Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

arcadegiant not being deleted


  • This topic is locked This topic is locked
22 replies to this topic

#1 JJJJJJJ

JJJJJJJ

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 23 November 2014 - 04:20 PM

Running your program identifies arcadegiant updater in Scheduled Tasks.  I click on Clean, the computer reboots, I run ADWclean and the same thing shows up.  Have done this several times.  I've checked the task scheduler that I could see (maybe there are others?) but could not find arcadegiant.  Have tried all the other internet solutions.  It just doesn't show up anywhere except when you tag it.
 
I attached the report showing the virus is tagged. The report after my computer restarts, also attached, shows nothing was deleted.
 
What's up with this?  How do I delete arcadegiant?

# AdwCleaner v4.101 - Report created 23/11/2014 at 16:08:31
# Updated 09/11/2014 by Xplode
# Database : 2014-11-23.7 [Live]
# Operating System : Windows Vista ™ Ultimate Service Pack 2 (32 bits)
# Username : Jim - JIM-LAPTOP
# Running from : C:\Users\Jim\Desktop\Protect\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****

Task Found : ArcadeGiant Updater

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16592


-\\ Mozilla Firefox v33.1.1 (x86 en-US)


*************************

AdwCleaner[R10].txt - [658 octets] - [23/11/2014 16:08:31]
AdwCleaner[R2].txt - [980 octets] - [19/10/2014 15:56:21]
AdwCleaner[R3].txt - [1207 octets] - [21/11/2014 16:48:50]
AdwCleaner[R4].txt - [1108 octets] - [21/11/2014 17:18:03]
AdwCleaner[R5].txt - [1339 octets] - [21/11/2014 17:34:23]
AdwCleaner[R6].txt - [1156 octets] - [21/11/2014 17:49:33]
AdwCleaner[R7].txt - [1349 octets] - [21/11/2014 19:28:28]
AdwCleaner[R8].txt - [1277 octets] - [23/11/2014 15:45:20]
AdwCleaner[R9].txt - [1397 octets] - [23/11/2014 16:04:33]
AdwCleaner[S1].txt - [1242 octets] - [21/11/2014 16:50:24]
AdwCleaner[S2].txt - [1137 octets] - [21/11/2014 17:30:37]
AdwCleaner[S3].txt - [1304 octets] - [23/11/2014 15:47:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R10].txt - [1377 octets] ##########

# AdwCleaner v4.101 - Report created 23/11/2014 at 16:14:11
# Updated 09/11/2014 by Xplode
# Database : 2014-11-23.7 [Live]
# Operating System : Windows Vista ™ Ultimate Service Pack 2 (32 bits)
# Username : Jim - JIM-LAPTOP
# Running from : C:\Users\Jim\Desktop\Protect\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16592


-\\ Mozilla Firefox v33.1.1 (x86 en-US)


*************************

AdwCleaner[R10].txt - [1458 octets] - [23/11/2014 16:08:31]
AdwCleaner[R2].txt - [980 octets] - [19/10/2014 15:56:21]
AdwCleaner[R3].txt - [1207 octets] - [21/11/2014 16:48:50]
AdwCleaner[R4].txt - [1108 octets] - [21/11/2014 17:18:03]
AdwCleaner[R5].txt - [1339 octets] - [21/11/2014 17:34:23]
AdwCleaner[R6].txt - [1156 octets] - [21/11/2014 17:49:33]
AdwCleaner[R7].txt - [1349 octets] - [21/11/2014 19:28:28]
AdwCleaner[R8].txt - [1277 octets] - [23/11/2014 15:45:20]
AdwCleaner[R9].txt - [1397 octets] - [23/11/2014 16:04:33]
AdwCleaner[S1].txt - [1242 octets] - [21/11/2014 16:50:24]
AdwCleaner[S2].txt - [1137 octets] - [21/11/2014 17:30:37]
AdwCleaner[S3].txt - [1304 octets] - [23/11/2014 15:47:13]
AdwCleaner[S4].txt - [1345 octets] - [23/11/2014 16:14:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1405 octets] ##########

Attached Files


Edited by Oh My!, 30 November 2014 - 05:56 PM.
Posted logs


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:21 PM

Posted 28 November 2014 - 04:25 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/557394 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:21 PM

Posted 30 November 2014 - 05:54 PM

Greetings JJJJJJJ and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Edited by Oh My!, 30 November 2014 - 10:02 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 JJJJJJJ

JJJJJJJ
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 30 November 2014 - 07:41 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-11-2014 01
Ran by Jim (administrator) on JIM-LAPTOP on 30-11-2014 19:00:25
Running from C:\Users\Jim\Desktop
Loaded Profile: Jim (Available profiles: Jim)
Platform: Microsoft® Windows Vista™ Ultimate  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(UPEK Inc.) C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\psfus: C:\Windows\system32\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-08-19] (Google Inc.)
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1
Lsa: [Notification Packages] scecli psqlpwd
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: [UEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Fingerprint Reader Suite\farchns.dll (UPEK Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Fingerprint Reader Suite\farchns.dll (UPEK Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-736481657-2550844261-3393829112-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6583E8FDE605D001
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=12&ct=1416615332&rver=6.4.6456.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2Fdefault.aspx%3Frru%3Dinbox&lc=1033&id=64855&mkt=en-us&cbcxt=mai
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-736481657-2550844261-3393829112-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-736481657-2550844261-3393829112-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4hv1lbc6.default-1416614107976
FF Homepage: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=12&ct=1416615735&rver=6.4.6456.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2Fdefault.aspx%3Frru%3Dinbox&lc=1033&id=64855&mkt=en-us&cbcxt=mai
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: Toolbar Buttons - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4hv1lbc6.default-1416614107976\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2014-11-23]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4hv1lbc6.default-1416614107976\Extensions\adblockpopups@jessehakanen.net.xpi [2014-11-23]
FF Extension: Exif Viewer - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4hv1lbc6.default-1416614107976\Extensions\exif_viewer@mozilla.doslash.org.xpi [2014-11-23]
FF Extension: Ghostery - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4hv1lbc6.default-1416614107976\Extensions\firefox@ghostery.com.xpi [2014-11-23]
FF Extension: Adblock Plus - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4hv1lbc6.default-1416614107976\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-23]
FF Extension: Adblock Edge - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4hv1lbc6.default-1416614107976\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-11-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-11-17]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [647168 2007-07-25] (Intel Corporation) [File not signed]
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [107912 2008-10-09] ()
S4 nlsX86cc; C:\Windows\system32\nlssrv32.exe [66560 2012-09-04] (Nalpeiron Ltd.) [File not signed]
S4 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-07-25] (Intel Corporation) [File not signed]
S4 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-26] (SupportSoft, Inc.)
S4 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-04-22] (Western Digital Technologies, Inc.)
S4 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [270192 2013-04-22] (Western Digital Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213784 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 i1display; C:\Windows\System32\Drivers\i1display.sys [44344 2004-10-15] ()
R3 OEM04Vfx; C:\Windows\System32\DRIVERS\OEM04Vfx.sys [7424 2007-12-03] (EyePower Games Pte. Ltd.)
R3 OEM04Vid; C:\Windows\System32\DRIVERS\OEM04Vid.sys [234720 2007-12-03] (Creative Technology Ltd.)
R2 PDIHWCTL; C:\Windows\system32\drivers\pdihwctl.sys [14416 2007-01-25] (Portrait Displays, Inc.) [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 19:00 - 2014-11-30 19:00 - 00015901 _____ () C:\Users\Jim\Desktop\FRST.txt
2014-11-30 18:52 - 2014-11-30 18:52 - 01594670 _____ () C:\Users\Jim\Desktop\Summary.nfo
2014-11-30 18:44 - 2014-11-30 18:48 - 00030653 _____ () C:\Users\Jim\Desktop\Addition.txt
2014-11-30 18:41 - 2014-11-30 18:41 - 00153520 _____ () C:\Users\Jim\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-30 18:36 - 2014-11-30 19:00 - 00000000 ____D () C:\FRST
2014-11-30 18:35 - 2014-11-30 18:35 - 01109504 _____ (Farbar) C:\Users\Jim\Desktop\FRST.exe
2014-11-30 18:30 - 2014-11-30 18:31 - 03910256 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-24 20:22 - 2014-11-24 20:22 - 00011146 _____ () C:\Users\Jim\Documents\startup2.txt
2014-11-24 20:21 - 2014-11-24 20:21 - 00011146 _____ () C:\Users\Jim\Desktop\startup.txt
2014-11-24 17:31 - 2014-11-24 17:39 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-11-22 11:52 - 2014-11-22 11:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-21 18:55 - 2014-11-21 18:55 - 00000000 ____D () C:\Users\Jim\Desktop\Old Firefox Data
2014-11-21 17:11 - 2014-11-21 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-21 17:10 - 2014-11-21 17:11 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-11-21 17:10 - 2014-11-21 17:11 - 00000000 ____D () C:\Program Files\iTunes
2014-11-21 17:10 - 2014-11-21 17:10 - 00000000 ____D () C:\Program Files\iPod
2014-11-21 17:01 - 2014-11-21 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-21 17:01 - 2014-11-21 17:01 - 00000000 ____D () C:\Program Files\QuickTime
2014-11-21 16:59 - 2013-04-04 04:30 - 00263584 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-20 08:43 - 2014-10-23 20:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 09:25 - 2014-10-09 20:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 09:25 - 2014-10-09 20:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 09:25 - 2014-10-09 20:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 09:25 - 2014-10-09 18:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 09:25 - 2014-08-26 19:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 09:25 - 2014-08-26 19:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 09:24 - 2014-10-23 20:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 09:24 - 2014-09-18 19:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 09:23 - 2014-08-11 21:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 09:21 - 2014-10-17 20:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 09:21 - 2014-10-02 20:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 09:21 - 2014-10-02 20:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 09:21 - 2014-10-02 20:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 09:21 - 2014-10-02 20:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 09:12 - 2014-10-12 18:34 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 14:11 - 2014-10-27 14:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 14:11 - 2014-10-27 14:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 14:11 - 2014-10-27 14:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 14:11 - 2014-10-27 13:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 14:11 - 2014-10-27 13:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 14:11 - 2014-10-27 13:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 14:11 - 2014-10-27 13:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-11 14:11 - 2014-10-27 13:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 14:11 - 2014-10-27 13:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 14:11 - 2014-10-27 13:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-11 14:11 - 2014-10-27 13:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 14:11 - 2014-10-27 13:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 14:11 - 2014-10-27 13:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 14:11 - 2014-10-27 13:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 14:11 - 2014-10-27 13:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 14:11 - 2014-10-27 13:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 14:11 - 2014-10-27 13:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 14:11 - 2014-10-27 13:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-11 14:11 - 2014-10-27 13:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-11 14:11 - 2014-10-27 13:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-11 14:11 - 2014-10-27 13:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 18:59 - 2013-04-28 13:29 - 01893217 _____ () C:\Windows\WindowsUpdate.log
2014-11-30 18:56 - 2012-04-28 08:44 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-30 18:56 - 2006-11-02 08:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-30 18:56 - 2006-11-02 07:46 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-30 18:56 - 2006-11-02 07:46 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-30 18:55 - 2010-08-03 09:09 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-11-30 18:55 - 2006-11-02 08:00 - 00032606 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-30 18:37 - 2006-11-02 05:33 - 00707392 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-30 17:37 - 2014-10-19 15:56 - 00000000 ____D () C:\AdwCleaner
2014-11-30 17:35 - 2014-06-20 07:11 - 00000000 ____D () C:\Users\Jim\AppData\Local\Adobe
2014-11-30 17:35 - 2012-10-19 20:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-30 16:57 - 2010-10-16 15:52 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-30 16:57 - 2010-08-09 13:29 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\Skype
2014-11-29 15:19 - 2012-04-28 08:44 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-29 15:03 - 2012-04-28 08:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 17:43 - 2010-08-09 13:49 - 00000000 ____D () C:\Users\Jim\Desktop\Protect
2014-11-23 16:21 - 2014-06-29 10:28 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-23 07:55 - 2012-05-03 19:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-21 17:10 - 2014-08-16 10:45 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-11-21 17:10 - 2011-01-04 15:25 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-21 17:07 - 2010-08-09 08:21 - 00000000 ____D () C:\Users\Jim
2014-11-21 16:27 - 2011-10-28 20:09 - 00000000 ____D () C:\Program Files\MALWAREBYTES ANTI-MALWARE
2014-11-13 10:09 - 2014-06-29 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-13 10:08 - 2014-06-29 15:38 - 00000000 ___HD () C:\$AVG
2014-11-13 07:35 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\rescache
2014-11-13 07:26 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 09:25 - 2010-08-09 10:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 09:16 - 2013-08-16 06:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 09:13 - 2006-11-02 05:24 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-30 18:36

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-11-2014 01
Ran by Jim at 2014-11-30 18:44:04
Running from C:\Users\Jim\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.4 (HKLM\...\{FA6F726E-AA8D-492A-B18A-A5945C337FCE}) (Version: 4.4.1 - Adobe)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version:  - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version:  - )
Akamai NetSession Interface (HKU\S-1-5-21-736481657-2550844261-3393829112-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4223 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.01 - Broadcom Corporation)
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 2.1 (HKLM\...\MP Navigator EX 2.1) (Version:  - )
Canon MX860 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series) (Version:  - )
Canon MX860 series User Registration (HKLM\...\Canon MX860 series User Registration) (Version:  - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Citrix online plug-in - web (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 12.0.0.6410 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell Dock (HKLM\...\Dell Dock) (Version:  - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.08100 - Dell)
Dell System Detect (HKU\S-1-5-21-736481657-2550844261-3393829112-1000\...\9204f5692a8faf3b) (Version: 3.3.2.0 - Dell)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version:  - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version:  - )
Eye-One Match 3.6.2 (HKLM\...\Eye-One Match_is1) (Version: 3.6.2 - GretagMacbeth)
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Fingerprint Reader Suite 5.6 (HKLM\...\{A2289997-10A3-48F2-AA03-99180D761661}) (Version: 5.6.2.3476 - UPEK Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version:  - )
i1_driver_installer_utility_i1Match version 1.0 (HKLM\...\i1_driver_installer_utility_i1Match_is1) (Version:  - X-Rite)
Intel® PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.01.0000 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
KC Softwares KCleaner (HKLM\...\KC Softwares KCleaner_is1) (Version:  - KC Softwares)
Laptop Integrated Webcam Driver (1.03.01.1011)   (HKLM\...\Creative OEM004) (Version:  - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
mCore (Version: 9.24.0000 - Intel Corporation) Hidden
MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)
mHelp (Version: 9.24.0000 - Intel) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
mMHouse (Version: 9.24.0000 - Intel Corporation) Hidden
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
mPfMgr (Version: 9.24.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mWMI (Version: 9.24.0000 - Intel Corporation) Hidden
NEF Codec (HKLM\...\{A89768CF-CD21-44FD-A723-16D5A8557415}) (Version: 1.00.0000 - Nikon)
Nik Collection (HKLM\...\Nik Collection) (Version: 1.2.0.4 - Google)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.46 - Piriform)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.3.0 - Synaptics Incorporated)
SyncToy 2.1 (x86) (HKLM\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Drive Utilities (HKLM\...\{72E40002-8CEC-47C1-A099-83AC8E173BF0}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM\...\{124310E8-7C49-4C33-B4F2-3CF43F3830B7}) (Version: 2.0.1.2 - Western Digital Technologies, Inc.)
WD Security (HKLM\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SES Driver Setup (Version: 1.0.2.3 - Western Digital) Hidden
WD SmartWare (HKLM\...\{ED80B64B-FFAE-43D7-9E21-225F94221239}) (Version: 2.0.1.2 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM\...\{bfb9000e-e7d4-490f-a873-ec2c9cab3b3d}) (Version: 2.0.1.2 - Western Digital Technologies, Inc.)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-10-2014 12:08:46 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
17-10-2014 13:30:53 Windows Update
19-10-2014 21:14:13 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
20-10-2014 00:58:07 Installed AVG 2015
20-10-2014 00:58:59 Installed AVG 2015
03-11-2014 16:32:06 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
04-11-2014 13:13:53 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
05-11-2014 13:13:12 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
06-11-2014 13:13:46 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
07-11-2014 12:13:39 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
08-11-2014 15:13:16 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
09-11-2014 13:13:49 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
09-11-2014 21:13:14 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
11-11-2014 19:30:58 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
12-11-2014 14:11:54 Windows Update
13-11-2014 15:14:52 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
14-11-2014 15:14:14 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
20-11-2014 13:41:33 Windows Update
21-11-2014 21:58:15 Removed Java™ 6 Update 21
21-11-2014 22:07:04 Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
21-11-2014 22:21:31 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
22-11-2014 16:21:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
23-11-2014 21:22:45 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
24-11-2014 18:20:33 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
25-11-2014 01:20:19 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
25-11-2014 14:15:13 Scheduled Checkpoint
25-11-2014 19:20:29 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
26-11-2014 12:24:12 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
27-11-2014 12:20:34 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
27-11-2014 19:20:54 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
28-11-2014 12:21:41 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
29-11-2014 18:20:24 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2014-04-28 09:10 - 00450649 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {081B7094-E46F-4F83-8EF3-8B4C13F25AE2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {16CEC5B9-8EFC-4AC2-AEE1-FC89B7B7ADF1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {17ED01F8-D860-4F19-8FA1-E88D505BAF1D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-20] (Adobe Systems Incorporated)
Task: {24F49F14-6AF1-4072-9842-DB58602442FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-28] (Google Inc.)
Task: {256DEC80-5C82-4010-9610-0995D4899471} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\OSUpgrade => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunHandleOSUpgrade
Task: {3A97EB15-70C8-4798-8D99-C7A71DC7D069} - System32\Tasks\{A0CF3106-F1DC-4577-BDE8-6BDF8BBA316F} => Iexplore.exe http://ui.skype.com/ui/0/4.2.0.169.261/en/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {4F7E0293-45B1-4D35-A958-8B7DEF85F41C} - System32\Tasks\Microsoft\Office Genuine Advantage\OGALogon => C:\Windows\system32\OGAExec.exe
Task: {819D67A9-0D4A-419C-BF85-21195B5C6652} - System32\Tasks\AdobeAAMUpdater-1.0-Jim-Laptop-Jim => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {8C288F4B-80A9-4C13-A221-CCD5B4225DEB} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\MatSvc\DataUpload => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RetryDataUpload
Task: {9873AB20-E766-42CA-940D-20AE03E42B0B} - \ArcadeGiant Updater No Task File <==== ATTENTION
Task: {A1C7C708-8B1E-487C-B96E-B494EF58A4F6} - \Updater20900.exe No Task File <==== ATTENTION
Task: {AE9C8214-2E7B-4B51-8DA5-C5F553624443} - System32\Tasks\{00197B11-E58D-425A-8683-BF58B78B1453} => C:\Program Files\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {B461BC4B-BF50-423E-ADDD-A9E7A18706E8} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\ConfigExec => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunCollectConfigurationInfo
Task: {EA7745E4-C6EA-4D68-A546-D0FC5334D7CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-28] (Google Inc.)
Task: {F04A83EE-B824-473A-B363-E2EC6C0B7107} - System32\Tasks\{FE25B62C-30BC-4F10-B4E7-DD6BE5F456B1} => Iexplore.exe http://ui.skype.com/ui/0/4.2.0.169.261/en/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:offered-installed,google-chrome:notoffered;toolbaroffered
Task: {FD94972B-7D32-4752-BF1C-0178AAB1FB4F} - System32\Tasks\PCMService.exe_1543380981 => C:\Program Files\Dell\MediaDirect\PCMService.exe [2007-12-21] (CyberLink Corp.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2007-04-25 10:55 - 2007-04-25 10:55 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll
2007-07-25 16:25 - 2007-07-25 16:25 - 00118784 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-02-26 12:46 - 2009-02-26 12:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 10:46 - 2011-06-22 10:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: DockLoginService => 2
MSCONFIG\Services: GoToAssist => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nlsX86cc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: sprtsvc_DellSupportCenter => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: WDBackup => 2
MSCONFIG\Services: WDDriveService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ProfileReminder.lnk => C:\Windows\pss\ProfileReminder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk => C:\Windows\pss\QuickSet.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jim^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Jim\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlackBerryAutoUpdate => C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: dellsupportcenter => "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcagent_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: OEM04Mon.exe => C:\Windows\OEM04Mon.exe
MSCONFIG\startupreg: PCMService => "C:\Program Files\Dell\MediaDirect\PCMService.exe"
MSCONFIG\startupreg: PSQLLauncher => "C:\Program Files\Fingerprint Reader Suite\launcher.exe" /startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ROC_ROC_NT => "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
MSCONFIG\startupreg: SigmatelSysTrayApp => %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SugarSync => "C:\Program Files\SugarSync\SugarSync.exe" -startInTray -usedelay=true
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"
MSCONFIG\startupreg: WD Drive Unlocker => C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-736481657-2550844261-3393829112-500 - Administrator - Disabled)
Guest (S-1-5-21-736481657-2550844261-3393829112-501 - Limited - Disabled)
Jim (S-1-5-21-736481657-2550844261-3393829112-1000 - Administrator - Enabled) => C:\Users\Jim

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (11/30/2014 06:31:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-30 18:43:27.273
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-30 18:43:27.085
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-30 18:43:26.898
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-30 18:43:26.695
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-30 18:37:43.307
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-30 18:37:43.011
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-30 18:37:42.792
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-30 18:37:42.590
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-23 16:28:35.784
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-23 16:28:35.613
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T9500 @ 2.60GHz
Percentage of memory in use: 38%
Total physical RAM: 3581.12 MB
Available physical RAM: 2219.17 MB
Total Pagefile: 7355.23 MB
Available Pagefile: 6122.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.31 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:448.16 GB) (Free:226.09 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:6.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: B8000000)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=448.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2.5 GB) - (Type=OF Extended)

==================== End Of Log ============================

 

I cannot see a button that allows me to attach the System Summary.



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:21 PM

Posted 30 November 2014 - 08:49 PM

Greetings,

Click on the Attach link in my previous post. That will show you how to do it.

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-736481657-2550844261-3393829112-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
Task: {9873AB20-E766-42CA-940D-20AE03E42B0B} - \ArcadeGiant Updater No Task File <==== ATTENTION
Task: {A1C7C708-8B1E-487C-B96E-B494EF58A4F6} - \Updater20900.exe No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Attached file
  • Fixlog
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 JJJJJJJ

JJJJJJJ
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 30 November 2014 - 09:12 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-11-2014 01
Ran by Jim at 2014-11-30 21:04:16 Run:1
Running from C:\Users\Jim\Desktop
Loaded Profile: Jim (Available profiles: Jim)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
fixlist.txt
*****************

fixlist.txt => Error: No automatic fix found for this entry.

==== End of Fixlog ====

 

When I click on the "attach" link in your post I am sent to someone's photobucket site where it says "photo removed".  This is the URL: http://s1118.photobucket.com/user/lhs22/media/attach-file.jpg.html

 

My computer runs OK.  Going to bed now.  Will check back tommorow.



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:21 PM

Posted 30 November 2014 - 09:46 PM

Don't worry about the System Summary for now.

Did you save the fixlist document on your desktop?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 JJJJJJJ

JJJJJJJ
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 03 December 2014 - 08:55 PM

Yes I saw that. And yes I have it saved to my desktop.  You didn't say anything about copying it, but this is all that was in the file:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-11-2014 01
Ran by Jim at 2014-11-30 21:04:16 Run:1
Running from C:\Users\Jim\Desktop
Loaded Profile: Jim (Available profiles: Jim)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
fixlist.txt
*****************

fixlist.txt => Error: No automatic fix found for this entry.

==== End of Fixlog ====



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:21 PM

Posted 03 December 2014 - 09:15 PM

Greetings Jim.

Please download this >> to your desktop. Launch FRST.exe and hit the Fix button. Copy and paste the contents of the Fixlog report in your reply.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 JJJJJJJ

JJJJJJJ
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 03 December 2014 - 09:37 PM

Here you go:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-12-2014
Ran by Jim at 2014-12-03 21:35:14 Run:2
Running from C:\Users\Jim\Desktop\ADW
Loaded Profile: Jim (Available profiles: Jim)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-736481657-2550844261-3393829112-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-736481657-2550844261-3393829112-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
Task: {9873AB20-E766-42CA-940D-20AE03E42B0B} - \ArcadeGiant Updater No Task File <==== ATTENTION
Task: {A1C7C708-8B1E-487C-B96E-B494EF58A4F6} - \Updater20900.exe No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
*****************

"HKU\S-1-5-21-736481657-2550844261-3393829112-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-736481657-2550844261-3393829112-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key not found.
"HKU\S-1-5-21-736481657-2550844261-3393829112-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key not found.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
PCDSRVC{E9D79540-57D5953E-06020101}_0 => Service deleted successfully.
RimUsb => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9873AB20-E766-42CA-940D-20AE03E42B0B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9873AB20-E766-42CA-940D-20AE03E42B0B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ArcadeGiant Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1C7C708-8B1E-487C-B96E-B494EF58A4F6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1C7C708-8B1E-487C-B96E-B494EF58A4F6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater20900.exe" => Key deleted successfully.
C:\ProgramData\TEMP => ":0B4227B4" ADS removed successfully.

==== End of Fixlog ====



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:21 PM

Posted 03 December 2014 - 09:54 PM

Very nice. Can you give me an update on the condition of your computer?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 JJJJJJJ

JJJJJJJ
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 03 December 2014 - 10:02 PM

Gary,

 

I just restarted my computer and ran CDWcleaner, everything is clear.  Thank you so much.  I really appreciate the time and effort you put into this.

 

I do have a couple of questions though.  Should I continue to use frst?  Does it replace CDWcleaner or when should I use one vs. the other? 

 

No rush on the reply, I'm going to bed!

 

Thanks again



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:21 PM

Posted 03 December 2014 - 10:03 PM

I will have a reply for your early morning coffee!

G'nite
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:21 PM

Posted 03 December 2014 - 11:25 PM

Good Morning Jim.

I would not recommend using FRST. Whereas AdwCleaner pretty much takes care of things for you FRST requires a more significant understanding of computers and the program itself.

Please do these things for me.

===================================================

Emsisoft Emergency Kit Scan

--------------------
  • Download Emsisoft Emergency Kit and save it to your desktop.
  • Double click on the EmsisoftEmergencyKit.exe icon, click Run then Extract
  • Double click the Start Emsisoft Emergency Kit icon that will appear after extraction
  • Click Yes to update the program
  • Once the update is completed click the Back button
  • Click on 2. Scan (not Quick Scan or Smart Scan)
  • Click Yes to detect Potentially Unwanted Programs (PUPs)
  • Patiently wait for the thorough scan to complete, this can be a lengthy process
  • Once completed click Quarantine selected objects (if computer is clean you will not have this option) then click OK
  • Click View Report
  • Copy and paste the contents of the report in your reply
  • Note: If you receive an error report saying there are too many emoticons simply attach the file instead
  • Close the program then click Close
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double click the icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message attempt to run the program in Safe Mode
  • Press any key to start the program
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Emsisoft report (if applicable)
  • Security Check log
  • Any current issues?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 JJJJJJJ

JJJJJJJ
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 04 December 2014 - 07:48 PM

Hi Gary,

 

Below is the report you requested, no problems found

 

Three questions:

  1. Based on what you said above, should I delete FRST and everything related to it from my PC?
  2. Should I keep or uninstall Emisoft
  3. If keep, when/ how often should I use it? 

Emsisoft Emergency Kit - Version 9.0
Last update: 12/4/2014 5:48:35 PM
User account: Jim-Laptop\Jim

Scan settings:

Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, D:\

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    12/4/2014 5:49:23 PM

Scanned    275909
Found    0

Scan end:    12/4/2014 7:45:50 PM
Scan time:    1:56:27
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users