pref("browser.startup.homepage", "http://localhost:2605/|http://uk.my.yahoo.com/");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\prefs.js:

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\prefs.js:
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Ask Search");
user_pref("browser.search.order.1", "Search By ZoneAlarm");
user_pref("extensions.ORJ-SPE.my-keyword-url", "\"\"");
user_pref("extensions.ORJ-SPE.previous-keyword-url", "\"http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=\"");
user_pref("extensions.APN_TB.first-previous-keyword-url", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("extensions.APN_TB.first-previous-keyword-url", "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
user_pref("extensions.ORJ-SPE.my-keyword-url", "\"\"");
user_pref("extensions.ORJ-SPE.previous-keyword-url", "\"http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=\"");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\INVITA~1.GEO\AppData\Roaming\Mozilla\Firefox\Profiles\57cyhk8a.default\prefs.js:
user_pref("browser.startup.homepage", "http://uk.my.yahoo.com/");

Added to C:\Users\INVITA~1.GEO\AppData\Roaming\Mozilla\Firefox\Profiles\57cyhk8a.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default

user.js not found
---- Lines OneClickDownload removed from prefs.js ----
user_pref("OneClickDownload.Version", "1.0.3");
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

ProfilePath: C:\Users\INVITA~1.GEO\AppData\Roaming\Mozilla\Firefox\Profiles\57cyhk8a.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_102014_2319_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\2389 deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\Users\George\AppData\Roaming\Smiley.ico deleted
C:\PROGRA~3\Avg_Update_0414b deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\Wondershare Video Converter Ultimate deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\George\AppData\Local\Wondershare deleted
C:\Users\George\AppData\Local\cache deleted
C:\Users\Public\AlexaNSISPlugin.5440.dll deleted
C:\Users\George\AppData\LocalLow\ADSRemoval deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\windows\wininit.ini deleted
C:\windows\Launcher.exe deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\Syswow64\sho11AC.tmp deleted
C:\windows\Syswow64\sho39F5.tmp deleted
C:\windows\Syswow64\sho59F3.tmp deleted
C:\windows\Syswow64\sho7765.tmp deleted
C:\windows\Syswow64\sho7A9D.tmp deleted
C:\windows\Syswow64\sho8006.tmp deleted
C:\windows\Syswow64\sho894C.tmp deleted
C:\windows\Syswow64\sho9696.tmp deleted
C:\windows\SysWow64\AI_RecycleBin deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\staged deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\adremoveext@adremoveext.net deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\toolbar10809@findwide.com.xpi deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\toolbar10809@findwide.com.xpi deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\toolbar10809@findwide.com.xpi" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\PROGRA~2\Mozilla Firefox\extensions\iobit@mybrowserbar.com" deleted
"C:\Users\George\AppData\Roaming\ieSpell" deleted

==== System Specs ======================

Windows: Windows 7 Home Basic Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 3835 MB
CPU Info: AMD Athlon™ II P360 Dual-Core Processor
CPU Speed: 2348.5 MHz
Sound Card: Altavoces (Realtek High Definit |
Display Adapters: ATI Mobility Radeon HD 4200 Series | ATI Mobility Radeon HD 4200 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; ThinkPad Display 1366x768 |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Dispositivo Bluetooth (Red de área personal) #5 | Microsoft Virtual WiFi Miniport Adapter | Adaptador de red Broadcom 802.11n | Qualcomm Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 1x (F: | ) F: SlimtypeDVD A DS8A4S
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  68.4GB | D:  29.0GB | E:  14.7GB | G:  244.1GB
Hard Disks - Free: C:  11.8GB | D:  27.8GB | E:  14.6GB | G:  18.7GB
Manufacturer *: LENOVO
BIOS Info: AT/AT COMPATIBLE | 12/01/10 | LENOVO - 1
Time Zone: Hora estándar GMT
Motherboard *: LENOVO Guam
Country: Reino Unido
Language: ENG

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated)
Default Browser: Firefox    33.0
Internet Explorer version: 8.0.7601.17514
Mozilla Firefox version: 33.0 (x86 en-US)
Sun Java version: 1.7.0_67 (32-bit)
Flash Player version: 15.0.0.189
Shockwave Player version: 12.0.5r146

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [17/08/2014 22:16]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 10:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\avg
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Undetermined - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Force-TLS - %ProfilePath%\extensions\forcetls@sid.stamm.xpi

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\conduitCommon
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\CT1060933
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\EBSuggestHistory
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\healthreport
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\jetpack
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\mediabarim
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\saved-telemetry-pings
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\storage
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897
- Undetermined - {e3631030-7c02-11da-a72b-0800200c9a66}
- Undetermined - reallysimplesticky@omtv.se
- Undetermined - en-GB@dictionaries.addons.mozilla.org
- Undetermined - artur.dubovoy@gmail.com
- Undetermined - ascsurfingprotection@iobit.com
- Undetermined - foxmarks@kei.com
- Undetermined - YoutubeDownloader@PeterOlayev.com
- Flash Video Downloader - YouTube Full HD Download - %ProfilePath%\extensions\artur.dubovoy@gmail.com
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com
- British English Dictionary - %ProfilePath%\extensions\en-GB@dictionaries.addons.mozilla.org
- British English Dictionary Updated - %ProfilePath%\extensions\en-gb@flyingtophat.co.uk
- Xmarks - %ProfilePath%\extensions\foxmarks@kei.com
- Classic Theme Restorer Customize UI - %ProfilePath%\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
- To Google Translate - %ProfilePath%\extensions\jid1-93WyvpgvxzGATw@jetpack.xpi
- Really Simple Sticky - %ProfilePath%\extensions\reallysimplesticky@omtv.se.xpi
- 1-Click YouTube Video Downloader - %ProfilePath%\extensions\YoutubeDownloader@PeterOlayev.com.xpi
- Yahoo Mail Hide Ad Panel - %ProfilePath%\extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi
- Internote - %ProfilePath%\extensions\{e3631030-7c02-11da-a72b-0800200c9a66}.xpi

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\weave
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\webapps
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}

ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Undetermined - %ProfilePath%\extensions\{35379F86-8CCB-4724-AE33-4278DE266C70}
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- TVU Web Player - %ProfilePath%\extensions\firefox@tvunetworks.com
- Flagfox - %ProfilePath%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
- Undetermined - %ProfilePath%\extensions\{411beae9-8c58-477c-8903-201536f61512}
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

ProfilePath: C:\Users\INVITA~1.GEO\AppData\Roaming\Mozilla\Firefox\Profiles\57cyhk8a.default
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF

ExtDir: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- DoNotTrackMe - %ExtDir%\donottrackplus@abine.com
- British English Dictionary - %ExtDir%\en-GB@dictionaries.addons.mozilla.org
- Flagfox - %ExtDir%\{1018e4d6-728f-4b20-ad56-37578a4de76b}
- YouTube Video Download Wizard - %ExtDir%\ytvdw@pgport.com.xpi
- NoScript - %ExtDir%\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

ExtDir: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles
- DoNotTrackMe - %ExtDir%\extensions\donottrackplus@abine.com
- British English Dictionary - %ExtDir%\extensions\en-GB@dictionaries.addons.mozilla.org
- Flagfox - %ExtDir%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

ExtDir: C:\Users\George\AppData\Roaming\Mozilla\Extensions
- DoNotTrackMe - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\donottrackplus@abine.com
- British English Dictionary - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\en-GB@dictionaries.addons.mozilla.org
- Flagfox - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

ExtDir: C:\Users\George Daily\AppData\Roaming\Mozilla\Firefox\Profiles
- DoNotTrackMe - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\donottrackplus@abine.com
- British English Dictionary - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\en-GB@dictionaries.addons.mozilla.org
- Flagfox - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

ExtDir: C:\Users\George Daily\AppData\Roaming\Mozilla\Extensions
- DoNotTrackMe - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\donottrackplus@abine.com
- British English Dictionary - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\en-GB@dictionaries.addons.mozilla.org
- Flagfox - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

ExtDir: C:\Users\Invitado.George-PC\AppData\Roaming\Mozilla\Firefox\Profiles
- DoNotTrackMe - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\donottrackplus@abine.com
- British English Dictionary - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\en-GB@dictionaries.addons.mozilla.org
- Flagfox - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

ExtDir: C:\Users\Invitado.George-PC\AppData\Roaming\Mozilla\Extensions
- DoNotTrackMe - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\donottrackplus@abine.com
- British English Dictionary - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\en-GB@dictionaries.addons.mozilla.org
- Flagfox - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

ExtDir: C:\Users\INVITA~1.GEO\AppData\Roaming\Mozilla\Firefox\Profiles
- DoNotTrackMe - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\donottrackplus@abine.com
- British English Dictionary - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\en-GB@dictionaries.addons.mozilla.org
- Flagfox - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

ExtDir: C:\Users\INVITA~1.GEO\AppData\Roaming\Mozilla\Extensions
- DoNotTrackMe - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\donottrackplus@abine.com
- British English Dictionary - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\en-GB@dictionaries.addons.mozilla.org
- Flagfox - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\bubh9umd.default-1368312919790
A1FFA321E8ECCC07CD50FD3396C5DF45    - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll -    PDF-XChange Viewer
E638C845403AB63112673A0C72C07789    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -    RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit)
0C316A33BBE35CD1097936393A177656    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -    RealPlayer™ HTML5VideoShim Plug-In (32-bit)
15E298B5EC5B89C5994A59863969D9FF    - C:\windows\SysWOW64\npmproxy.dll -    Microsoft® Windows® Operating System

Profilepath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897
63F8C13F269B10BC9363B007DAAACAE6    - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll -    Shockwave Flash
A1FFA321E8ECCC07CD50FD3396C5DF45    - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll -    PDF-XChange Viewer
C2321043FA2CA4C32FF449DE6116B5D9    - C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll -    Shockwave for Director / Shockwave for Director
E638C845403AB63112673A0C72C07789    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -    RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit)
0C316A33BBE35CD1097936393A177656    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -    RealPlayer™ HTML5VideoShim Plug-In (32-bit)

Profilepath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default
E638C845403AB63112673A0C72C07789    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -    RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit)
0C316A33BBE35CD1097936393A177656    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -    RealPlayer™ HTML5VideoShim Plug-In (32-bit)
A1FFA321E8ECCC07CD50FD3396C5DF45    - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll -    PDF-XChange Viewer


==== Deleted Firefox Extensions ======================

C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\extensions\donottrackplus@abine.com deleted
C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\ytvdw@pgport.com.xpi deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gladcbhcbkdeddbidiblppadjdjalidb - No path found[]
icmlaeflemplmjndnaapfdbbnpncnbda - No path found[]
jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com/"
@="http://www.google.com/search/?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{01460647-2EDB-40E4-8632-DE877CFCF668} Google  Url="http://www.google.com/search?hl=en&q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gladcbhcbkdeddbidiblppadjdjalidb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABBYY Screenshot Reader Bonus deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeyboardLeds.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\George\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\George Daily\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Invitado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Invitado.George-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\INVITA~1.GEO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\George\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\George\AppData\Local\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\cache2 emptied successfully
C:\Users\George Daily\AppData\Local\Mozilla\Firefox\Profiles\csdybpjd.default\Cache emptied successfully
C:\Users\Invitado.George-PC\AppData\Local\Mozilla\Firefox\Profiles\57cyhk8a.default\Cache emptied successfully
C:\Users\INVITA~1.GEO\AppData\Local\Mozilla\Firefox\Profiles\57cyhk8a.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1260 folders=295 127552932 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\George\AppData\Local\Temp will be emptied at reboot
C:\Users\George Daily\AppData\Local\Temp emptied successfully
C:\Users\Invitado\AppData\Local\Temp emptied successfully
C:\Users\Invitado.George-PC\AppData\Local\Temp emptied successfully
C:\Users\INVITA~1.GEO\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\George\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Users\George\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted

==== EOF on 01/11/2014 at  2:10:36.25 ======================
 



#7 BadWeather

BadWeather
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:03 AM

Posted 03 November 2014 - 11:16 AM

Final text file from FIRST.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by George (administrator) on GEORGE-PC on 03-11-2014 15:46:01
Running from C:\Users\George\Desktop
Loaded Profile: George (Available profiles: George & Invitado)
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Español (España, internacional)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\GuardAgent.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\SAgent4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(KARPOLAN) C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Microsoft Corporation) C:\Windows\winsxs\x86_microsoft-windows-ie-ielowutil_31bf3856ad364e35_8.0.7600.16385_none_2106a98149904819\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2841896 2011-10-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3649040 2014-10-16] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\Run: [KeyboardLeds.exe] => C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe [912896 2012-09-06] (KARPOLAN)
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {4183be01-046c-11e2-a542-70f3954cc1e5} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {586e2a52-c5fc-11e3-8119-1c75085dca4c} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {966f00b0-faf6-11e2-8e15-806e6f6e6963} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {9f634f79-5f8b-11e4-be2b-70f3954cc1e5} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {e0a2737c-5c71-11e4-8cac-70f3954cc1e5} - H:\AutoRun.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {01460647-2EDB-40E4-8632-DE877CFCF668} URL = http://www.google.com/search?hl=en&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - No CLSID Value -
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - No CLSID Value -
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
ShellExecuteHooks-x32: Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - C:\Windows\SysWOW64\ieframe.dll [10990080 2011-03-07] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\searchplugins\yahoo_ff.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\ascsurfingprotection@iobit.com [2014-09-25]
FF Extension: TVU Web Player - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\firefox@tvunetworks.com [2012-06-23]
FF Extension: Flagfox - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011-06-20]
FF Extension: No Name - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\{411beae9-8c58-477c-8903-201536f61512} [2012-12-25]
FF Extension: NoScript - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-03-25]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\artur.dubovoy@gmail.com [2014-08-04]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\ascsurfingprotection@iobit.com [2014-09-25]
FF Extension: British English Dictionary - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\en-GB@dictionaries.addons.mozilla.org [2014-03-16]
FF Extension: British English Dictionary (Updated) - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\en-gb@flyingtophat.co.uk [2014-03-16]
FF Extension: Xmarks - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\foxmarks@kei.com [2014-10-09]
FF Extension: Classic Theme Restorer - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-09]
FF Extension: To Google Translate - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2014-02-28]
FF Extension: Really Simple Sticky - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\reallysimplesticky@omtv.se.xpi [2014-03-07]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-02-28]
FF Extension: Yahoo Mail Hide Ad Panel - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2014-06-10]
FF Extension: Internote - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\{e3631030-7c02-11da-a72b-0800200c9a66}.xpi [2014-02-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-08-17]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\George\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3487248 2014-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-10-16] (AVG Technologies CZ, s.r.o.)
R2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [85435 2011-11-19] () [File not signed]
R2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [141466 2011-11-19] () [File not signed]
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [68168 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [450904 2014-09-18] (Garmin Ltd or its subsidiaries)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2013-11-16] (Google)
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 StatusAgent4; C:\windows\SysWOW64\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2014-05-25] (Advanced Micro Devices Inc.)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [262424 2014-10-07] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 Btcsrusb; C:\Windows\SysWOW64\Drivers\btcusb.sys [23000 2005-05-31] (IVT Corporation) [File not signed]
S3 cpuz136; No ImagePath
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [59976 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-05-10] () [File not signed]
R1 EUDSKACS; C:\windows\system32\drivers\eudskacs.sys [18504 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\windows\system32\drivers\EuFdDisk.sys [189000 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-04-29] (Qualcomm Atheros Co., Ltd.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [38392 2012-11-23] (IObit Information Technology)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [555224 2013-11-18] (Realtek Semiconductor Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-07-14] (IObit)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [207232 2009-11-09] (Vimicro Corporation)
U3 BcmSqlStartupSvc; No ImagePath
S1 FldSafe; system32\DRIVERS\FldSafe.sys [X]
U2 IAStorDataMgrSvc; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U3 SQLWriter; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-03 15:46 - 2014-11-03 15:47 - 00025031 _____ () C:\Users\George\Desktop\FRST.txt
2014-11-03 15:45 - 2014-11-03 15:45 - 00000000 ____D () C:\Users\George\Desktop\FRST-OlderVersion
2014-11-01 00:30 - 2014-10-31 22:29 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-10-31 22:30 - 2014-11-01 02:10 - 00136278 _____ () C:\zoek-results.log
2014-10-31 22:25 - 2014-11-01 00:23 - 00000000 ____D () C:\zoek_backup
2014-10-31 22:25 - 2014-10-31 22:25 - 01292800 _____ () C:\Users\George\Desktop\zoek.exe
2014-10-31 22:08 - 2014-10-31 22:15 - 00000000 ____D () C:\AdwCleaner
2014-10-31 22:06 - 2014-10-31 22:06 - 01375089 _____ () C:\Users\George\Desktop\AdwCleaner.exe
2014-10-31 22:02 - 2014-11-03 11:34 - 00000224 _____ () C:\windows\setupact.log
2014-10-31 22:02 - 2014-11-01 02:09 - 00005258 _____ () C:\windows\PFRO.log
2014-10-31 22:02 - 2014-10-31 22:02 - 00419840 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-31 22:02 - 2014-10-31 22:02 - 00000000 _____ () C:\windows\setuperr.log
2014-10-31 19:14 - 2014-11-03 15:46 - 00000000 ____D () C:\FRST
2014-10-31 19:06 - 2014-11-03 15:45 - 02114560 _____ (Farbar) C:\Users\George\Desktop\FRST64.exe
2014-10-31 16:10 - 2014-10-31 16:20 - 16251703 _____ () C:\Users\George\Downloads\4.2 HowdoyoudoMaritimeArchaeology.mp4
2014-10-31 15:53 - 2014-10-31 15:53 - 00117264 _____ () C:\Users\George\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-31 11:53 - 2014-10-31 11:53 - 00028572 _____ () C:\Users\George\Documents\cc_20141031_115259.reg
2014-10-31 11:38 - 2014-10-31 11:38 - 04977216 _____ (Piriform Ltd) C:\Users\George\Downloads\ccsetup419.exe
2014-10-27 21:27 - 2014-10-27 21:27 - 00000000 _____ () C:\asc_rdflag
2014-10-27 15:14 - 2014-10-27 15:14 - 00688992 ____R (Swearware) C:\Users\George\Downloads\dds.com
2014-10-27 13:35 - 2014-10-27 13:30 - 00450713 ____R () C:\windows\system32\Drivers\etc\hosts.20141027-133512.backup
2014-10-27 13:30 - 2009-06-10 21:00 - 00000824 _____ () C:\windows\system32\Drivers\etc\hosts.20141027-133021.backup
2014-10-27 11:40 - 2014-10-31 22:02 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-27 11:40 - 2014-10-31 21:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-27 11:40 - 2014-10-27 11:40 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-10-27 11:28 - 2014-10-27 11:38 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\George\Downloads\spybot-2.4.exe
2014-10-27 11:14 - 2014-10-31 22:01 - 00288713 _____ () C:\windows\WindowsUpdate.log
2014-10-27 10:03 - 2014-10-27 11:03 - 00023389 _____ () C:\Users\George\Downloads\hijackthis.log
2014-10-27 10:01 - 2014-10-27 10:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\George\Downloads\HijackThis.exe
2014-10-27 00:29 - 2014-10-27 00:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\George\Downloads\SpyHunter-Installer.exe
2014-10-26 15:30 - 2014-10-26 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-10-26 15:29 - 2014-10-26 15:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-10-26 15:04 - 2014-10-10 02:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-26 15:04 - 2014-10-10 02:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-26 15:04 - 2014-10-10 02:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-26 15:02 - 2013-12-10 02:28 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-26 15:02 - 2013-12-10 02:02 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-26 14:38 - 2014-07-08 22:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-10-26 14:38 - 2014-07-08 22:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-10-26 08:28 - 2014-10-26 14:18 - 00000000 ____D () C:\Users\George\AppData\Roaming\KastorAllVideoDownloader
2014-10-24 21:14 - 2014-10-24 21:14 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-24 21:14 - 2014-10-24 21:14 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-24 21:11 - 2014-10-24 21:11 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-24 21:11 - 2014-10-24 21:11 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-24 21:10 - 2014-10-24 21:10 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-24 21:09 - 2014-10-24 21:09 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-24 21:09 - 2014-10-24 21:09 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-24 21:02 - 2014-10-24 21:02 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-24 21:00 - 2014-10-24 21:00 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-24 21:00 - 2014-10-24 21:00 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-24 21:00 - 2014-10-24 21:00 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-24 20:56 - 2014-10-24 20:56 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-24 20:56 - 2014-10-24 20:56 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-23 20:10 - 2014-10-23 20:10 - 00000000 ____D () C:\Users\George\AppData\Roaming\AVG2015
2014-10-23 20:09 - 2014-10-25 08:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-23 20:09 - 2014-10-23 20:09 - 00000000 ____D () C:\Users\George\AppData\Roaming\TuneUp Software
2014-10-23 20:07 - 2014-10-23 20:07 - 00000000 ___HD () C:\$AVG
2014-10-23 20:05 - 2014-11-03 11:39 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-23 20:05 - 2014-10-23 20:05 - 00000000 ____D () C:\Users\George\AppData\Local\MFAData
2014-10-23 09:52 - 2014-10-23 10:17 - 166267560 _____ (AVG Technologies) C:\Users\George\Downloads\avg_free_x64_all_2015_5315a8160.exe
2014-10-22 20:46 - 2014-10-22 20:46 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\George\Downloads\avg_remover_stf_x64_2014_4116.exe
2014-10-22 08:26 - 2014-10-22 08:26 - 00006516 _____ () C:\Users\George\Documents\cc_20141022_092612.reg
2014-10-21 15:35 - 2014-10-21 15:35 - 02769385 _____ () C:\Users\George\Documents\AVGInstLog.cab
2014-10-21 15:24 - 2014-10-21 15:24 - 00000000 ____D () C:\Users\Invitado.George-PC\AppData\Local\Avg
2014-10-21 15:23 - 2014-10-23 20:09 - 00000000 ____D () C:\ProgramData\AVG2015
2014-10-21 15:00 - 2014-10-23 21:11 - 00000000 ____D () C:\Users\George\AppData\Local\Avg2015
2014-10-18 21:47 - 2014-10-26 15:30 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-10-18 21:47 - 2014-10-26 15:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-10-18 21:42 - 2014-10-18 21:47 - 00000000 ____D () C:\Users\George\AppData\Local\Adobe
2014-10-16 10:41 - 2011-03-15 02:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\windows\system32\E_ID4BHAE.DLL
2014-10-16 10:41 - 2007-04-10 00:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\windows\system32\E_GCINST.DLL
2014-10-15 15:50 - 2014-10-15 15:56 - 24156724 _____ () C:\Users\George\Downloads\3-9_b_intro_to_experimental_archaeology.mp4
2014-10-14 18:24 - 2014-10-14 18:27 - 01860906 _____ () C:\Users\George\Downloads\VfGnGuides.zip
2014-10-14 14:31 - 2014-10-14 16:49 - 00000466 _____ () C:\Users\George\Documents\Garmin free space.txt
2014-10-14 09:17 - 2014-10-14 09:24 - 37785788 _____ () C:\Users\George\Downloads\3-4_the-classical-world.mp4
2014-10-12 23:15 - 2014-10-12 23:15 - 00000000 ____D () C:\Users\George\Documents\Garmin
2014-10-12 23:09 - 2014-10-12 23:09 - 00000000 ____D () C:\Users\George\AppData\Local\Garmin
2014-10-12 23:08 - 2014-10-12 23:11 - 00000000 ____D () C:\Users\George\AppData\Roaming\Garmin
2014-10-12 23:06 - 2014-10-27 09:29 - 00003558 _____ () C:\windows\System32\Tasks\GarminUpdaterTask
2014-10-12 23:06 - 2014-10-12 23:09 - 00000000 ____D () C:\ProgramData\Garmin
2014-10-12 23:06 - 2014-10-12 23:07 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-10-12 23:06 - 2014-10-12 23:06 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-10-12 23:06 - 2014-10-12 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-10-12 20:48 - 2014-10-12 21:06 - 36034936 _____ (Garmin Ltd or its subsidiaries) C:\Users\George\Downloads\GarminExpress.exe
2014-10-10 14:14 - 2014-10-10 14:14 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2014-10-07 20:43 - 2014-10-07 20:43 - 00262424 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-10-05 20:41 - 2014-10-05 20:41 - 00124184 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-10-05 19:08 - 2014-10-05 19:34 - 00001578 _____ () C:\Users\George\Desktop\BK6.lnk
2014-10-05 19:03 - 2014-10-22 08:29 - 00003236 _____ () C:\windows\System32\Tasks\Bk6w
2014-10-05 15:43 - 2014-10-27 09:43 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-05 15:43 - 2014-10-26 15:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-05 15:43 - 2014-10-26 10:53 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-05 15:43 - 2014-10-26 10:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-05 15:43 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-05 15:43 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-05 15:43 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-05 14:41 - 2014-10-05 15:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\George\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-04 10:24 - 2014-10-04 10:24 - 00004096 ___SH () C:\{92CCD29B-A4DB-41AC-9938-955D9B0D51DD}.CBM
2014-10-04 00:07 - 2014-10-04 00:08 - 00044026 _____ () C:\Users\George\Documents\cc_20141004_010752.reg
2014-10-04 00:02 - 2014-10-31 11:42 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-04 00:02 - 2014-10-31 11:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-04 00:02 - 2014-10-04 00:02 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-10-04 00:02 - 2014-10-04 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-04 00:00 - 2014-10-04 00:01 - 04965896 _____ (Piriform Ltd) C:\Users\George\Downloads\ccsetup418.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-03 15:47 - 2012-11-22 15:05 - 00000000 ____D () C:\ProgramData\BitMeterOS
2014-11-03 15:35 - 2012-03-01 11:32 - 00000000 ____D () C:\Users\George\AppData\Roaming\Skype
2014-11-03 15:11 - 2012-04-03 11:32 - 00000838 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-03 11:42 - 2009-07-14 04:45 - 00020208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-03 11:42 - 2009-07-14 04:45 - 00020208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-03 11:40 - 2011-03-25 12:45 - 00003986 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{BE647D94-2E12-43D4-806A-D1A5F83B83C6}
2014-11-03 11:34 - 2009-07-14 05:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-31 22:02 - 2011-03-25 18:52 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-31 20:22 - 2009-07-14 05:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-10-31 16:23 - 2014-02-25 16:16 - 00000000 ____D () C:\Users\George\AppData\Roaming\Media Player Classic
2014-10-31 14:53 - 2010-12-24 15:05 - 00752448 _____ () C:\windows\system32\perfh00A.dat
2014-10-31 14:53 - 2010-12-24 15:05 - 00163696 _____ () C:\windows\system32\perfc00A.dat
2014-10-31 14:53 - 2009-07-14 05:13 - 01678290 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-31 11:44 - 2014-10-03 19:15 - 00000000 ____D () C:\Users\George\AppData\Local\CrashDumps
2014-10-28 07:34 - 2011-03-25 17:57 - 00003072 _____ () C:\windows\MKDEWE.TRN
2014-10-28 00:08 - 2014-08-13 21:05 - 00045056 ___SH () C:\Users\George\AppData\Roaming\Thumbs.db
2014-10-27 21:27 - 2014-02-18 09:30 - 90423296 _____ () C:\windows\system32\config\SOFTWARE.iodefrag.bak
2014-10-27 21:27 - 2014-02-18 09:30 - 05177344 _____ () C:\windows\system32\config\DEFAULT.iodefrag.bak
2014-10-27 21:27 - 2014-02-18 09:30 - 00061440 _____ () C:\windows\system32\config\SAM.iodefrag.bak
2014-10-27 21:27 - 2014-02-18 09:30 - 00028672 _____ () C:\windows\system32\config\SECURITY.iodefrag.bak
2014-10-27 21:27 - 2011-03-25 12:39 - 00000000 ____D () C:\Users\George
2014-10-27 13:43 - 2009-07-14 02:34 - 00450713 ____R () C:\windows\system32\Drivers\etc\hosts.20141027-135016.backup
2014-10-27 13:35 - 2009-07-14 02:34 - 00450713 ____R () C:\windows\system32\Drivers\etc\hosts.20141027-134308.backup
2014-10-27 09:35 - 2011-07-01 02:05 - 00001036 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-27 09:35 - 2011-07-01 02:05 - 00001032 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-27 09:30 - 2014-08-20 19:26 - 00003168 _____ () C:\windows\System32\Tasks\SmartDefrag3_Update
2014-10-27 09:29 - 2014-08-20 19:26 - 00003170 _____ () C:\windows\System32\Tasks\SmartDefrag3_Startup
2014-10-27 09:29 - 2013-09-06 13:38 - 00003346 _____ () C:\windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2271938275-1303805652-3004356550-1000
2014-10-27 09:29 - 2013-09-05 17:03 - 00003214 _____ () C:\windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2271938275-1303805652-3004356550-1000
2014-10-27 09:29 - 2011-07-01 02:05 - 00004044 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-27 09:29 - 2011-07-01 02:05 - 00003792 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-27 09:25 - 2013-08-01 16:40 - 00000000 ____D () C:\windows\pss
2014-10-26 23:50 - 2012-06-23 09:22 - 00000000 ____D () C:\windows\SysWOW64\TVUAx
2014-10-26 15:21 - 2011-03-25 14:06 - 00000000 ____D () C:\windows\SHELLNEW
2014-10-26 15:18 - 2011-06-21 00:45 - 00000000 ____D () C:\Users\George\AppData\Roaming\Orbit
2014-10-26 15:17 - 2014-04-27 07:44 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-26 15:17 - 2013-08-14 10:41 - 00000000 ____D () C:\windows\system32\MRT
2014-10-26 15:06 - 2011-03-29 19:30 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-25 14:47 - 2009-07-14 03:20 - 00000000 ____D () C:\windows\rescache
2014-10-22 16:12 - 2014-08-17 22:17 - 00018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys
2014-10-22 08:30 - 2014-08-20 20:51 - 00002954 _____ () C:\windows\System32\Tasks\{ACB8DD12-B9E7-4B8E-AA73-19A0FD1B5B1C}
2014-10-22 08:29 - 2014-10-03 21:07 - 00002862 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-10-22 08:29 - 2014-03-26 10:07 - 00002858 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (George)
2014-10-21 15:23 - 2013-08-03 10:28 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-18 21:47 - 2012-04-03 11:32 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-18 21:47 - 2012-04-03 11:32 - 00003776 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-10-18 21:47 - 2011-05-14 18:00 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-18 21:47 - 2010-12-25 00:20 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-16 19:12 - 2013-08-03 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-10-16 10:31 - 2013-07-30 10:05 - 00000000 ____D () C:\ProgramData\EPSON
2014-10-16 10:20 - 2013-11-22 12:04 - 00000000 ____D () C:\Users\George\Documents\RE_ Otro 1933478 PO Otras consultas_files
2014-10-16 08:06 - 2012-07-02 19:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-15 08:29 - 2014-09-25 20:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-10 14:31 - 2009-07-29 07:00 - 00000000 ____D () C:\windows\Panther
2014-10-10 14:17 - 2014-06-12 13:24 - 00000000 ____D () C:\Users\George\AppData\Roaming\Naturalsoft
2014-10-10 14:17 - 2014-06-12 13:22 - 00000000 ____D () C:\Users\George\Documents\Naturalsoft
2014-10-08 17:14 - 2013-05-11 12:43 - 00000000 ____D () C:\ProgramData\Soluto
2014-10-08 14:45 - 2014-08-17 18:51 - 00054272 ___SH () C:\Users\George\Documents\Thumbs.db
2014-10-08 14:43 - 2011-04-22 21:19 - 00000000 ____D () C:\Users\George\Documents\Lenovo
2014-10-06 22:07 - 2013-08-11 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LocK-A-FoLdeR
2014-10-06 22:03 - 2011-07-01 00:37 - 00007609 _____ () C:\Users\George\AppData\Local\Resmon.ResmonCfg
2014-10-06 10:44 - 2009-07-14 03:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-10-06 09:59 - 2011-03-25 14:12 - 00000376 _____ () C:\windows\ODBC.INI
2014-10-06 08:43 - 2011-03-25 17:18 - 00000000 ___RD () C:\Brothers Keeper
2014-10-06 08:32 - 2009-07-14 05:08 - 00032630 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-10-05 16:57 - 2011-07-02 21:45 - 00000000 ____D () C:\Users\George\AppData\Local\Windows Live
2014-10-04 09:58 - 2013-08-04 17:02 - 00280576 ___SH () C:\EUMONBMP.SYS

Some content of TEMP:
====================
C:\Users\George\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 12:24

==================== End Of Log ============================



#8 BadWeather

BadWeather
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:03 AM

Posted 03 November 2014 - 11:18 AM

Again, many thanks, Jürgen.

 

Final scan.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2014
Ran by George at 2014-11-03 15:48:06
Running from C:\Users\George\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.15.58233 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.00.15.58233 - ABBYY) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Agent Ransack 2010 (64-bit) (HKLM\...\Agent Ransack (64-bit)_is1) (Version:  - )
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{6CADC615-64C7-7366-A49A-342E8B7D3C9B}) (Version: 3.0.786.0 - ATI Technologies, Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5557 - AVG Technologies)
AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5557 - AVG Technologies) Hidden
AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
Basic Operation Guide EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Bog) (Version:  - )
BitMeter OS (HKLM-x32\...\BitMeterOS) (Version:  - )
Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Brother's Keeper 6.6 (HKLM-x32\...\Brother's Keeper 6.6) (Version:  - )
Brother's Keeper 7.0 (HKLM-x32\...\Brother's Keeper 7.0) (Version:  - )
Bullzip PDF Printer 9.1.0.1454 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.1.0.1454 - Bullzip)
ccc-core-static (x32 Version: 2010.0719.1349.22889 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPU Speed Pro version 3 (HKLM-x32\...\{E0E0C30A-89AF-11E0-951E-11904824019B}_is1) (Version: 3 - CPU Speed Pro)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2420.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2420.0 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.3030 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
EASEUS Data Recovery Wizard Free Edition 5.5.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Free Edition 5.5.1_is1) (Version:  - EASEUS)
EASEUS Deleted File Recovery 3.0.1 (HKLM-x32\...\EASEUS Deleted File Recovery 3.0.1_is1) (Version:  - EASEUS)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 6.0 (HKLM-x32\...\EaseUS Todo Backup Free 6.0_is1) (Version: 6.0 - CHENGDU YIWO Tech Development Co., Ltd)
Elevated Installer (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.1.9 - Lenovo)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.33 - Lenovo)
Energy Manager (x32 Version: 1.0.0.33 - Lenovo) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
e-Sword (HKLM-x32\...\{9B98010C-A6E2-40D4-A69D-7EA024EAEC79}) (Version: 9.09.0001 - Rick Meyers)
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Maker 7.0 (HKLM-x32\...\Game Maker 7.0) (Version:  - )
GameMaker 8.1 (HKCU\...\GameMaker81) (Version:  - )
Garmin Express (HKLM-x32\...\{447c27b7-3a63-4cb2-a49c-864050f9a50f}) (Version: 3.2.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
GENViewer Lite 1.14 (HKLM-x32\...\GENViewerLite_is1) (Version:  - )
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
ieSpell (HKLM-x32\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Keyboard LEDs (HKLM-x32\...\Keyboard LEDs) (Version: 2.7 - KARPOLAN)
K-Lite Codec Pack 7.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - Nombre de su organización)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 1.9.1106.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Lenovo PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.00 - CyberLink Corp.)
Lenovo PowerDVD 9 (x32 Version: 9.0.2829.00 - CyberLink Corp.) Hidden
LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 0.38.0.3C - Lenovo)
LockKey (x32 Version: 0.38.0.3C - Lenovo) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.3 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Network Guide EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Netg) (Version:  - )
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Paquete de controladores de Windows - Broadcom (BCM43XX) Net  (12/13/2013 6.30.223.215) (HKLM\...\A5E73046BA905B7B0235AB40FA98A4E3AB96E00E) (Version: 12/13/2013 6.30.223.215 - Broadcom)
Paquete de controladores de Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo)
Paquete de controladores de Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
PDF-XChange Lite 2012 (HKLM\...\{25CFCE3C-5C95-49CB-B63A-E2861E6C0C98}_is1) (Version: 5.0.272.1 - Tracker Software Products Ltd)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PhotoFiltre (HKCU\...\PhotoFiltre) (Version:  - )
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version:  - )
PhotoFiltre Studio X (HKCU\...\PhotoFiltre Studio X) (Version:  - )
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d4 - CyberLink Corp.)
PowerXpressHybrid (x32 Version: 1.00.0000 - ATI) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version:  - IObit)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30116 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3 Pro_is1) (Version: 3.2 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.31.1 - Synaptics Incorporated)
Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version:  - File Recovery Ltd.)
User's Guide EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Useg) (Version:  - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Essentials Media Codec Pack 4.0 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.0 - Media Codec)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WordTalkInstall (HKLM-x32\...\{D4481AFF-4218-4CF0-A68C-87E9EBAE3B86}) (Version: 1.0.0 - WordTalk)
ZipGenius 6.3 (HKLM-x32\...\{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1) (Version: 6.3 - Wininizio.it Software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

03-11-2014 11:44:49 Copias de seguridad de Windows

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2014-10-27 13:50 - 00450713 ____R C:\windows\system32\Drivers\etc\hosts
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {35B8A4A8-CE80-4F23-B105-6D4D5F1F5FDE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {35D0D6C9-7C2E-40D6-A680-B51180A312D3} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-14] (IObit)
Task: {36270679-7934-42B8-BFFF-A365C54BD02C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2271938275-1303805652-3004356550-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {374238FF-F931-419F-8250-3AC32418F4F5} - System32\Tasks\{ACB8DD12-B9E7-4B8E-AA73-19A0FD1B5B1C} => C:\Users\George\Desktop\bluesol\Setup.exe
Task: {4BE1A9DA-58E1-4C8A-9902-EF87C3EE43C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {64EADD16-BEC7-42F2-9855-A572EFBFE233} - System32\Tasks\Windows Codec Update Service => C:\Program Files (x86)\Essentials Codec Pack\WECPUpdate.exe [2012-02-03] (MediaCodec.Org)
Task: {66E09EA4-1A04-44EC-9B4B-FE1D41583493} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {7AEE3757-4991-461E-BD2D-1119DDB52BE8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-09-18] ()
Task: {862B981F-C8D9-4F7B-89C0-36BD4DDF82D7} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2271938275-1303805652-3004356550-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {87211CE0-3802-43E2-8348-83FC31BB389C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {A56C72CC-1E21-4833-BD53-DB1CD2FF57D5} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-18] (Adobe Systems Incorporated)
Task: {D036D896-C273-4D89-807D-8AF3D9699584} - System32\Tasks\Bk6w => cmd.exe /c start "Bk6w" "C:\Brothers Keeper"\Bk6w.exe"
Task: {D666FEB5-A839-4556-967B-E79D03B32AFF} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-07-15] (IObit)
Task: {DF23D9FD-BE5A-41DC-90CA-85A76BDD1203} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {E821CAAA-1124-4A76-950A-D3EB01EDE40D} - System32\Tasks\Driver Booster SkipUAC (George) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-29 12:33 - 2011-02-28 22:37 - 00095008 _____ () C:\windows\System32\Primomonnt.dll
2011-11-19 07:27 - 2011-11-19 07:27 - 00085435 _____ () C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
2011-11-19 07:27 - 2011-11-19 07:27 - 00141466 _____ () C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
2014-02-26 22:01 - 2012-08-08 21:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-08-04 16:43 - 2013-05-10 11:08 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00029768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2013-08-04 16:43 - 2008-11-25 16:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2013-08-04 16:44 - 2004-10-05 02:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2013-08-04 16:44 - 2013-05-10 11:08 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2013-08-04 16:43 - 2013-05-22 15:25 - 00093256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2013-08-04 16:43 - 2013-05-22 15:25 - 00030280 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00293960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00578632 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00468040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00068680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2013-08-04 16:44 - 2013-05-10 11:09 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2013-08-04 16:43 - 2013-05-20 16:44 - 00022600 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2013-08-04 16:44 - 2013-05-20 16:44 - 00135240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2013-08-04 16:44 - 2013-05-10 11:08 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2014-09-25 20:47 - 2014-10-15 08:28 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-18 21:47 - 2014-10-18 21:47 - 16832176 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:96D0C06F
AlternateDataStreams: C:\ProgramData\Temp:DBC416F8
AlternateDataStreams: C:\Users\George\Documents\RE_ Otro 1933478 PO Otras consultas.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
MSCONFIG\startupreg: Boxoft Tools => "c:\programdata\boxtools\boxofttoolbox.exe" -autorun
MSCONFIG\startupreg: CCleaner Monitoring => "c:\program files\ccleaner\ccleaner64.exe" /monitor
MSCONFIG\startupreg: EaseUS EPM tray => c:\program files (x86)\easeus\easeus partition master 9.2.2\bin\epmnews.exe
MSCONFIG\startupreg: EaseUs Tray => c:\program files (x86)\easeus\todo backup\bin\traynotify.exe
MSCONFIG\startupreg: EaseUs Watch => c:\program files (x86)\easeus\todo backup\bin\euwatch.exe
MSCONFIG\startupreg: EEventManager => c:\program files (x86)\epson software\event manager\eeventmanager.exe
MSCONFIG\startupreg: Energy Management => c:\program files (x86)\lenovo\energy management\energy management.exe
MSCONFIG\startupreg: Energy Manager => c:\program files (x86)\lenovo\energy manager\energy manager.exe
MSCONFIG\startupreg: EnergyUtility => c:\program files (x86)\lenovo\energy management\utility.exe
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: EvtMgr6 => c:\program files\logitech\setpointp\setpoint.exe /launchgaming
MSCONFIG\startupreg: GarminExpressTrayApp => c:\program files (x86)\garmin\express tray\expresstray.exe
MSCONFIG\startupreg: Google Desktop Search => "c:\program files (x86)\google\google desktop search\googledesktop.exe" /startup
MSCONFIG\startupreg: Lenovo Utility => c:\program files (x86)\lenovo\energy manager\utility.exe
MSCONFIG\startupreg: LockKey => C:\Program Files (x86)\LockKey\LockKey.exe
MSCONFIG\startupreg: QuickTime Task => "c:\program files (x86)\quicktime\qttask.exe" -atboottime
MSCONFIG\startupreg: RtHDVBg => c:\program files\realtek\audio\hda\ravbg64.exe /forpcee3
MSCONFIG\startupreg: RtHDVBg_Dolby => "c:\program files\realtek\audio\hda\ravbg64.exe" /forpcee3
MSCONFIG\startupreg: RtHDVBg_LENOVO_MICPKEY => "c:\program files\realtek\audio\hda\ravbg64.exe" /lenovo_micpkey
MSCONFIG\startupreg: RtHDVCpl => c:\program files\realtek\audio\hda\ravcpl64.exe -s
MSCONFIG\startupreg: Skype => "c:\program files (x86)\skype\phone\skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe" msrun
MSCONFIG\startupreg: SunJavaUpdateSched => c:\program files (x86)\common files\java\java update\jusched.exe
MSCONFIG\startupreg: SynTPEnh => %programfiles%\synaptics\syntp\syntpenh.exe
MSCONFIG\startupreg: UpdateP2GShortCut => c:\program files (x86)\lenovo\power2go\muitransfer\muistartmenu.exe" "c:\program files (x86)\lenovo\power2go" updatewithcreateonce "software\cyberlink\power2go\5.0

========================= Accounts: ==========================

Administrador (S-1-5-21-2271938275-1303805652-3004356550-500 - Administrator - Disabled)
George (S-1-5-21-2271938275-1303805652-3004356550-1000 - Administrator - Enabled) => C:\Users\George
HomeGroupUser$ (S-1-5-21-2271938275-1303805652-3004356550-1002 - Limited - Enabled)
Invitado (S-1-5-21-2271938275-1303805652-3004356550-501 - Limited - Disabled) => C:\Users\Invitado.George-PC

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (11/03/2014 01:01:21 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: El servicio Examinador no puede recuperar la lista de copias de seguridad un número excesivo de veces en el transporte \Device\NetBT_Tcpip_{0D269E22-5C61-4746-A164-1F044404E0B0}.
El examinador auxiliar está detenido.

Error: (11/03/2014 11:35:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
aswSnx
FldSafe

Error: (11/03/2014 11:34:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Garmin Core Update Service no pudo iniciarse debido al siguiente error:
%%1053

Error: (11/03/2014 11:34:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Garmin Core Update Service.

Error: (11/01/2014 02:12:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Superfetch se cerró con el siguiente error:
%%13

Error: (11/01/2014 02:12:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Centro de seguridad no pudo iniciarse debido al siguiente error:
%%1069

Error: (11/01/2014 02:12:37 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio wscsvc no se pudo iniciarse como NT AUTHORITY\LocalService con la contraseña configurada actualmente debido al siguiente error:
%%1352

Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).

Error: (11/01/2014 02:10:21 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
aswSnx
FldSafe

Error: (11/01/2014 02:10:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Garmin Core Update Service no pudo iniciarse debido al siguiente error:
%%1053

Error: (11/01/2014 02:10:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Garmin Core Update Service.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-08-02 14:09:35.943
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 11:51:53.170
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:57:15.590
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:55:08.279
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:44:38.373
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:11:18.531
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 09:52:21.559
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 09:26:47.797
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 00:22:09.780
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 00:14:16.749
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


==================== Memory info ===========================

Processor: AMD Athlon™ II P360 Dual-Core Processor
Percentage of memory in use: 49%
Total physical RAM: 3834.9 MB
Available physical RAM: 1918.81 MB
Total Pagefile: 7667.98 MB
Available Pagefile: 5372.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.37 GB) (Free:12.41 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.85 GB) NTFS
Drive e: (Linux) (Fixed) (Total:14.74 GB) (Free:14.63 GB) NTFS
Drive g: (Work) (Fixed) (Total:244.14 GB) (Free:11.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ABA69D84)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.8 GB) - (Type=12)
Partition 4: (Not Active) - (Size=382.4 GB) - (Type=OF Extended)

==================== End Of Log ============================



#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:03 AM

Posted 03 November 2014 - 03:56 PM

Let's do a final check up:

Step 1


Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

lesestoff.png

Can you please tell me which problems still persist now?
How is the computer running

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:03 AM

Posted 06 November 2014 - 12:28 PM

Hi,

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 BadWeather

BadWeather
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:03 AM

Posted 07 November 2014 - 06:22 PM

I am sorry for not replying sooner, but I have been sick (one of the problems of being nearly 70 years old!) and when I do not feel well, I do not use the computer for anything.

 

The online scanner detected 5 possible threats which were in old backup files. I ran the scanner again and deleted the possible threats. The laptop is running well.

 

Many thanks to you, Jürgen, and to beepingcomputer.com. for your help.



#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:03 AM

Posted 08 November 2014 - 07:00 AM

Ok. No problem. Thanks for letting me know. I hope all is well with you.

 

Do you wish to complete the "cleanup" process?


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 BadWeather

BadWeather
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:03 AM

Posted 08 November 2014 - 08:51 AM

Yes, I want to complete the process, please.



#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:03 AM

Posted 08 November 2014 - 09:13 AM

OK... :)


Step 1


frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 BadWeather

BadWeather
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:03 AM

Posted 08 November 2014 - 01:02 PM

Here are the two txt files:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by George (administrator) on GEORGE-PC on 08-11-2014 17:52:56
Running from C:\Users\George\Desktop
Loaded Profile: George (Available profiles: George & Invitado)
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Español (España, internacional)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\GuardAgent.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\SAgent4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(KARPOLAN) C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2841896 2011-10-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3649040 2014-10-16] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\Run: [KeyboardLeds.exe] => C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe [912896 2012-09-06] (KARPOLAN)
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {4183be01-046c-11e2-a542-70f3954cc1e5} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {586e2a52-c5fc-11e3-8119-1c75085dca4c} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {966f00b0-faf6-11e2-8e15-806e6f6e6963} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {9f634f79-5f8b-11e4-be2b-70f3954cc1e5} - H:\AutoRun.exe
HKU\S-1-5-21-2271938275-1303805652-3004356550-1000\...\MountPoints2: {e0a2737c-5c71-11e4-8cac-70f3954cc1e5} - H:\AutoRun.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {01460647-2EDB-40E4-8632-DE877CFCF668} URL = http://www.google.com/search?hl=en&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - No CLSID Value -
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - No CLSID Value -
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
ShellExecuteHooks-x32: Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - C:\Windows\SysWOW64\ieframe.dll [10990080 2011-03-07] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897
FF Homepage: hxxp://localhost:2605/|https://uk.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.647 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\searchplugins\yahoo_ff.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\ascsurfingprotection@iobit.com [2014-09-25]
FF Extension: TVU Web Player - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\firefox@tvunetworks.com [2012-06-23]
FF Extension: Flagfox - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011-06-20]
FF Extension: No Name - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\{411beae9-8c58-477c-8903-201536f61512} [2012-12-25]
FF Extension: NoScript - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\xl9u6fi1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-03-25]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\artur.dubovoy@gmail.com [2014-08-04]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\ascsurfingprotection@iobit.com [2014-09-25]
FF Extension: British English Dictionary - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\en-GB@dictionaries.addons.mozilla.org [2014-03-16]
FF Extension: British English Dictionary (Updated) - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\en-gb@flyingtophat.co.uk [2014-03-16]
FF Extension: Xmarks - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\foxmarks@kei.com [2014-10-09]
FF Extension: Classic Theme Restorer - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-09]
FF Extension: To Google Translate - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2014-02-28]
FF Extension: Really Simple Sticky - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\reallysimplesticky@omtv.se.xpi [2014-03-07]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-02-28]
FF Extension: Yahoo Mail Hide Ad Panel - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2014-06-10]
FF Extension: Internote - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\uln3skwx.default-1393529549897\Extensions\{e3631030-7c02-11da-a72b-0800200c9a66}.xpi [2014-02-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-08-17]

Chrome:
=======
CHR Profile: C:\Users\George\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3487248 2014-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-10-16] (AVG Technologies CZ, s.r.o.)
R2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [85435 2011-11-19] () [File not signed]
R2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [141466 2011-11-19] () [File not signed]
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [68168 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [450904 2014-09-18] (Garmin Ltd or its subsidiaries)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2013-11-16] (Google)
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 StatusAgent4; C:\windows\SysWOW64\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2014-05-25] (Advanced Micro Devices Inc.)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [262424 2014-10-07] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 Btcsrusb; C:\Windows\SysWOW64\Drivers\btcusb.sys [23000 2005-05-31] (IVT Corporation) [File not signed]
S3 cpuz136; No ImagePath
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [59976 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-05-10] () [File not signed]
R1 EUDSKACS; C:\windows\system32\drivers\eudskacs.sys [18504 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\windows\system32\drivers\EuFdDisk.sys [189000 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-04-29] (Qualcomm Atheros Co., Ltd.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [38392 2012-11-23] (IObit Information Technology)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [555224 2013-11-18] (Realtek Semiconductor Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-07-14] (IObit)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [207232 2009-11-09] (Vimicro Corporation)
U3 BcmSqlStartupSvc; No ImagePath
S1 FldSafe; system32\DRIVERS\FldSafe.sys [X]
U2 IAStorDataMgrSvc; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U3 SQLWriter; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 17:51 - 2014-11-08 17:54 - 00024330 _____ () C:\Users\George\Desktop\FRST.txt
2014-11-07 17:51 - 2014-11-07 17:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-07 17:28 - 2014-11-07 17:30 - 02347384 _____ (ESET) C:\Users\George\Desktop\esetsmartinstaller_enu.exe
2014-11-01 00:30 - 2014-10-31 22:29 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-10-31 22:25 - 2014-11-08 17:32 - 00000000 ____D () C:\zoek_backup
2014-10-31 22:25 - 2014-10-31 22:25 - 01292800 _____ () C:\Users\George\Desktop\zoek.exe
2014-10-31 22:08 - 2014-10-31 22:15 - 00000000 ____D () C:\AdwCleaner
2014-10-31 22:06 - 2014-10-31 22:06 - 01375089 _____ () C:\Users\George\Desktop\AdwCleaner.exe
2014-10-31 22:02 - 2014-11-08 13:21 - 00000448 _____ () C:\windows\setupact.log
2014-10-31 22:02 - 2014-11-08 13:20 - 00005836 _____ () C:\windows\PFRO.log
2014-10-31 22:02 - 2014-10-31 22:02 - 00419840 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-31 22:02 - 2014-10-31 22:02 - 00000000 _____ () C:\windows\setuperr.log
2014-10-31 19:14 - 2014-11-08 17:53 - 00000000 ____D () C:\FRST
2014-10-31 19:06 - 2014-11-03 15:45 - 02114560 _____ (Farbar) C:\Users\George\Desktop\FRST64.exe
2014-10-31 16:10 - 2014-10-31 16:20 - 16251703 _____ () C:\Users\George\Downloads\4.2 HowdoyoudoMaritimeArchaeology.mp4
2014-10-31 15:53 - 2014-10-31 15:53 - 00117264 _____ () C:\Users\George\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-31 11:53 - 2014-10-31 11:53 - 00028572 _____ () C:\Users\George\Documents\cc_20141031_115259.reg
2014-10-31 11:38 - 2014-10-31 11:38 - 04977216 _____ (Piriform Ltd) C:\Users\George\Downloads\ccsetup419.exe
2014-10-27 21:27 - 2014-10-27 21:27 - 00000000 _____ () C:\asc_rdflag
2014-10-27 15:14 - 2014-10-27 15:14 - 00688992 ____R (Swearware) C:\Users\George\Downloads\dds.com
2014-10-27 13:35 - 2014-10-27 13:30 - 00450713 ____R () C:\windows\system32\Drivers\etc\hosts.20141027-133512.backup
2014-10-27 13:30 - 2009-06-10 21:00 - 00000824 _____ () C:\windows\system32\Drivers\etc\hosts.20141027-133021.backup
2014-10-27 11:40 - 2014-10-31 22:02 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-27 11:40 - 2014-10-31 21:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-27 11:40 - 2014-10-27 11:40 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-10-27 11:28 - 2014-10-27 11:38 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\George\Downloads\spybot-2.4.exe
2014-10-27 11:14 - 2014-10-31 22:01 - 00288713 _____ () C:\windows\WindowsUpdate.log
2014-10-27 10:03 - 2014-10-27 11:03 - 00023389 _____ () C:\Users\George\Downloads\hijackthis.log
2014-10-27 10:01 - 2014-10-27 10:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\George\Downloads\HijackThis.exe
2014-10-27 00:29 - 2014-10-27 00:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\George\Downloads\SpyHunter-Installer.exe
2014-10-26 15:04 - 2014-10-10 02:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-26 15:04 - 2014-10-10 02:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-26 15:04 - 2014-10-10 02:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-26 15:02 - 2013-12-10 02:28 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-26 15:02 - 2013-12-10 02:02 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-26 14:38 - 2014-07-09 02:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-26 14:38 - 2014-07-09 01:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-26 14:38 - 2014-07-08 22:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-10-26 14:38 - 2014-07-08 22:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-10-26 08:28 - 2014-10-26 14:18 - 00000000 ____D () C:\Users\George\AppData\Roaming\KastorAllVideoDownloader
2014-10-24 21:14 - 2014-10-24 21:14 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-24 21:14 - 2014-10-24 21:14 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-24 21:11 - 2014-10-24 21:11 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-24 21:11 - 2014-10-24 21:11 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-24 21:10 - 2014-10-24 21:10 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-24 21:09 - 2014-10-24 21:09 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-24 21:09 - 2014-10-24 21:09 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-24 21:02 - 2014-10-24 21:02 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-24 21:00 - 2014-10-24 21:00 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-24 21:00 - 2014-10-24 21:00 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-24 21:00 - 2014-10-24 21:00 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-24 21:00 - 2014-10-24 21:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-24 20:56 - 2014-10-24 20:56 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-24 20:56 - 2014-10-24 20:56 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-24 20:51 - 2014-10-24 20:51 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-23 20:10 - 2014-10-23 20:10 - 00000000 ____D () C:\Users\George\AppData\Roaming\AVG2015
2014-10-23 20:09 - 2014-10-25 08:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-23 20:09 - 2014-10-23 20:09 - 00000000 ____D () C:\Users\George\AppData\Roaming\TuneUp Software
2014-10-23 20:07 - 2014-10-23 20:07 - 00000000 ___HD () C:\$AVG
2014-10-23 20:05 - 2014-11-08 13:26 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-23 20:05 - 2014-10-23 20:05 - 00000000 ____D () C:\Users\George\AppData\Local\MFAData
2014-10-23 09:52 - 2014-10-23 10:17 - 166267560 _____ (AVG Technologies) C:\Users\George\Downloads\avg_free_x64_all_2015_5315a8160.exe
2014-10-22 20:46 - 2014-10-22 20:46 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\George\Downloads\avg_remover_stf_x64_2014_4116.exe
2014-10-22 08:26 - 2014-10-22 08:26 - 00006516 _____ () C:\Users\George\Documents\cc_20141022_092612.reg
2014-10-21 15:35 - 2014-10-21 15:35 - 02769385 _____ () C:\Users\George\Documents\AVGInstLog.cab
2014-10-21 15:24 - 2014-10-21 15:24 - 00000000 ____D () C:\Users\Invitado.George-PC\AppData\Local\Avg
2014-10-21 15:23 - 2014-10-23 20:09 - 00000000 ____D () C:\ProgramData\AVG2015
2014-10-21 15:00 - 2014-10-23 21:11 - 00000000 ____D () C:\Users\George\AppData\Local\Avg2015
2014-10-18 21:42 - 2014-10-18 21:47 - 00000000 ____D () C:\Users\George\AppData\Local\Adobe
2014-10-16 10:41 - 2011-03-15 02:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\windows\system32\E_ID4BHAE.DLL
2014-10-16 10:41 - 2007-04-10 00:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\windows\system32\E_GCINST.DLL
2014-10-15 15:50 - 2014-10-15 15:56 - 24156724 _____ () C:\Users\George\Downloads\3-9_b_intro_to_experimental_archaeology.mp4
2014-10-14 18:24 - 2014-10-14 18:27 - 01860906 _____ () C:\Users\George\Downloads\VfGnGuides.zip
2014-10-14 14:31 - 2014-10-14 16:49 - 00000466 _____ () C:\Users\George\Documents\Garmin free space.txt
2014-10-14 09:17 - 2014-10-14 09:24 - 37785788 _____ () C:\Users\George\Downloads\3-4_the-classical-world.mp4
2014-10-12 23:15 - 2014-10-12 23:15 - 00000000 ____D () C:\Users\George\Documents\Garmin
2014-10-12 23:09 - 2014-10-12 23:09 - 00000000 ____D () C:\Users\George\AppData\Local\Garmin
2014-10-12 23:08 - 2014-10-12 23:11 - 00000000 ____D () C:\Users\George\AppData\Roaming\Garmin
2014-10-12 23:06 - 2014-10-27 09:29 - 00003558 _____ () C:\windows\System32\Tasks\GarminUpdaterTask
2014-10-12 23:06 - 2014-10-12 23:09 - 00000000 ____D () C:\ProgramData\Garmin
2014-10-12 23:06 - 2014-10-12 23:07 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-10-12 23:06 - 2014-10-12 23:06 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-10-12 23:06 - 2014-10-12 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-10-12 20:48 - 2014-10-12 21:06 - 36034936 _____ (Garmin Ltd or its subsidiaries) C:\Users\George\Downloads\GarminExpress.exe
2014-10-10 14:14 - 2014-10-10 14:14 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 17:11 - 2012-04-03 11:32 - 00000838 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 15:21 - 2012-11-22 15:05 - 00000000 ____D () C:\ProgramData\BitMeterOS
2014-11-08 13:29 - 2009-07-14 04:45 - 00020208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-08 13:29 - 2009-07-14 04:45 - 00020208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-08 13:21 - 2009-07-14 05:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-07 17:15 - 2011-03-25 12:45 - 00003986 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{BE647D94-2E12-43D4-806A-D1A5F83B83C6}
2014-11-03 16:05 - 2012-03-01 11:32 - 00000000 ____D () C:\Users\George\AppData\Roaming\Skype
2014-10-31 22:02 - 2011-03-25 18:52 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-31 20:22 - 2009-07-14 05:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-10-31 16:23 - 2014-02-25 16:16 - 00000000 ____D () C:\Users\George\AppData\Roaming\Media Player Classic
2014-10-31 14:53 - 2010-12-24 15:05 - 00752448 _____ () C:\windows\system32\perfh00A.dat
2014-10-31 14:53 - 2010-12-24 15:05 - 00163696 _____ () C:\windows\system32\perfc00A.dat
2014-10-31 14:53 - 2009-07-14 05:13 - 01678290 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-31 11:44 - 2014-10-03 19:15 - 00000000 ____D () C:\Users\George\AppData\Local\CrashDumps
2014-10-31 11:42 - 2014-10-04 00:02 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-31 11:42 - 2014-10-04 00:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-28 07:34 - 2011-03-25 17:57 - 00003072 _____ () C:\windows\MKDEWE.TRN
2014-10-28 00:08 - 2014-08-13 21:05 - 00045056 ___SH () C:\Users\George\AppData\Roaming\Thumbs.db
2014-10-27 21:27 - 2014-02-18 09:30 - 90423296 _____ () C:\windows\system32\config\SOFTWARE.iodefrag.bak
2014-10-27 21:27 - 2014-02-18 09:30 - 05177344 _____ () C:\windows\system32\config\DEFAULT.iodefrag.bak
2014-10-27 21:27 - 2014-02-18 09:30 - 00061440 _____ () C:\windows\system32\config\SAM.iodefrag.bak
2014-10-27 21:27 - 2014-02-18 09:30 - 00028672 _____ () C:\windows\system32\config\SECURITY.iodefrag.bak
2014-10-27 21:27 - 2011-03-25 12:39 - 00000000 ____D () C:\Users\George
2014-10-27 13:43 - 2009-07-14 02:34 - 00450713 ____R () C:\windows\system32\Drivers\etc\hosts.20141027-135016.backup
2014-10-27 13:35 - 2009-07-14 02:34 - 00450713 ____R () C:\windows\system32\Drivers\etc\hosts.20141027-134308.backup
2014-10-27 09:43 - 2014-10-05 15:43 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-27 09:35 - 2011-07-01 02:05 - 00001036 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-27 09:35 - 2011-07-01 02:05 - 00001032 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-27 09:30 - 2014-08-20 19:26 - 00003168 _____ () C:\windows\System32\Tasks\SmartDefrag3_Update
2014-10-27 09:29 - 2014-08-20 19:26 - 00003170 _____ () C:\windows\System32\Tasks\SmartDefrag3_Startup
2014-10-27 09:29 - 2013-09-06 13:38 - 00003346 _____ () C:\windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2271938275-1303805652-3004356550-1000
2014-10-27 09:29 - 2013-09-05 17:03 - 00003214 _____ () C:\windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2271938275-1303805652-3004356550-1000
2014-10-27 09:29 - 2011-07-01 02:05 - 00004044 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-27 09:29 - 2011-07-01 02:05 - 00003792 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-27 09:25 - 2013-08-01 16:40 - 00000000 ____D () C:\windows\pss
2014-10-26 23:50 - 2012-06-23 09:22 - 00000000 ____D () C:\windows\SysWOW64\TVUAx
2014-10-26 15:21 - 2014-10-05 15:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-26 15:21 - 2011-03-25 14:06 - 00000000 ____D () C:\windows\SHELLNEW
2014-10-26 15:18 - 2011-06-21 00:45 - 00000000 ____D () C:\Users\George\AppData\Roaming\Orbit
2014-10-26 15:17 - 2014-04-27 07:44 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-26 15:17 - 2013-08-14 10:41 - 00000000 ____D () C:\windows\system32\MRT
2014-10-26 15:06 - 2011-03-29 19:30 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-26 10:53 - 2014-10-05 15:43 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-26 10:53 - 2014-10-05 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-25 14:47 - 2009-07-14 03:20 - 00000000 ____D () C:\windows\rescache
2014-10-22 16:12 - 2014-08-17 22:17 - 00018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys
2014-10-22 08:30 - 2014-08-20 20:51 - 00002954 _____ () C:\windows\System32\Tasks\{ACB8DD12-B9E7-4B8E-AA73-19A0FD1B5B1C}
2014-10-22 08:29 - 2014-10-05 19:03 - 00003236 _____ () C:\windows\System32\Tasks\Bk6w
2014-10-22 08:29 - 2014-10-03 21:07 - 00002862 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-10-22 08:29 - 2014-03-26 10:07 - 00002858 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (George)
2014-10-21 15:23 - 2013-08-03 10:28 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-18 21:47 - 2012-04-03 11:32 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-18 21:47 - 2012-04-03 11:32 - 00003776 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-10-18 21:47 - 2011-05-14 18:00 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-18 21:47 - 2010-12-25 00:20 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-16 19:12 - 2013-08-03 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-10-16 10:31 - 2013-07-30 10:05 - 00000000 ____D () C:\ProgramData\EPSON
2014-10-16 10:20 - 2013-11-22 12:04 - 00000000 ____D () C:\Users\George\Documents\RE_ Otro 1933478 PO Otras consultas_files
2014-10-16 08:06 - 2012-07-02 19:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-15 08:29 - 2014-09-25 20:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-10 14:31 - 2009-07-29 07:00 - 00000000 ____D () C:\windows\Panther
2014-10-10 14:17 - 2014-06-12 13:24 - 00000000 ____D () C:\Users\George\AppData\Roaming\Naturalsoft
2014-10-10 14:17 - 2014-06-12 13:22 - 00000000 ____D () C:\Users\George\Documents\Naturalsoft

Some content of TEMP:
====================
C:\Users\George\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 12:24

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2014
Ran by George at 2014-11-08 17:55:39
Running from C:\Users\George\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.15.58233 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.00.15.58233 - ABBYY) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Agent Ransack 2010 (64-bit) (HKLM\...\Agent Ransack (64-bit)_is1) (Version:  - )
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{6CADC615-64C7-7366-A49A-342E8B7D3C9B}) (Version: 3.0.786.0 - ATI Technologies, Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5557 - AVG Technologies)
AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5557 - AVG Technologies) Hidden
AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
Basic Operation Guide EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Bog) (Version:  - )
BitMeter OS (HKLM-x32\...\BitMeterOS) (Version:  - )
Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Brother's Keeper 6.6 (HKLM-x32\...\Brother's Keeper 6.6) (Version:  - )
Brother's Keeper 7.0 (HKLM-x32\...\Brother's Keeper 7.0) (Version:  - )
Bullzip PDF Printer 9.1.0.1454 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.1.0.1454 - Bullzip)
ccc-core-static (x32 Version: 2010.0719.1349.22889 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPU Speed Pro version 3 (HKLM-x32\...\{E0E0C30A-89AF-11E0-951E-11904824019B}_is1) (Version: 3 - CPU Speed Pro)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2420.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2420.0 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.3030 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
EASEUS Data Recovery Wizard Free Edition 5.5.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Free Edition 5.5.1_is1) (Version:  - EASEUS)
EASEUS Deleted File Recovery 3.0.1 (HKLM-x32\...\EASEUS Deleted File Recovery 3.0.1_is1) (Version:  - EASEUS)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 6.0 (HKLM-x32\...\EaseUS Todo Backup Free 6.0_is1) (Version: 6.0 - CHENGDU YIWO Tech Development Co., Ltd)
Elevated Installer (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.1.9 - Lenovo)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.33 - Lenovo)
Energy Manager (x32 Version: 1.0.0.33 - Lenovo) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
e-Sword (HKLM-x32\...\{9B98010C-A6E2-40D4-A69D-7EA024EAEC79}) (Version: 9.09.0001 - Rick Meyers)
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Maker 7.0 (HKLM-x32\...\Game Maker 7.0) (Version:  - )
GameMaker 8.1 (HKCU\...\GameMaker81) (Version:  - )
Garmin Express (HKLM-x32\...\{447c27b7-3a63-4cb2-a49c-864050f9a50f}) (Version: 3.2.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
GENViewer Lite 1.14 (HKLM-x32\...\GENViewerLite_is1) (Version:  - )
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
ieSpell (HKLM-x32\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Keyboard LEDs (HKLM-x32\...\Keyboard LEDs) (Version: 2.7 - KARPOLAN)
K-Lite Codec Pack 7.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - Nombre de su organización)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 1.9.1106.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Lenovo PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.00 - CyberLink Corp.)
Lenovo PowerDVD 9 (x32 Version: 9.0.2829.00 - CyberLink Corp.) Hidden
LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 0.38.0.3C - Lenovo)
LockKey (x32 Version: 0.38.0.3C - Lenovo) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.3 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Network Guide EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Netg) (Version:  - )
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Paquete de controladores de Windows - Broadcom (BCM43XX) Net  (12/13/2013 6.30.223.215) (HKLM\...\A5E73046BA905B7B0235AB40FA98A4E3AB96E00E) (Version: 12/13/2013 6.30.223.215 - Broadcom)
Paquete de controladores de Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo)
Paquete de controladores de Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
PDF-XChange Lite 2012 (HKLM\...\{25CFCE3C-5C95-49CB-B63A-E2861E6C0C98}_is1) (Version: 5.0.272.1 - Tracker Software Products Ltd)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PhotoFiltre (HKCU\...\PhotoFiltre) (Version:  - )
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version:  - )
PhotoFiltre Studio X (HKCU\...\PhotoFiltre Studio X) (Version:  - )
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d4 - CyberLink Corp.)
PowerXpressHybrid (x32 Version: 1.00.0000 - ATI) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version:  - IObit)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30116 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3 Pro_is1) (Version: 3.2 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.31.1 - Synaptics Incorporated)
Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version:  - File Recovery Ltd.)
User's Guide EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Useg) (Version:  - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Essentials Media Codec Pack 4.0 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.0 - Media Codec)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WordTalkInstall (HKLM-x32\...\{D4481AFF-4218-4CF0-A68C-87E9EBAE3B86}) (Version: 1.0.0 - WordTalk)
ZipGenius 6.3 (HKLM-x32\...\{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1) (Version: 6.3 - Wininizio.it Software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271938275-1303805652-3004356550-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\George\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

03-11-2014 11:44:49 Copias de seguridad de Windows

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2014-10-27 13:50 - 00450713 ____R C:\windows\system32\Drivers\etc\hosts
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {35B8A4A8-CE80-4F23-B105-6D4D5F1F5FDE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {35D0D6C9-7C2E-40D6-A680-B51180A312D3} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-14] (IObit)
Task: {36270679-7934-42B8-BFFF-A365C54BD02C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2271938275-1303805652-3004356550-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {374238FF-F931-419F-8250-3AC32418F4F5} - System32\Tasks\{ACB8DD12-B9E7-4B8E-AA73-19A0FD1B5B1C} => C:\Users\George\Desktop\bluesol\Setup.exe
Task: {4BE1A9DA-58E1-4C8A-9902-EF87C3EE43C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {64EADD16-BEC7-42F2-9855-A572EFBFE233} - System32\Tasks\Windows Codec Update Service => C:\Program Files (x86)\Essentials Codec Pack\WECPUpdate.exe [2012-02-03] (MediaCodec.Org)
Task: {66E09EA4-1A04-44EC-9B4B-FE1D41583493} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {7AEE3757-4991-461E-BD2D-1119DDB52BE8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-09-18] ()
Task: {862B981F-C8D9-4F7B-89C0-36BD4DDF82D7} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2271938275-1303805652-3004356550-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {87211CE0-3802-43E2-8348-83FC31BB389C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {A56C72CC-1E21-4833-BD53-DB1CD2FF57D5} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-18] (Adobe Systems Incorporated)
Task: {D036D896-C273-4D89-807D-8AF3D9699584} - System32\Tasks\Bk6w => cmd.exe /c start "Bk6w" "C:\Brothers Keeper"\Bk6w.exe"
Task: {D666FEB5-A839-4556-967B-E79D03B32AFF} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-07-15] (IObit)
Task: {DF23D9FD-BE5A-41DC-90CA-85A76BDD1203} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {E821CAAA-1124-4A76-950A-D3EB01EDE40D} - System32\Tasks\Driver Booster SkipUAC (George) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-29 12:33 - 2011-02-28 22:37 - 00095008 _____ () C:\windows\System32\Primomonnt.dll
2011-11-19 07:27 - 2011-11-19 07:27 - 00085435 _____ () C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
2011-11-19 07:27 - 2011-11-19 07:27 - 00141466 _____ () C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
2014-02-26 22:01 - 2012-08-08 21:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-08-04 16:43 - 2013-05-10 11:08 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00029768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2013-08-04 16:43 - 2008-11-25 16:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2013-08-04 16:44 - 2004-10-05 02:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2013-08-04 16:44 - 2013-05-10 11:08 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2013-08-04 16:43 - 2013-05-22 15:25 - 00093256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2013-08-04 16:43 - 2013-05-22 15:25 - 00030280 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00293960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00578632 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00468040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00068680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2013-08-04 16:44 - 2013-05-10 11:09 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2013-08-04 16:43 - 2013-05-20 16:44 - 00022600 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2013-08-04 16:43 - 2013-05-10 11:08 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2013-08-04 16:44 - 2013-05-20 16:44 - 00135240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2013-08-04 16:44 - 2013-05-10 11:08 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:96D0C06F
AlternateDataStreams: C:\ProgramData\Temp:DBC416F8
AlternateDataStreams: C:\Users\George\Documents\RE_ Otro 1933478 PO Otras consultas.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
MSCONFIG\startupreg: Boxoft Tools => "c:\programdata\boxtools\boxofttoolbox.exe" -autorun
MSCONFIG\startupreg: CCleaner Monitoring => "c:\program files\ccleaner\ccleaner64.exe" /monitor
MSCONFIG\startupreg: EaseUS EPM tray => c:\program files (x86)\easeus\easeus partition master 9.2.2\bin\epmnews.exe
MSCONFIG\startupreg: EaseUs Tray => c:\program files (x86)\easeus\todo backup\bin\traynotify.exe
MSCONFIG\startupreg: EaseUs Watch => c:\program files (x86)\easeus\todo backup\bin\euwatch.exe
MSCONFIG\startupreg: EEventManager => c:\program files (x86)\epson software\event manager\eeventmanager.exe
MSCONFIG\startupreg: Energy Management => c:\program files (x86)\lenovo\energy management\energy management.exe
MSCONFIG\startupreg: Energy Manager => c:\program files (x86)\lenovo\energy manager\energy manager.exe
MSCONFIG\startupreg: EnergyUtility => c:\program files (x86)\lenovo\energy management\utility.exe
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: EvtMgr6 => c:\program files\logitech\setpointp\setpoint.exe /launchgaming
MSCONFIG\startupreg: GarminExpressTrayApp => c:\program files (x86)\garmin\express tray\expresstray.exe
MSCONFIG\startupreg: Google Desktop Search => "c:\program files (x86)\google\google desktop search\googledesktop.exe" /startup
MSCONFIG\startupreg: Lenovo Utility => c:\program files (x86)\lenovo\energy manager\utility.exe
MSCONFIG\startupreg: LockKey => C:\Program Files (x86)\LockKey\LockKey.exe
MSCONFIG\startupreg: QuickTime Task => "c:\program files (x86)\quicktime\qttask.exe" -atboottime
MSCONFIG\startupreg: RtHDVBg => c:\program files\realtek\audio\hda\ravbg64.exe /forpcee3
MSCONFIG\startupreg: RtHDVBg_Dolby => "c:\program files\realtek\audio\hda\ravbg64.exe" /forpcee3
MSCONFIG\startupreg: RtHDVBg_LENOVO_MICPKEY => "c:\program files\realtek\audio\hda\ravbg64.exe" /lenovo_micpkey
MSCONFIG\startupreg: RtHDVCpl => c:\program files\realtek\audio\hda\ravcpl64.exe -s
MSCONFIG\startupreg: Skype => "c:\program files (x86)\skype\phone\skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe" msrun
MSCONFIG\startupreg: SunJavaUpdateSched => c:\program files (x86)\common files\java\java update\jusched.exe
MSCONFIG\startupreg: SynTPEnh => %programfiles%\synaptics\syntp\syntpenh.exe
MSCONFIG\startupreg: UpdateP2GShortCut => c:\program files (x86)\lenovo\power2go\muitransfer\muistartmenu.exe" "c:\program files (x86)\lenovo\power2go" updatewithcreateonce "software\cyberlink\power2go\5.0

========================= Accounts: ==========================

Administrador (S-1-5-21-2271938275-1303805652-3004356550-500 - Administrator - Disabled)
George (S-1-5-21-2271938275-1303805652-3004356550-1000 - Administrator - Enabled) => C:\Users\George
HomeGroupUser$ (S-1-5-21-2271938275-1303805652-3004356550-1002 - Limited - Enabled)
Invitado (S-1-5-21-2271938275-1303805652-3004356550-501 - Limited - Disabled) => C:\Users\Invitado.George-PC

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2014 01:51:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/08/2014 01:51:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/08/2014 01:51:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2014 08:02:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2014 08:02:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2014 08:02:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2014 05:51:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2014 05:51:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2014 05:51:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2014 05:45:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/08/2014 01:21:59 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
aswSnx
FldSafe

Error: (11/07/2014 05:12:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
aswSnx
FldSafe

Error: (11/07/2014 05:11:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Garmin Core Update Service no pudo iniciarse debido al siguiente error:
%%1053

Error: (11/07/2014 05:11:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Garmin Core Update Service.

Error: (11/05/2014 10:46:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
aswSnx
FldSafe

Error: (11/05/2014 10:46:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Garmin Core Update Service no pudo iniciarse debido al siguiente error:
%%1053

Error: (11/05/2014 10:46:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Garmin Core Update Service.

Error: (11/03/2014 06:20:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
aswSnx
FldSafe

Error: (11/03/2014 06:20:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Garmin Core Update Service no pudo iniciarse debido al siguiente error:
%%1053

Error: (11/03/2014 06:20:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Garmin Core Update Service.


Microsoft Office Sessions:
=========================
Error: (11/08/2014 01:51:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\George\Desktop\esetsmartinstaller_enu.exe

Error: (11/08/2014 01:51:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\George\Desktop\esetsmartinstaller_enu.exe

Error: (11/08/2014 01:51:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\George\Desktop\esetsmartinstaller_enu.exe

Error: (11/07/2014 08:02:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\George\Desktop\esetsmartinstaller_enu.exe

Error: (11/07/2014 08:02:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\George\Desktop\esetsmartinstaller_enu.exe

Error: (11/07/2014 08:02:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\George\Desktop\esetsmartinstaller_enu.exe

Error: (11/07/2014 05:51:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\George\Desktop\esetsmartinstaller_enu.exe

Error: (11/07/2014 05:51:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\George\Desktop\esetsmartinstaller_enu.exe

Error: (11/07/2014 05:51:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\George\Desktop\esetsmartinstaller_enu.exe

Error: (11/07/2014 05:45:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\George\Desktop\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2013-08-02 14:09:35.943
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 11:51:53.170
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:57:15.590
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:55:08.279
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\usp10.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:44:38.373
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 10:11:18.531
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 09:52:21.559
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 09:26:47.797
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 00:22:09.780
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2013-08-02 00:14:16.749
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\kernel32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


==================== Memory info ===========================

Processor: AMD Athlon™ II P360 Dual-Core Processor
Percentage of memory in use: 48%
Total physical RAM: 3834.9 MB
Available physical RAM: 1991.15 MB
Total Pagefile: 7667.98 MB
Available Pagefile: 5827.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.37 GB) (Free:11.94 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.85 GB) NTFS
Drive e: (Linux) (Fixed) (Total:14.74 GB) (Free:14.63 GB) NTFS
Drive g: (Work) (Fixed) (Total:244.14 GB) (Free:90.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ABA69D84)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.8 GB) - (Type=12)
Partition 4: (Not Active) - (Size=382.4 GB) - (Type=OF Extended)

==================== End Of Log ============================






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users