Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer is crashing how to fix it??????


  • This topic is locked This topic is locked
17 replies to this topic

#1 sweetpea771

sweetpea771

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Idaho
  • Local time:02:32 AM

Posted 10 November 2014 - 10:29 AM

I am not sure if this is where I would post this but am giving it a try. My computer keeps crashing and I need to know how to fix the problem, It also keeps saying the drivers have stopped. It is getting pretty annoying and I can't do anything. I have tried to run full scans and nothing has worked. Please help me! Every time I log on it crashes after a few minutes and sometimes doesn't load any web pages without me reloading them. Also, when I am on the net it tells me sometimes that can't find a proxy server. Thank you for any help you can give me.

Edited by Queen-Evie, 11 November 2014 - 07:19 PM.
moved from Am I Infectd to Malware Removal Logs per request by JSntgRvr


BC AdBot (Login to Remove)

 


#2 wishmakingfairy

wishmakingfairy

  • Members
  • 212 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:32 AM

Posted 10 November 2014 - 10:41 AM

Almost sounds like it could be an infection, try booting into safemode with networking and see if it will show the same signs. To get your computer into safemode, go to the tiles menu with the power button in the upper right, hold down left shift, click the power button and restart. It'll bring up a blue screen, select, Troubleshoot,  Advanced Options, Windows Startup Settings, Then press 5 for safemode with networking.


Using ubuntu and sharing how to as well as collecting how to scripts for common programs. Feel free to ask or share ^-^


#3 sweetpea771

sweetpea771
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Idaho
  • Local time:02:32 AM

Posted 10 November 2014 - 12:23 PM

okay I did this but what do I do next and when I choose 5 it still just brings me into safe mode w/o networking.



#4 wishmakingfairy

wishmakingfairy

  • Members
  • 212 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:32 AM

Posted 10 November 2014 - 12:40 PM

5 is usually w/networking, I'd double check that it is when you try booting, then look at the connection icon in the task bar, you might need to reconnect.


Using ubuntu and sharing how to as well as collecting how to scripts for common programs. Feel free to ask or share ^-^


#5 sweetpea771

sweetpea771
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Idaho
  • Local time:02:32 AM

Posted 10 November 2014 - 01:40 PM

I did do that and it still doesn't let me into any of my websites. After I do all this what steps do I need to take? Thank you.



#6 wishmakingfairy

wishmakingfairy

  • Members
  • 212 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:32 AM

Posted 10 November 2014 - 02:18 PM

I've never really seen that happen before, however... If you have access to another computer or can at least get online in regular mode, you could try

 

The first three programs just need to be downloaded, they already up to date as downloaded

 

1. *moderator edit to remove recommendation of tool that is allowed only in the malware removal forums. Queen-Evie*

2. JRT

3. Adwcleaner

4. Malwarebytes ( If you can get this downloaded and quickly update the database, you can run this scan in safemode without networking)


Edited by Queen-Evie, 10 November 2014 - 04:44 PM.

Using ubuntu and sharing how to as well as collecting how to scripts for common programs. Feel free to ask or share ^-^


#7 sweetpea771

sweetpea771
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Idaho
  • Local time:02:32 AM

Posted 11 November 2014 - 04:40 PM

what is the first program to be downloaded and can i load them in any order?



#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,311 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:32 AM

Posted 11 November 2014 - 07:07 PM

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 sweetpea771

sweetpea771
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Idaho
  • Local time:02:32 AM

Posted 12 November 2014 - 10:15 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Dot (administrator) on CONNIE on 12-11-2014 09:51:01
Running from C:\Users\Dot\DOWNLOADS
Loaded Profile: Dot (Available profiles: Dot)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Mindspark) C:\Program Files (x86)\GamingWonderland\bar\2.bin\gtbarsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Mindspark) C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\Motitags_94\bar\1.bin\94barsvc.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTechHotlineSvc.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Crawler.com) C:\Program Files (x86)\Rid Spyware\RSW_Svc64.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimCleaner Plus\SlimServiceFactory.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
() C:\Program Files (x86)\surf slide\updatesurfslide.exe
(Wajam Internet Technologies Inc.) C:\Program Files\Wajam Web Enhancer\wajam_64.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(Wyse Technology.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Mindspark) C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\20barsvc.exe
(Interesting Solutions) C:\ProgramData\bGaWqt\EAKxsq.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Search Extensions\Client.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
( ) C:\Program Files (x86)\Motitags_94\bar\1.bin\AppIntegrator64.exe
(Crawler.com) C:\Program Files (x86)\Rid Spyware\RidSpywareShield.exe
(Crawler.com) C:\Program Files (x86)\Rid Spyware\RidSpywareUpdate.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
(Crawler, LLC ) C:\Program Files (x86)\Safety Optimizer\SafetyOptimizer.exe
(Exent Technologies Ltd.) C:\Program Files (x86)\Free Ride Games\GPlayer.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimCleaner Plus\SlimService.exe
(Valion Group) C:\Program Files (x86)\RebateInformer\RebateInf.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\Motitags_94\bar\1.bin\94brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\Motitags_94\bar\1.bin\94brmon64.exe
(Mindspark) C:\Program Files (x86)\GamingWonderland\bar\2.bin\APPINTEGRATOR.EXE
(Mindspark) C:\Program Files (x86)\GamingWonderland\bar\2.bin\AppIntegrator64.exe
(Weather Protector LLC) C:\Users\Dot\AppData\Local\StormWatch\StormWatch.exe
(Mindspark) C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\APPINTEGRATOR.EXE
(Mindspark) C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegrator64.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Crawler.com) C:\Program Files (x86)\PCPowerSpeed\PCPowerTray.exe
(Crawler.com) C:\Program Files (x86)\OnlineVault\OVTray.exe
(Omega Partners Ltd) C:\Program Files (x86)\AppGraffiti\AppGraffiti.exe
(Mindspark) C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\APPINTEGRATOR.EXE
(Mindspark) C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\AppIntegrator64.exe
(Crawler, LLC) C:\Program Files (x86)\SiteRanker\SiteRankTray.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTHHook.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTHHook64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321176 2013-06-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321176 2013-06-28] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [11229696 2012-09-17] (Dell Inc.)
HKLM\...\Run: [GamingWonderland Home Page Guard 64 bit] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\AppIntegrator64.exe [485960 2014-08-22] ( )
HKLM\...\Run: [Motitags Home Page Guard 64 bit] => C:\Program Files (x86)\Motitags_94\bar\1.bin\AppIntegrator64.exe [485960 2014-08-23] ( )
HKLM\...\Run: [RidSpywareShield] => C:\Program Files (x86)\Rid Spyware\RidSpywareShield.exe [3871616 2014-06-03] (Crawler.com)
HKLM\...\Run: [RidSpywareUpdater] => C:\Program Files (x86)\Rid Spyware\RidSpywareUpdate.exe [3650432 2014-06-03] (Crawler.com)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [GamingWonderland EPM Support] => C:\Program Files (x86)\GamingWonderland\bar\2.bin\gtmedint.exe [12872 2014-09-02] (Mindspark)
HKLM-x32\...\Run: [GamingWonderland Browser Plugin Loader 64] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon64.exe [71752 2014-08-22] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Motitags EPM Support] => C:\Program Files (x86)\Motitags_94\bar\1.bin\94medint.exe [12872 2014-08-23] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Motitags Search Scope Monitor] => C:\Program Files (x86)\Motitags_94\bar\1.bin\94SrchMn.exe [55368 2014-08-23] (Mindspark)
HKLM-x32\...\Run: [Motitags_94 Browser Plugin Loader] => C:\Program Files (x86)\Motitags_94\bar\1.bin\94brmon.exe [61512 2014-08-23] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Motitags_94 Browser Plugin Loader 64] => C:\Program Files (x86)\Motitags_94\bar\1.bin\94brmon64.exe [71752 2014-08-23] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [GamingWonderland AppIntegrator 32-bit] => C:\Program Files (x86)\GamingWonderland\bar\2.bin\AppIntegrator.exe [225864 2014-09-02] (Mindspark)
HKLM-x32\...\Run: [GamingWonderland AppIntegrator 64-bit] => C:\Program Files (x86)\GamingWonderland\bar\2.bin\AppIntegrator64.exe [258632 2014-09-02] (Mindspark)
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => C:\Program Files (x86)\GamingWonderland\bar\2.bin\gtSrchMn.exe [55880 2014-09-02] (Mindspark)
HKLM-x32\...\Run: [MapsGalaxy EPM Support] => C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe [12872 2014-09-02] (Mindspark)
HKLM-x32\...\Run: [MapsGalaxy AppIntegrator 32-bit] => C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegrator.exe [225864 2014-09-02] (Mindspark)
HKLM-x32\...\Run: [MapsGalaxy AppIntegrator 64-bit] => C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegrator64.exe [258632 2014-09-02] (Mindspark)
HKLM-x32\...\Run: [MapsGalaxy Search Scope Monitor] => C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe [55880 2014-09-02] (Mindspark)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1430960 2014-11-11] (Xacti, LLC)
HKLM-x32\...\Run: [PCPowerSpeed] => C:\Program Files (x86)\PCPowerSpeed\PCPowerTray.exe [1298280 2014-06-16] (Crawler.com)
HKLM-x32\...\Run: [Online Vault] => C:\Program Files (x86)\OnlineVault\OVTray.exe [369000 2014-05-21] (Crawler.com)
HKLM-x32\...\Run: [AppGraffiti] => C:\Program Files (x86)\AppGraffiti\AppGraffiti.exe [1220544 2014-07-09] (Omega Partners Ltd)
HKLM-x32\...\Run: [YourLocalLotto Toolbar EPM Support] => C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\20medint.exe [12872 2014-10-05] (Mindspark)
HKLM-x32\...\Run: [YourLocalLotto Toolbar AppIntegrator 32-bit] => C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\AppIntegrator.exe [225864 2014-10-05] (Mindspark)
HKLM-x32\...\Run: [YourLocalLotto Toolbar AppIntegrator 64-bit] => C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\AppIntegrator64.exe [258632 2014-10-05] (Mindspark)
HKLM-x32\...\Run: [YourLocalLotto Toolbar Search Scope Monitor] => C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\20SrchMn.exe [55880 2014-10-05] (Mindspark)
HKLM-x32\...\Run: [PCTechHotline] => C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe [1905000 2014-05-30] (Crawler, LLC)
HKLM-x32\...\Run: [SiteRanker] => C:\Program Files (x86)\SiteRanker\SiteRankTray.exe [1084888 2014-09-19] (Crawler, LLC)
HKLM-x32\...\Run: [ospd_us_225] => "C:\Program Files (x86)\ospd_us_225\ospd_us_225.exe"
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-29] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4924288 2014-09-07] (Exent Technologies Ltd.)
HKU\S-1-5-20\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4924288 2014-09-07] (Exent Technologies Ltd.)
HKU\S-1-5-21-2295182653-3264991934-447758255-1001\...\Run: [SlimCleaner Plus] => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [26163008 2014-08-04] (SlimWare Utilities, Inc.)
HKU\S-1-5-21-2295182653-3264991934-447758255-1001\...\Run: [AGupdate] => C:\Program Files (x86)\AppGraffiti\AGupdate.exe [894048 2013-03-19] (Omega Partners Ltd)
HKU\S-1-5-21-2295182653-3264991934-447758255-1001\...\Run: [Safety Optimizer] => C:\Program Files (x86)\Safety Optimizer\SafetyOptimizer.exe [2428784 2014-08-12] (Crawler, LLC )
HKU\S-1-5-21-2295182653-3264991934-447758255-1001\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4924288 2014-09-07] (Exent Technologies Ltd.)
HKU\S-1-5-21-2295182653-3264991934-447758255-1001\...\Run: [RebateInformer] => C:\Program Files (x86)\RebateInformer\RebateInf.exe [2672000 2014-08-15] (Valion Group)
HKU\S-1-5-21-2295182653-3264991934-447758255-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [146888 2014-08-21] (PC Utilities Software Limited)
HKU\S-1-5-18\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4924288 2014-09-07] (Exent Technologies Ltd.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [224728 2014-09-29] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [181720 2014-09-29] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Dot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Dot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
ShortcutTarget: StormWatch.lnk -> C:\Users\Dot\AppData\Local\StormWatch\StormWatch.exe (Weather Protector LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:50436;https=127.0.0.1:50436
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?type=hp&ts=1412987960&from=brd&uid=WDCXWD3200LPVX-75V0TT0_WX91A93M9343A93M9343&i=psd&t=34a34da37
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {a8625cb7-85fe-4936-92a4-b2a7c925209e} - C:\Program Files (x86)\GamingWonderland\bar\2.bin\gtSrcAs.dll (Mindspark)
URLSearchHook: HKCU - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (Mindspark)
URLSearchHook: HKCU - (No Name) - {52f57613-4c36-4757-a961-621c2adedfc9} - C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\20SrcAs.dll (Mindspark)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {325F4FF6-C9DA-43C0-A198-4595409C9880} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - {325F4FF6-C9DA-43C0-A198-4595409C9880} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - {325F4FF6-C9DA-43C0-A198-4595409C9880} URL = 
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=82995&iwk=328&lng=en
BHO: No Name -> {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} -> C:\Program Files (x86)\SiteRanker\SiteR64.dll (Crawler, LLC)
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: Price Finder -> {6E89E1D3-C66F-41C4-A648-CD91544E99C3} -> C:\Program Files\PriceFinder\PriceFinderHelper.x64.dll (Pronto.com)
BHO: AppGraffiti -> {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} -> C:\Program Files (x86)\AppGraffiti\AppGraffiti64.dll (Omega Partners Ltd)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: TidyNetwork -> {AB34CA20-5520-320F-FC4B-21ABA2E06CEB} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: TheBestDeals -> {BC79963C-9231-157A-240B-58EB61B6BEB4} -> C:\Program Files (x86)\ver5TheBestDeals\180_x64.dll ()
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
BHO: No Name -> {CCB69577-088B-4004-9ED8-FF5BCC83A039} -> C:\Program Files (x86)\RebateInformer\RebInf64.dll (Valion Group)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name -> {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} -> C:\Program Files (x86)\SiteRanker\SiteRank.dll (Crawler, LLC)
BHO-x32: Toolbar BHO -> {1e91a655-bb4b-4693-a05e-2edebc4c9d89} -> C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {598f4e85-2ee6-43a8-bf43-c75c82b925fe} -> C:\Program Files (x86)\Motitags_94\bar\1.bin\94bar.dll (Mindspark)
BHO-x32: ArcadeYum Addon -> {651CA263-4157-4AC5-B7C2-03A7C1C00457} -> C:\Users\Dot\AppData\Local\ArcadeYum\ArcadeYumIEHelper.dll ()
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: Search Assistant BHO -> {6df8a038-1b03-41eb-a92b-0e82de08ee4a} -> C:\Program Files (x86)\Motitags_94\bar\1.bin\94SrcAs.dll (Mindspark)
BHO-x32: Price Finder -> {6E89E1D3-C66F-41C4-A648-CD91544E99C3} -> C:\Program Files (x86)\PriceFinder\PriceFinderHelper.dll (Pronto.com)
BHO-x32: AppGraffiti -> {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} -> C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
BHO-x32: Search Assistant BHO -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (Mindspark)
BHO-x32: Toolbar BHO -> {7b120170-d03b-451c-9fcc-369bf9900302} -> C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\20bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} -> C:\Program Files (x86)\GamingWonderland\bar\2.bin\gtbar.dll (Mindspark)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: surf slide -> {916acf26-e1a6-45da-b34f-2147d400448c} -> C:\Program Files (x86)\surf slide\surfslidebho.dll (surf slide)
BHO-x32: Search Assistant BHO -> {ab5d199e-9659-47a2-930b-fc3b69061353} -> C:\Program Files (x86)\GamingWonderland\bar\2.bin\gtSrcAs.dll (Mindspark)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: No Name -> {CCB69577-088B-4004-9ED8-FF5BCC83A039} -> C:\Program Files (x86)\RebateInformer\RebateI.dll (Valion Group)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {ddddb845-30e9-481f-b76d-82522e6fd79c} -> C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\20SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM-x32 - GamingWonderland - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\2.bin\gtbar.dll (Mindspark)
Toolbar: HKLM-x32 - Motitags - {40f650b7-7625-4388-a39d-e7224d0a69b6} - C:\Program Files (x86)\Motitags_94\bar\1.bin\94bar.dll (Mindspark)
Toolbar: HKLM-x32 - MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKLM-x32 - YourLocalLotto Toolbar - {e2993f50-db88-405c-baec-91a1805c3517} - C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\20bar.dll (Mindspark)
Toolbar: HKU\S-1-5-21-2295182653-3264991934-447758255-1001 -> MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (Mindspark)
Toolbar: HKU\S-1-5-21-2295182653-3264991934-447758255-1001 -> &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Toolbar: HKU\S-1-5-21-2295182653-3264991934-447758255-1001 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKU\S-1-5-21-2295182653-3264991934-447758255-1001 -> YourLocalLotto Toolbar - {E2993F50-DB88-405C-BAEC-91A1805C3517} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\Program Files (x86)\RebateInformer\RebInf64.dll (Valion Group)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Handler-x32: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\Program Files (x86)\RebateInformer\RebateI.dll (Valion Group)
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 216.66.108.26
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Motitags_94.com/Plugin -> C:\Program Files (x86)\Motitags_94\bar\1.bin\NP94Stub.dll (Mindspark)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @yourlocallotto1_20.com/Plugin -> C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\NP20Stub.dll No File
FF Plugin-x32: www.exent.com/GameTreatWidget -> C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll No File
FF Plugin HKU\S-1-5-21-2295182653-3264991934-447758255-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dot\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2295182653-3264991934-447758255-1001: www.exent.com/GameTreatWidget -> C:\Program Files (x86)\Free Ride Games\npGameTreatWidget.dll (Exent Technologies Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files (x86)\SiteRanker\firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-30]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_ir_nan_nan_ch&cd=2XzuyEtN2Y1L1Qzu0F0AtB0F0Azz0C0C0EyCyBtC0EyDyC0BtN0D0Tzu0StCtDtAtDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0E0A0FtDyEtA0AtGyEtB0EtBtG0EyCtCyCtGyD0D0B0AtGyBtD0EtByBtDyDzztAyDtCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0AtB0FtD0FtC0BtGtDtAtAtCtGyEyCyC0BtGzy0A0BzztGtByCtDzzyEyB0ByBtAyDtCtA2Q&cr=2001504371&ir=
CHR StartupUrls: Default -> "hxxp://astromenda.com/?f=7&a=ast_ir_nan_nan_ch&cd=2XzuyEtN2Y1L1Qzu0F0AtB0F0Azz0C0C0EyCyBtC0EyDyC0BtN0D0Tzu0StCtDtAtDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0E0A0FtDyEtA0AtGyEtB0EtBtG0EyCtCyCtGyD0D0B0AtGyBtD0EtByBtDyDzztAyDtCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0AtB0FtD0FtC0BtGtDtAtAtCtGyEyCyC0BtGzy0A0BzztGtByCtDzzyEyB0ByBtAyDtCtA2Q&cr=2001504371&ir=", "hxxp://groovorio.com/?f=7&a=grv_installertech_14_22&cd=2XzuyEtN2Y1L1Qzu0F0AtB0F0Azz0C0C0EyCyBtC0EyDyC0BtN0D0Tzu0StCtDtAtDtN1L2XzutAtFyDtFtCtFtCtN1L1Czu1N1C2X1V1L1G1B2Z1T1I1I1P1C2Z1P1R1M1VtCyE1VtBtBtN1L1G1B1V1N2Y1L1Qzu2SyCyD0A0DzzzytBtCtG0AtDyDtCtG0AtAzy0BtGyE0DyCtBtGyEtAtByBzyzzyE0FtAyDtCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0AtB0FtD0FtC0BtGtDtAtAtCtGyEyCyC0BtGzy0A0BzztGtByCtDzzyEyB0ByBtAyDtCtA2Q&cr=1986863300&ir="
CHR DefaultSearchKeyword: Default -> astromenda.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-28]
CHR Extension: (Groovorio New Tab) - C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm [2014-10-26]
CHR Extension: (Extrabux) - C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdegpbaoaebllngceboapplllecfpc [2014-10-28]
CHR Extension: (tperfectcoupon) - C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipamlpodmmcampmmgkdgbhikhidjngkb [2014-10-26]
CHR Extension: (Google Wallet) - C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28]
CHR Extension: (Quick start) - C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-10-10]
CHR Extension: (Astromenda New Tab) - C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-10-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-10-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-29]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-10-10]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [3649616 2014-10-07] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-29] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-10-29] (Avast Software)
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-10] (Just Develop It) <==== ATTENTION
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-03-23] (Broadcom Corporation.)
S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3014616 2014-09-29] (Client Connect LTD)
R2 EAKxsq; C:\ProgramData\bGaWqt\EAKxsq.exe [2321776 2014-10-07] (Interesting Solutions)
R2 GamingWonderlandService; C:\Program Files (x86)\GamingWonderland\bar\2.bin\gtbarsvc.exe [90696 2014-09-02] (Mindspark)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-25] (Microsoft Corporation)
R2 MapsGalaxy_39Service; C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe [90696 2014-09-02] (Mindspark)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 Motitags_94Service; C:\Program Files (x86)\Motitags_94\bar\1.bin\94barsvc.exe [88648 2014-08-23] (COMPANYVERS_NAME)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-25] (Microsoft Corporation)
R2 PCTechHotlineSvc; C:\Program Files (x86)\PCTechHotline\PCTechHotlineSvc.exe [701800 2014-05-30] (Crawler, LLC)
R2 ReimageRealTimeProtector; C:\PROGRAM FILES\REIMAGE\REIMAGE PROTECTOR\REIGUARD.EXE [7112552 2014-10-30] (Reimage®)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RSW_Svc; C:\Program Files (x86)\Rid Spyware\RSW_Svc64.exe [2982272 2014-06-03] (Crawler.com)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SlimService; C:\Program Files\SlimCleaner Plus\SlimServiceFactory.exe [244544 2014-08-04] (SlimWare Utilities, Inc.)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-25] (Microsoft Corporation)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [276048 2014-09-04] (Term Tutor)
R2 Update surf slide; C:\Program Files (x86)\surf slide\updatesurfslide.exe [522480 2014-10-10] ()
R2 Wajam Web Enhancer; C:\Program Files\Wajam Web Enhancer\wajam_64.exe [2343936 2014-10-21] (Wajam Internet Technologies Inc.) [File not signed] <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6334464 2012-09-17] (Dell Inc.) [File not signed]
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-06-21] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1436160 2012-11-29] (Wyse Technology.) [File not signed]
R2 yourlocallotto1_20Service; C:\Program Files (x86)\yourlocallotto1_20\bar\2.bin\20barsvc.exe [90696 2014-10-05] (Mindspark)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [82768 2014-10-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049920 2014-10-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-29] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170200 2013-03-23] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6834760 2012-09-13] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 BTWPANFL; C:\Windows\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-12] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-08-12] (Synaptics Incorporated)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows ® Win 7 DDK provider)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-11-12] ()
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-10-29] (Avast Software)
R2 X5XSEx_Pr143; C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [56584 2013-07-18] (Exent Technologies Ltd.)
S3 OATool; \??\C:\Users\ADMINI~1\AppData\Local\Temp\OAToolx64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-12 09:51 - 2014-11-12 09:52 - 00044731 _____ () C:\Users\Dot\Downloads\FRST.txt
2014-11-12 09:47 - 2014-11-12 09:51 - 00000000 ____D () C:\FRST
2014-11-12 09:46 - 2014-11-12 09:47 - 02116096 _____ (Farbar) C:\Users\Dot\Downloads\FRST64.exe
2014-11-12 09:45 - 2014-11-12 09:45 - 01107968 _____ (Farbar) C:\Users\Dot\Downloads\FRST.exe
2014-11-12 09:33 - 2014-11-12 09:33 - 00003452 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Popup
2014-11-12 09:31 - 2014-11-12 09:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-12 09:24 - 2014-11-12 09:24 - 00000197 _____ () C:\Windows\system32\2014-11-12-14-24-22.097-AvastVBoxSVC.exe-3404.log
2014-11-12 08:47 - 2014-11-12 08:49 - 00000197 _____ () C:\Windows\system32\2014-11-12-13-47-06.067-AvastVBoxSVC.exe-4264.log
2014-11-12 05:15 - 2014-11-12 05:17 - 00000197 _____ () C:\Windows\system32\2014-11-12-10-15-57.009-AvastVBoxSVC.exe-4116.log
2014-11-12 05:07 - 2014-11-12 05:07 - 00000197 _____ () C:\Windows\system32\2014-11-12-10-07-28.067-AvastVBoxSVC.exe-4344.log
2014-11-11 23:24 - 2014-11-11 23:27 - 00000197 _____ () C:\Windows\system32\2014-11-12-04-24-16.020-AvastVBoxSVC.exe-3888.log
2014-11-11 22:16 - 2014-11-11 22:18 - 00000197 _____ () C:\Windows\system32\2014-11-12-03-16-17.049-AvastVBoxSVC.exe-4496.log
2014-11-11 17:43 - 2014-11-11 17:44 - 00000197 _____ () C:\Windows\system32\2014-11-11-22-43-26.016-AvastVBoxSVC.exe-3328.log
2014-11-11 16:24 - 2014-11-11 16:25 - 00000197 _____ () C:\Windows\system32\2014-11-11-21-24-50.003-AvastVBoxSVC.exe-3680.log
2014-11-11 13:22 - 2014-11-11 13:22 - 00000197 _____ () C:\Windows\system32\2014-11-11-18-22-30.018-AvastVBoxSVC.exe-3480.log
2014-11-11 13:11 - 2014-11-11 13:11 - 00000197 _____ () C:\Windows\system32\2014-11-11-18-11-28.021-AvastVBoxSVC.exe-3308.log
2014-11-11 09:18 - 2014-11-11 09:23 - 00000197 _____ () C:\Windows\system32\2014-11-11-14-18-45.065-AvastVBoxSVC.exe-3164.log
2014-11-11 06:22 - 2014-11-11 06:25 - 00000197 _____ () C:\Windows\system32\2014-11-11-11-22-16.074-AvastVBoxSVC.exe-4588.log
2014-11-11 01:55 - 2014-11-11 01:55 - 00000197 _____ () C:\Windows\system32\2014-11-11-06-55-02.070-AvastVBoxSVC.exe-3492.log
2014-11-11 01:51 - 2014-11-11 01:52 - 00810520 _____ () C:\Windows\Minidump\111114-18187-01.dmp
2014-11-11 00:44 - 2014-11-11 00:46 - 00000197 _____ () C:\Windows\system32\2014-11-11-05-44-50.056-AvastVBoxSVC.exe-3492.log
2014-11-10 23:29 - 2014-11-10 23:30 - 00000197 _____ () C:\Windows\system32\2014-11-11-04-29-22.011-AvastVBoxSVC.exe-4684.log
2014-11-10 22:19 - 2014-11-10 22:22 - 00000197 _____ () C:\Windows\system32\2014-11-11-03-19-07.040-AvastVBoxSVC.exe-4396.log
2014-11-10 21:36 - 2014-11-10 21:39 - 00000197 _____ () C:\Windows\system32\2014-11-11-02-36-25.072-AvastVBoxSVC.exe-4328.log
2014-11-10 20:42 - 2014-11-10 20:44 - 00000197 _____ () C:\Windows\system32\2014-11-11-01-42-27.044-AvastVBoxSVC.exe-3752.log
2014-11-10 19:11 - 2014-11-10 19:14 - 00000197 _____ () C:\Windows\system32\2014-11-11-00-11-38.088-AvastVBoxSVC.exe-3748.log
2014-11-10 18:06 - 2014-11-10 18:06 - 00000197 _____ () C:\Windows\system32\2014-11-10-23-06-46.009-AvastVBoxSVC.exe-3584.log
2014-11-10 16:54 - 2014-11-10 16:56 - 00000197 _____ () C:\Windows\system32\2014-11-10-21-54-43.090-AvastVBoxSVC.exe-4632.log
2014-11-10 14:24 - 2014-11-10 14:24 - 00000197 _____ () C:\Windows\system32\2014-11-10-19-24-33.077-AvastVBoxSVC.exe-3476.log
2014-11-10 14:21 - 2014-11-10 14:21 - 00780840 _____ () C:\Windows\Minidump\111014-17703-01.dmp
2014-11-10 13:18 - 2014-11-10 13:20 - 00000197 _____ () C:\Windows\system32\2014-11-10-18-18-12.098-AvastVBoxSVC.exe-4812.log
2014-11-10 12:05 - 2014-11-10 12:06 - 00000197 _____ () C:\Windows\system32\2014-11-10-17-05-05.023-AvastVBoxSVC.exe-4492.log
2014-11-10 11:54 - 2014-11-10 11:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-10 11:54 - 2014-11-10 11:54 - 00000000 _____ () C:\Windows\setupact.log
2014-11-10 11:49 - 2014-11-10 11:49 - 00002129 _____ () C:\Users\Public\Desktop\speed browser.lnk
2014-11-10 11:22 - 2014-11-10 11:23 - 00000197 _____ () C:\Windows\system32\2014-11-10-16-22-30.049-AvastVBoxSVC.exe-4772.log
2014-11-10 10:54 - 2014-11-10 10:57 - 00000197 _____ () C:\Windows\system32\2014-11-10-15-54-40.097-AvastVBoxSVC.exe-3556.log
2014-11-10 10:05 - 2014-11-10 10:05 - 00003422 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-11-10 10:04 - 2014-11-10 10:04 - 00004266 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2014-11-10 10:03 - 2014-11-10 10:04 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-11-10 09:53 - 2014-11-10 09:53 - 00000197 _____ () C:\Windows\system32\2014-11-10-14-53-18.035-AvastVBoxSVC.exe-3220.log
2014-11-10 08:25 - 2014-11-10 10:05 - 00000000 ____D () C:\rei
2014-11-10 08:25 - 2014-11-10 10:04 - 00000000 ____D () C:\Program Files\Reimage
2014-11-10 08:25 - 2014-11-10 10:03 - 00001903 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-11-10 08:25 - 2014-11-10 10:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-11-10 08:24 - 2014-11-10 10:05 - 00000158 _____ () C:\Windows\Reimage.ini
2014-11-10 08:24 - 2014-11-10 08:24 - 00757056 _____ (Reimage®) C:\Users\Dot\Downloads\ReimageRepair (2).exe
2014-11-10 08:24 - 2014-11-10 08:24 - 00757056 _____ (Reimage®) C:\Users\Dot\Downloads\ReimageRepair (1).exe
2014-11-10 08:19 - 2014-11-10 08:19 - 00757056 _____ (Reimage®) C:\Users\Dot\Downloads\ReimageRepair.exe
2014-11-10 07:46 - 2014-11-10 07:47 - 00000197 _____ () C:\Windows\system32\2014-11-10-12-46-08.071-AvastVBoxSVC.exe-4720.log
2014-11-10 06:37 - 2014-11-10 06:38 - 00000197 _____ () C:\Windows\system32\2014-11-10-11-37-50.026-AvastVBoxSVC.exe-3424.log
2014-11-10 06:11 - 2014-11-10 06:15 - 00000197 _____ () C:\Windows\system32\2014-11-10-11-11-44.090-AvastVBoxSVC.exe-3992.log
2014-11-10 02:23 - 2014-11-10 02:25 - 00000197 _____ () C:\Windows\system32\2014-11-10-07-23-14.052-AvastVBoxSVC.exe-3932.log
2014-11-09 23:22 - 2014-11-09 23:22 - 00000197 _____ () C:\Windows\system32\2014-11-10-04-22-56.036-AvastVBoxSVC.exe-3556.log
2014-11-09 21:48 - 2014-11-09 21:51 - 00000197 _____ () C:\Windows\system32\2014-11-10-02-48-49.092-AvastVBoxSVC.exe-2584.log
2014-11-09 20:54 - 2014-11-09 20:54 - 00000197 _____ () C:\Windows\system32\2014-11-10-01-54-02.082-AvastVBoxSVC.exe-3496.log
2014-11-09 20:06 - 2014-11-09 20:07 - 00000197 _____ () C:\Windows\system32\2014-11-10-01-06-15.019-AvastVBoxSVC.exe-3592.log
2014-11-09 19:58 - 2014-11-09 20:00 - 00000197 _____ () C:\Windows\system32\2014-11-10-00-58-15.010-AvastVBoxSVC.exe-4364.log
2014-11-09 09:28 - 2014-11-09 09:30 - 00000197 _____ () C:\Windows\system32\2014-11-09-14-28-37.060-AvastVBoxSVC.exe-3672.log
2014-11-09 06:51 - 2014-11-09 06:51 - 00000197 _____ () C:\Windows\system32\2014-11-09-11-51-53.046-AvastVBoxSVC.exe-3424.log
2014-11-09 06:32 - 2014-11-09 06:34 - 00000197 _____ () C:\Windows\system32\2014-11-09-11-32-34.014-AvastVBoxSVC.exe-3276.log
2014-11-09 02:59 - 2014-11-09 03:02 - 00000197 _____ () C:\Windows\system32\2014-11-09-07-59-41.099-AVASTVBOXSVC.EXE-5672.log
2014-11-09 02:47 - 2014-11-09 02:48 - 00000197 _____ () C:\Windows\system32\2014-11-09-07-47-30.058-AvastVBoxSVC.exe-3332.log
2014-11-08 22:55 - 2014-11-08 23:00 - 00000197 _____ () C:\Windows\system32\2014-11-09-03-55-55.068-AvastVBoxSVC.exe-3432.log
2014-11-08 21:39 - 2014-11-08 21:41 - 00000197 _____ () C:\Windows\system32\2014-11-09-02-39-48.060-AvastVBoxSVC.exe-3448.log
2014-11-08 21:36 - 2014-11-08 21:36 - 00808376 _____ () C:\Windows\Minidump\110814-15593-01.dmp
2014-11-08 20:48 - 2014-11-08 20:48 - 00000197 _____ () C:\Windows\system32\2014-11-09-01-48-55.034-AvastVBoxSVC.exe-3376.log
2014-11-08 19:15 - 2014-11-08 19:16 - 00000197 _____ () C:\Windows\system32\2014-11-09-00-15-28.067-AvastVBoxSVC.exe-3516.log
2014-11-08 18:44 - 2014-11-08 18:45 - 00000197 _____ () C:\Windows\system32\2014-11-08-23-44-54.060-AVASTVBOXSVC.EXE-3864.log
2014-11-08 17:05 - 2014-11-08 17:08 - 00000197 _____ () C:\Windows\system32\2014-11-08-22-05-38.036-AvastVBoxSVC.exe-3164.log
2014-11-08 15:50 - 2014-11-08 15:50 - 00000197 _____ () C:\Windows\system32\2014-11-08-20-50-54.061-AvastVBoxSVC.exe-3480.log
2014-11-08 13:50 - 2014-11-08 13:54 - 00000197 _____ () C:\Windows\system32\2014-11-08-18-50-20.032-AvastVBoxSVC.exe-3408.log
2014-11-08 09:58 - 2014-11-08 09:58 - 00000197 _____ () C:\Windows\system32\2014-11-08-14-58-53.077-AvastVBoxSVC.exe-3436.log
2014-11-08 08:25 - 2014-11-08 08:29 - 00000197 _____ () C:\Windows\system32\2014-11-08-13-25-55.012-AvastVBoxSVC.exe-2456.log
2014-11-08 06:40 - 2014-11-08 06:42 - 00000197 _____ () C:\Windows\system32\2014-11-08-11-40-49.004-AvastVBoxSVC.exe-2140.log
2014-11-08 01:45 - 2014-11-08 01:47 - 00000197 _____ () C:\Windows\system32\2014-11-08-06-45-56.045-AvastVBoxSVC.exe-3472.log
2014-11-08 01:39 - 2014-11-08 01:41 - 00000197 _____ () C:\Windows\system32\2014-11-08-06-39-36.000-AvastVBoxSVC.exe-3152.log
2014-11-07 21:00 - 2014-11-07 21:02 - 00000197 _____ () C:\Windows\system32\2014-11-08-02-00-59.080-AvastVBoxSVC.exe-3444.log
2014-11-07 20:24 - 2014-11-07 20:27 - 00000197 _____ () C:\Windows\system32\2014-11-08-01-24-48.025-AvastVBoxSVC.exe-3156.log
2014-11-07 17:45 - 2014-11-07 17:48 - 00000197 _____ () C:\Windows\system32\2014-11-07-22-45-01.058-AvastVBoxSVC.exe-3412.log
2014-11-07 17:04 - 2014-11-07 17:05 - 00000197 _____ () C:\Windows\system32\2014-11-07-22-04-21.036-AvastVBoxSVC.exe-4068.log
2014-10-31 14:06 - 2014-10-31 14:06 - 00190214 _____ () C:\Users\Dot\Downloads\reggie.pptx
2014-10-30 17:12 - 2014-11-01 00:18 - 00000036 _____ () C:\ProgramData\suguid.txt
2014-10-30 16:43 - 2014-10-30 16:43 - 00000197 _____ () C:\Windows\system32\2014-10-30-21-43-32.099-AvastVBoxSVC.exe-780.log
2014-10-30 16:33 - 2014-10-30 16:34 - 00000197 _____ () C:\Windows\system32\2014-10-30-21-33-16.061-AVASTVBOXSVC.EXE-5396.log
2014-10-30 15:38 - 2014-10-30 15:38 - 00000197 _____ () C:\Windows\system32\2014-10-30-20-38-17.012-AvastVBoxSVC.exe-2844.log
2014-10-29 21:15 - 2014-10-29 21:19 - 00000197 _____ () C:\Windows\system32\2014-10-30-02-15-05.006-AvastVBoxSVC.exe-3988.log
2014-10-29 19:58 - 2014-10-29 20:02 - 00000197 _____ () C:\Windows\system32\2014-10-30-00-58-58.075-AvastVBoxSVC.exe-4484.log
2014-10-29 19:27 - 2014-10-29 19:27 - 00000197 _____ () C:\Windows\system32\2014-10-30-00-27-00.088-AvastVBoxSVC.exe-3232.log
2014-10-29 09:42 - 2014-10-29 09:43 - 00000247 _____ () C:\Windows\system32\2014-10-29-14-42-58.035-aswFe.exe-528.log
2014-10-29 09:32 - 2014-10-29 09:42 - 00000247 _____ () C:\Windows\system32\2014-10-29-14-32-45.078-aswFe.exe-35316.log
2014-10-29 09:25 - 2014-10-29 09:25 - 00000000 ____D () C:\Users\Dot\AppData\Roaming\AVAST Software
2014-10-29 09:20 - 2014-10-29 09:20 - 00000197 _____ () C:\Windows\system32\2014-10-29-14-20-29.015-AvastVBoxSVC.exe-27228.log
2014-10-29 09:14 - 2014-10-29 09:19 - 00000247 _____ () C:\Windows\system32\2014-10-29-14-14-20.071-aswFe.exe-25616.log
2014-10-29 09:08 - 2014-10-29 09:14 - 00000247 _____ () C:\Windows\system32\2014-10-29-14-08-07.041-aswFe.exe-5124.log
2014-10-29 09:08 - 2014-10-29 09:08 - 00000197 _____ () C:\Windows\system32\2014-10-29-14-08-03.085-AvastVBoxSVC.exe-24404.log
2014-10-29 08:59 - 2014-10-29 08:59 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-10-29 08:59 - 2014-10-29 08:59 - 00000000 ____D () C:\Windows\system32\vbox
2014-10-29 08:57 - 2014-10-29 08:57 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-29 08:57 - 2014-10-29 08:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-29 08:56 - 2014-11-12 09:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-29 08:56 - 2014-10-29 08:56 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-29 08:56 - 2014-10-29 08:56 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-29 08:56 - 2014-10-29 08:56 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-29 08:56 - 2014-10-29 08:56 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-29 08:56 - 2014-10-29 08:56 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-29 08:56 - 2014-10-29 08:56 - 00082768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-29 08:56 - 2014-10-29 08:56 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-29 08:56 - 2014-10-29 08:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-29 08:56 - 2014-10-29 08:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-29 08:56 - 2014-10-29 08:55 - 01049920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-29 08:49 - 2014-10-29 08:49 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-29 08:48 - 2014-10-29 08:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-29 08:47 - 2014-10-29 08:48 - 05004328 _____ (AVAST Software) C:\Users\Dot\Downloads\avast_free_antivirus_setup_online.exe
2014-10-27 19:14 - 2014-10-27 19:14 - 00002214 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-10-27 19:14 - 2014-10-27 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-10-27 19:11 - 2014-10-27 19:11 - 00880272 _____ (Google Inc.) C:\Users\Dot\Downloads\GoogleEarthSetup.exe
2014-10-26 18:38 - 2014-10-28 03:45 - 00000000 ____D () C:\ProgramData\c53aaf64fe6efa82
2014-10-26 14:17 - 2014-10-26 14:17 - 00000266 _____ () C:\Users\Dot\Desktop\Cut the Rope.url
2014-10-26 14:14 - 2014-10-26 14:13 - 01055936 _____ (Adobe) C:\Users\Dot\Downloads\flashplayer_setup.exe
2014-10-26 14:12 - 2014-10-26 14:13 - 00781632 _____ ( ) C:\Users\Dot\Downloads\adobe_flash_setup (1).exe
2014-10-26 11:19 - 2014-11-04 05:09 - 00000000 ____D () C:\Program Files\Wajam Web Enhancer
2014-10-26 11:19 - 2014-10-26 11:19 - 00000000 ____D () C:\Users\Dot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer
2014-10-26 10:32 - 2014-10-26 10:32 - 00356112 _____ (Installer Technology Co) C:\Users\Dot\Downloads\SoftwareUpdater (7).exe
2014-10-23 13:02 - 2014-10-23 13:02 - 00781632 _____ ( ) C:\Users\Dot\Downloads\adobe_flash_setup.exe
2014-10-22 17:37 - 2014-10-22 17:41 - 00000000 ____D () C:\Users\Dot\Documents\Pirate101
2014-10-19 20:24 - 2014-10-19 20:25 - 00292600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 14:27 - 2014-07-02 20:59 - 01824784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-17 14:27 - 2014-06-25 02:07 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-10-17 14:26 - 2014-07-11 23:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-10-17 14:26 - 2014-07-11 23:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-17 14:26 - 2014-07-11 23:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-17 14:26 - 2014-07-11 23:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-17 14:26 - 2014-07-11 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-17 14:26 - 2014-07-11 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-17 14:26 - 2014-07-11 23:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-10-17 14:26 - 2014-07-11 23:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-17 14:26 - 2014-07-11 23:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-17 14:26 - 2014-07-11 23:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-17 14:26 - 2014-07-11 23:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-17 14:26 - 2014-07-11 23:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-17 14:26 - 2014-07-11 19:02 - 00478352 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-17 14:26 - 2014-07-11 19:00 - 00478352 _____ () C:\Windows\system32\locale.nls
2014-10-17 14:26 - 2014-07-08 17:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-10-17 14:26 - 2014-07-08 17:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-10-17 14:26 - 2014-07-08 17:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-10-17 14:26 - 2014-07-08 17:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-10-17 14:26 - 2014-07-07 00:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-10-17 14:26 - 2014-07-07 00:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-10-17 14:26 - 2014-07-04 05:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-10-17 14:26 - 2014-07-02 19:30 - 01408952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-17 14:26 - 2014-06-28 02:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-10-17 14:26 - 2014-06-28 01:57 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-10-17 14:26 - 2014-06-28 01:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-10-17 14:26 - 2014-06-25 02:09 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-10-17 14:26 - 2014-06-17 18:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-10-17 14:26 - 2014-06-17 18:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-10-17 14:26 - 2014-06-11 09:47 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-10-17 14:26 - 2014-06-10 23:40 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-10-17 14:26 - 2014-06-10 17:44 - 01403896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-17 14:26 - 2014-05-29 18:31 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-17 14:26 - 2014-05-29 18:03 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-17 14:26 - 2014-02-04 05:57 - 01271664 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-17 14:25 - 2014-09-13 00:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 14:25 - 2014-09-12 23:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-17 14:25 - 2014-07-07 00:53 - 01125376 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-17 14:25 - 2014-07-07 00:52 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-17 14:25 - 2014-07-07 00:52 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-17 14:25 - 2014-07-07 00:52 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-17 14:25 - 2014-07-07 00:51 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-17 14:25 - 2014-07-06 23:01 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-17 14:25 - 2014-07-06 23:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-17 14:25 - 2014-07-06 23:00 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-17 14:25 - 2014-07-06 22:59 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-17 14:24 - 2014-09-20 00:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-17 14:24 - 2014-09-20 00:17 - 02236928 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-17 14:24 - 2014-09-20 00:17 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-17 14:24 - 2014-09-20 00:17 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-10-17 14:24 - 2014-09-20 00:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-17 14:24 - 2014-09-20 00:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-17 14:24 - 2014-09-20 00:15 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-17 14:24 - 2014-09-20 00:15 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-17 14:24 - 2014-09-20 00:15 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-17 14:24 - 2014-09-19 22:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-17 14:24 - 2014-09-19 22:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-17 14:24 - 2014-09-19 22:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-17 14:24 - 2014-09-19 22:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-17 14:24 - 2014-09-19 22:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-17 14:24 - 2014-09-19 22:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-17 14:24 - 2014-09-19 20:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-10-17 14:24 - 2014-09-02 21:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-17 14:24 - 2014-09-02 21:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-17 14:23 - 2014-09-27 23:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 14:23 - 2014-08-30 00:48 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-10-17 14:23 - 2014-08-30 00:47 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-17 14:23 - 2014-08-30 00:46 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-17 14:23 - 2014-08-29 23:05 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-10-17 14:23 - 2014-08-29 23:04 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-17 14:23 - 2014-08-29 23:03 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-17 14:23 - 2014-06-12 18:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-10-17 14:23 - 2014-06-12 18:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-10-17 14:22 - 2014-08-01 17:08 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-17 14:22 - 2014-07-24 08:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-10-17 14:22 - 2014-07-16 18:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-10-17 14:22 - 2014-07-16 17:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-10-17 14:22 - 2014-07-16 17:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2014-10-17 14:22 - 2014-07-12 01:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-10-17 14:22 - 2014-07-11 23:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-10-17 14:22 - 2014-07-11 23:36 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-10-17 14:22 - 2014-07-11 23:34 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-10-17 14:22 - 2014-07-11 23:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-10-17 14:22 - 2014-06-28 01:57 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-10-17 14:22 - 2014-06-27 21:23 - 01126400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-10-17 12:53 - 2014-10-17 12:53 - 00001933 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-10-17 12:53 - 2014-10-17 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-10-17 12:52 - 2014-10-17 12:52 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-10-15 16:02 - 2014-10-15 16:02 - 00000000 ____D () C:\Users\Dot\AppData\Roaming\Astromenda
2014-10-14 12:30 - 2014-10-14 12:30 - 00000817 _____ () C:\Users\Public\Desktop\Play Pirate101.lnk
2014-10-14 12:30 - 2014-10-14 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KingsIsle Entertainment
2014-10-14 12:30 - 2014-10-14 12:30 - 00000000 ____D () C:\ProgramData\KingsIsle Entertainment
2014-10-14 12:24 - 2014-10-14 12:24 - 07401008 _____ (Acresso Software Inc.) C:\Users\Dot\Downloads\InstallPirate101.exe
2014-10-14 12:24 - 2014-10-14 12:24 - 07401008 _____ (Acresso Software Inc.) C:\Users\Dot\Downloads\InstallPirate101 (1).exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-12 09:50 - 2014-09-13 20:39 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-12 09:49 - 2012-07-26 02:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-12 09:35 - 2014-10-10 12:29 - 00000000 ____D () C:\Users\Dot\Documents\ProPCCleaner
2014-11-12 09:29 - 2014-08-03 15:26 - 01894148 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 09:26 - 2014-10-10 12:39 - 00000434 _____ () C:\Windows\Tasks\TheBestDeals Update.job
2014-11-12 09:26 - 2014-09-13 20:39 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 09:26 - 2014-09-12 15:19 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-11-12 09:26 - 2014-09-12 15:19 - 00000428 _____ () C:\Windows\Tasks\DriverUpdate Startup.job
2014-11-12 09:26 - 2012-07-26 02:28 - 00005598 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-12 09:25 - 2014-08-03 15:26 - 00000000 ____D () C:\Users\Dot
2014-11-12 09:21 - 2012-07-26 02:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 08:47 - 2014-10-08 20:06 - 00000000 ____D () C:\Program Files (x86)\RebateInformer
2014-11-12 08:47 - 2014-09-15 14:37 - 00000000 ____D () C:\ProgramData\Rid Spyware
2014-11-12 06:17 - 2014-10-10 12:52 - 00000298 _____ () C:\Windows\Tasks\WSE_Astromenda.job
2014-11-12 06:07 - 2014-10-10 12:13 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 06:00 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\sru
2014-11-12 00:17 - 2014-10-10 18:52 - 00000126 _____ () C:\Users\Dot\AppData\Roaming\WB.CFG
2014-11-12 00:08 - 2014-10-10 12:56 - 00003232 _____ () C:\Windows\System32\Tasks\Optimizer Pro Schedule
2014-11-11 23:24 - 2014-10-08 20:07 - 00000000 ____D () C:\Program Files (x86)\SiteRanker
2014-11-11 22:18 - 2014-09-12 14:51 - 00000442 _____ () C:\Windows\Tasks\ArcadeYum.job
2014-11-11 16:29 - 2014-09-11 21:17 - 00000000 ____D () C:\Program Files (x86)\Inbox Toolbar
2014-11-11 15:07 - 2014-10-10 12:13 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-11 13:50 - 2014-09-03 12:50 - 00000362 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Dot).job
2014-11-11 01:51 - 2014-09-18 15:24 - 482917233 _____ () C:\Windows\MEMORY.DMP
2014-11-11 01:51 - 2014-09-18 15:24 - 00000000 ____D () C:\Windows\Minidump
2014-11-10 17:31 - 2014-08-03 15:44 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-11-09 20:04 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-11-09 09:23 - 2014-10-10 19:29 - 00000000 ____D () C:\Users\Dot\AppData\Local\ospd_us_225
2014-11-09 02:55 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-08 16:08 - 2012-07-26 00:26 - 00000187 _____ () C:\Windows\win.ini
2014-11-08 13:50 - 2014-09-03 12:50 - 00003000 _____ () C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Dot)
2014-11-08 10:40 - 2014-10-10 11:06 - 00000000 ____D () C:\Program Files (x86)\Software Updater
2014-11-07 21:51 - 2014-10-09 18:56 - 00000000 ____D () C:\ProgramData\Browser
2014-11-07 17:03 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-11-07 16:59 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-07 16:19 - 2014-09-12 15:19 - 00000482 _____ () C:\Windows\Tasks\DriverUpdate Scan.job
2014-11-06 19:13 - 2013-11-30 15:06 - 00000000 ____D () C:\ProgramData\PCDr
2014-11-06 18:55 - 2014-08-05 19:56 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2295182653-3264991934-447758255-1001
2014-10-31 19:27 - 2014-09-11 21:19 - 00000000 ____D () C:\ProgramData\PCPowerSpeed
2014-10-31 11:18 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-30 15:26 - 2014-10-10 19:40 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-10-30 15:26 - 2014-10-10 12:39 - 00000000 ____D () C:\Users\Dot\AppData\Roaming\VOPackage
2014-10-30 15:25 - 2014-10-10 12:39 - 00000000 ____D () C:\Program Files (x86)\ver5TheBestDeals
2014-10-29 19:23 - 2014-09-16 11:03 - 00027172 _____ () C:\Windows\PFRO.log
2014-10-29 09:29 - 2014-10-10 19:40 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-10-29 09:29 - 2014-10-07 20:19 - 00000000 ____D () C:\Users\Dot\AppData\Local\TidyNetwork
2014-10-29 09:29 - 2014-10-07 20:19 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-10-28 04:49 - 2014-10-10 12:30 - 00000000 ____D () C:\Users\Dot\AppData\Local\StormWatch
2014-10-27 19:14 - 2014-09-13 20:39 - 00000000 ____D () C:\Users\Dot\AppData\Local\Google
2014-10-27 19:13 - 2014-09-13 20:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-26 22:01 - 2014-10-07 20:22 - 00001024 _____ () C:\.rnd
2014-10-26 14:18 - 2014-10-10 12:52 - 00002636 _____ () C:\Windows\System32\Tasks\WSE_Astromenda
2014-10-26 14:17 - 2014-10-10 12:51 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-10-26 14:16 - 2014-10-10 12:52 - 00000000 ____D () C:\Users\Dot\AppData\Roaming\WSE_Astromenda
2014-10-25 18:59 - 2014-10-10 12:13 - 00000000 ____D () C:\Users\Dot\AppData\Local\Adobe
2014-10-19 18:01 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\rescache
2014-10-19 17:07 - 2012-07-26 03:12 - 00000000 ___RD () C:\Windows\ToastData
2014-10-19 17:07 - 2012-07-26 03:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-19 16:45 - 2014-09-13 20:39 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 16:45 - 2014-09-13 20:39 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 12:52 - 2014-10-10 12:13 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-10-16 02:22 - 2014-08-08 14:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 02:09 - 2014-08-08 14:24 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 19:58 - 2014-10-10 19:30 - 00000000 ____D () C:\Users\Dot\AppData\Local\ConvertAd
2014-10-14 12:30 - 2013-11-30 15:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-13 13:51 - 2014-10-10 13:51 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
 
Some content of TEMP:
====================
C:\Users\Dot\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite10509.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite12877.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite14853.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite15184.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite18028.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite19910.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite19954.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite20685.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite24412.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite25062.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite25604.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite26947.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite29009.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite30045.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite30777.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite32232.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite33379.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite33517.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite33968.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite34294.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite35858.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite35910.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite36720.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite37000.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite37953.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite38000.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite38172.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite39618.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite39826.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite40261.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite40533.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite41073.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite41770.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite42124.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite46132.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite48514.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite49933.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite49998.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite50250.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite50312.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite51748.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite52031.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite52660.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53230.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53373.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53563.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53734.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite55251.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite55321.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite56529.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite56893.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite57131.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite58237.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite61369.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite62456.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite64873.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite65036.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite66228.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite67489.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite67691.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite68598.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite68674.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69097.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69561.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69750.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69920.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite72445.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite73223.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite73367.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite74580.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite74605.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite75794.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite77953.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite78103.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite80510.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite81893.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite82630.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite82814.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite83388.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite83439.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite84297.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite84632.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite85128.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite87010.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite87733.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite88322.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite88719.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite88973.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite92724.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite93075.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite93908.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite94417.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite96023.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite96095.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite96108.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite99114.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-08 07:26
 
==================== End Of Log ============================

Attached Files



#10 sweetpea771

sweetpea771
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Idaho
  • Local time:02:32 AM

Posted 12 November 2014 - 12:24 PM

Now what do I do?



#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,311 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:32 AM

Posted 12 November 2014 - 02:25 PM

Please remove the following programs ( they are packet with Adware):

  • AnyProtect
  • ConvertAd
  • MyPC Backup
  • Motitags Internet Explorer Toolbar
  • BrowserSafeguard with RocketTab
  • Free Ride Games Player
  • GamingWonderland Internet Explorer Toolbar
  • MapsGalaxy Internet Explorer Toolbar
  • Optimizer Pro v3.2
  • PC Performer
  • PC Power Speed 2.1.0.4
  • PC Tech Hotline
  • RebateInformer
  • Search Protect
  • SiteRanker
  • Term Tutor
  • TheBestDeals
  • UnknownFile
  • Video Performer
  • WSE_Astromenda
  • YourLocalLotto Toolbar Internet Explorer Toolbar
  • Remote Desktop Access
  • Wajam

Download the enclosed file. 
Save it in the same location FRST is saved. Run FRST, except that this time around, click on the Fix button and wait. The tool will produe a report in the same location FRST is saved, Fixlog.txt. Please post its contents in your next reply.
 
thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • Download AdwCleaner from here. Save the file to the desktop.
     
     
    NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
     
    Close all open windows and browsers.
    • XP users: Double click the AdwCleaner icon to start the program.
    • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
      You will see the following console:
    AdwScan.jpg?
    • Click the Scan button and wait for the scan to finish.
    • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
    • Click the Clean button.
    • Everything checked will be deleted.
    • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
    adwcleaner_delete_restart.jpg
    • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt
    bf_new.gif Please download Malwarebytes' Anti-Malware from Here
     
    Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
    • Select the language and click OK.
    • Accept the agreement
    • Make sure a checkmark is placed next to Enable the Free Trial and Launch
    • Malwarebytes' Anti-Malware
    • , then click on finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Scan Now".
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click on Quanrantee All,.
    • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
    • Upon restart, launch Malwarebytes Antimalware and select History.
    • Double click on the last scan done, then on Copy to Clipboard.
    • Right click on your next reply and select Paste.
    • Submit your reply.
    Extra Note:
     
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

Edited by JSntgRvr, 12 November 2014 - 02:26 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 sweetpea771

sweetpea771
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Idaho
  • Local time:02:32 AM

Posted 13 November 2014 - 06:07 PM

As far as the Malware program goes, the program ran and I have the saved list but it will not let me copy it over to the clipboard, and prntscr does not work either.
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2014
Ran by Dot at 2014-11-12 22:06:52 Run:1
Running from C:\Users\Dot\Downloads
Loaded Profile: Dot (Available profiles: Dot)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {FF3D8E99-7AE2-40F3-874E-F70BAF80DD20} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-10-10] (AnyProtect.com) <==== ATTENTION
Task: {D5F34D9A-2FF4-401F-B993-99DA8C851C48} - System32\Tasks\PC Performer Scheduled Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2014-09-02] (PerformerSoft LLC) <==== ATTENTION
Task: {DC259D29-CA6C-496F-88D2-40DEB5A9E8BA} - System32\Tasks\PocketCloud => C:\Program
Task: {E0883C29-391A-4A26-917B-EA3A08EC2D5F} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2014-08-21] (PC Utilities Software Limited) <==== ATTENTION
Task: {F94FD19E-62E6-4F7A-AD3C-81DEFAD28D07} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {32C30E41-A5BC-4930-A054-F2836D8D39A5} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe [2014-10-10] () <==== ATTENTION
Task: {659BC114-D97A-4CA7-9E4F-13F67CF6156E} - System32\Tasks\TheBestDeals Update => C:\Program Files (x86)\ver5TheBestDeals\a5TheBestDealsA83.exe <==== ATTENTION
Task: {70E79E9B-14A1-4184-A895-55225E53762F} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
Task: {71642F8F-851C-4F05-B9CB-00168774099B} - System32\Tasks\WSE_Astromenda => C:\Users\Dot\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-10-26] () <==== ATTENTION
Task: {720A1426-2D29-4EC9-BF83-81587E13DD98} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-10-10] (AnyProtect.com) <==== ATTENTION
Task: {8A07E2B6-BA0D-4FC6-8891-6B57E99BF70B} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-10-10] (AnyProtect.com) <==== ATTENTION
Task: {8C7DA330-2829-4DA5-A6B5-C8ED28AF11FA} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-09-10] (MyPCBackup.com) <==== ATTENTION
C:\Users\Dot\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite10509.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite12877.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite14853.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite15184.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite18028.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite19910.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite19954.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite20685.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite24412.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite25062.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite25604.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite26947.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite29009.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite30045.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite30777.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite32232.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite33379.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite33517.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite33968.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite34294.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite35858.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite35910.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite36720.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite37000.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite37953.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite38000.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite38172.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite39618.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite39826.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite40261.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite40533.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite41073.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite41770.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite42124.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite46132.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite48514.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite49933.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite49998.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite50250.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite50312.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite51748.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite52031.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite52660.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53230.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53373.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53563.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53734.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite55251.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite55321.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite56529.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite56893.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite57131.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite58237.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite61369.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite62456.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite64873.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite65036.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite66228.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite67489.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite67691.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite68598.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite68674.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69097.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69561.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69750.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69920.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite72445.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite73223.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite73367.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite74580.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite74605.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite75794.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite77953.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite78103.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite80510.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite81893.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite82630.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite82814.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite83388.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite83439.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite84297.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite84632.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite85128.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite87010.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite87733.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite88322.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite88719.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite88973.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite92724.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite93075.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite93908.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite94417.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite96023.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite96095.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite96108.dll
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite99114.dll
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-10] (Just Develop It) <==== ATTENTION
R2 Wajam Web Enhancer; C:\Program Files\Wajam Web Enhancer\wajam_64.exe [2343936 2014-10-21] (Wajam Internet Technologies Inc.) [File not signed] <==== ATTENTION
EmptyTemp:
End
*****************
 
C:\Windows\Tasks\APSnotifierPP3.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP1.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP2.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF3D8E99-7AE2-40F3-874E-F70BAF80DD20}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF3D8E99-7AE2-40F3-874E-F70BAF80DD20}" => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5F34D9A-2FF4-401F-B993-99DA8C851C48}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5F34D9A-2FF4-401F-B993-99DA8C851C48}" => Key deleted successfully.
C:\Windows\System32\Tasks\PC Performer Scheduled Scan => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer Scheduled Scan" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC259D29-CA6C-496F-88D2-40DEB5A9E8BA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC259D29-CA6C-496F-88D2-40DEB5A9E8BA}" => Key deleted successfully.
C:\Windows\System32\Tasks\PocketCloud => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PocketCloud" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0883C29-391A-4A26-917B-EA3A08EC2D5F}" => Key not found.
C:\Windows\System32\Tasks\Optimizer Pro Schedule not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimizer Pro Schedule" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F94FD19E-62E6-4F7A-AD3C-81DEFAD28D07}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F94FD19E-62E6-4F7A-AD3C-81DEFAD28D07}" => Key deleted successfully.
C:\Windows\System32\Tasks\PocketCloudUpdater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PocketCloudUpdater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32C30E41-A5BC-4930-A054-F2836D8D39A5}" => Key not found.
C:\Windows\System32\Tasks\RocketTab Update Task not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab Update Task" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{659BC114-D97A-4CA7-9E4F-13F67CF6156E}" => Key not found.
C:\Windows\System32\Tasks\TheBestDeals Update not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TheBestDeals Update" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70E79E9B-14A1-4184-A895-55225E53762F}" => Key not found.
C:\Windows\System32\Tasks\RocketTab not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71642F8F-851C-4F05-B9CB-00168774099B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71642F8F-851C-4F05-B9CB-00168774099B}" => Key deleted successfully.
C:\Windows\System32\Tasks\WSE_Astromenda => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WSE_Astromenda" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{720A1426-2D29-4EC9-BF83-81587E13DD98}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{720A1426-2D29-4EC9-BF83-81587E13DD98}" => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A07E2B6-BA0D-4FC6-8891-6B57E99BF70B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A07E2B6-BA0D-4FC6-8891-6B57E99BF70B}" => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C7DA330-2829-4DA5-A6B5-C8ED28AF11FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C7DA330-2829-4DA5-A6B5-C8ED28AF11FA}" => Key deleted successfully.
C:\Windows\System32\Tasks\LaunchApp => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchApp" => Key deleted successfully.
C:\Users\Dot\AppData\Local\Temp\ReimagePackage.exe => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite10509.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite12877.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite14853.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite15184.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite18028.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite19910.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite19954.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite20685.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite24412.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite25062.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite25604.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite26947.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite29009.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite30045.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite30777.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite32232.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite33379.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite33517.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite33968.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite34294.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite35858.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite35910.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite36720.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite37000.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite37953.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite38000.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite38172.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite39618.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite39826.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite40261.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite40533.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite41073.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite41770.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite42124.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite46132.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite48514.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite49933.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite49998.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite50250.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite50312.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite51748.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite52031.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite52660.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53230.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53373.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53563.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite53734.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite55251.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite55321.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite56529.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite56893.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite57131.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite58237.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite61369.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite62456.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite64873.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite65036.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite66228.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite67489.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite67691.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite68598.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite68674.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69097.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69561.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69750.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite69920.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite72445.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite73223.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite73367.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite74580.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite74605.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite75794.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite77953.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite78103.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite80510.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite81893.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite82630.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite82814.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite83388.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite83439.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite84297.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite84632.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite85128.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite87010.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite87733.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite88322.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite88719.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite88973.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite92724.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite93075.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite93908.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite94417.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite96023.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite96095.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite96108.dll => Moved successfully.
C:\Users\Dot\AppData\Local\Temp\System.Data.SQLite99114.dll => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
BackupStack => Service not found.
Wajam Web Enhancer => Service not found.
EmptyTemp: => Removed 813.3 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 8 x64
Ran by Dot on Wed 11/12/2014 at 22:34:53.62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully stopped: [Service] gamingwonderlandservice 
Successfully deleted: [Service] gamingwonderlandservice 
Successfully stopped: [Service] yourlocallotto1_20service 
Successfully deleted: [Service] yourlocallotto1_20service 
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\inboxtoolbar
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\online vault
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.FeedManager
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.FeedManager.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.HTMLMenu
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.HTMLMenu.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.HTMLPanel
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.HTMLPanel.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.MultipleButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.MultipleButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.PseudoTransparentPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.PseudoTransparentPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.ScriptButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.ScriptButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.SettingsPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.SettingsPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.ThirdPartyInstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.ThirdPartyInstaller.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.ToolbarProtector.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Motitags_94.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Motitags_94.ToolbarProtector.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yourlocallotto1_20.ToolbarProtector.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\Tasks\DriverUpdate Scan.job
Successfully deleted: [File] C:\Windows\Tasks\DriverUpdate Startup.job
Successfully deleted: [File] "C:\Users\Dot\appdata\local\google\chrome\user data\default\local storage\http_www.azlyrics.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Dot\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Dot\appdata\local\google\chrome\user data\default\local storage\http_www.wajam.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Dot\appdata\local\google\chrome\user data\default\local storage\https_static.livelyrics00.live-lyrics.com_0.localstorage"
Successfully deleted: [File] C:\Windows\prefetch\APP24X7HELP.EXE-B9A705E9.pf
Successfully deleted: [File] C:\Windows\prefetch\DRIVERUPDATE.EXE-7973A8B6.pf
Successfully deleted: [File] C:\Users\Dot\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Users\Dot\AppData\Roaming\WSE_Astromenda
Successfully deleted: [Folder] "C:\ProgramData\browser"
Successfully deleted: [Folder] "C:\ProgramData\iepluginservices"
Successfully deleted: [Folder] "C:\Users\Dot\AppData\Roaming\anyprotectex"
Successfully deleted: [Folder] "C:\Users\Dot\AppData\Roaming\ap_logs"
Successfully deleted: [Folder] "C:\Users\Dot\AppData\Roaming\onlinevault"
Successfully deleted: [Folder] "C:\Users\Dot\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Dot\AppData\Roaming\vopackage"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\local\gamingwonderland"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\local\iac"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\local\pro_pc_cleaner"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\local\tidynetwork"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\local\yourlocallotto1_20"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\locallow\appgraffiti"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\locallow\gamingwonderland"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\locallow\gamingwonderlandei"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\locallow\iac"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\locallow\inbox toolbar"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\locallow\mapsgalaxy_39ei"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\locallow\siteranker"
Successfully deleted: [Folder] "C:\Users\Dot\appdata\locallow\yourlocallotto1_20"
Successfully deleted: [Folder] "C:\Program Files (x86)\24x7help"
Failed to delete: [Folder] "C:\Program Files (x86)\appgraffiti"
Successfully deleted: [Folder] "C:\Program Files (x86)\gamesbar"
Failed to delete: [Folder] "C:\Program Files (x86)\gamingwonderland"
Failed to delete: [Folder] "C:\Program Files (x86)\inbox toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Failed to delete: [Folder] "C:\Program Files (x86)\onlinevault"
Successfully deleted: [Folder] "C:\Program Files (x86)\suptab"
Successfully deleted: [Folder] "C:\Program Files (x86)\tidynetwork"
Failed to delete: [Folder] "C:\Program Files (x86)\yourlocallotto1_20"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\appgraffiti"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\inbox toolbar"
Successfully deleted: [Folder] "C:\Users\Dot\AppData\Roaming\microsoft\windows\start menu\programs\vopackage"
Successfully deleted: [Folder] "C:\Users\Dot\documents\optimizer pro"
Successfully deleted: [Folder] "C:\Users\Dot\documents\propccleaner"
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Dot\appdata\local\Google\Chrome\User Data\Default\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Successfully deleted: [Folder] C:\Users\Dot\appdata\local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Successfully deleted: [Folder] C:\Users\Dot\appdata\local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/12/2014 at 22:45:00.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
# AdwCleaner v4.101 - Report created 12/11/2014 at 23:51:42
# Updated 09/11/2014 by Xplode
# Database : 2014-11-12.2 [Live]
# Operating System : Windows 8  (64 bits)
# Username : Dot - CONNIE
# Running from : C:\Users\Dot\Downloads\adwcleaner_4.101.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : ReimageRealTimeProtector
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\SiteRanker
Folder Deleted : C:\ProgramData\374311380 
Folder Deleted : C:\ProgramData\Reimage Protector
Folder Deleted : C:\ProgramData\c53aaf64fe6efa82
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro PC Cleaner
Folder Deleted : C:\Program Files (x86)\AppGraffiti
Folder Deleted : C:\Program Files (x86)\GamingWonderland
Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
Folder Deleted : C:\Program Files (x86)\Software Updater
Folder Deleted : C:\Program Files (x86)\wse_astromenda
Folder Deleted : C:\Program Files (x86)\DriverRestore
Folder Deleted : C:\Program Files (x86)\RCP
Folder Deleted : C:\Program Files (x86)\speed browser
Folder Deleted : C:\Program Files (x86)\Pro PC Cleaner
Folder Deleted : C:\Program Files (x86)\Common Files\DealAlly
Folder Deleted : C:\Program Files (x86)\Common Files\Hoist Search
Folder Deleted : C:\Program Files\Reimage
Folder Deleted : C:\Users\Dot\AppData\Local\StormWatch
Folder Deleted : C:\Users\Dot\AppData\Local\Weather_Protector_LLC
Folder Deleted : C:\Users\Dot\AppData\Local\speed browser
Folder Deleted : C:\Users\Dot\AppData\Roaming\Astromenda
Folder Deleted : C:\Users\Dot\AppData\Roaming\v9
Folder Deleted : C:\Users\Dot\AppData\Roaming\Video Performer
Folder Deleted : C:\Users\Dot\AppData\Roaming\Pro PC Cleaner
Folder Deleted : C:\Users\Dot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Performer
Folder Deleted : C:\Users\Dot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch
Folder Deleted : C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipamlpodmmcampmmgkdgbhikhidjngkb
File Deleted : C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
File Deleted : C:\Users\Public\Desktop\speed browser.lnk
File Deleted : C:\Windows\Reimage.ini
File Deleted : C:\Users\Dot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speed browser.lnk
File Deleted : C:\Users\Dot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\speed browser.lnk
File Deleted : C:\Users\Dot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
File Deleted : C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
File Deleted : C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : ReimageUpdater
Task Deleted : Reimage Reminder
Task Deleted : DriverRestore_ScheduledScan
Task Deleted : DriverRestore_DailyScan
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Deleted : HKLM\SOFTWARE\Classes\inbox.appserver
Key Deleted : HKLM\SOFTWARE\Classes\inbox.ibx404
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.JSServer
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Motitags_94 Browser Plugin Loader 64]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{364EA597-E728-4CE4-BB4A-ED846EF47970}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6CB99040-7828-4C37-AC01-F15758F43E4D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{364EA597-E728-4CE4-BB4A-ED846EF47970}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6CB99040-7828-4C37-AC01-F15758F43E4D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\AppGraffiti
Key Deleted : HKCU\Software\BRS
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\Inbox Toolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\PerformerSoft
Key Deleted : HKCU\Software\SoftwareUpdater
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\WSE_Astromenda
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\DriverRestore
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\StormWatch
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AppGraffiti
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Inbox Toolbar
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\PerformerSoft
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\V9Software
Key Deleted : HKLM\SOFTWARE\TermTutor
Key Deleted : HKLM\SOFTWARE\SpeedBrowser
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\StormWatch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Software Updater_is1
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Key Deleted : [x64] HKLM\SOFTWARE\DriverRestore
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverRestore
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.17148
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
 
-\\ Google Chrome v38.0.2125.111
 
[C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^Z7^xdm704^YYA^us&ptb=D7C94E22-0CF3-475A-BB41-E58E1398E880&psa=&ind=2014082215&st=sb&n=780c74a7&searchfor={searchTerms}
[C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324419&octid=EB_ORIGINAL_CTID&ISID=MEFCD090F-176F-4F61-B72F-40F636B5A1B9&SearchSource=58&CUI=&UM=6&UP=SPB108BEA3-6717-40C8-8EA9-D8C952D8254D&q={searchTerms}&SSPV=
[C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324419&octid=EB_ORIGINAL_CTID&ISID=MEFCD090F-176F-4F61-B72F-40F636B5A1B9&SearchSource=58&CUI=&UM=6&UP=SPB108BEA3-6717-40C8-8EA9-D8C952D8254D&q={searchTerms}&SSPV=
[C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_nan_nan_ch&cd=2XzuyEtN2Y1L1Qzu0F0AtB0F0Azz0C0C0EyCyBtC0EyDyC0BtN0D0Tzu0StCtDtAtDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0E0A0FtDyEtA0AtGyEtB0EtBtG0EyCtCyCtGyD0D0B0AtGyBtD0EtByBtDyDzztAyDtCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0AtB0FtD0FtC0BtGtDtAtAtCtGyEyCyC0BtGzy0A0BzztGtByCtDzzyEyB0ByBtAyDtCtA2Q&cr=2001504371&ir=
[C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.v9.com/web/?type=ds&ts=1412987960&from=brd&uid=WDCXWD3200LPVX-75V0TT0_WX91A93M9343A93M9343&i=psd&t=34a34da37&q={searchTerms}
[C:\Users\Dot\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_installertech_14_22&cd=2XzuyEtN2Y1L1Qzu0F0AtB0F0Azz0C0C0EyCyBtC0EyDyC0BtN0D0Tzu0StCtDtAtDtN1L2XzutAtFyDtFtCtFtCtN1L1Czu1N1C2X1V1L1G1B2Z1T1I1I1P1C2Z1P1R1M1VtCyE1VtBtBtN1L1G1B1V1N2Y1L1Qzu2SyCyD0A0DzzzytBtCtG0AtDyDtCtG0AtAzy0BtGyE0DyCtBtGyEtAtByBzyzzyE0FtAyDtCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0AtB0FtD0FtC0BtGtDtAtAtCtGyEyCyC0BtGzy0A0BzztGtByCtDzzyEyB0ByBtAyDtCtA2Q&cr=1986863300&ir=
 
*************************
 
AdwCleaner[R0].txt - [18350 octets] - [12/11/2014 23:40:55]
AdwCleaner[S0].txt - [16500 octets] - [12/11/2014 23:51:42]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16561 octets] ##########
 


#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,311 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:32 AM

Posted 13 November 2014 - 07:51 PM

Reset your browsers to default. For instructions read here.

 

How is the computer doing?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 sweetpea771

sweetpea771
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Idaho
  • Local time:02:32 AM

Posted 14 November 2014 - 05:35 AM

It's doing okay, but every once in awhile it still crashes while I'm in the net. But no pop ups, and it is quicker. If there is anything else you can suggest for the crashing that would be great, at least it's not slow. It has gotten faster.

 

Thank you



#15 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,311 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:32 AM

Posted 14 November 2014 - 10:32 AM

Re-Scan with FRST and post the contents of the new log, FRST.txt


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users