Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: popups re directs and dpc watchdog violation


(!)

ank44's Avatar
ank44 ank44 is offline
Member with 26 posts.
THREAD STARTER
 
Join Date: Jan 2014
17-Jan-2014, 04:14 PM #1
popups re directs and dpc watchdog violation
Problem began 15 Jan, after win 8 updated.
Computer now in selective startup, only microsoft services & no startup items.
If in normal mode,or selec startup with AVG running, computer freezes after about 2 min; will freeze before logging into win 8.
Blue screen, dpc watchdog violation
IE's home page had been changed to search conduit.
I checked OEM for driver & firmware of SSD; nothing other than originals.


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8, 64 bit
Processor: AMD A6-5400K APU with Radeon(tm) HD Graphics, AMD64 Family 21 Model 16 Stepping 1
Processor Count: 2
RAM: 7575 Mb
Graphics Card: AMD Radeon HD 7540D, 512 Mb
Hard Drives: C: Total - 932197 MB, Free - 861223 MB; D: Total - 20158 MB, Free - 2520 MB;
Motherboard: MSI, 2AE0
Antivirus: AVG Internet Security 2014, Disabled


ESET online scan
C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho64.dll a variant of Win64/Toolbar.Crossrider.B application
C:\Program Files (x86)\Allyrics-16\Allyrics-16-buttonutil64.dll probably a variant of Win64/Toolbar.Crossrider.B application
C:\Program Files (x86)\Allyrics-16\Allyrics-16-buttonutil64.exe probably a variant of Win64/Toolbar.Crossrider.B application
C:\Program Files (x86)\Allyrics-16\Allyrics-16-codedownloader.exe a variant of Win32/Toolbar.CrossRider.K application
C:\Program Files (x86)\Allyrics-16\Allyrics-16-enabler.exe a variant of Win32/Toolbar.CrossRider.K application
C:\Program Files (x86)\Allyrics-16\Allyrics-16-updater.exe a variant of Win32/Toolbar.CrossRider.K application
C:\Program Files (x86)\Allyrics-16\utils.exe a variant of Win32/Packed.VMDetector.C application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SO.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar_x64.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Passport.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Passport_x64.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\SO.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Source\program files\VNT\vntldr.exe a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Program Files (x86)\BetterBrowse\BetterBrowseBHO.dll a variant of Win32/BrowseFox.F application
C:\Program Files (x86)\BetterBrowse\BetterBrowseUninstall.exe Win32/BrowseFox.C application
C:\Program Files (x86)\BetterBrowse\updateBetterBrowse.exe a variant of Win32/BrowseFox.G application
C:\Program Files (x86)\BetterBrowse\bin\utilBetterBrowse.exe a variant of Win32/BrowseFox.G application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\CREXT.DLL Win32/Toolbar.MyWebSearch.W application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\CrExtPgt.exe Win32/Toolbar.MyWebSearch.W application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtauxstb.dll Win32/Toolbar.MyWebSearch.W application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll Win32/Toolbar.MyWebSearch.W application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe Win32/Toolbar.MyWebSearch.X application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe Win32/Toolbar.MyWebSearch.W application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtdatact.dll a variant of Win32/Toolbar.MyWebSearch.A application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gthtmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtieovr.dll probably a variant of Win32/Toolbar.MyWebSearch.P application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtimpipe.exe Win32/Toolbar.MyWebSearch.W application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtPlugin.dll probably a variant of Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtreghk.dll a variant of Win32/Toolbar.MyWebSearch.W application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtskin.dll a variant of Win32/Toolbar.MyWebSearch.P application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtskplay.exe Win32/Toolbar.MyWebSearch.W application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe a variant of Win32/Toolbar.MyWebSearch.W application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll Win32/Toolbar.MyWebSearch.T application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\T8HTML.DLL probably a variant of Win32/Toolbar.MyWebSearch.F application
C:\Program Files (x86)\GamingWonderland\bar\1.bin\T8TICKER.DLL Win32/Toolbar.MyWebSearch.W application
C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-bho64.dll a variant of Win64/Toolbar.Crossrider.B application
C:\Program Files (x86)\SaveValet\ie\SaveValetIE_32.dll Win32/SaveValet.A application
C:\Program Files (x86)\SaveValet\ie\SaveValetIE_64.dll Win64/SaveValet.A application
C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll a variant of Win64/Toolbar.Crossrider.B application
C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-buttonutil64.dll probably a variant of Win64/Toolbar.Crossrider.B application
C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-buttonutil64.exe a variant of Win64/Toolbar.Crossrider.B application
C:\Program Files (x86)\W3i\UninstallHelper\UninstallHelper.exe probably a variant of Win32/InstallIQ.A application
C:\ProgramData\APN\APN-Stub\W3IV6-G\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Users\All Users\APN\APN-Stub\W3IV6-G\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask.F application
C:\Users\Frank\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe Win32/MyPCBackup.A application
C:\Users\Frank\AppData\Local\Temp\APNStub.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\Frank\AppData\Local\Temp\Offercast2802_WBV5_.exe a variant of Win32/Bundled.Toolbar.Ask.D application
C:\Users\Frank\AppData\Local\Temp\sp-downloader.exe Win32/Toolbar.Conduit.R application
C:\Users\Frank\AppData\Local\Temp\sp_downloader.exe Win32/Toolbar.Conduit.R application
C:\Users\Frank\AppData\Local\Temp\{1C0BA3D4-73D5-47CB-A44D-25C0C1C196A7}\setup.exe multiple threats
C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll a variant of Win32/Toolbar.DefaultTab.B application
C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe a variant of Win32/Toolbar.DefaultTab.B application
C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll a variant of Win32/Toolbar.DefaultTab.B application
C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe Win32/Toolbar.DefaultTab.A application
Operating memory a variant of Win32/BrowseFox.F application

HiJackThis Report
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:08:50 PM, on 1/17/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\program files (x86)\the wedownload manager\the wedownload manager-bg.exe
C:\program files (x86)\allyrics-16\allyrics-16-bg.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Frank\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {a8625cb7-85fe-4936-92a4-b2a7c925209e} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: CrossriderApp0044178 - {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho.dll
O2 - BHO: CrossriderApp0045914 - {11111111-1111-1111-1111-110411591114} - C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-bho.dll
O2 - BHO: CrossriderApp0049074 - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll
O2 - BHO: Ask Toolbar BHO - {57425637-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Passport.dll" (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Toolbar BHO - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\PROGRA~2\GAMING~2\bar\1.bin\gtbar.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
O2 - BHO: Highlightly - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files (x86)\Highlightly\IE\HighlightlyClientIE.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: BetterBrowse - {964cfd95-89cb-4ba5-a122-36258ea0662a} - C:\Program Files (x86)\BetterBrowse\BetterBrowsebho.dll
O2 - BHO: DefaultTabToolbarBHO - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.d ll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Search Assistant BHO - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: Science BHO - {F0F12903-DE76-4DF7-BCDC-0A0689151189} - C:\Program Files (x86)\SaveValet\ie\SaveValetIE_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: GamingWonderland - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll
O3 - Toolbar: Ask Toolbar - {57425637-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Passport.dll" (file missing)
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll
O3 - Toolbar: Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.d ll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [GamingWonderland Search Scope Monitor] "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [GamingWonderland Browser Plugin Loader] C:\PROGRA~2\GAMING~2\bar\1.bin\gtbrmon.exe
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logo Calibration Loader.lnk = C:\Monitor Calibration Software\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Monitor Calibration Software\Eye-One Match 3\ProfileReminder.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.time.gov
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20614.www2.hp.com/ediags/gmd...pdetect121.cab
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12256 bytes
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 2/21/2013 2:28:17 PM
System Uptime: 1/17/2014 1:08:14 AM (12 hours ago)
.
Motherboard: MSI | | 2AE0
Processor: AMD A6-5400K APU with Radeon(tm) HD Graphics | P0 | 3600/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 910 GiB total, 841.041 GiB free.
D: is FIXED (NTFS) - 20 GiB total, 2.462 GiB free.
F: is Removable
G: is Removable
H: is Removable
I: is CDROM ()
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP68: 12/27/2013 6:00:04 AM - Scheduled Checkpoint
RP69: 1/4/2014 3:58:36 AM - Scheduled Checkpoint
RP70: 1/11/2014 8:11:10 AM - Scheduled Checkpoint
RP71: 1/15/2014 9:16:07 AM - Windows Update
RP72: 1/16/2014 12:22:54 PM - Installed Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
RP73: 1/16/2014 3:50:58 PM - Restore Operation
.
==== Installed Programs ======================
.
4 Elements II
7-zip v9.20
Allyrics-16
AMD APP SDK Runtime
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Wireless Display v3.0
Ask Toolbar
Ask Toolbar Updater
AVG 2014
AVG SafeGuard toolbar
Bejeweled 3
BetterBrowse
Bing Bar
Bonjour
Broadcom 802.11 Wireless LAN Adapter
Broadcom Bluetooth Software
Broadcom Wireless Utility
Build-a-lot 4 - Power Source
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cradle Of Egypt Collector's Edition
Cradle of Rome 2
CyberLink LabelPrint
CyberLink Media Suite 10
CyberLink PhotoDirector
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink PowerDVD
D3DX10
DefaultTab
DriverUpdate
ESET Online Scanner v3
Eye-One Match 3.6.2
Farm Frenzy
FATE: The Cursed King
Final Drive Fury
FlatOut 2
GamingWonderland Toolbar
Google Earth
Google Update Helper
GoToMeeting 5.4.0.1082
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.2.1.1
Highlightly
Hoyle Card Games
HP Connected Music (Meridian - installer)
HP Connected Music (Meridian - player)
HP Connected Remote
HP Customer Experience Enhancements
HP Games
HP MyRoom
HP Postscript Converter
HP Quick Start
HP Registration Service
HP Support Assistant
HP Support Information
HP Support Solutions Framework
i1_driver_installer_utility_i1Match version 1.0
IDT Audio
Java 7 Update 45
Java Auto Updater
Jewel Match 3
John Deere Drive Green
Junk Mail filter update
Luxor Evolved
Mahjongg Dimensions Deluxe: Tiles in Time
Mesh Runtime
Messenger Companion
Microsoft Application Error Reporting
Microsoft Office
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Mortimer Beckett and the Crimson Thief Premium Edition
MSVCRT
MSVCRT_amd64
Mystery P.I. - Curious Case of Counterfeit Cove
Nik Collection
Peggle Nights
Penguins!
Plus-HD-4.8
PocketWizard Utility
Polar Bowler
Polar Golfer
Recovery Manager
Roads of Rome 3
SaveValet IE - Stop overpaying! Instantly get the lowest price and best deals right as you shop.
Search Protect
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition
Shared C Run-time for x64
Tales of Lagoona
The weDownload Manager
TomTom HOME
TomTom HOME Visual Studio Merge Modules
Uninstall Helper
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Vacation Quest™ - Australia
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VisualBee for Microsoft PowerPoint
WildTangent Games
WildTangent Games App
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Software Update
Yahoo! Toolbar
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
1/17/2014 12:50:27 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B68-F52A-11D8-B9A5-505054503030}
1/17/2014 12:49:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}
1/17/2014 12:42:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/17/2014 12:42:33 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/17/2014 12:41:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server: {7022A3B3-D004-4F52-AF11-E9E987FEE25F}
1/17/2014 12:41:31 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
1/17/2014 12:41:27 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\bcmihvsrv64.dll Error Code: 21
1/17/2014 12:41:07 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.
1/17/2014 12:39:24 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\Minidump\011714-23540-01.dmp. Report Id: 011714-23540-01.
1/17/2014 12:36:09 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\Minidump\011714-26254-01.dmp. Report Id: 011714-26254-01.
1/17/2014 12:32:50 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\Minidump\011714-26005-01.dmp. Report Id: 011714-26005-01.
1/17/2014 12:31:03 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
1/17/2014 12:14:26 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\Minidump\011714-29686-01.dmp. Report Id: 011714-29686-01.
1/17/2014 1:08:37 AM, Error: Service Control Manager [7000] - The PDIHWCTL service failed to start due to the following error: The system cannot find the file specified.
1/17/2014 1:08:04 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
1/17/2014 1:07:46 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
1/17/2014 1:07:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
1/17/2014 1:00:10 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
1/16/2014 4:55:08 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-24008-01.
1/16/2014 4:51:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-27580-01.
1/16/2014 4:47:28 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-29094-01.
1/16/2014 4:43:37 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-29140-01.
1/16/2014 4:01:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-28220-01.
1/16/2014 3:57:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-28501-01.
1/16/2014 3:53:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-29109-02.
1/16/2014 3:49:28 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-25568-01.
1/16/2014 3:45:48 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-24460-01.
1/16/2014 3:42:14 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-28875-01.
1/16/2014 3:38:27 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-31512-01.
1/16/2014 3:34:55 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26286-01.
1/16/2014 3:30:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
1/16/2014 3:30:59 PM, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/16/2014 3:30:33 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-23758-01.
1/16/2014 3:26:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-29109-01.
1/16/2014 3:22:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-30919-01.
1/16/2014 3:18:00 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-29983-01.
1/16/2014 3:13:44 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26972-01.
1/16/2014 3:09:41 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26816-01.
1/16/2014 3:05:37 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26114-01.
1/16/2014 3:01:34 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26613-01.
1/16/2014 2:57:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-25396-01.
1/16/2014 2:53:22 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26956-02.
1/16/2014 2:49:41 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26317-01.
1/16/2014 2:45:38 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-27206-01.
1/16/2014 2:41:36 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-29172-01.
1/16/2014 2:37:55 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26910-01.
1/16/2014 2:33:51 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-28173-01.
1/16/2014 2:30:17 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-28204-01.
1/16/2014 2:26:29 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26769-01.
1/16/2014 2:22:20 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-27237-01.
1/16/2014 2:18:05 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-27019-01.
1/16/2014 2:14:33 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26878-01.
1/16/2014 2:10:27 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26676-01.
1/16/2014 2:06:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26270-01.
1/16/2014 2:02:18 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26941-01.
1/16/2014 11:45:52 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
1/16/2014 11:45:52 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
1/16/2014 11:45:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "Unavailable" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
1/16/2014 11:45:26 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
1/16/2014 11:45:26 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
1/16/2014 11:45:26 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub System service which failed to start because of the following error: A device attached to the system is not functioning.
1/16/2014 11:45:26 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
1/16/2014 11:45:26 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
1/16/2014 11:45:26 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI Proxy Service Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/16/2014 11:45:26 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
1/16/2014 11:45:26 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/16/2014 11:45:26 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
1/16/2014 11:43:48 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1005] - Unable to produce a minidump file from the full dump file.
1/16/2014 11:43:48 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: .
1/16/2014 11:34:03 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-28610-01.
1/16/2014 11:29:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-28360-01.
1/16/2014 11:27:28 PM, Error: Schannel [36870] - A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030D. The internal error state is 10001.
1/16/2014 11:24:13 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-29562-01.
1/16/2014 11:20:33 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-27783-01.
1/16/2014 11:16:46 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-28750-01.
1/16/2014 1:58:14 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-28407-01.
1/16/2014 1:54:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-25864-01.
1/16/2014 1:50:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26223-01.
1/16/2014 1:46:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26208-01.
1/16/2014 1:42:13 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26551-01.
1/16/2014 1:38:10 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-27378-01.
1/16/2014 1:34:30 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-25818-01.
1/16/2014 1:30:22 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-27190-01.
1/16/2014 1:26:19 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-27612-01.
1/16/2014 1:22:37 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26036-01.
1/16/2014 1:18:28 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-26473-01.
1/16/2014 1:14:25 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-27471-01.
1/16/2014 1:10:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000504, 0x0000000000000503, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011614-28438-01.
1/16/2014 1:03:28 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.
1/16/2014 1:03:28 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
1/14/2014 5:13:34 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user internet\Frank SID (S-1-5-21-4032234827-3162501254-2042679413-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.45.2
Run by Frank at 13:10:02 on 2014-01-17
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.7575.5440 [GMT -7:00]
.
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k apphost
C:\windows\system32\dashost.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\windows\System32\dwm.exe
C:\windows\system32\taskhostex.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8w ekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\program files (x86)\the wedownload manager\the wedownload manager-bg.exe
C:\program files (x86)\allyrics-16\allyrics-16-bg.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\notepad.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\Users\Frank\Desktop\HijackThis.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
uURLSearchHooks: <No Name>: {a8625cb7-85fe-4936-92a4-b2a7c925209e} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Allyrics-16: {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho.dll
BHO: Plus-HD-4.8: {11111111-1111-1111-1111-110411591114} - C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-bho.dll
BHO: The weDownload Manager: {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll
BHO: Ask Toolbar: {57425637-0076-A76A-76A7-7A786E7484D7} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Toolbar BHO: {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: Highlightly: {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files (x86)\Highlightly\IE\HighlightlyClientIE.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll
BHO: BetterBrowse: {964cfd95-89cb-4ba5-a122-36258ea0662a} - C:\Program Files (x86)\BetterBrowse\BetterBrowsebho.dll
BHO: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.d ll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Search Assistant BHO: {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: Save Valet: {F0F12903-DE76-4DF7-BCDC-0A0689151189} - C:\Program Files (x86)\SaveValet\ie\SaveValetIE_32.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: GamingWonderland: {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll
TB: Ask Toolbar: {57425637-0076-A76A-76A7-7A786E7484D7} -
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll
TB: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.d ll
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
mRun: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
mRun: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [GamingWonderland Search Scope Monitor] "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
mRun: [GamingWonderland Browser Plugin Loader] C:\PROGRA~2\GAMING~2\bar\1.bin\gtbrmon.exe
mRun: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\LOGOCA~1.LNK - C:\Monitor Calibration Software\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\PROFIL~1.LNK - C:\Monitor Calibration Software\Eye-One Match 3\ProfileReminder.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001045-0002-0045-ABCDEFFEDCBC} - <orphaned>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
TCP: NameServer = 192.168.10.1
TCP: Interfaces\{3C112C0B-1844-4AB3-A062-5690E2992164} : DHCPNameServer = 192.168.10.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Allyrics-16: {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho64.dll
x64-BHO: Plus-HD-4.8: {11111111-1111-1111-1111-110411591114} - C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-bho64.dll
x64-BHO: The weDownload Manager: {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll
x64-BHO: Ask Toolbar: {57425637-0076-A76A-76A7-7A786E7484D7} -
x64-BHO: Highlightly: {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-BHO: Save Valet: {F0F12903-DE76-4DF7-BCDC-0A0689151189} - C:\Program Files (x86)\SaveValet\ie\SaveValetIE_64.dll
x64-TB: Ask Toolbar: {57425637-0076-A76A-76A7-7A786E7484D7} -
x64-Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\Drivers\amd_sata.sys [2013-3-31 80552]
R0 amd_xata;amd_xata;C:\windows\System32\Drivers\amd_xata.sys [2013-3-31 26280]
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\Drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\Drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\Drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\Drivers\avgrkx64.sys [2013-9-10 31544]
R1 Avgdiska;AVG Disk Driver;C:\windows\System32\Drivers\avgdiska.sys [2013-11-5 150808]
R1 Avgfwfd;AVG network filter service;C:\windows\System32\Drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\Drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\Drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgwfpa;AVG Firewall Driver;C:\windows\System32\Drivers\avgwfpa.sys [2013-10-21 252728]
R1 CLVirtualDrive;CLVirtualDrive;C:\windows\System32\Drivers\CLVirtualDrive.sy s [2012-12-21 92536]
R1 hlnfd;hlnfd;C:\windows\System32\Drivers\hlnfd.sys [2013-12-4 58256]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2013-12-17 46904]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\windows\System32\Drivers\bcbtums.sys [2013-8-9 170712]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 btwampfl;btwampfl;C:\windows\System32\Drivers\btwampfl.sys [2013-8-9 166104]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\Drivers\btwl2cap.sys [2013-8-22 40248]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-7-30 110744]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\Drivers\usbfilter.sys [2012-7-16 57000]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\windows\System32\Drivers\avgboota.sys [2013-9-4 20496]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
S3 BTWPANFL;BTW PAN filter driver;C:\windows\System32\Drivers\btwpanfl.sys [2013-8-22 44912]
S3 EyeOneDisplay;EyeOneDisplay;C:\windows\System32\Drivers\i1display_x64.sys [2013-8-12 7808]
S3 SWDUMon;SWDUMon;C:\windows\System32\Drivers\SWDUMon.sys [2013-8-20 16152]
S4 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2013-11-8 239616]
S4 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-1-5 166352]
S4 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2013-9-24 1358944]
S4 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
S4 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
S4 BcmBtRSupport;Bluetooth Radio Control Service;C:\windows\System32\BtwRSupportService.exe [2013-8-9 2252504]
S4 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-1-1 2301216]
S4 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Frank\AppData\Roaming\DefaultTab \DefaultTab\DTUpdate.exe [2013-2-21 107520]
S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 GamingWonderlandService;GamingWonderlandService;C:\PROGRA~2\GAMING~2\bar\1. bin\gtbarsvc.exe [2013-3-6 42504]
S4 hlsvc;Highlightly Client Service;C:\Program Files (x86)\Highlightly\Service\hlsvc.exe [2013-12-4 273000]
S4 HPConnectedRemote;HP Connected Remote Service;C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-8-29 35232]
S4 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-3-22 93072]
S4 Update BetterBrowse;Update BetterBrowse;C:\Program Files (x86)\BetterBrowse\updateBetterBrowse.exe [2014-1-10 97064]
S4 Util BetterBrowse;Util BetterBrowse;C:\Program Files (x86)\BetterBrowse\bin\utilBetterBrowse.exe [2014-1-11 97064]
S4 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-1-5 1771544]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-01-17 08:55:27 -------- d-----w- C:\Program Files (x86)\ESET
2014-01-17 08:20:48 -------- d-----w- C:\drivers_16_jan_2014
2014-01-17 08:12:13 -------- d-----w- C:\Program Files (x86)\Hp
2014-01-17 07:37:41 -------- d-----w- C:\Users\Frank\AppData\Local\{BCB34096-29D8-44D3-A9A8-467D64037BFD}
2014-01-17 07:19:03 -------- d-----w- C:\Users\Frank\AppData\Local\{D866BBD7-45AF-491A-AE50-41BE73929C02}
2014-01-17 07:05:38 -------- d-----w- C:\Active_Directory_export_16_Jan_2014
2014-01-17 07:03:45 -------- d-----w- C:\email_16_Jan_2014
2014-01-17 06:59:19 -------- d-----w- C:\Users\Frank\AppData\Local\{B7932BBC-B3A7-49D3-9C98-DA3B5506D96E}
2014-01-17 06:44:48 -------- d-----w- C:\windows\pss
2014-01-17 06:19:05 -------- d-----w- C:\Users\Frank\AppData\Local\{FBC0AB05-986A-4FFC-8191-8EF151D80E18}
2014-01-16 19:23:01 -------- d-----w- C:\Program Files\Highlightly
2014-01-16 19:22:55 -------- d-----w- C:\Program Files (x86)\Highlightly
2014-01-16 19:22:47 -------- d-----w- C:\Users\Frank\AppData\Local\Programs
2014-01-16 19:22:36 -------- d-----w- C:\Users\Frank\AppData\Local\VisualBeeClient
2014-01-16 19:22:35 -------- d-----w- C:\Program Files (x86)\Plus-HD-4.8
2014-01-16 19:22:31 -------- d-----w- C:\Users\Frank\AppData\Local\VisualBeeExe
2014-01-16 19:22:19 -------- d-----w- C:\ProgramData\VisualBee
2014-01-16 19:06:53 -------- d-----w- C:\Program Files (x86)\Allyrics-16
2014-01-16 16:00:43 -------- d-----w- C:\Users\Frank\AppData\Local\{B452E986-1814-4F36-8FFC-815F523F3705}
2014-01-16 03:57:58 -------- d-----w- C:\Users\Frank\AppData\Local\{1FE98229-2094-4232-94DB-2411141CF2B8}
2014-01-15 17:35:21 -------- d-----w- C:\windows\SysWow64\SearchProtect
2014-01-15 15:57:40 -------- d-----w- C:\Users\Frank\AppData\Local\{5A87603E-F0F5-45D5-B9FF-9309D7507A93}
2014-01-15 12:36:12 915968 ----a-w- C:\windows\System32\MPSSVC.dll
2014-01-15 12:36:12 86016 ----a-w- C:\windows\SysWow64\davclnt.dll
2014-01-15 12:36:12 758784 ----a-w- C:\windows\System32\FirewallAPI.dll
2014-01-15 12:36:12 74752 ----a-w- C:\windows\System32\drivers\mpsdrv.sys
2014-01-15 12:36:12 588288 ----a-w- C:\windows\System32\SHCore.dll
2014-01-15 12:36:12 550400 ----a-w- C:\windows\SysWow64\FirewallAPI.dll
2014-01-15 12:36:12 452608 ----a-w- C:\windows\SysWow64\SHCore.dll
2014-01-15 12:36:12 227840 ----a-w- C:\windows\System32\WebClnt.dll
2014-01-15 12:36:12 199168 ----a-w- C:\windows\SysWow64\WebClnt.dll
2014-01-15 12:36:12 104448 ----a-w- C:\windows\System32\davclnt.dll
2014-01-15 12:36:12 100696 ----a-w- C:\windows\System32\drivers\disk.sys
2014-01-15 01:53:00 -------- d-----w- C:\Users\Frank\AppData\Local\{F20F3852-E2F0-49F4-9462-1BFB4E4AE6C8}
2014-01-14 12:28:08 -------- d-----w- C:\Users\Frank\AppData\Local\{7B3B69FD-0440-40C9-A08E-C4D941BC9648}
2014-01-13 16:24:22 -------- d-----w- C:\Users\Frank\AppData\Local\{8869B2FC-3267-4DDF-89C7-4BDF36412F6C}
2014-01-13 04:07:29 -------- d-----w- C:\Users\Frank\AppData\Local\{EFC061E5-BDDC-41EC-ADD2-05A8CE82503A}
2014-01-12 14:27:27 -------- d-----w- C:\Users\Frank\AppData\Local\{351850F0-A48D-4882-8C8E-65FE9B93F594}
2014-01-11 19:14:13 -------- d-----w- C:\Users\Frank\AppData\Local\{4D6D453F-9CFB-413A-A949-88C3055DCF7E}
2014-01-11 17:58:29 -------- d-----w- C:\Program Files (x86)\BetterBrowse
2014-01-11 17:58:06 -------- d-----w- C:\Program Files (x86)\The weDownload Manager
2014-01-11 17:57:57 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2014-01-11 17:57:44 -------- d-----w- C:\Users\Frank\AppData\Local\Adobe
2014-01-11 17:57:40 -------- d-----w- C:\Users\Frank\AppData\Local\SearchProtect
2014-01-11 17:57:40 -------- d-----w- C:\Program Files (x86)\SearchProtect
2014-01-11 06:18:07 -------- d-----w- C:\Users\Frank\AppData\Local\{C797B188-213F-41F2-90BE-676D5FA39844}
2014-01-10 14:49:19 -------- d-----w- C:\Users\Frank\AppData\Local\{1BD393EE-D3F4-4889-B6D4-0808D8F67D75}
2014-01-10 01:47:58 -------- d-----w- C:\Users\Frank\AppData\Local\{23241B76-EA74-4FC9-8899-8FC7F81D9346}
2014-01-09 12:11:13 -------- d-----w- C:\Users\Frank\AppData\Local\{A82B079F-E221-4B14-98B5-FACC5CB345A9}
2014-01-08 17:24:18 -------- d-----w- C:\Users\Frank\AppData\Local\{D1CC5077-86AB-45FA-AB42-C33DEABBF2BD}
2014-01-08 03:29:39 -------- d-----w- C:\Users\Frank\AppData\Local\{9A5B6F8D-2719-491E-97B1-731913ED650F}
2014-01-07 04:21:09 -------- d-----w- C:\Users\Frank\AppData\Local\{8C43DA4C-4C7B-4240-BD12-00DF820EEFBD}
2014-01-06 14:50:51 -------- d-----w- C:\Users\Frank\AppData\Local\{89C71243-4AAD-4CBA-91E4-664DE01F0D28}
2014-01-05 18:01:42 -------- d-----w- C:\Users\Frank\AppData\Local\{F66096AF-CF13-48AD-96F6-3E9E21EFB6A4}
2014-01-04 23:07:27 -------- d-----w- C:\Users\Frank\AppData\Local\{CADD7DB5-FD56-4123-B139-AFB06ACBB306}
2014-01-04 04:52:56 -------- d-----w- C:\Users\Frank\AppData\Local\{393723B7-3060-4A41-B351-93B209A31C4F}
2014-01-03 16:31:09 -------- d-----w- C:\Users\Frank\AppData\Local\{4BE140FA-5AB2-4F76-A1C6-2252CCCAF65A}
2014-01-03 04:14:31 -------- d-----w- C:\Users\Frank\AppData\Local\{36F16594-12DB-4035-AD7B-BCB67B2D0415}
2014-01-02 10:31:14 -------- d-----w- C:\Users\Frank\AppData\Local\{6B89989A-D638-4720-9594-E8494EB9343E}
2014-01-01 15:37:14 -------- d-----w- C:\Users\Frank\AppData\Local\{2D8B0BA9-31C6-4B93-A928-AAC46AE8CB9A}
2013-12-31 15:34:03 -------- d-----w- C:\Users\Frank\AppData\Local\{54373059-AB35-44A3-8F26-AC21CB46AE47}
2013-12-31 03:06:11 -------- d-----w- C:\Users\Frank\AppData\Local\{3584EEA4-CC58-4384-874C-B83A821B2E9C}
2013-12-30 16:26:18 236208 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-30 13:28:11 -------- d-----w- C:\Users\Frank\AppData\Local\{C414AEE4-14DE-4ACF-8932-68427283EA2E}
2013-12-29 18:59:37 -------- d-----w- C:\Users\Frank\AppData\Local\{E1AA518D-3D5F-4626-B252-6FB69380FB7A}
2013-12-29 06:52:18 -------- d-----w- C:\Users\Frank\AppData\Local\{9CC4D36B-6096-4A9A-9B71-1605E2B33A90}
2013-12-28 16:29:30 -------- d-----w- C:\Users\Frank\AppData\Local\{18C7B609-BAB9-4967-8BF1-8F91B509684D}
2013-12-27 21:48:22 -------- d-----w- C:\Users\Frank\AppData\Local\{B668205F-0D08-4B22-9CAA-CBDD6BBE3DAE}
2013-12-27 04:59:38 -------- d-----w- C:\Users\Frank\AppData\Local\{C44092A2-3D62-4ABB-9771-AB82FD943B25}
2013-12-26 16:42:15 -------- d-----w- C:\Users\Frank\AppData\Local\{8E1B527B-10D8-4355-A0ED-69686C2A5CA2}
2013-12-26 01:13:38 -------- d-----w- C:\Users\Frank\AppData\Local\{8B22B118-67E9-4CE7-A457-B121E30EBB24}
2013-12-25 09:26:26 -------- d-----w- C:\Users\Frank\AppData\Local\{83F2FDB5-E02E-418F-9061-B1EA6B80131D}
2013-12-24 18:34:35 -------- d-----w- C:\Users\Frank\AppData\Local\{8FB0E03C-FDC7-4D9A-AE9D-3D1BDD48D05F}
2013-12-24 06:20:54 -------- d-----w- C:\Users\Frank\AppData\Local\{2968E8F3-0D73-46EB-9FAC-56BD181BFE60}
2013-12-23 17:56:29 -------- d-----w- C:\Users\Frank\AppData\Local\{EAC0EFC0-2353-4BA6-AC6F-308F3B1EBB22}
2013-12-23 05:04:44 -------- d-----w- C:\Users\Frank\AppData\Local\{2B9561FF-85CE-46B8-9F2B-6916088662DE}
2013-12-22 15:57:59 -------- d-----w- C:\Users\Frank\AppData\Local\{B8F1EC8D-C063-4CF7-8B8F-05ECB1C1E5FF}
2013-12-22 03:57:40 -------- d-----w- C:\Users\Frank\AppData\Local\{32E6D8CA-63B2-4C87-BDEC-7D19AA6246CF}
2013-12-21 14:46:17 -------- d-----w- C:\Users\Frank\AppData\Local\{9FD8C771-EC39-4C79-9816-2A0A0AD404C2}
2013-12-21 04:14:36 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-20 16:53:59 -------- d-----w- C:\Users\Frank\AppData\Local\{083C891F-CC88-4DB5-9681-68DB9ACDE617}
2013-12-20 04:33:26 -------- d-----w- C:\Users\Frank\AppData\Local\{D8121274-4737-457A-9851-0D394E23994C}
2013-12-19 14:48:47 -------- d-----w- C:\Users\Frank\AppData\Local\{A1F6A1E5-9EED-4DBF-86D0-00BAFF122CE1}
2013-12-19 02:00:35 -------- d-----w- C:\Users\Frank\AppData\Local\{2F59A692-6BCF-42C0-B24F-579A6F7D008A}
.
==================== Find3M ====================
.
2014-01-17 19:38:31 16152 ----a-w- C:\windows\System32\drivers\SWDUMon.sys
2014-01-09 08:02:07 78296 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-09 08:02:07 694240 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-12-09 01:38:35 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-04 19:46:36 58256 ----a-w- C:\windows\System32\drivers\hlnfd.sys
2013-11-20 19:05:34 46368 ----a-w- C:\windows\System32\drivers\avgtpx64.sys
2013-11-19 10:21:41 267936 ------w- C:\windows\System32\MpSigStub.exe
2013-11-16 00:04:26 29480 ----a-w- C:\windows\SysWow64\msxml3a.dll
2013-11-06 23:18:57 4036608 ----a-w- C:\windows\System32\win32k.sys
2013-11-06 04:55:48 150808 ----a-w- C:\windows\System32\drivers\avgdiska.sys
2013-11-05 04:52:42 240920 ----a-w- C:\windows\System32\drivers\avgidsdrivera.sys
2013-11-01 06:00:18 212280 ----a-w- C:\windows\System32\drivers\avgldx64.sys
2013-11-01 05:49:46 294712 ----a-w- C:\windows\System32\drivers\avgloga.sys
2013-10-25 06:19:22 2241536 ----a-w- C:\windows\System32\wininet.dll
2013-10-25 06:19:12 915968 ----a-w- C:\windows\System32\uxtheme.dll
2013-10-25 06:17:57 3959808 ----a-w- C:\windows\System32\jscript9.dll
2013-10-25 05:25:58 194872 ----a-w- C:\windows\System32\drivers\avgidsha.sys
2013-10-25 04:45:11 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-10-25 04:43:42 2877952 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-10-22 05:28:28 252728 ----a-w- C:\windows\System32\drivers\avgwfpa.sys
.
============= FINISH: 13:10:26.18 ===============

Last edited by ank44; 17-Jan-2014 at 04:19 PM..
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,544 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
18-Jan-2014, 06:35 AM #2
Hello and welcome,

I`m kevinf80, see if you can run the following:

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Kevin....
ank44's Avatar
ank44 ank44 is offline
Member with 26 posts.
THREAD STARTER
 
Join Date: Jan 2014
18-Jan-2014, 02:43 PM #3
Hi Kevin.
Thanks for your time, energy & expertise.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by Frank (administrator) on INTERNET on 18-01-2014 11:27:46
Running from C:\Users\Frank\Desktop
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8w ekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWork er.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [41664 2013-08-02] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-02] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [10613760 2013-08-22] (Broadcom Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-01] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe [42536 2013-03-06] (MindSpark)
HKLM-x32\...\Run: [GamingWonderland Browser Plugin Loader] - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe [30096 2013-03-06] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1757648 2014-01-05] (APN)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2486296 2014-01-05] ()
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-03-22] (TomTom)
AppInit_DLLs: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1344800 2014-01-01] (Conduit)
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll [1037600 2014-01-01] (Conduit)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
URLSearchHook: HKCU - (No Name) - {a8625cb7-85fe-4936-92a4-b2a7c925209e} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll (MindSpark)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={search...TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={search...TR&pc=HPDTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searcht...l=dis&o=HPDTDF
SearchScopes: HKLM - {6517E514-D2C8-45CE-86CE-7422DFCA035F} URL = http://www.amazon.com/s/ref=azs_osd_...s={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={se...sg&type=HPDTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={se archTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={search...TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={search...TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searcht...l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {6517E514-D2C8-45CE-86CE-7422DFCA035F} URL = http://www.amazon.com/s/ref=azs_osd_...s={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={se...sg&type=HPDTDF
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={se archTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.as...rchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.as...rchTerms}&SSPV=
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={...r&d=2013-12-08 15:58:01&v=17.2.0.38&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Allyrics-16 - {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho64.dll (ExploreKERD)
BHO: Plus-HD-4.8 - {11111111-1111-1111-1111-110411591114} - C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-bho64.dll (Plus HD)
BHO: The weDownload Manager - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll (weDownload)
BHO: Ask Toolbar - {57425637-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Passport_x64.dll (APN LLC.)
BHO: Highlightly - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll (Highlightly)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: Save Valet - {F0F12903-DE76-4DF7-BCDC-0A0689151189} - C:\Program Files (x86)\SaveValet\ie\SaveValetIE_64.dll (Save Valet)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: Allyrics-16 - {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho.dll (ExploreKERD)
BHO-x32: Plus-HD-4.8 - {11111111-1111-1111-1111-110411591114} - C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-bho.dll (Plus HD)
BHO-x32: The weDownload Manager - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll (weDownload)
BHO-x32: Ask Toolbar - {57425637-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Toolbar BHO - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll (MindSpark)
BHO-x32: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
BHO-x32: Highlightly - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files (x86)\Highlightly\IE\HighlightlyClientIE.dll (Highlightly)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: BetterBrowse - {964cfd95-89cb-4ba5-a122-36258ea0662a} - C:\Program Files (x86)\BetterBrowse\BetterBrowsebho.dll (BetterBrowse)
BHO-x32: Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.d ll (Search Results)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Search Assistant BHO - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll (MindSpark)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Save Valet - {F0F12903-DE76-4DF7-BCDC-0A0689151189} - C:\Program Files (x86)\SaveValet\ie\SaveValetIE_32.dll (Save Valet)
Toolbar: HKLM - Ask Toolbar - {57425637-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - GamingWonderland - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll (MindSpark)
Toolbar: HKLM-x32 - Ask Toolbar - {57425637-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\WBV7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.d ll (Search Results)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd...pdetect121.cab
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Chrome:
=======
CHR RestoreOnStartup: "sync":{"suppress_start"
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchURL: http://websearch.ask.com/redirect?cl...q={searchTerms}
CHR Extension: (0) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo [2013-02-22]
CHR Extension: (0) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-21]
CHR Extension: (0) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-21]
CHR Extension: (0) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-21]
CHR Extension: (0) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-21]
CHR Extension: (No Name) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode [2014-01-11]
CHR Extension: (0) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-02-21]
CHR Extension: (0) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-21]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Frank\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-03-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
U4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-01-05] (APN LLC.)
U4 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
U4 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
U4 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
U4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-09] (Broadcom Corporation.)
U4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2301216 2014-01-01] (Conduit)
U4 DefaultTabUpdate; C:\Users\Frank\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2013-02-21] ()
U4 GamingWonderlandService; C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe [42504 2013-03-06] (COMPANYVERS_NAME)
U4 hlsvc; C:\Program Files (x86)\Highlightly\Service\hlsvc.exe [273000 2013-12-04] (Highlightly)
U4 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
U2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)
U4 Update BetterBrowse; C:\Program Files (x86)\BetterBrowse\updateBetterBrowse.exe [97064 2014-01-15] ()
U4 Util BetterBrowse; C:\Program Files (x86)\BetterBrowse\bin\utilBetterBrowse.exe [97064 2014-01-15] ()
U4 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-05] (AVG Secure Search)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
U4 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [6036480 2013-08-22] (Broadcom Corporation)
==================== Drivers (Whitelisted) ====================
U0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
U1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
U1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
U1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
U0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
U1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
U0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
U0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
U0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
U1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)
U3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-09] (Broadcom Corporation.)
U3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [9524400 2013-05-29] (Broadcom Corporation)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
U3 BTWPANFL; C:\windows\system32\drivers\btwpanfl.sys [44912 2013-08-22] (Broadcom Corporation.)
U1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
U3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
U3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
U3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2005-12-14] (GretagMacbeth LLC)
U1 hlnfd; C:\Windows\System32\drivers\hlnfd.sys [58256 2013-12-04] (Highlightly)
U3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-01-18] ()
U2 PDIHWCTL; \??\C:\windows\system32\drivers\pdihwctl.sys [x]
==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========
2014-01-18 11:27 - 2014-01-18 11:28 - 00019576 _____ C:\Users\Frank\Desktop\FRST.txt
2014-01-18 11:27 - 2014-01-18 11:27 - 00000000 ____D C:\FRST
2014-01-18 11:27 - 2014-01-18 11:20 - 02076160 _____ (Farbar) C:\Users\Frank\Desktop\FRST64.exe
2014-01-17 13:12 - 2014-01-17 13:21 - 00083200 _____ C:\Users\Frank\Desktop\TGF11.txt
2014-01-17 13:10 - 2014-01-17 13:10 - 00035050 _____ C:\Users\Frank\Desktop\attach.txt
2014-01-17 13:10 - 2014-01-17 13:10 - 00025871 _____ C:\Users\Frank\Desktop\dds.txt
2014-01-17 13:09 - 2014-01-17 13:09 - 00688992 ____R (Swearware) C:\Users\Frank\Desktop\dds.scr
2014-01-17 13:08 - 2014-01-17 13:08 - 00388608 _____ (Trend Micro Inc.) C:\Users\Frank\Desktop\HijackThis.exe
2014-01-17 13:08 - 2014-01-17 13:08 - 00012258 _____ C:\Users\Frank\Desktop\hijackthis.log
2014-01-17 13:04 - 2014-01-17 13:04 - 00000378 _____ C:\Users\Frank\Desktop\TGF.txt
2014-01-17 12:57 - 2014-01-17 12:57 - 00000000 _____ C:\Users\Frank\Desktop\HijackThis.exe.msw0mgr.partial
2014-01-17 08:55 - 2014-01-17 08:55 - 00018192 _____ C:\Users\Frank\Desktop\browseFox.txt
2014-01-17 01:55 - 2014-01-17 01:55 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-17 01:20 - 2014-01-17 01:30 - 00000000 ____D C:\drivers_16_jan_2014
2014-01-17 01:12 - 2014-01-17 01:12 - 00000000 ____D C:\Program Files (x86)\Hp
2014-01-17 00:37 - 2014-01-17 00:37 - 00000000 ____D C:\Users\Frank\AppData\Local\{BCB34096-29D8-44D3-A9A8-467D64037BFD}
2014-01-17 00:19 - 2014-01-17 00:19 - 00000000 ____D C:\Users\Frank\AppData\Local\{D866BBD7-45AF-491A-AE50-41BE73929C02}
2014-01-17 00:05 - 2014-01-17 00:06 - 00000000 ____D C:\Active_Directory_export_16_Jan_2014
2014-01-17 00:03 - 2014-01-17 00:04 - 00000000 ____D C:\email_16_Jan_2014
2014-01-16 23:59 - 2014-01-16 23:59 - 00000000 ____D C:\Users\Frank\AppData\Local\{B7932BBC-B3A7-49D3-9C98-DA3B5506D96E}
2014-01-16 23:44 - 2014-01-16 23:44 - 00000000 ____D C:\windows\pss
2014-01-16 23:33 - 2014-01-16 23:34 - 00288848 _____ C:\windows\Minidump\011614-28610-01.dmp
2014-01-16 23:28 - 2014-01-16 23:29 - 00280656 _____ C:\windows\Minidump\011614-28360-01.dmp
2014-01-16 23:24 - 2014-01-16 23:24 - 00280656 _____ C:\windows\Minidump\011614-29562-01.dmp
2014-01-16 23:20 - 2014-01-16 23:20 - 00280656 _____ C:\windows\Minidump\011614-27783-01.dmp
2014-01-16 23:19 - 2014-01-16 23:19 - 00000000 ____D C:\Users\Frank\AppData\Local\{FBC0AB05-986A-4FFC-8191-8EF151D80E18}
2014-01-16 23:16 - 2014-01-16 23:16 - 00280656 _____ C:\windows\Minidump\011614-28750-01.dmp
2014-01-16 16:54 - 2014-01-16 16:55 - 00280656 _____ C:\windows\Minidump\011614-24008-01.dmp
2014-01-16 16:51 - 2014-01-16 16:51 - 00280656 _____ C:\windows\Minidump\011614-27580-01.dmp
2014-01-16 16:47 - 2014-01-16 16:47 - 00280656 _____ C:\windows\Minidump\011614-29094-01.dmp
2014-01-16 16:43 - 2014-01-16 16:43 - 00280656 _____ C:\windows\Minidump\011614-29140-01.dmp
2014-01-16 16:00 - 2014-01-16 16:01 - 00280656 _____ C:\windows\Minidump\011614-28220-01.dmp
2014-01-16 15:57 - 2014-01-16 15:57 - 00262144 _____ C:\windows\Minidump\011614-28501-01.dmp
2014-01-16 15:53 - 2014-01-16 15:53 - 00280656 _____ C:\windows\Minidump\011614-29109-02.dmp
2014-01-16 15:49 - 2014-01-16 15:49 - 00280656 _____ C:\windows\Minidump\011614-25568-01.dmp
2014-01-16 15:45 - 2014-01-16 15:45 - 00280656 _____ C:\windows\Minidump\011614-24460-01.dmp
2014-01-16 15:41 - 2014-01-16 15:42 - 00280656 _____ C:\windows\Minidump\011614-28875-01.dmp
2014-01-16 15:38 - 2014-01-16 15:38 - 00280656 _____ C:\windows\Minidump\011614-31512-01.dmp
2014-01-16 15:34 - 2014-01-16 15:34 - 00280656 _____ C:\windows\Minidump\011614-26286-01.dmp
2014-01-16 15:30 - 2014-01-16 15:30 - 00280656 _____ C:\windows\Minidump\011614-23758-01.dmp
2014-01-16 15:26 - 2014-01-16 15:26 - 00280656 _____ C:\windows\Minidump\011614-29109-01.dmp
2014-01-16 15:22 - 2014-01-16 15:22 - 00280656 _____ C:\windows\Minidump\011614-30919-01.dmp
2014-01-16 15:17 - 2014-01-16 15:18 - 00280656 _____ C:\windows\Minidump\011614-29983-01.dmp
2014-01-16 15:13 - 2014-01-16 15:13 - 00280656 _____ C:\windows\Minidump\011614-26972-01.dmp
2014-01-16 15:09 - 2014-01-16 15:09 - 00280656 _____ C:\windows\Minidump\011614-26816-01.dmp
2014-01-16 15:05 - 2014-01-16 15:05 - 00280656 _____ C:\windows\Minidump\011614-26114-01.dmp
2014-01-16 15:01 - 2014-01-16 15:01 - 00280656 _____ C:\windows\Minidump\011614-26613-01.dmp
2014-01-16 14:57 - 2014-01-16 14:57 - 00280656 _____ C:\windows\Minidump\011614-25396-01.dmp
2014-01-16 14:53 - 2014-01-16 14:53 - 00280656 _____ C:\windows\Minidump\011614-26956-02.dmp
2014-01-16 14:49 - 2014-01-16 14:49 - 00280656 _____ C:\windows\Minidump\011614-26317-01.dmp
2014-01-16 14:45 - 2014-01-16 14:45 - 00280656 _____ C:\windows\Minidump\011614-27206-01.dmp
2014-01-16 14:41 - 2014-01-16 14:41 - 00280656 _____ C:\windows\Minidump\011614-29172-01.dmp
2014-01-16 14:37 - 2014-01-16 14:37 - 00280656 _____ C:\windows\Minidump\011614-26910-01.dmp
2014-01-16 14:33 - 2014-01-16 14:33 - 00280656 _____ C:\windows\Minidump\011614-28173-01.dmp
2014-01-16 14:30 - 2014-01-16 14:30 - 00280656 _____ C:\windows\Minidump\011614-28204-01.dmp
2014-01-16 14:26 - 2014-01-16 14:26 - 00280656 _____ C:\windows\Minidump\011614-26769-01.dmp
2014-01-16 14:22 - 2014-01-16 14:22 - 00280656 _____ C:\windows\Minidump\011614-27237-01.dmp
2014-01-16 14:18 - 2014-01-16 14:18 - 00280656 _____ C:\windows\Minidump\011614-27019-01.dmp
2014-01-16 14:14 - 2014-01-16 14:14 - 00280656 _____ C:\windows\Minidump\011614-26878-01.dmp
2014-01-16 14:10 - 2014-01-16 14:10 - 00280656 _____ C:\windows\Minidump\011614-26676-01.dmp
2014-01-16 14:06 - 2014-01-16 14:06 - 00280656 _____ C:\windows\Minidump\011614-26270-01.dmp
2014-01-16 14:02 - 2014-01-16 14:02 - 00280656 _____ C:\windows\Minidump\011614-26941-01.dmp
2014-01-16 13:58 - 2014-01-16 13:58 - 00280656 _____ C:\windows\Minidump\011614-28407-01.dmp
2014-01-16 13:54 - 2014-01-16 13:54 - 00280656 _____ C:\windows\Minidump\011614-25864-01.dmp
2014-01-16 13:50 - 2014-01-16 13:50 - 00280656 _____ C:\windows\Minidump\011614-26223-01.dmp
2014-01-16 13:46 - 2014-01-16 13:46 - 00280656 _____ C:\windows\Minidump\011614-26208-01.dmp
2014-01-16 13:41 - 2014-01-16 13:42 - 00280656 _____ C:\windows\Minidump\011614-26551-01.dmp
2014-01-16 13:37 - 2014-01-16 13:38 - 00280656 _____ C:\windows\Minidump\011614-27378-01.dmp
2014-01-16 12:28 - 2014-01-16 12:28 - 00000000 ____D C:\Users\Frank\Documents\Optimizer Pro
2014-01-16 12:23 - 2014-01-18 11:26 - 00002144 _____ C:\windows\Tasks\Plus-HD-4.8-firefoxinstaller.job
2014-01-16 12:23 - 2014-01-18 11:26 - 00001346 _____ C:\windows\Tasks\Plus-HD-4.8-updater.job
2014-01-16 12:23 - 2014-01-18 11:26 - 00001298 _____ C:\windows\Tasks\Plus-HD-4.8-codedownloader.job
2014-01-16 12:23 - 2014-01-18 11:26 - 00001170 _____ C:\windows\Tasks\Plus-HD-4.8-enabler.job
2014-01-16 12:23 - 2014-01-16 16:38 - 00000000 ____D C:\Program Files\Highlightly
2014-01-16 12:23 - 2014-01-16 12:23 - 00004350 _____ C:\windows\System32\Tasks\Plus-HD-4.8-updater
2014-01-16 12:23 - 2014-01-16 12:23 - 00004302 _____ C:\windows\System32\Tasks\Plus-HD-4.8-codedownloader
2014-01-16 12:23 - 2014-01-16 12:23 - 00004174 _____ C:\windows\System32\Tasks\Plus-HD-4.8-enabler
2014-01-16 12:22 - 2014-01-16 16:38 - 00000000 ____D C:\Program Files (x86)\Plus-HD-4.8
2014-01-16 12:22 - 2014-01-16 16:38 - 00000000 ____D C:\Program Files (x86)\Highlightly
2014-01-16 12:22 - 2014-01-16 16:34 - 00000000 ____D C:\Users\Frank\AppData\Local\VisualBeeExe
2014-01-16 12:22 - 2014-01-16 16:34 - 00000000 ____D C:\ProgramData\VisualBee
2014-01-16 12:22 - 2014-01-16 12:22 - 00000000 ____D C:\Users\Frank\AppData\Local\VisualBeeClient
2014-01-16 12:07 - 2014-01-18 11:26 - 00001360 _____ C:\windows\Tasks\Allyrics-16-updater.job
2014-01-16 12:07 - 2014-01-16 12:07 - 00004364 _____ C:\windows\System32\Tasks\Allyrics-16-updater
2014-01-16 12:06 - 2014-01-18 11:26 - 00001266 _____ C:\windows\Tasks\Allyrics-16-codedownloader.job
2014-01-16 12:06 - 2014-01-18 11:26 - 00001166 _____ C:\windows\Tasks\Allyrics-16-enabler.job
2014-01-16 12:06 - 2014-01-16 16:38 - 00000000 ____D C:\Program Files (x86)\Allyrics-16
2014-01-16 12:06 - 2014-01-16 12:07 - 00004170 _____ C:\windows\System32\Tasks\Allyrics-16-enabler
2014-01-16 12:06 - 2014-01-16 12:06 - 00004270 _____ C:\windows\System32\Tasks\Allyrics-16-codedownloader
2014-01-16 12:04 - 2014-01-16 12:04 - 00000308 _____ C:\Users\Frank\Desktop\Flash Player (32-bit) - Shortcut.lnk
2014-01-16 09:00 - 2014-01-16 09:00 - 00000000 ____D C:\Users\Frank\AppData\Local\{B452E986-1814-4F36-8FFC-815F523F3705}
2014-01-15 20:57 - 2014-01-15 20:58 - 00000000 ____D C:\Users\Frank\AppData\Local\{1FE98229-2094-4232-94DB-2411141CF2B8}
2014-01-15 10:35 - 2014-01-15 10:35 - 00000000 ____D C:\windows\SysWOW64\SearchProtect
2014-01-15 08:57 - 2014-01-15 08:57 - 00000000 ____D C:\Users\Frank\AppData\Local\{5A87603E-F0F5-45D5-B9FF-9309D7507A93}
2014-01-15 05:36 - 2013-10-30 22:56 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2014-01-15 05:36 - 2013-10-30 22:56 - 00758784 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2014-01-15 05:36 - 2013-10-30 21:01 - 00550400 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2014-01-15 05:36 - 2013-10-30 20:42 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2014-01-15 05:36 - 2013-10-27 22:50 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-01-15 05:36 - 2013-10-27 21:05 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-01-15 05:36 - 2013-10-13 13:49 - 00100696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2014-01-15 05:36 - 2013-08-26 22:21 - 00227840 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-01-15 05:36 - 2013-08-26 22:19 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2014-01-15 05:36 - 2013-08-26 15:29 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-01-15 05:36 - 2013-08-26 15:28 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2014-01-14 18:53 - 2014-01-14 18:53 - 00000000 ____D C:\Users\Frank\AppData\Local\{F20F3852-E2F0-49F4-9462-1BFB4E4AE6C8}
2014-01-14 05:28 - 2014-01-14 05:28 - 00000000 ____D C:\Users\Frank\AppData\Local\{7B3B69FD-0440-40C9-A08E-C4D941BC9648}
2014-01-13 09:24 - 2014-01-13 09:24 - 00000000 ____D C:\Users\Frank\AppData\Local\{8869B2FC-3267-4DDF-89C7-4BDF36412F6C}
2014-01-12 21:07 - 2014-01-12 21:07 - 00000000 ____D C:\Users\Frank\AppData\Local\{EFC061E5-BDDC-41EC-ADD2-05A8CE82503A}
2014-01-12 07:27 - 2014-01-12 07:27 - 00000000 ____D C:\Users\Frank\AppData\Local\{351850F0-A48D-4882-8C8E-65FE9B93F594}
2014-01-11 12:14 - 2014-01-11 12:14 - 00000000 ____D C:\Users\Frank\AppData\Local\{4D6D453F-9CFB-413A-A949-88C3055DCF7E}
2014-01-11 11:14 - 2014-01-16 10:03 - 00003790 _____ C:\windows\System32\Tasks\DTReg
2014-01-11 10:58 - 2014-01-18 11:26 - 00002390 _____ C:\windows\Tasks\The weDownload Manager-firefoxinstaller.job
2014-01-11 10:58 - 2014-01-18 11:26 - 00002268 _____ C:\windows\Tasks\The weDownload Manager-chromeinstaller.job
2014-01-11 10:58 - 2014-01-18 11:26 - 00001460 _____ C:\windows\Tasks\The weDownload Manager-updater.job
2014-01-11 10:58 - 2014-01-18 11:26 - 00001412 _____ C:\windows\Tasks\The weDownload Manager-codedownloader.job
2014-01-11 10:58 - 2014-01-18 11:26 - 00001284 _____ C:\windows\Tasks\The weDownload Manager-enabler.job
2014-01-11 10:58 - 2014-01-16 16:38 - 00000000 ____D C:\Program Files (x86)\The weDownload Manager
2014-01-11 10:58 - 2014-01-16 16:38 - 00000000 ____D C:\Program Files (x86)\BetterBrowse
2014-01-11 10:58 - 2014-01-16 12:07 - 00004416 _____ C:\windows\System32\Tasks\The weDownload Manager-codedownloader
2014-01-11 10:58 - 2014-01-11 10:58 - 00004464 _____ C:\windows\System32\Tasks\The weDownload Manager-updater
2014-01-11 10:58 - 2014-01-11 10:58 - 00004288 _____ C:\windows\System32\Tasks\The weDownload Manager-enabler
2014-01-11 10:57 - 2014-01-16 16:38 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2014-01-11 10:57 - 2014-01-16 12:07 - 00000000 ____D C:\Users\Frank\AppData\Local\Adobe
2014-01-11 10:57 - 2014-01-15 10:35 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2014-01-11 10:57 - 2014-01-11 10:57 - 00000000 ____D C:\Users\Frank\AppData\Local\SearchProtect
2014-01-10 23:18 - 2014-01-10 23:18 - 00000000 ____D C:\Users\Frank\AppData\Local\{C797B188-213F-41F2-90BE-676D5FA39844}
2014-01-10 07:49 - 2014-01-10 07:49 - 00000000 ____D C:\Users\Frank\AppData\Local\{1BD393EE-D3F4-4889-B6D4-0808D8F67D75}
2014-01-09 18:47 - 2014-01-09 18:48 - 00000000 ____D C:\Users\Frank\AppData\Local\{23241B76-EA74-4FC9-8899-8FC7F81D9346}
2014-01-09 05:11 - 2014-01-09 05:11 - 00000000 ____D C:\Users\Frank\AppData\Local\{A82B079F-E221-4B14-98B5-FACC5CB345A9}
2014-01-08 10:24 - 2014-01-08 10:24 - 00000000 ____D C:\Users\Frank\AppData\Local\{D1CC5077-86AB-45FA-AB42-C33DEABBF2BD}
2014-01-07 20:29 - 2014-01-07 20:29 - 00000000 ____D C:\Users\Frank\AppData\Local\{9A5B6F8D-2719-491E-97B1-731913ED650F}
2014-01-06 21:21 - 2014-01-06 21:21 - 00000000 ____D C:\Users\Frank\AppData\Local\{8C43DA4C-4C7B-4240-BD12-00DF820EEFBD}
2014-01-06 09:43 - 2014-01-06 09:43 - 00043976 _____ C:\Users\Frank\Downloads\setup.exe.vbe
2014-01-06 07:50 - 2014-01-06 07:50 - 00000000 ____D C:\Users\Frank\AppData\Local\{89C71243-4AAD-4CBA-91E4-664DE01F0D28}
2014-01-05 21:05 - 2014-01-05 21:05 - 00011223 _____ C:\Users\Frank\Documents\NOTEWORTHY DATE OF 2014.xlsx
2014-01-05 20:50 - 2014-01-05 21:04 - 00011977 _____ C:\Users\Frank\Documents\NOTEWORTHY DATE OF 2013.xlsx
2014-01-05 11:01 - 2014-01-05 11:01 - 00000000 ____D C:\Users\Frank\AppData\Local\{F66096AF-CF13-48AD-96F6-3E9E21EFB6A4}
2014-01-04 16:07 - 2014-01-04 16:07 - 00000000 ____D C:\Users\Frank\AppData\Local\{CADD7DB5-FD56-4123-B139-AFB06ACBB306}
2014-01-03 21:52 - 2014-01-03 21:53 - 00000000 ____D C:\Users\Frank\AppData\Local\{393723B7-3060-4A41-B351-93B209A31C4F}
2014-01-03 09:31 - 2014-01-03 09:31 - 00000000 ____D C:\Users\Frank\AppData\Local\{4BE140FA-5AB2-4F76-A1C6-2252CCCAF65A}
2014-01-02 21:14 - 2014-01-02 21:14 - 00000000 ____D C:\Users\Frank\AppData\Local\{36F16594-12DB-4035-AD7B-BCB67B2D0415}
2014-01-02 03:31 - 2014-01-02 03:31 - 00000000 ____D C:\Users\Frank\AppData\Local\{6B89989A-D638-4720-9594-E8494EB9343E}
2014-01-01 08:37 - 2014-01-01 08:37 - 00000000 ____D C:\Users\Frank\AppData\Local\{2D8B0BA9-31C6-4B93-A928-AAC46AE8CB9A}
2013-12-31 08:34 - 2013-12-31 08:34 - 00000000 ____D C:\Users\Frank\AppData\Local\{54373059-AB35-44A3-8F26-AC21CB46AE47}
2013-12-30 20:06 - 2013-12-30 20:06 - 00000000 ____D C:\Users\Frank\AppData\Local\{3584EEA4-CC58-4384-874C-B83A821B2E9C}
2013-12-30 06:28 - 2013-12-30 06:28 - 00000000 ____D C:\Users\Frank\AppData\Local\{C414AEE4-14DE-4ACF-8932-68427283EA2E}
2013-12-29 11:59 - 2013-12-29 11:59 - 00000000 ____D C:\Users\Frank\AppData\Local\{E1AA518D-3D5F-4626-B252-6FB69380FB7A}
2013-12-28 23:52 - 2013-12-28 23:52 - 00000000 ____D C:\Users\Frank\AppData\Local\{9CC4D36B-6096-4A9A-9B71-1605E2B33A90}
2013-12-28 09:29 - 2013-12-28 09:29 - 00000000 ____D C:\Users\Frank\AppData\Local\{18C7B609-BAB9-4967-8BF1-8F91B509684D}
2013-12-27 14:48 - 2013-12-27 14:48 - 00000000 ____D C:\Users\Frank\AppData\Local\{B668205F-0D08-4B22-9CAA-CBDD6BBE3DAE}
2013-12-26 21:59 - 2013-12-26 21:59 - 00000000 ____D C:\Users\Frank\AppData\Local\{C44092A2-3D62-4ABB-9771-AB82FD943B25}
2013-12-26 09:42 - 2013-12-26 09:42 - 00000000 ____D C:\Users\Frank\AppData\Local\{8E1B527B-10D8-4355-A0ED-69686C2A5CA2}
2013-12-25 18:13 - 2013-12-25 18:13 - 00000000 ____D C:\Users\Frank\AppData\Local\{8B22B118-67E9-4CE7-A457-B121E30EBB24}
2013-12-25 02:26 - 2013-12-25 02:26 - 00000000 ____D C:\Users\Frank\AppData\Local\{83F2FDB5-E02E-418F-9061-B1EA6B80131D}
2013-12-24 11:34 - 2013-12-24 11:34 - 00000000 ____D C:\Users\Frank\AppData\Local\{8FB0E03C-FDC7-4D9A-AE9D-3D1BDD48D05F}
2013-12-23 23:20 - 2013-12-23 23:20 - 00000000 ____D C:\Users\Frank\AppData\Local\{2968E8F3-0D73-46EB-9FAC-56BD181BFE60}
2013-12-23 10:56 - 2013-12-23 10:56 - 00000000 ____D C:\Users\Frank\AppData\Local\{EAC0EFC0-2353-4BA6-AC6F-308F3B1EBB22}
2013-12-22 22:04 - 2013-12-22 22:04 - 00000000 ____D C:\Users\Frank\AppData\Local\{2B9561FF-85CE-46B8-9F2B-6916088662DE}
2013-12-22 08:57 - 2013-12-22 08:58 - 00000000 ____D C:\Users\Frank\AppData\Local\{B8F1EC8D-C063-4CF7-8B8F-05ECB1C1E5FF}
2013-12-21 20:57 - 2013-12-21 20:57 - 00000000 ____D C:\Users\Frank\AppData\Local\{32E6D8CA-63B2-4C87-BDEC-7D19AA6246CF}
2013-12-21 07:46 - 2013-12-21 07:46 - 00000000 ____D C:\Users\Frank\AppData\Local\{9FD8C771-EC39-4C79-9816-2A0A0AD404C2}
2013-12-20 21:14 - 2013-12-20 21:14 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-20 09:53 - 2013-12-20 09:54 - 00000000 ____D C:\Users\Frank\AppData\Local\{083C891F-CC88-4DB5-9681-68DB9ACDE617}
2013-12-19 21:33 - 2013-12-19 21:33 - 00000000 ____D C:\Users\Frank\AppData\Local\{D8121274-4737-457A-9851-0D394E23994C}
2013-12-19 07:48 - 2013-12-19 07:48 - 00000000 ____D C:\Users\Frank\AppData\Local\{A1F6A1E5-9EED-4DBF-86D0-00BAFF122CE1}
==================== One Month Modified Files and Folders =======
2014-01-18 11:28 - 2014-01-18 11:27 - 00019576 _____ C:\Users\Frank\Desktop\FRST.txt
2014-01-18 11:28 - 2012-07-26 01:12 - 00000000 ____D C:\windows\system32\sru
2014-01-18 11:27 - 2014-01-18 11:27 - 00000000 ____D C:\FRST
2014-01-18 11:27 - 2013-02-21 14:28 - 02008646 _____ C:\windows\WindowsUpdate.log
2014-01-18 11:27 - 2012-07-26 00:28 - 00876558 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-18 11:26 - 2014-01-16 12:23 - 00002144 _____ C:\windows\Tasks\Plus-HD-4.8-firefoxinstaller.job
2014-01-18 11:26 - 2014-01-16 12:23 - 00001346 _____ C:\windows\Tasks\Plus-HD-4.8-updater.job
2014-01-18 11:26 - 2014-01-16 12:23 - 00001298 _____ C:\windows\Tasks\Plus-HD-4.8-codedownloader.job
2014-01-18 11:26 - 2014-01-16 12:23 - 00001170 _____ C:\windows\Tasks\Plus-HD-4.8-enabler.job
2014-01-18 11:26 - 2014-01-16 12:07 - 00001360 _____ C:\windows\Tasks\Allyrics-16-updater.job
2014-01-18 11:26 - 2014-01-16 12:06 - 00001266 _____ C:\windows\Tasks\Allyrics-16-codedownloader.job
2014-01-18 11:26 - 2014-01-16 12:06 - 00001166 _____ C:\windows\Tasks\Allyrics-16-enabler.job
2014-01-18 11:26 - 2014-01-11 10:58 - 00002390 _____ C:\windows\Tasks\The weDownload Manager-firefoxinstaller.job
2014-01-18 11:26 - 2014-01-11 10:58 - 00002268 _____ C:\windows\Tasks\The weDownload Manager-chromeinstaller.job
2014-01-18 11:26 - 2014-01-11 10:58 - 00001460 _____ C:\windows\Tasks\The weDownload Manager-updater.job
2014-01-18 11:26 - 2014-01-11 10:58 - 00001412 _____ C:\windows\Tasks\The weDownload Manager-codedownloader.job
2014-01-18 11:26 - 2014-01-11 10:58 - 00001284 _____ C:\windows\Tasks\The weDownload Manager-enabler.job
2014-01-18 11:26 - 2013-08-20 06:39 - 00000436 _____ C:\windows\Tasks\DriverUpdate Startup.job
2014-01-18 11:26 - 2013-08-20 06:38 - 00016152 _____ C:\windows\system32\Drivers\SWDUMon.sys
2014-01-18 11:26 - 2013-02-21 16:00 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-18 11:26 - 2012-07-26 00:21 - 00042479 _____ C:\windows\setupact.log
2014-01-18 11:20 - 2014-01-18 11:27 - 02076160 _____ (Farbar) C:\Users\Frank\Desktop\FRST64.exe
2014-01-17 13:31 - 2013-02-21 16:00 - 00000914 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-17 13:21 - 2014-01-17 13:12 - 00083200 _____ C:\Users\Frank\Desktop\TGF11.txt
2014-01-17 13:10 - 2014-01-17 13:10 - 00035050 _____ C:\Users\Frank\Desktop\attach.txt
2014-01-17 13:10 - 2014-01-17 13:10 - 00025871 _____ C:\Users\Frank\Desktop\dds.txt
2014-01-17 13:09 - 2014-01-17 13:09 - 00688992 ____R (Swearware) C:\Users\Frank\Desktop\dds.scr
2014-01-17 13:08 - 2014-01-17 13:08 - 00388608 _____ (Trend Micro Inc.) C:\Users\Frank\Desktop\HijackThis.exe
2014-01-17 13:08 - 2014-01-17 13:08 - 00012258 _____ C:\Users\Frank\Desktop\hijackthis.log
2014-01-17 13:08 - 2013-02-21 14:28 - 00000000 ____D C:\Users\Frank\AppData\Local\VirtualStore
2014-01-17 13:04 - 2014-01-17 13:04 - 00000378 _____ C:\Users\Frank\Desktop\TGF.txt
2014-01-17 12:57 - 2014-01-17 12:57 - 00000000 _____ C:\Users\Frank\Desktop\HijackThis.exe.msw0mgr.partial
2014-01-17 12:41 - 2013-02-21 14:31 - 00003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{78DA76F4-902B-4BB5-B4A6-81C603850C10}
2014-01-17 08:55 - 2014-01-17 08:55 - 00018192 _____ C:\Users\Frank\Desktop\browseFox.txt
2014-01-17 04:03 - 2013-02-21 15:22 - 00000258 __RSH C:\Users\Frank\ntuser.pol
2014-01-17 04:03 - 2013-02-21 14:27 - 00000000 ____D C:\Users\Frank
2014-01-17 04:00 - 2013-02-21 14:39 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4032234827-3162501254-2042679413-1001
2014-01-17 01:55 - 2014-01-17 01:55 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-17 01:30 - 2014-01-17 01:20 - 00000000 ____D C:\drivers_16_jan_2014
2014-01-17 01:12 - 2014-01-17 01:12 - 00000000 ____D C:\Program Files (x86)\Hp
2014-01-17 01:08 - 2012-07-26 00:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-17 00:39 - 2013-02-24 15:17 - 00000000 ____D C:\windows\Minidump
2014-01-17 00:39 - 2013-02-22 06:20 - 00127502 ____N C:\windows\Minidump\011714-23540-01.dmp
2014-01-17 00:37 - 2014-01-17 00:37 - 00000000 ____D C:\Users\Frank\AppData\Local\{BCB34096-29D8-44D3-A9A8-467D64037BFD}
2014-01-17 00:36 - 2013-02-22 06:20 - 00124430 ____N C:\windows\Minidump\011714-26254-01.dmp
2014-01-17 00:32 - 2013-02-22 06:20 - 00125390 ____N C:\windows\Minidump\011714-26005-01.dmp
2014-01-17 00:28 - 2012-07-25 22:26 - 00262144 ___SH C:\windows\system32\config\BBI
2014-01-17 00:19 - 2014-01-17 00:19 - 00000000 ____D C:\Users\Frank\AppData\Local\{D866BBD7-45AF-491A-AE50-41BE73929C02}
2014-01-17 00:14 - 2013-02-22 06:20 - 00128014 ____N C:\windows\Minidump\011714-29686-01.dmp
2014-01-17 00:06 - 2014-01-17 00:05 - 00000000 ____D C:\Active_Directory_export_16_Jan_2014
2014-01-17 00:04 - 2014-01-17 00:03 - 00000000 ____D C:\email_16_Jan_2014
2014-01-16 23:59 - 2014-01-16 23:59 - 00000000 ____D C:\Users\Frank\AppData\Local\{B7932BBC-B3A7-49D3-9C98-DA3B5506D96E}
2014-01-16 23:44 - 2014-01-16 23:44 - 00000000 ____D C:\windows\pss
2014-01-16 23:43 - 2013-02-24 15:17 - 485421646 _____ C:\windows\MEMORY.DMP
2014-01-16 23:34 - 2014-01-16 23:33 - 00288848 _____ C:\windows\Minidump\011614-28610-01.dmp
2014-01-16 23:29 - 2014-01-16 23:28 - 00280656 _____ C:\windows\Minidump\011614-28360-01.dmp
2014-01-16 23:24 - 2014-01-16 23:24 - 00280656 _____ C:\windows\Minidump\011614-29562-01.dmp
2014-01-16 23:20 - 2014-01-16 23:20 - 00280656 _____ C:\windows\Minidump\011614-27783-01.dmp
2014-01-16 23:19 - 2014-01-16 23:19 - 00000000 ____D C:\Users\Frank\AppData\Local\{FBC0AB05-986A-4FFC-8191-8EF151D80E18}
2014-01-16 23:16 - 2014-01-16 23:16 - 00280656 _____ C:\windows\Minidump\011614-28750-01.dmp
2014-01-16 16:55 - 2014-01-16 16:54 - 00280656 _____ C:\windows\Minidump\011614-24008-01.dmp
2014-01-16 16:51 - 2014-01-16 16:51 - 00280656 _____ C:\windows\Minidump\011614-27580-01.dmp
2014-01-16 16:47 - 2014-01-16 16:47 - 00280656 _____ C:\windows\Minidump\011614-29094-01.dmp
2014-01-16 16:43 - 2014-01-16 16:43 - 00280656 _____ C:\windows\Minidump\011614-29140-01.dmp
2014-01-16 16:38 - 2014-01-16 12:23 - 00000000 ____D C:\Program Files\Highlightly
2014-01-16 16:38 - 2014-01-16 12:22 - 00000000 ____D C:\Program Files (x86)\Plus-HD-4.8
2014-01-16 16:38 - 2014-01-16 12:22 - 00000000 ____D C:\Program Files (x86)\Highlightly
2014-01-16 16:38 - 2014-01-16 12:06 - 00000000 ____D C:\Program Files (x86)\Allyrics-16
2014-01-16 16:38 - 2014-01-11 10:58 - 00000000 ____D C:\Program Files (x86)\The weDownload Manager
2014-01-16 16:38 - 2014-01-11 10:58 - 00000000 ____D C:\Program Files (x86)\BetterBrowse
2014-01-16 16:38 - 2014-01-11 10:57 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2014-01-16 16:38 - 2013-12-08 15:57 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2014-01-16 16:34 - 2014-01-16 12:22 - 00000000 ____D C:\Users\Frank\AppData\Local\VisualBeeExe
2014-01-16 16:34 - 2014-01-16 12:22 - 00000000 ____D C:\ProgramData\VisualBee
2014-01-16 16:34 - 2013-12-08 15:42 - 00000000 ____D C:\ProgramData\MFAData
2014-01-16 16:34 - 2012-07-26 01:12 - 00000000 ___HD C:\windows\system32\GroupPolicy
2014-01-16 16:34 - 2012-07-26 01:12 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
2014-01-16 16:34 - 2012-07-26 01:12 - 00000000 ____D C:\windows\system32\Macromed
2014-01-16 16:34 - 2012-07-26 01:12 - 00000000 ____D C:\windows\rescache
2014-01-16 16:34 - 2012-07-26 01:12 - 00000000 ____D C:\windows\registration
2014-01-16 16:34 - 2012-07-25 22:38 - 00000000 ____D C:\windows\system32\Sysprep
2014-01-16 16:01 - 2014-01-16 16:00 - 00280656 _____ C:\windows\Minidump\011614-28220-01.dmp
2014-01-16 15:57 - 2014-01-16 15:57 - 00262144 _____ C:\windows\Minidump\011614-28501-01.dmp
2014-01-16 15:53 - 2014-01-16 15:53 - 00280656 _____ C:\windows\Minidump\011614-29109-02.dmp
2014-01-16 15:49 - 2014-01-16 15:49 - 00280656 _____ C:\windows\Minidump\011614-25568-01.dmp
2014-01-16 15:45 - 2014-01-16 15:45 - 00280656 _____ C:\windows\Minidump\011614-24460-01.dmp
2014-01-16 15:42 - 2014-01-16 15:41 - 00280656 _____ C:\windows\Minidump\011614-28875-01.dmp
2014-01-16 15:38 - 2014-01-16 15:38 - 00280656 _____ C:\windows\Minidump\011614-31512-01.dmp
2014-01-16 15:34 - 2014-01-16 15:34 - 00280656 _____ C:\windows\Minidump\011614-26286-01.dmp
2014-01-16 15:34 - 2012-08-01 19:02 - 00453158 _____ C:\windows\PFRO.log
2014-01-16 15:32 - 2013-02-21 14:31 - 00000000 ___RD C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 15:30 - 2014-01-16 15:30 - 00280656 _____ C:\windows\Minidump\011614-23758-01.dmp
2014-01-16 15:26 - 2014-01-16 15:26 - 00280656 _____ C:\windows\Minidump\011614-29109-01.dmp
2014-01-16 15:22 - 2014-01-16 15:22 - 00280656 _____ C:\windows\Minidump\011614-30919-01.dmp
2014-01-16 15:18 - 2014-01-16 15:17 - 00280656 _____ C:\windows\Minidump\011614-29983-01.dmp
2014-01-16 15:13 - 2014-01-16 15:13 - 00280656 _____ C:\windows\Minidump\011614-26972-01.dmp
2014-01-16 15:09 - 2014-01-16 15:09 - 00280656 _____ C:\windows\Minidump\011614-26816-01.dmp
2014-01-16 15:05 - 2014-01-16 15:05 - 00280656 _____ C:\windows\Minidump\011614-26114-01.dmp
2014-01-16 15:01 - 2014-01-16 15:01 - 00280656 _____ C:\windows\Minidump\011614-26613-01.dmp
2014-01-16 14:57 - 2014-01-16 14:57 - 00280656 _____ C:\windows\Minidump\011614-25396-01.dmp
2014-01-16 14:53 - 2014-01-16 14:53 - 00280656 _____ C:\windows\Minidump\011614-26956-02.dmp
2014-01-16 14:49 - 2014-01-16 14:49 - 00280656 _____ C:\windows\Minidump\011614-26317-01.dmp
2014-01-16 14:45 - 2014-01-16 14:45 - 00280656 _____ C:\windows\Minidump\011614-27206-01.dmp
2014-01-16 14:41 - 2014-01-16 14:41 - 00280656 _____ C:\windows\Minidump\011614-29172-01.dmp
2014-01-16 14:37 - 2014-01-16 14:37 - 00280656 _____ C:\windows\Minidump\011614-26910-01.dmp
2014-01-16 14:33 - 2014-01-16 14:33 - 00280656 _____ C:\windows\Minidump\011614-28173-01.dmp
2014-01-16 14:30 - 2014-01-16 14:30 - 00280656 _____ C:\windows\Minidump\011614-28204-01.dmp
2014-01-16 14:26 - 2014-01-16 14:26 - 00280656 _____ C:\windows\Minidump\011614-26769-01.dmp
2014-01-16 14:22 - 2014-01-16 14:22 - 00280656 _____ C:\windows\Minidump\011614-27237-01.dmp
2014-01-16 14:18 - 2014-01-16 14:18 - 00280656 _____ C:\windows\Minidump\011614-27019-01.dmp
2014-01-16 14:14 - 2014-01-16 14:14 - 00280656 _____ C:\windows\Minidump\011614-26878-01.dmp
2014-01-16 14:10 - 2014-01-16 14:10 - 00280656 _____ C:\windows\Minidump\011614-26676-01.dmp
2014-01-16 14:06 - 2014-01-16 14:06 - 00280656 _____ C:\windows\Minidump\011614-26270-01.dmp
2014-01-16 14:02 - 2014-01-16 14:02 - 00280656 _____ C:\windows\Minidump\011614-26941-01.dmp
2014-01-16 13:58 - 2014-01-16 13:58 - 00280656 _____ C:\windows\Minidump\011614-28407-01.dmp
2014-01-16 13:54 - 2014-01-16 13:54 - 00280656 _____ C:\windows\Minidump\011614-25864-01.dmp
2014-01-16 13:50 - 2014-01-16 13:50 - 00280656 _____ C:\windows\Minidump\011614-26223-01.dmp
2014-01-16 13:46 - 2014-01-16 13:46 - 00280656 _____ C:\windows\Minidump\011614-26208-01.dmp
2014-01-16 13:42 - 2014-01-16 13:41 - 00280656 _____ C:\windows\Minidump\011614-26551-01.dmp
2014-01-16 13:38 - 2014-01-16 13:37 - 00280656 _____ C:\windows\Minidump\011614-27378-01.dmp
2014-01-16 13:06 - 2013-11-15 17:33 - 00000350 _____ C:\windows\Tasks\HPCeeScheduleForFrank.job
2014-01-16 12:31 - 2013-11-15 17:33 - 00003164 _____ C:\windows\System32\Tasks\HPCeeScheduleForFrank
2014-01-16 12:28 - 2014-01-16 12:28 - 00000000 ____D C:\Users\Frank\Documents\Optimizer Pro
2014-01-16 12:23 - 2014-01-16 12:23 - 00004350 _____ C:\windows\System32\Tasks\Plus-HD-4.8-updater
2014-01-16 12:23 - 2014-01-16 12:23 - 00004302 _____ C:\windows\System32\Tasks\Plus-HD-4.8-codedownloader
2014-01-16 12:23 - 2014-01-16 12:23 - 00004174 _____ C:\windows\System32\Tasks\Plus-HD-4.8-enabler
2014-01-16 12:22 - 2014-01-16 12:22 - 00000000 ____D C:\Users\Frank\AppData\Local\VisualBeeClient
2014-01-16 12:07 - 2014-01-16 12:07 - 00004364 _____ C:\windows\System32\Tasks\Allyrics-16-updater
2014-01-16 12:07 - 2014-01-16 12:06 - 00004170 _____ C:\windows\System32\Tasks\Allyrics-16-enabler
2014-01-16 12:07 - 2014-01-11 10:58 - 00004416 _____ C:\windows\System32\Tasks\The weDownload Manager-codedownloader
2014-01-16 12:07 - 2014-01-11 10:57 - 00000000 ____D C:\Users\Frank\AppData\Local\Adobe
2014-01-16 12:06 - 2014-01-16 12:06 - 00004270 _____ C:\windows\System32\Tasks\Allyrics-16-codedownloader
2014-01-16 12:04 - 2014-01-16 12:04 - 00000308 _____ C:\Users\Frank\Desktop\Flash Player (32-bit) - Shortcut.lnk
2014-01-16 10:03 - 2014-01-11 11:14 - 00003790 _____ C:\windows\System32\Tasks\DTReg
2014-01-16 09:21 - 2013-08-12 09:42 - 00000349 _____ C:\Users\Frank\Desktop\Google Calendar.url
2014-01-16 09:00 - 2014-01-16 09:00 - 00000000 ____D C:\Users\Frank\AppData\Local\{B452E986-1814-4F36-8FFC-815F523F3705}
2014-01-16 08:55 - 2012-07-26 01:12 - 00000000 ____D C:\windows\AUInstallAgent
2014-01-15 20:58 - 2014-01-15 20:57 - 00000000 ____D C:\Users\Frank\AppData\Local\{1FE98229-2094-4232-94DB-2411141CF2B8}
2014-01-15 10:35 - 2014-01-15 10:35 - 00000000 ____D C:\windows\SysWOW64\SearchProtect
2014-01-15 10:35 - 2014-01-11 10:57 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2014-01-15 09:18 - 2013-07-31 11:55 - 00000000 ____D C:\windows\system32\MRT
2014-01-15 09:18 - 2013-02-23 09:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 09:16 - 2013-02-22 15:55 - 86054176 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-15 08:57 - 2014-01-15 08:57 - 00000000 ____D C:\Users\Frank\AppData\Local\{5A87603E-F0F5-45D5-B9FF-9309D7507A93}
2014-01-14 20:49 - 2013-03-04 22:07 - 00012764 _____ C:\Users\Frank\Documents\Frank's Meds.xlsx
2014-01-14 20:22 - 2013-09-09 08:43 - 00000000 ____D C:\Users\Frank\Documents\SCOTTRADE
2014-01-14 18:53 - 2014-01-14 18:53 - 00000000 ____D C:\Users\Frank\AppData\Local\{F20F3852-E2F0-49F4-9462-1BFB4E4AE6C8}
2014-01-14 05:28 - 2014-01-14 05:28 - 00000000 ____D C:\Users\Frank\AppData\Local\{7B3B69FD-0440-40C9-A08E-C4D941BC9648}
2014-01-13 09:24 - 2014-01-13 09:24 - 00000000 ____D C:\Users\Frank\AppData\Local\{8869B2FC-3267-4DDF-89C7-4BDF36412F6C}
2014-01-12 21:07 - 2014-01-12 21:07 - 00000000 ____D C:\Users\Frank\AppData\Local\{EFC061E5-BDDC-41EC-ADD2-05A8CE82503A}
2014-01-12 10:32 - 2013-03-09 20:32 - 00013569 _____ C:\Users\Frank\Documents\PINBALL BALANCE.xlsx
2014-01-12 09:57 - 2013-07-29 09:48 - 00011958 _____ C:\Users\Frank\Documents\GAME RECORDS.xlsx
2014-01-12 07:27 - 2014-01-12 07:27 - 00000000 ____D C:\Users\Frank\AppData\Local\{351850F0-A48D-4882-8C8E-65FE9B93F594}
2014-01-11 12:14 - 2014-01-11 12:14 - 00000000 ____D C:\Users\Frank\AppData\Local\{4D6D453F-9CFB-413A-A949-88C3055DCF7E}
2014-01-11 11:04 - 2013-08-20 08:25 - 00000521 _____ C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Breaking News & Top Stories - World News, US & Local NBC News.website
2014-01-11 10:58 - 2014-01-11 10:58 - 00004464 _____ C:\windows\System32\Tasks\The weDownload Manager-updater
2014-01-11 10:58 - 2014-01-11 10:58 - 00004288 _____ C:\windows\System32\Tasks\The weDownload Manager-enabler
2014-01-11 10:57 - 2014-01-11 10:57 - 00000000 ____D C:\Users\Frank\AppData\Local\SearchProtect
2014-01-11 04:13 - 2012-07-25 22:26 - 00262144 ___SH C:\windows\system32\config\ELAM
2014-01-10 23:18 - 2014-01-10 23:18 - 00000000 ____D C:\Users\Frank\AppData\Local\{C797B188-213F-41F2-90BE-676D5FA39844}
2014-01-10 18:31 - 2013-03-01 16:14 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2014-01-10 18:30 - 2013-03-01 16:14 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-10 07:49 - 2014-01-10 07:49 - 00000000 ____D C:\Users\Frank\AppData\Local\{1BD393EE-D3F4-4889-B6D4-0808D8F67D75}
2014-01-09 18:48 - 2014-01-09 18:47 - 00000000 ____D C:\Users\Frank\AppData\Local\{23241B76-EA74-4FC9-8899-8FC7F81D9346}
2014-01-09 05:11 - 2014-01-09 05:11 - 00000000 ____D C:\Users\Frank\AppData\Local\{A82B079F-E221-4B14-98B5-FACC5CB345A9}
2014-01-09 01:02 - 2013-11-13 09:08 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 01:02 - 2013-11-13 09:08 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 10:24 - 2014-01-08 10:24 - 00000000 ____D C:\Users\Frank\AppData\Local\{D1CC5077-86AB-45FA-AB42-C33DEABBF2BD}
2014-01-07 20:29 - 2014-01-07 20:29 - 00000000 ____D C:\Users\Frank\AppData\Local\{9A5B6F8D-2719-491E-97B1-731913ED650F}
2014-01-06 21:21 - 2014-01-06 21:21 - 00000000 ____D C:\Users\Frank\AppData\Local\{8C43DA4C-4C7B-4240-BD12-00DF820EEFBD}
2014-01-06 09:43 - 2014-01-06 09:43 - 00043976 _____ C:\Users\Frank\Downloads\setup.exe.vbe
2014-01-06 07:50 - 2014-01-06 07:50 - 00000000 ____D C:\Users\Frank\AppData\Local\{89C71243-4AAD-4CBA-91E4-664DE01F0D28}
2014-01-05 21:05 - 2014-01-05 21:05 - 00011223 _____ C:\Users\Frank\Documents\NOTEWORTHY DATE OF 2014.xlsx
2014-01-05 21:04 - 2014-01-05 20:50 - 00011977 _____ C:\Users\Frank\Documents\NOTEWORTHY DATE OF 2013.xlsx
2014-01-05 11:01 - 2014-01-05 11:01 - 00000000 ____D C:\Users\Frank\AppData\Local\{F66096AF-CF13-48AD-96F6-3E9E21EFB6A4}
2014-01-04 16:07 - 2014-01-04 16:07 - 00000000 ____D C:\Users\Frank\AppData\Local\{CADD7DB5-FD56-4123-B139-AFB06ACBB306}
2014-01-03 21:53 - 2014-01-03 21:52 - 00000000 ____D C:\Users\Frank\AppData\Local\{393723B7-3060-4A41-B351-93B209A31C4F}
2014-01-03 09:31 - 2014-01-03 09:31 - 00000000 ____D C:\Users\Frank\AppData\Local\{4BE140FA-5AB2-4F76-A1C6-2252CCCAF65A}
2014-01-02 21:14 - 2014-01-02 21:14 - 00000000 ____D C:\Users\Frank\AppData\Local\{36F16594-12DB-4035-AD7B-BCB67B2D0415}
2014-01-02 03:31 - 2014-01-02 03:31 - 00000000 ____D C:\Users\Frank\AppData\Local\{6B89989A-D638-4720-9594-E8494EB9343E}
2014-01-01 09:10 - 2013-02-21 15:24 - 00000000 ____D C:\Users\Frank\AppData\Local\Windows Live
2014-01-01 08:37 - 2014-01-01 08:37 - 00000000 ____D C:\Users\Frank\AppData\Local\{2D8B0BA9-31C6-4B93-A928-AAC46AE8CB9A}
2013-12-31 08:34 - 2013-12-31 08:34 - 00000000 ____D C:\Users\Frank\AppData\Local\{54373059-AB35-44A3-8F26-AC21CB46AE47}
2013-12-30 20:06 - 2013-12-30 20:06 - 00000000 ____D C:\Users\Frank\AppData\Local\{3584EEA4-CC58-4384-874C-B83A821B2E9C}
2013-12-30 06:28 - 2013-12-30 06:28 - 00000000 ____D C:\Users\Frank\AppData\Local\{C414AEE4-14DE-4ACF-8932-68427283EA2E}
2013-12-29 11:59 - 2013-12-29 11:59 - 00000000 ____D C:\Users\Frank\AppData\Local\{E1AA518D-3D5F-4626-B252-6FB69380FB7A}
2013-12-28 23:52 - 2013-12-28 23:52 - 00000000 ____D C:\Users\Frank\AppData\Local\{9CC4D36B-6096-4A9A-9B71-1605E2B33A90}
2013-12-28 09:29 - 2013-12-28 09:29 - 00000000 ____D C:\Users\Frank\AppData\Local\{18C7B609-BAB9-4967-8BF1-8F91B509684D}
2013-12-27 14:48 - 2013-12-27 14:48 - 00000000 ____D C:\Users\Frank\AppData\Local\{B668205F-0D08-4B22-9CAA-CBDD6BBE3DAE}
2013-12-26 21:59 - 2013-12-26 21:59 - 00000000 ____D C:\Users\Frank\AppData\Local\{C44092A2-3D62-4ABB-9771-AB82FD943B25}
2013-12-26 09:42 - 2013-12-26 09:42 - 00000000 ____D C:\Users\Frank\AppData\Local\{8E1B527B-10D8-4355-A0ED-69686C2A5CA2}
2013-12-25 18:13 - 2013-12-25 18:13 - 00000000 ____D C:\Users\Frank\AppData\Local\{8B22B118-67E9-4CE7-A457-B121E30EBB24}
2013-12-25 02:26 - 2013-12-25 02:26 - 00000000 ____D C:\Users\Frank\AppData\Local\{83F2FDB5-E02E-418F-9061-B1EA6B80131D}
2013-12-24 11:34 - 2013-12-24 11:34 - 00000000 ____D C:\Users\Frank\AppData\Local\{8FB0E03C-FDC7-4D9A-AE9D-3D1BDD48D05F}
2013-12-23 23:20 - 2013-12-23 23:20 - 00000000 ____D C:\Users\Frank\AppData\Local\{2968E8F3-0D73-46EB-9FAC-56BD181BFE60}
2013-12-23 10:56 - 2013-12-23 10:56 - 00000000 ____D C:\Users\Frank\AppData\Local\{EAC0EFC0-2353-4BA6-AC6F-308F3B1EBB22}
2013-12-22 22:04 - 2013-12-22 22:04 - 00000000 ____D C:\Users\Frank\AppData\Local\{2B9561FF-85CE-46B8-9F2B-6916088662DE}
2013-12-22 08:58 - 2013-12-22 08:57 - 00000000 ____D C:\Users\Frank\AppData\Local\{B8F1EC8D-C063-4CF7-8B8F-05ECB1C1E5FF}
2013-12-21 20:57 - 2013-12-21 20:57 - 00000000 ____D C:\Users\Frank\AppData\Local\{32E6D8CA-63B2-4C87-BDEC-7D19AA6246CF}
2013-12-21 07:54 - 2012-07-26 01:12 - 00000000 ____D C:\windows\system32\NDF
2013-12-21 07:46 - 2013-12-21 07:46 - 00000000 ____D C:\Users\Frank\AppData\Local\{9FD8C771-EC39-4C79-9816-2A0A0AD404C2}
2013-12-20 21:14 - 2013-12-20 21:14 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-20 09:54 - 2013-12-20 09:53 - 00000000 ____D C:\Users\Frank\AppData\Local\{083C891F-CC88-4DB5-9681-68DB9ACDE617}
2013-12-19 21:33 - 2013-12-19 21:33 - 00000000 ____D C:\Users\Frank\AppData\Local\{D8121274-4737-457A-9851-0D394E23994C}
2013-12-19 07:48 - 2013-12-19 07:48 - 00000000 ____D C:\Users\Frank\AppData\Local\{A1F6A1E5-9EED-4DBF-86D0-00BAFF122CE1}
Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\Frank\AppData\Local\Temp\1389167153_the_wedownload_manager1.exe
C:\Users\Frank\AppData\Local\Temp\1389167153_the_wedownload_manager1{1}.exe
C:\Users\Frank\AppData\Local\Temp\APNStub.exe
C:\Users\Frank\AppData\Local\Temp\BackupSetup.exe
C:\Users\Frank\AppData\Local\Temp\BetterBrowseSetup.exe
C:\Users\Frank\AppData\Local\Temp\Extract.exe
C:\Users\Frank\AppData\Local\Temp\GetCC.dll
C:\Users\Frank\AppData\Local\Temp\HPConnectedMusicInstaller_100100059.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\nsd31BB.exe
C:\Users\Frank\AppData\Local\Temp\nsdB57D.exe
C:\Users\Frank\AppData\Local\Temp\nst6C9A.exe
C:\Users\Frank\AppData\Local\Temp\nsyBD99.exe
C:\Users\Frank\AppData\Local\Temp\offer3.exe
C:\Users\Frank\AppData\Local\Temp\Offercast2802_WBV5_.exe
C:\Users\Frank\AppData\Local\Temp\oi_{36ECD9E0-C2AD-47C0-AD23-49860463F9A8}.exe
C:\Users\Frank\AppData\Local\Temp\oi_{7C1F3C40-F7BB-4F12-ABDC-B12662EFA071}.exe
C:\Users\Frank\AppData\Local\Temp\oi_{FCDC2C00-BA0B-4988-9958-006F03490428}.exe
C:\Users\Frank\AppData\Local\Temp\ose00000.exe
C:\Users\Frank\AppData\Local\Temp\SendMsg.dll
C:\Users\Frank\AppData\Local\Temp\sp-downloader.exe
C:\Users\Frank\AppData\Local\Temp\SP59334.exe
C:\Users\Frank\AppData\Local\Temp\SP59485.exe
C:\Users\Frank\AppData\Local\Temp\SP59672.exe
C:\Users\Frank\AppData\Local\Temp\SP61657.exe
C:\Users\Frank\AppData\Local\Temp\SP61929.exe
C:\Users\Frank\AppData\Local\Temp\SP62565.exe
C:\Users\Frank\AppData\Local\Temp\SP62811.exe
C:\Users\Frank\AppData\Local\Temp\SP62812.exe
C:\Users\Frank\AppData\Local\Temp\SP63146.exe
C:\Users\Frank\AppData\Local\Temp\SP64140.exe
C:\Users\Frank\AppData\Local\Temp\SPSetup.exe
C:\Users\Frank\AppData\Local\Temp\sp_downloader.exe
C:\Users\Frank\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Frank\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Frank\AppData\Local\Temp\vbmz12.exe

==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-17 04:00
==================== End Of Log ============================
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,544 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
18-Jan-2014, 06:17 PM #4
Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Next,

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Next,

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Next,

Open Malwarebytes, check for updates then run Quick scan. Full instructions follow if Malwarebytes is not installed:

Download Malwarebytes from the following link and save it to your desktop.:


http://www.malwarebytes.org/mbam.php

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Let me see those logs...
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
ank44's Avatar
ank44 ank44 is offline
Member with 26 posts.
THREAD STARTER
 
Join Date: Jan 2014
18-Jan-2014, 07:32 PM #5
Dear Kevin:
I ran FRST per your instructions.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-01-2014 03
Ran by Frank at 2014-01-18 16:05:20 Run:1
Running from C:\Users\Frank\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
C:\Program Files (x86)\Ask.com
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe [42536 2013-03-06] (MindSpark)
C:\Program Files (x86)\GamingWonderland
HKLM-x32\...\Run: [GamingWonderland Browser Plugin Loader] - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe [30096 2013-03-06] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1757648 2014-01-05] (APN)
C:\Program Files (x86)\AskPartnerNetwork
AppInit_DLLs: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1344800 2014-01-01] (Conduit)
C:\Program Files (x86)\SearchProtect
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll [1037600 2014-01-01] (Conduit)
c:\progra~2\searchprotect
C:\Users\Frank\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\Frank\AppData\Local\Temp\1389167153_the_wedownload_manager1.exe
C:\Users\Frank\AppData\Local\Temp\1389167153_the_wedownload_manager1{1}.exe
C:\Users\Frank\AppData\Local\Temp\APNStub.exe
C:\Users\Frank\AppData\Local\Temp\BackupSetup.exe
C:\Users\Frank\AppData\Local\Temp\BetterBrowseSetup.exe
C:\Users\Frank\AppData\Local\Temp\Extract.exe
C:\Users\Frank\AppData\Local\Temp\GetCC.dll
C:\Users\Frank\AppData\Local\Temp\HPConnectedMusicInstaller_100100059.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\nsd31BB.exe
C:\Users\Frank\AppData\Local\Temp\nsdB57D.exe
C:\Users\Frank\AppData\Local\Temp\nst6C9A.exe
C:\Users\Frank\AppData\Local\Temp\nsyBD99.exe
C:\Users\Frank\AppData\Local\Temp\offer3.exe
C:\Users\Frank\AppData\Local\Temp\Offercast2802_WBV5_.exe
C:\Users\Frank\AppData\Local\Temp\oi_{36ECD9E0-C2AD-47C0-AD23-49860463F9A8}.exe
C:\Users\Frank\AppData\Local\Temp\oi_{7C1F3C40-F7BB-4F12-ABDC-B12662EFA071}.exe
C:\Users\Frank\AppData\Local\Temp\oi_{FCDC2C00-BA0B-4988-9958-006F03490428}.exe
C:\Users\Frank\AppData\Local\Temp\ose00000.exe
C:\Users\Frank\AppData\Local\Temp\SendMsg.dll
C:\Users\Frank\AppData\Local\Temp\sp-downloader.exe
C:\Users\Frank\AppData\Local\Temp\SP59334.exe
C:\Users\Frank\AppData\Local\Temp\SP59485.exe
C:\Users\Frank\AppData\Local\Temp\SP59672.exe
C:\Users\Frank\AppData\Local\Temp\SP61657.exe
C:\Users\Frank\AppData\Local\Temp\SP61929.exe
C:\Users\Frank\AppData\Local\Temp\SP62565.exe
C:\Users\Frank\AppData\Local\Temp\SP62811.exe
C:\Users\Frank\AppData\Local\Temp\SP62812.exe
C:\Users\Frank\AppData\Local\Temp\SP63146.exe
C:\Users\Frank\AppData\Local\Temp\SP64140.exe
C:\Users\Frank\AppData\Local\Temp\SPSetup.exe
C:\Users\Frank\AppData\Local\Temp\sp_downloader.exe
C:\Users\Frank\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Frank\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Frank\AppData\Local\Temp\vbmz12.exe
Plus-HD-4.8 (x32 Version: 1.33.153.1 - Plus HD) <==== ATTENTION
Search Protect (x32 Version: 2.9.40.12 - Conduit) <==== ATTENTION
The weDownload Manager (x32 Version: 1.33.153.1 - weDownload) <==== ATTENTION
Task: {36C004F5-3297-47D2-AC94-F290D812382E} - System32\Tasks\Allyrics-16-updater => C:\Program Files (x86)\Allyrics-16\Allyrics-16-updater.exe [2014-01-16] (ExploreKERD) <==== ATTENTION
Task: {405CF444-9959-4969-9BF7-2CFBEAA87E74} - System32\Tasks\Plus-HD-4.8-firefoxinstaller => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-firefoxinstaller.exe [2014-01-16] (Plus HD) <==== ATTENTION
Task: {5B134A3E-40F2-4228-AAD0-96924BD2BA10} - System32\Tasks\Allyrics-16-enabler => C:\Program Files (x86)\Allyrics-16\Allyrics-16-enabler.exe [2014-01-16] (ExploreKERD) <==== ATTENTION
Task: {885D613B-D1CF-4570-ADA3-79A113ECC6DF} - System32\Tasks\Allyrics-16-codedownloader => C:\Program Files (x86)\Allyrics-16\Allyrics-16-codedownloader.exe [2014-01-16] (ExploreKERD) <==== ATTENTION
Task: {97CFF992-3715-402E-98F2-04091A4F9929} - System32\Tasks\Plus-HD-4.8-updater => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-updater.exe [2014-01-16] (Plus HD) <==== ATTENTION
Task: {C5373758-42FE-4865-85B4-2E2D5E6D31BB} - System32\Tasks\The weDownload Manager-enabler => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-enabler.exe [2014-01-11] (weDownload) <==== ATTENTION
Task: {CB37EA74-1A6C-49C7-8CEF-751CE2456D03} - System32\Tasks\Plus-HD-4.8-codedownloader => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-codedownloader.exe [2014-01-16] (Plus HD) <==== ATTENTION
Task: {DF78CFB1-89B8-408C-B4A0-CBDABDC33C5B} - System32\Tasks\Plus-HD-4.8-enabler => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-enabler.exe [2014-01-16] (Plus HD) <==== ATTENTION
Task: C:\windows\Tasks\Allyrics-16-codedownloader.job => C:\Program Files (x86)\Allyrics-16\Allyrics-16-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\Allyrics-16-enabler.job => C:\Program Files (x86)\Allyrics-16\Allyrics-16-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\Allyrics-16-updater.job => C:\Program Files (x86)\Allyrics-16\Allyrics-16-updater.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-4.8-codedownloader.job => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-4.8-enabler.job => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-4.8-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-firefoxinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-4.8-updater.job => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-updater.exe <==== ATTENTION
Task: C:\windows\Tasks\The weDownload Manager-enabler.job => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-enabler.exe <==== ATTENTION
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Value deleted successfully.
C:\Program Files (x86)\Ask.com => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GamingWonde rland Search Scope Monitor => Value deleted successfully.
C:\Program Files (x86)\GamingWonderland => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GamingWonde rland Browser Plugin Loader => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon => Value deleted successfully.
C:\Program Files (x86)\AskPartnerNetwork => Moved successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
C:\Program Files (x86)\SearchProtect => Moved successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
"c:\progra~2\searchprotect" => File/Directory not found.
C:\Users\Frank\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\1389167153_the_wedownload_manager1.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\1389167153_the_wedownload_manager1{1}.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\APNStub.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\BetterBrowseSetup.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\Extract.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\GetCC.dll => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\HPConnectedMusicInstaller_100100059.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\nsd31BB.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\nsdB57D.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\nst6C9A.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\nsyBD99.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\offer3.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\Offercast2802_WBV5_.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\oi_{36ECD9E0-C2AD-47C0-AD23-49860463F9A8}.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\oi_{7C1F3C40-F7BB-4F12-ABDC-B12662EFA071}.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\oi_{FCDC2C00-BA0B-4988-9958-006F03490428}.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SendMsg.dll => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\sp-downloader.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SP59334.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SP59485.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SP59672.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SP61657.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SP61929.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SP62565.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SP62811.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SP62812.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SP63146.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SP64140.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\SPSetup.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\sp_downloader.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\UNINSTALL.EXE => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully.
C:\Users\Frank\AppData\Local\Temp\vbmz12.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36C004F5-3297-47D2-AC94-F290D812382E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36C004F5-3297-47D2-AC94-F290D812382E} => Key deleted successfully.
C:\Windows\System32\Tasks\Allyrics-16-updater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Allyrics-16-updater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{405CF444-9959-4969-9BF7-2CFBEAA87E74} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CF444-9959-4969-9BF7-2CFBEAA87E74} => Key deleted successfully.
C:\Windows\System32\Tasks\Plus-HD-4.8-firefoxinstaller => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.8-firefoxinstaller => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B134A3E-40F2-4228-AAD0-96924BD2BA10} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B134A3E-40F2-4228-AAD0-96924BD2BA10} => Key deleted successfully.
C:\Windows\System32\Tasks\Allyrics-16-enabler => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Allyrics-16-enabler => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{885D613B-D1CF-4570-ADA3-79A113ECC6DF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{885D613B-D1CF-4570-ADA3-79A113ECC6DF} => Key deleted successfully.
C:\Windows\System32\Tasks\Allyrics-16-codedownloader => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Allyrics-16-codedownloader => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{97CFF992-3715-402E-98F2-04091A4F9929} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97CFF992-3715-402E-98F2-04091A4F9929} => Key deleted successfully.
C:\Windows\System32\Tasks\Plus-HD-4.8-updater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.8-updater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C5373758-42FE-4865-85B4-2E2D5E6D31BB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5373758-42FE-4865-85B4-2E2D5E6D31BB} => Key deleted successfully.
C:\Windows\System32\Tasks\The weDownload Manager-enabler => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\The weDownload Manager-enabler => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CB37EA74-1A6C-49C7-8CEF-751CE2456D03} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB37EA74-1A6C-49C7-8CEF-751CE2456D03} => Key deleted successfully.
C:\Windows\System32\Tasks\Plus-HD-4.8-codedownloader => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.8-codedownloader => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF78CFB1-89B8-408C-B4A0-CBDABDC33C5B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF78CFB1-89B8-408C-B4A0-CBDABDC33C5B} => Key deleted successfully.
C:\Windows\System32\Tasks\Plus-HD-4.8-enabler => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.8-enabler => Key deleted successfully.
C:\windows\Tasks\Allyrics-16-codedownloader.job => Moved successfully.
C:\windows\Tasks\Allyrics-16-enabler.job => Moved successfully.
C:\windows\Tasks\Allyrics-16-updater.job => Moved successfully.
C:\windows\Tasks\Plus-HD-4.8-codedownloader.job => Moved successfully.
C:\windows\Tasks\Plus-HD-4.8-enabler.job => Moved successfully.
C:\windows\Tasks\Plus-HD-4.8-firefoxinstaller.job => Moved successfully.
C:\windows\Tasks\Plus-HD-4.8-updater.job => Moved successfully.
C:\windows\Tasks\The weDownload Manager-enabler.job => Moved successfully.
==== End of Fixlog ====



I ran AdW Cleaner. Some of the items are in Programs & Features.

I want to get rid of the Ask Toolbar, completely. Should I use the uninstall feature of Programs & Features to uninstall it [ which is listed 2x ] & the Ask Toolbar updater?

I want to get rid of Search Conduit. Should I use the uninstall feature of Programs & Features to uninstall it?

I want to get rid of Default Tab? Should I use the uninstall feature of Programs & Features to uninstall it?

I want to get rid of Gaming Wonderland. Should I use the uninstall feature of Programs & Features to uninstall it?

I want to get rid of Better Browser? Should I use the uninstall feature of Programs & Features to uninstall it?

My concern is that if I remove the entries in the Fixit list, some remnants of the programs will remain, leaving behind uninstallable pieces.

Start
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
C:\Program Files (x86)\Ask.com
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe [42536 2013-03-06] (MindSpark)
C:\Program Files (x86)\GamingWonderland
HKLM-x32\...\Run: [GamingWonderland Browser Plugin Loader] - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe [30096 2013-03-06] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1757648 2014-01-05] (APN)
C:\Program Files (x86)\AskPartnerNetwork
AppInit_DLLs: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1344800 2014-01-01] (Conduit)
C:\Program Files (x86)\SearchProtect
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll [1037600 2014-01-01] (Conduit)
c:\progra~2\searchprotect
C:\Users\Frank\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\Frank\AppData\Local\Temp\1389167153_the_wedownload_manager1.exe
C:\Users\Frank\AppData\Local\Temp\1389167153_the_wedownload_manager1{1}.exe
C:\Users\Frank\AppData\Local\Temp\APNStub.exe
C:\Users\Frank\AppData\Local\Temp\BackupSetup.exe
C:\Users\Frank\AppData\Local\Temp\BetterBrowseSetup.exe
C:\Users\Frank\AppData\Local\Temp\Extract.exe
C:\Users\Frank\AppData\Local\Temp\GetCC.dll
C:\Users\Frank\AppData\Local\Temp\HPConnectedMusicInstaller_100100059.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Frank\AppData\Local\Temp\nsd31BB.exe
C:\Users\Frank\AppData\Local\Temp\nsdB57D.exe
C:\Users\Frank\AppData\Local\Temp\nst6C9A.exe
C:\Users\Frank\AppData\Local\Temp\nsyBD99.exe
C:\Users\Frank\AppData\Local\Temp\offer3.exe
C:\Users\Frank\AppData\Local\Temp\Offercast2802_WBV5_.exe
C:\Users\Frank\AppData\Local\Temp\oi_{36ECD9E0-C2AD-47C0-AD23-49860463F9A8}.exe
C:\Users\Frank\AppData\Local\Temp\oi_{7C1F3C40-F7BB-4F12-ABDC-B12662EFA071}.exe
C:\Users\Frank\AppData\Local\Temp\oi_{FCDC2C00-BA0B-4988-9958-006F03490428}.exe
C:\Users\Frank\AppData\Local\Temp\ose00000.exe
C:\Users\Frank\AppData\Local\Temp\SendMsg.dll
C:\Users\Frank\AppData\Local\Temp\sp-downloader.exe
C:\Users\Frank\AppData\Local\Temp\SP59334.exe
C:\Users\Frank\AppData\Local\Temp\SP59485.exe
C:\Users\Frank\AppData\Local\Temp\SP59672.exe
C:\Users\Frank\AppData\Local\Temp\SP61657.exe
C:\Users\Frank\AppData\Local\Temp\SP61929.exe
C:\Users\Frank\AppData\Local\Temp\SP62565.exe
C:\Users\Frank\AppData\Local\Temp\SP62811.exe
C:\Users\Frank\AppData\Local\Temp\SP62812.exe
C:\Users\Frank\AppData\Local\Temp\SP63146.exe
C:\Users\Frank\AppData\Local\Temp\SP64140.exe
C:\Users\Frank\AppData\Local\Temp\SPSetup.exe
C:\Users\Frank\AppData\Local\Temp\sp_downloader.exe
C:\Users\Frank\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Frank\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Frank\AppData\Local\Temp\vbmz12.exe
Plus-HD-4.8 (x32 Version: 1.33.153.1 - Plus HD) <==== ATTENTION
Search Protect (x32 Version: 2.9.40.12 - Conduit) <==== ATTENTION
The weDownload Manager (x32 Version: 1.33.153.1 - weDownload) <==== ATTENTION
Task: {36C004F5-3297-47D2-AC94-F290D812382E} - System32\Tasks\Allyrics-16-updater => C:\Program Files (x86)\Allyrics-16\Allyrics-16-updater.exe [2014-01-16] (ExploreKERD) <==== ATTENTION
Task: {405CF444-9959-4969-9BF7-2CFBEAA87E74} - System32\Tasks\Plus-HD-4.8-firefoxinstaller => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-firefoxinstaller.exe [2014-01-16] (Plus HD) <==== ATTENTION
Task: {5B134A3E-40F2-4228-AAD0-96924BD2BA10} - System32\Tasks\Allyrics-16-enabler => C:\Program Files (x86)\Allyrics-16\Allyrics-16-enabler.exe [2014-01-16] (ExploreKERD) <==== ATTENTION
Task: {885D613B-D1CF-4570-ADA3-79A113ECC6DF} - System32\Tasks\Allyrics-16-codedownloader => C:\Program Files (x86)\Allyrics-16\Allyrics-16-codedownloader.exe [2014-01-16] (ExploreKERD) <==== ATTENTION
Task: {97CFF992-3715-402E-98F2-04091A4F9929} - System32\Tasks\Plus-HD-4.8-updater => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-updater.exe [2014-01-16] (Plus HD) <==== ATTENTION
Task: {C5373758-42FE-4865-85B4-2E2D5E6D31BB} - System32\Tasks\The weDownload Manager-enabler => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-enabler.exe [2014-01-11] (weDownload) <==== ATTENTION
Task: {CB37EA74-1A6C-49C7-8CEF-751CE2456D03} - System32\Tasks\Plus-HD-4.8-codedownloader => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-codedownloader.exe [2014-01-16] (Plus HD) <==== ATTENTION
Task: {DF78CFB1-89B8-408C-B4A0-CBDABDC33C5B} - System32\Tasks\Plus-HD-4.8-enabler => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-enabler.exe [2014-01-16] (Plus HD) <==== ATTENTION
Task: C:\windows\Tasks\Allyrics-16-codedownloader.job => C:\Program Files (x86)\Allyrics-16\Allyrics-16-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\Allyrics-16-enabler.job => C:\Program Files (x86)\Allyrics-16\Allyrics-16-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\Allyrics-16-updater.job => C:\Program Files (x86)\Allyrics-16\Allyrics-16-updater.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-4.8-codedownloader.job => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-4.8-enabler.job => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-4.8-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-firefoxinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-4.8-updater.job => C:\Program Files (x86)\Plus-HD-4.8\Plus-HD-4.8-updater.exe <==== ATTENTION
Task: C:\windows\Tasks\The weDownload Manager-enabler.job => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-enabler.exe <==== ATTENTION
End

I will await your reply before I fix anything with Adw Cleaner.

I will await your reply before I run Junkware Removal Tool.

I will await your reply before I run MalwareBytes.
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,544 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
18-Jan-2014, 07:39 PM #6
Run the instructions exactly as I post, do not change anything....
ank44's Avatar
ank44 ank44 is offline
Member with 26 posts.
THREAD STARTER
 
Join Date: Jan 2014
18-Jan-2014, 07:58 PM #7
I will follow your instructions, as you have posted.

Thank you for the prompt reply.
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,544 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
18-Jan-2014, 08:06 PM #8
Thank you....
ank44's Avatar
ank44 ank44 is offline
Member with 26 posts.
THREAD STARTER
 
Join Date: Jan 2014
18-Jan-2014, 09:14 PM #9
Dear Kevin:
I ran ADW Cleaner, selected all items for removal; rebooted per ADW Cleaner instructions.

# AdwCleaner v3.017 - Report created 18/01/2014 at 16:59:10
# Updated 12/01/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Frank - INTERNET
# Running from : C:\Users\Frank\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
[x] Service Deleted : APNMCP
[x] Service Deleted : CltMngSvc
[x] Service Deleted : DefaultTabUpdate
[x] Service Deleted : GamingWonderlandService
[x] Service Deleted : hlsvc
[#] Service Deleted : hlnfd
[x] Service Deleted : Update BetterBrowse
[x] Service Deleted : Util BetterBrowse
[#] Service Deleted : vToolbarUpdater17.3.0
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\VisualBee
Folder Deleted : C:\ProgramData\w3i
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\Highlightly
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SaveValet
Folder Deleted : C:\Program Files (x86)\w3i
Folder Deleted : C:\Program Files (x86)\Allyrics-16
Folder Deleted : C:\Program Files (x86)\Plus-HD-4.8
Folder Deleted : C:\Program Files (x86)\The weDownload Manager
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\windows\SysWOW64\Searchprotect
Folder Deleted : C:\Program Files\Highlightly
Folder Deleted : C:\Users\Frank\AppData\Local\apn
Folder Deleted : C:\Users\Frank\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Frank\AppData\Local\Searchprotect
Folder Deleted : C:\Users\Frank\AppData\Local\VisualBeeClient
Folder Deleted : C:\Users\Frank\AppData\Local\visualbeeexe
Folder Deleted : C:\Users\Frank\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Frank\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Frank\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Frank\AppData\LocalLow\Allyrics-16
Folder Deleted : C:\Users\Frank\AppData\LocalLow\The weDownload Manager
Folder Deleted : C:\Users\Frank\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Frank\Documents\optimizer pro
Folder Deleted : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Folder Deleted : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode
Folder Deleted : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
File Deleted : C:\windows\System32\Tasks\Scheduled Update for Ask Toolbar
File Deleted : C:\windows\Tasks\The weDownload Manager-chromeinstaller.job
File Deleted : C:\windows\System32\Tasks\The weDownload Manager-chromeinstaller
File Deleted : C:\windows\Tasks\The weDownload Manager-codedownloader.job
File Deleted : C:\windows\System32\Tasks\The weDownload Manager-codedownloader
File Deleted : C:\windows\Tasks\The weDownload Manager-firefoxinstaller.job
File Deleted : C:\windows\System32\Tasks\The weDownload Manager-firefoxinstaller
File Deleted : C:\windows\Tasks\The weDownload Manager-updater.job
File Deleted : C:\windows\System32\Tasks\The weDownload Manager-updater
***** [ Shortcuts ] *****

***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044178.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044178.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044178.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044178.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045914.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045914.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045914.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045914.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0049074.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0049074.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0049074.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0049074.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{964CFD95-89CB-4BA5-A122-36258EA0662A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411411178}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411591114}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901174}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412278}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592214}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902274}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455415578}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455595514}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905574}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416678}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596614}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906674}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444414478}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444594414}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444904474}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{964CFD95-89CB-4BA5-A122-36258EA0662A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411178}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591114}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901174}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{964CFD95-89CB-4BA5-A122-36258EA0662A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411411178}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411591114}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411901174}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{964CFD95-89CB-4BA5-A122-36258EA0662A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d812f06-8b72-426a-8d53-4357075c8a00}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ecbbd32-812d-4beb-b77e-ec00bee1f387}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948ff59b-026e-401f-9136-7ae13da4209f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a611d1f5-7f15-4c19-b734-540bb9383be9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba2c75ca-4c3e-4844-8b1c-83e89b77bac5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7612f912-e1aa-41c5-b199-ebc416c0c675}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bc3336ef-0550-4d32-946c-e3d19b564d75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{02f283cc-674f-4fa6-81ce-e578f8273754}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44d65966-2b0a-403a-bcf3-5798f60128fe}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9bd90bfb-75b6-4001-a211-8f4120931b9a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ce711d59-37d2-4c02-b2bd-3da740508bca}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9092621f-a570-4680-97a1-06a22321b8aa}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A899079D-206F-43A6-BE6A-07E0FA648EA0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411411178}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411591114}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901174}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412278}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592214}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902274}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455415578}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455595514}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905574}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416678}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596614}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906674}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411178}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591114}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901174}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d812f06-8b72-426a-8d53-4357075c8a00}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ecbbd32-812d-4beb-b77e-ec00bee1f387}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948ff59b-026e-401f-9136-7ae13da4209f}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a611d1f5-7f15-4c19-b734-540bb9383be9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba2c75ca-4c3e-4844-8b1c-83e89b77bac5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7612f912-e1aa-41c5-b199-ebc416c0c675}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bc3336ef-0550-4d32-946c-e3d19b564d75}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{02f283cc-674f-4fa6-81ce-e578f8273754}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44d65966-2b0a-403a-bcf3-5798f60128fe}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9bd90bfb-75b6-4001-a211-8f4120931b9a}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ce711d59-37d2-4c02-b2bd-3da740508bca}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9092621f-a570-4680-97a1-06a22321b8aa}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\SocialBit
Key Deleted : HKCU\Software\visualbee
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Allyrics-16
Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-4.8
Key Deleted : HKCU\Software\AppDataLow\Software\The weDownload Manager
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\visualbee
Key Deleted : HKLM\Software\Allyrics-16
Key Deleted : HKLM\Software\Plus-HD-4.8
Key Deleted : HKLM\Software\The weDownload Manager
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Allyrics-16
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-4.8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\The weDownload Manager
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16537

-\\ Google Chrome v
[ File : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : icon_url
*************************
AdwCleaner[R0].txt - [31512 octets] - [18/01/2014 16:06:32]
AdwCleaner[S0].txt - [25606 octets] - [18/01/2014 16:59:10]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25667 octets] ##########



JRT has been running for 55 min.

It is resting / stalled / paused / stuck at "Checking Startup".

What do you want me to do?
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,544 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
18-Jan-2014, 09:27 PM #10
Select Alt and F4 keys together, does that close JRT or give the option to close JRT, if so close it. Let me know outcome..
ank44's Avatar
ank44 ank44 is offline
Member with 26 posts.
THREAD STARTER
 
Join Date: Jan 2014
18-Jan-2014, 09:46 PM #11
Dear Kevin:



Neither.

The cursor continues to flash.

No question from neither JRT nor Windows 8 to request the closure of JRT.
ank44's Avatar
ank44 ank44 is offline
Member with 26 posts.
THREAD STARTER
 
Join Date: Jan 2014
18-Jan-2014, 09:53 PM #12
UPDATE!!


About 2 min after ALT + F4, JRT has proceeded to:
Creating Registry Backup
Checking Startup
Checking Modules
Checking Processes
Checking Services
Checking Files
Checking Folders
Checking Registry
Checking Internet Explorer

Here's the JRT log.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8 x64
Ran by Frank on Sat 01/18/2014 at 18:41:09.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Registry Values

~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F0F12903-DE76-4DF7-BCDC-0A0689151189}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a03964954 9966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1 1111111-1111-1111-1111-110411411178}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1 1111111-1111-1111-1111-110411591114}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1 1111111-1111-1111-1111-110411901174}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6517E514-D2C8-45CE-86CE-7422DFCA035F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{AB5D199E-9659-47A2-930B-FC3B69061353}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{F0F12903-DE76-4DF7-BCDC-0A0689151189}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApprove d\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

~~~ Files
Successfully deleted: [File] "C:\windows\Tasks\driverupdate startup.job"

~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\betterbrowse"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{003840AF-7799-44E5-A471-E22CE40F80FA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{007AF7EE-2211-491D-9FDC-BD47DD66B36B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{00D65189-113C-4D92-B65C-C9DE5FA73C9C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0155CB8F-AC55-49F7-95EC-7F93B4F671F5}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{01A9523B-CC07-4786-8E20-4AA25ABF36F8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{01D74AEB-87C4-4FB2-9415-90DDE93A37D9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0201D7B3-24BF-45E8-AE97-01DC3D62B3DF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{029112D2-157F-45C5-9099-17F3DC799A8A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{03387354-AB42-4BB9-A07B-8F28ABEA1308}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0341A588-2CDF-42E6-8C64-E17301503B08}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{03901DE8-FADA-4B5D-9559-55747EA76658}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{043A9912-FCF1-4174-92AE-5FD161847BFC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{044789E6-B6C4-4454-A6B7-D34C7B21E475}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{04AA1713-032E-4592-9C02-A74C17E8C9BA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{05C5D874-F0B7-4404-B9A3-6D5248330D69}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{06A9DBCC-B611-4588-8708-6813DBCEFB38}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{07D9689E-326F-41D2-A8EC-36361CA61678}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{081A334F-2679-42EB-889F-26EB80DCF2BE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{083C891F-CC88-4DB5-9681-68DB9ACDE617}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0845E5D4-DA9D-4D00-ABAA-A6E29FF9833D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{08E7A7CC-9A0D-4637-A8B7-D057038606FC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0A31FB6D-DF45-45EF-853B-8566D7EA0EF7}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0A41DF4C-9E6A-48AA-ADDA-DFAD49C5CF78}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0A6EA4CE-2D7E-4F83-87AA-624DAF1116EF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0A9F6865-1F12-4131-9726-DB44D11B2F20}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0AA6BE96-CA0C-4E0E-BFFF-2608D49A90AA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0AEC2251-6868-4C7E-94A3-997F6CDD3673}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0B70C0FA-C407-4A6A-B615-DC0B11079C81}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0B796126-C825-400A-8EDB-E30D51E74D24}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0C7E0279-1D23-41DD-B43C-8559B1CC52D9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0D80D91E-8EBD-431A-B9AF-504E85230875}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0DF0650D-93FF-421A-A073-4FE6AA58BA00}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0E8005E4-4989-4464-B648-91B11C5AA099}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0E8124ED-43BD-43DF-A437-D9B4C57D147E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0E8DF3A5-A329-4563-884D-45CA04B932E7}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0EA581E2-4E2A-48DF-981A-8B5B403CE41C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{0F63A815-20DF-4252-902E-AEED797B6B08}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1050D205-7AB5-43F9-BEF2-90DF8C6B54C2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{10F331DA-8F2E-4E33-9207-F7518684D9BB}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{128B0B6E-281A-452D-9CF9-BE485F0130B1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{12A6657D-4D92-49DB-855B-6B9A406A5E59}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{131265DC-3C04-41BB-81D0-0C8599715EAC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{14AF0F82-CA2A-4866-ADDB-6DCF094A1E74}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{14F5D571-141D-4A11-9028-619A9E432AD8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{15238195-7825-42C8-BDC0-9FBB3AEB7A33}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{15971E64-0730-4863-9B16-F77E99E71EE2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{161C9614-21ED-44AE-89E0-FEC071EAEBCE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{16633FED-009D-4232-95F5-9F12FABAC22C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{167B1E80-B849-4DF9-A4FE-719988D09676}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{176FCB1F-3CF5-425A-92A6-DF313559CB28}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{17F2E8D8-1F2D-4D9A-980C-66725F8FB23E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{18B2640C-B0D3-4C99-945A-101ACC46EF2E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{18C7B609-BAB9-4967-8BF1-8F91B509684D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{194ACD9F-25CB-4A61-8D7B-9FEF45D051E4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{19D31646-285E-48FD-BAB3-59A88BA189B3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{19F83156-6B43-4A51-B79D-5B10295FB8E2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1BD393EE-D3F4-4889-B6D4-0808D8F67D75}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1BEC7A22-547B-4DE1-97C1-CC5F889213EB}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1C9AF6AC-8FE1-4665-AAFF-E200A70FCA79}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1DA40805-F3F3-42B8-8294-77553BFB94AE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1E4EDE2D-ADBE-434D-ACBA-A4385A8B56F5}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1EBCCC1A-9B42-4018-BAE8-5739B6714230}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1FB0CA4B-9DD9-4382-988E-9C3A98A36196}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1FBC22F8-0E19-405C-976B-226DBC8FC44C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1FE98229-2094-4232-94DB-2411141CF2B8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{1FEEE6E9-1527-4CEA-8F9C-2494FD316494}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2004AA77-2A6E-4886-BE97-21F3E13783AB}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{20ACCCBF-CB67-4754-A433-0C177ABEAA85}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2100396A-FA76-4291-A155-A3D17DF113A9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2100B013-E54E-47EB-AE21-6BB93C5AB1BF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{22765F5F-BC89-4F54-AB10-E6C4A40C804A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{22922BF0-6770-47E6-8F01-3B4119188DB1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{22A4B7D9-61BF-4282-9CE4-DDD4C2AD9A1C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{22DACB9D-A88D-4EA1-814D-2E6E02A3425D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{231694B2-50B6-4CDE-B143-C651FA2C2E18}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{23241B76-EA74-4FC9-8899-8FC7F81D9346}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{23EACA57-81BC-4614-A900-373461E3C186}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{240C5E45-8FDC-473D-A852-29ADCCB2BE4F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{243EFCD7-4E22-4B34-85F8-DF9145AE3367}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{24651A89-21AA-4636-8894-A817CEDE73A8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2478A742-2652-48C5-8EFB-7950163A202B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{249B2FC9-6A26-435D-A6AE-5CFB7D86EB26}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{252CDA40-B36F-4BDA-90A8-4D845C624263}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{25A8CF11-EC81-429E-BBFF-2A56B1F463BA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2615183D-260A-41B1-B5E0-92EE9CA4E59F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{273F67DA-1171-406F-A2F1-09269CB67728}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{27A7E375-81B1-4000-9DED-21FC7BC49576}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{280DFF3C-84B0-4CFA-8EBD-4644F5950259}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{285B933C-1116-4BA7-AB58-D927C1D439B1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{28909465-0845-4AE1-82AF-42E7EF56FF14}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2968E8F3-0D73-46EB-9FAC-56BD181BFE60}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2A9013AB-0AD5-406A-948D-BFE5803D78D6}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2AFD1110-921F-41E0-A1B9-11EF620E8EE2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2B9561FF-85CE-46B8-9F2B-6916088662DE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2C39089D-B02B-4D35-97DB-AFF44D40D9EE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2D0FC58E-631D-4567-BB41-B3AC14AA1C5E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2D1E0748-35C5-4036-ADDC-34B8B01458B5}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2D8AB19E-41E8-4FAF-BFB9-128EF52CB437}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2D8B0BA9-31C6-4B93-A928-AAC46AE8CB9A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2F217ABB-F8DD-42FC-A85C-AFE97BD41C86}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2F59A692-6BCF-42C0-B24F-579A6F7D008A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{2F94FE0C-2490-47F6-8EA0-5591E47391AC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{326053FD-9C58-4BD3-A652-E8AADB534D57}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{329598B2-FE5E-4697-A3AA-58FE2CA57BE8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{32E6D8CA-63B2-4C87-BDEC-7D19AA6246CF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3330C1B4-F197-41F7-9B2E-14563B15B6F3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{33A4A4AA-E292-428E-B825-36B2D47DF605}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{33A51C4E-1044-417B-AD5A-205D162BFE5C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{33AD4D04-2866-4575-BD70-2E12D99E1B8A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{33CEE8A5-2489-491E-9413-383975E4FA32}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{34414434-1B3D-4B51-8098-CB63EFC313A0}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3447CA0B-DDB2-49EB-A3D0-A1EE70E52F45}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{349889F6-E05A-4830-8A5B-F7C981C46310}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{34BF9F54-950B-41B8-B563-61C1EE4DF31D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{351850F0-A48D-4882-8C8E-65FE9B93F594}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{35513533-7FB1-4886-95CE-402FF1E55210}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{357086D0-F8E7-4286-80C5-22AB404DCFF1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3584EEA4-CC58-4384-874C-B83A821B2E9C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{359F9C0F-23C7-43BA-AF09-F36C08FEFBF4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{35B4550A-2122-4D52-99A3-A3EED777E7BF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{35E84958-3503-40E2-BE04-9903A452F5FC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{35FC10DF-255B-4B1B-88E9-82356C04E1D9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{365C53FA-E7E0-4E1A-9F72-04ED0EA49465}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{36619A85-A91E-4FA9-864D-DAAFEB60524E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{36F16594-12DB-4035-AD7B-BCB67B2D0415}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3798745C-3E9D-468D-AACE-4242E72C923A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{388A04F1-0457-41E1-8CFC-8DB5A066BD34}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{388B0DB2-3276-4BC2-8D2C-53346380D125}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{392E6019-F111-4EFD-854E-B51B59CC37CF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{393723B7-3060-4A41-B351-93B209A31C4F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3A5B9386-001D-4552-A31B-526AA9E29BB8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3A675E7B-88F2-4B57-993E-FCF4B72938D7}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3B40B002-5C00-4C87-8E3B-13EBD78DE60C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3B42F154-C866-4420-9234-86A242F85007}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3BB57252-DFF6-400B-B081-4BDD23364288}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3F76FEBF-CA6D-4F08-A17A-9EE3328EDE5A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{3FBF4EBF-D6D3-4EEF-9089-4D7535095FFF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{41219048-C595-4E9D-82F9-C48C5546E3F4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{415ABC99-A674-4494-9E72-416FE5955761}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{41A36FB3-1AE7-45C3-8FC3-19453A228CFC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{422C5593-FF25-4338-9C61-74201258332B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4273DF02-D7BB-4D0E-AC38-1F87F09D82E4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{42AADB41-6D07-449A-BDD9-AB000B28A7D8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4309C4D1-7CA2-476B-8ACB-A0D7378756D9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{43981288-A929-42EB-9622-FF42F63837C0}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{43AE2889-BA14-4DDA-9D4E-746ADE9B386F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{43B817B6-98C9-4277-B6B8-F655F02CBA74}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{441486ED-F718-4780-A8C2-5163F1CCFA45}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{44F92866-CC82-44E5-A191-B18238449D55}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{456E0C5A-FB0F-4D72-B06E-B1D18478FB3A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{46288328-629C-4F97-A809-6B9710EACBE8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{466BDD17-1D32-408F-8F9E-11C6C71D146F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4688B5A1-B135-4FAC-8AA8-0C9632A3BE8C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{46C7196E-BA10-4B3A-BC34-A47526950562}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{46F4AF86-3BCF-43C0-A777-23FDE006BAF2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4730F676-1EFB-45E4-B5DF-E830708919D8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4748EEDC-6DAF-402E-BA5E-769A22F7A204}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{47EFBAFA-1C1F-4DDF-9D8C-D749A768154F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{489745C6-D45C-479E-89A3-4BFC9907409B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{48A8A5F4-C35B-42C0-990E-375DC2EA4FBE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{48EC2CFB-14ED-4B73-A6E7-A09ADEAF7AFC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{48FE1A7D-DD0D-49BD-A2D9-D08BB9D5BF6A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{490A50C8-E6B5-47B4-B898-A8AF9B297281}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4910DDAF-1D8C-4A4E-BFFD-49939D7DD3B9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{49960225-7075-4E40-B015-A678CF1297BA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4A72E350-5E62-4E70-A27A-FFA14ED8F89C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4B9A13FA-88AD-49DB-97BF-6C50C964F374}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4BA9F61E-8F90-45EA-BF76-DC3175AACE7F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4BE140FA-5AB2-4F76-A1C6-2252CCCAF65A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4CCFDD3B-765B-4B91-AE90-141AB87F4A76}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4D4DECD9-E9F1-4C24-B959-722371000DEB}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4D6D453F-9CFB-413A-A949-88C3055DCF7E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4E5B98DA-A354-477F-A09E-9E5FA37AC8F3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4EA0358A-4A87-42B3-AE4E-C52F6D99DED3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4F5D084D-C817-4405-83DE-E61FF98CA9E4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4FC4BCCB-15C2-4CDA-8716-1E6172FFD842}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{4FD40551-906A-472C-8444-14D118B651CD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5038DFAD-687A-40EC-B70C-1AE4EDC29379}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{507A5437-E28A-40A5-8B15-05E30197C3E8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{51A42A09-5562-4142-B016-F6A04BC27B9E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{51AE0132-5366-49AD-BB45-CA29D6B913F9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{52112C84-4CBE-4EEE-B635-64718A746A87}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{522A47E7-FBF4-4763-8190-A48FCD055EF2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{526EDE31-706D-4FC9-BEB7-AB78B51D8664}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{52721F2E-A596-462C-B438-E5E3A037EB5D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{52FC5632-526E-4438-8255-8785F3368153}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{530ACA01-3413-44C1-B1B1-F5FC760A55F7}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{53E54570-7DBB-410F-89F6-14A78ABA0FEB}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{53F955EE-8781-4B5C-8589-5681CFCDEFF2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{54373059-AB35-44A3-8F26-AC21CB46AE47}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{54D0B461-4999-4F41-8ECB-6D2938DB3358}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5538D582-3EE1-4B95-8C46-44B5723EA793}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{55588566-94D6-4B4C-A702-D23004183586}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{56334EC8-D976-47B7-B2AC-AA24279A05BE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{56373A9A-2585-498E-A99C-2EC6E72154D9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{563D7675-F427-4F1C-8EFF-B8C3C2A2B887}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5660941D-636D-4E7F-B711-BB447263B2E9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{566A8D87-CA42-4571-9935-83396FF4AF66}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{57298489-77FC-4F76-AEF6-F063FF1FE153}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5798CF2C-A4D0-4106-925B-5563DD56F39D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{57B26F0D-68F4-4B77-88F9-67D4F958E402}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{58268C50-D3D3-4302-9D4A-8A03A6D9545F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{583F1F0D-F20F-4A3B-A249-C5829214CC51}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{58793F60-D421-4DF7-9FFD-938806E5162E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{58DAFBD8-F1A6-4499-AB57-9E110FA9A1F4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{58F17B18-77EA-4D0E-B740-618B4AD9A037}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5A218F9E-A078-46AD-A1B5-D01C8E14095B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5A502B0F-5C51-4FFB-BE3C-6D49273A1036}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5A53200F-668F-4F03-B840-189535030675}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5A87603E-F0F5-45D5-B9FF-9309D7507A93}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5B696C27-DC6C-4310-9B8D-4283BC79D621}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5BD6F0E3-BD1B-4733-8E99-2AC1628EAD6C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5C145055-CEC8-4E13-8BF0-2666EB6E2D62}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5C7CC814-B152-4F15-8FEA-7B60EAAB0CAE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5C7D2125-9929-4431-A9C1-766207A48E44}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5CD03FF9-CB7D-410A-8F9B-5E43CF89A41E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5CD5AAA0-E2A7-45AC-903D-5BA9066A1D9D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5CFDD766-826C-4C8C-823C-B8BE6B76C973}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5F2D720E-0E6D-437C-B5E8-DF6F586A37B5}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5F5BFAF5-E212-49B3-A59B-7164F150F3A7}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{5FC3755C-E9AF-4A98-88CF-CC65270BB876}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{60BA7C39-60AA-498A-B329-4212A1BE9125}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{60BC52CE-8C3B-48AE-8D04-FF4E040F0AA5}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{60DCC681-45AE-466A-8B52-B47D37EFC47E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{61417203-3B94-4A0C-8F47-49572011B839}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6191D291-80B7-4E30-983B-40408352D874}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{61BC3B5F-53D2-44BB-89B6-721A93A462F5}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{622CA468-4486-491A-97BE-1B547C493307}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{629C9D92-0D50-45EA-B01F-8A791687264D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{62B51213-B641-414D-A384-802186C16D20}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{640F9916-AF9C-4B41-A6BB-D184CD29BB78}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{642C397C-541D-4A50-875D-DBE8B526F9B9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{64717FBE-E8F6-4336-A88E-B9CAE7D82955}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6598C71D-522C-45CA-BC61-F907F3C3E22E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{65ADC3FC-42A9-40ED-89A5-583D99DC52F8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{65FB8835-0D3C-44E3-9917-4ADB2176600E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{660624AC-7A84-44DB-80AF-289769ECEFF4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6622CC0B-E2C2-42C9-BDBE-9742A4CDEFDF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6657FDA4-5CFD-4F5B-905B-D12A8721C30B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6768676E-A226-412E-B727-A38E276451FD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{67EF75D2-D889-4262-B3CB-927A705B6ECE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6823223D-D00E-4860-B6CE-50CAD38D3825}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{68548F90-ED34-4EA3-826D-355C9B507088}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6855523B-48C9-46B5-B7D0-EE153E491306}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{691F4FF7-D5E9-4C77-A5BE-D5E725D819E5}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{69B4588C-E3D5-48D2-8D37-C1EE1959AB36}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6A2B0ECB-B765-45F3-A551-386EEA34EB34}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6B89989A-D638-4720-9594-E8494EB9343E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6BDDC830-F500-465E-933E-3BFEF11D391A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6C2EF068-84C6-4ABC-BD2A-A6990AFBEA49}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6DA1FB4B-EFC7-4F28-A268-0ACC7B408081}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6E0C1E99-A3AA-44B3-818E-D15F150E1AD9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6E7B7D86-F2DE-4E5A-9E63-E98732F8352E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6EBCE82C-BF17-4CA5-9D72-D07B4A50356A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6EC930A8-3C5E-4F5C-8A9C-121E591DE7A4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{6F23DB7E-73F8-49D0-9B36-8F0CA87992A9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{70DA3585-6FB6-4FC8-80D1-0EFAF7A49CE6}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{71781C70-3292-443F-82F9-BCE03AA510F3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{71A5EA32-5FF3-41A5-B0EC-853852F1B7D0}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{72307305-AE30-42E6-8F1C-D642335EDA2F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{724C77CE-5ED3-4265-B38D-073DC6FB8E76}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{727DF536-613B-430E-A46A-BBD27DDE540F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{731F4A67-AE17-425F-9BE7-6E35E8A303EF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{73292439-61EC-41B7-A4BE-C7B72AC6CBCB}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{734B8874-261A-4360-BEA5-224B8CFABFAD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{73CDC4AD-F5CC-45C9-906B-04D53D5042A3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{74AFAB46-0469-491B-A7CC-94414C2F1B68}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{759CFAEF-94F9-4B07-B042-AADF22C1C56E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{76288965-6613-41E5-8857-224EBD63A955}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{762B6BE1-9BBC-4334-85D6-E2F8FF6E2CBE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{763A4238-F360-423A-A565-EE416F49EE15}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{76407F64-B67A-477E-AAF9-EA834D3CC676}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7745AB6B-7FF2-4598-BC06-F280CA97A0A0}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{778D8734-1EEC-4E1E-95C1-5F1CD01BFAC4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{782F4134-86A2-42D0-A92D-44384F55CF28}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{78353650-DAB5-4ED1-B8AB-7326089BF752}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{78B28343-8266-4EF1-9AEE-6DEB809AF4EC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{78F81BAF-29F0-4C26-A352-C510C8896687}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7900C3D3-F2AD-4272-B2D2-8D198E8D22B1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{799FB4ED-0CAB-4EE9-BCD6-CAA3277A3E4A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7A590DB9-428D-4139-BF8C-304389229FF0}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7AAACE08-0DCC-439E-B1F1-4C0A0CAA9092}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7AB1F958-9E19-41E3-A19F-4C22A3885C34}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7ADF4367-5E9D-4995-ADB3-141425C94A2C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7B3B69FD-0440-40C9-A08E-C4D941BC9648}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7BC13DD0-0217-442E-9FF8-4C7728842463}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7BC811DF-CCAB-48E6-B486-3C4587A9099F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7C7C57CB-4F75-4E47-BE6F-FA31A3C809B9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7CBC0ED8-9461-41DA-807E-4B1411261325}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7D33E299-0F17-4533-98B7-3BBF43895015}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7D987E4D-1D2C-4A3F-81B5-F2D0ED9C6228}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7EB8214B-CC82-4452-8C7D-514479AAA815}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7F151BA0-EBA5-4FA3-97CF-5C917920A032}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7F2F9DD8-A530-4D85-B6E9-777759452776}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{7F61D2CB-0112-412B-9228-F9F9EEF34C7D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{810B8D2F-9D17-446B-AE8B-949E3C587284}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{812D1240-FCCF-4055-B9CC-B56A89D0FEB9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{817BF5E2-ED41-47DD-AE5E-40CC108B5C8E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8199F768-4EBB-4F39-806F-51B65F677519}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{81B0266F-6A8D-4AAC-9EAD-9A003F3E0384}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{82069F8D-3EE9-4063-BB9A-91503751817F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{82920136-B824-4190-AC81-40E536DC20FF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{82C5E6C4-74AF-4C2C-B255-02ECD23099CA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8303C9D4-7FA4-4C38-94CA-5B0754DE6330}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{83F2FDB5-E02E-418F-9061-B1EA6B80131D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8472B58A-33A0-4E79-A3B2-5F60119F4CA0}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{849961B9-18D7-4F3C-8E9D-FCC4378D5587}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{84E2596C-2C19-4E48-93EA-3BADC2E2D0C7}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{85855F76-D821-490D-9634-C49CE5A5525B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{85F8270D-0ACC-4D23-A434-E170F3F8734C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{865742B6-02D7-47D3-8270-49646FA26E0E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{87106963-BEB1-4CBA-AB21-847AE2CDE31B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{87631512-702B-4DB1-A331-9DD491A28F4A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{87B63F0F-19A3-4F35-BAC6-D78BD73F6692}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8848B8A9-5D64-42BC-9FAE-814963AC28CA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{88493C1E-075F-41F1-8DD6-8AF678A4E8C4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8869B2FC-3267-4DDF-89C7-4BDF36412F6C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{892483F3-7CDC-4016-A4C7-E4456A979A74}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{89969EB1-A4AD-4B19-B534-2C7B6E4C7B99}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{899C5A63-F711-4B6C-8090-9EDB40F22F41}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{89A3FAC3-A168-4218-AD57-08C3ED01EBDD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{89C71243-4AAD-4CBA-91E4-664DE01F0D28}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8B0DC98B-E351-424F-892E-5551C26DF03C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8B12482B-A7D0-4988-A267-A9D6F5213EBC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8B22B118-67E9-4CE7-A457-B121E30EBB24}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8C079BB3-A077-48BF-96D5-AE0C99DC06D1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8C43DA4C-4C7B-4240-BD12-00DF820EEFBD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8C766030-8264-4D16-9EB5-96951D362BFD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8CB6B597-6D95-4A88-A1C1-8FDCAEA13C5D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8CC0D6F3-70F8-4B0D-95BD-F89594E27D05}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8D8C08CB-1A13-4A23-848B-B4E0C4B3F126}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8E1B527B-10D8-4355-A0ED-69686C2A5CA2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8F114923-0A2A-46C1-BF2E-A42A59FF83E8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8F136EDB-13CE-46F1-A380-68EA89CEF5F4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8F265496-79C6-4758-B6AA-664F97EE65C4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8F8F1882-BBD6-47A8-911E-B5EE32157D01}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{8FB0E03C-FDC7-4D9A-AE9D-3D1BDD48D05F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{90047FA3-C698-47C8-AB85-BB8AED977797}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9043C8D7-6914-455B-9785-43EF23A74F05}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{907B20C0-198C-4AB4-96DB-233C2C5F30B1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{912F548C-5DF5-41B8-91DA-4BC7E287A900}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{91EA4E87-7CCA-4E70-ABD9-C6BE67D4E1AE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{925DCFCF-0DDB-47A5-A495-F954F5DEB859}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{92FB306D-6985-4611-AD86-9BEFCB5023E9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{937F071A-62DC-47C3-8143-85AD4B6A0C1E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{93A558F4-6891-4445-A9E8-2C9A39452ED2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{93C870A0-DA39-4C2C-B382-AE43740EE848}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9405BC43-904C-4671-A895-E8421B2650D7}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9524B4FD-AB01-4424-AF69-FEBC71DED943}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9551FC68-2F26-4DC6-A226-E0DD9FB2F633}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9556E609-02DF-4937-B901-3C8B29669EB6}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{95C2B4DD-0BAD-459A-B865-C4B0710AEE92}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{97069BD8-B3F6-475D-B4DC-5C249D504636}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{974A3816-BB1F-49C8-8CA2-BC83106A7C01}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{97C94B3D-512A-4F93-BC29-1A020606C995}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{99897034-8D49-4C0E-91A7-556C5107B7F3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{999398F7-F1EF-4264-8CF8-6A67F6AB473E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9A5B6F8D-2719-491E-97B1-731913ED650F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9A6A41C8-DF3B-464E-9003-7F628A24A0D2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9A76FEC1-B9B8-4595-B39C-8309BB0360D2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9B140A3A-553B-4CFB-BF88-412F85D7ACE8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9B4A36E7-531D-4BAB-8618-873EE1483F24}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9B508823-287C-42DC-95C3-356702CD0717}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9BBEC75C-B12B-410D-BB98-744FC99505F9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9C38D51F-A355-418E-9277-D92E592BD9D8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9CC4D36B-6096-4A9A-9B71-1605E2B33A90}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9D2703CA-AD18-469C-BF99-06593DFFDD91}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9D74EC75-4B53-4DDD-A62E-05264C4CD7F6}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9D98D14C-9B89-4243-80B6-989E684ADF75}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9F316145-535A-4CFB-8ADB-F17DA279EDF1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{9FD8C771-EC39-4C79-9816-2A0A0AD404C2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A03390E9-1EF6-4C1F-9C61-77CF90D0E6D8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A0D9C325-AAB0-41D3-94C7-8C4581608D6F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A150D9DF-26D8-4242-9E9A-01875E720EB4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A1F6A1E5-9EED-4DBF-86D0-00BAFF122CE1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A2048F99-B573-4BC3-A285-339DF906D044}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A25B06B5-F6B5-47B7-B586-26D301C685AF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A2682E8F-4576-4965-97BE-185DF7467B2A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A29EC178-AF98-4BFB-8190-5E35AD23F8E2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A341FD19-A4B0-48CB-B0DE-7611CD7364A5}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A344ABB7-0DE4-4652-A4F3-64F3746C6E78}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A43C2218-0843-42DC-B161-4850CCC6FD0A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A49E4946-B6D2-43E5-98F5-7F0954C46736}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A5133BF8-5512-4A77-BD8A-979F7515D162}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A52542BA-1AAD-4E14-B28F-8654186DBCEE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A594FDE3-BB62-4E10-9016-065200E22932}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A726935D-379F-463C-8727-B32C86ABD429}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A72DFE55-43E3-4438-809F-A3BC1F1E54BE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A7C25786-3795-412A-A5B5-CBC7BDF072C7}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A7C794BF-F0B5-4125-B33F-F43C7D026776}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A82B079F-E221-4B14-98B5-FACC5CB345A9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A84C7C42-4E45-4C20-B49C-ED3C375085DF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A8D3C549-A6DC-4CF7-8946-804660DD4D37}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A99D1182-8521-4E5A-B9CE-16BA66386FB9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A9F2005F-FC2F-47D1-AB4C-6ECC81EAAD9A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{A9FCBD03-5C8B-42AA-BC1A-8E51C419B03F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{AA7D60BD-E593-4454-8410-3D0CD89640DA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{AC5CC80A-132A-43D9-8321-F4ED4AB5DAE9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{AC6F2335-6AC6-443D-814D-6B4472AF30BA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{AC71496E-B6AE-418D-8B2B-276E65AE38BA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{AC8FF6E6-25B7-40D0-987A-6E6BA4057BFB}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{AD6198F7-BC7D-4A3B-8313-BBE9E88B7BCC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{AD89E119-9BEB-4775-B42C-E11DF91D2D4D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{AF330DEE-38EC-4241-B0B4-C76E0F1838DD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{AF71047B-57BE-46C9-AC03-1AEA882F9B3E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B0166D98-EE1F-4FD7-B8C9-1D99AB493E89}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B0E176F2-2C1C-4049-8017-B08F5B0F55FF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B10AE10E-D664-4B2B-AE82-30A9D7FBFCD6}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B452E986-1814-4F36-8FFC-815F523F3705}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B4C7887F-D176-42B5-AE2F-9828FF65713E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B5439E6E-2EFC-47C9-9C18-AE078B6A02B9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B5B8B880-ADBF-4D0C-95B0-B07A83F472CD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B5C42AD6-55FB-439D-A2E5-1392116ABE6A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B662AA1C-6E2A-4978-B8BF-EFBD6162FEB8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B668205F-0D08-4B22-9CAA-CBDD6BBE3DAE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B6BFCEBC-50AB-48AA-BA48-35227B72DA61}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B7079DD8-311D-4578-898A-025B2F83FC2E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B786EF74-15B5-4841-8068-4D0CBB4DF35D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B7932BBC-B3A7-49D3-9C98-DA3B5506D96E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B7B3CF2F-E473-45C6-9E3F-DA0BFD3B84CA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B7BB0D28-A85E-4882-9A79-D3E96CFF4D81}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B84B254B-5118-485B-BF0F-BCB04673CA3B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B85CE3A0-B949-445C-8242-9D62E9D3C638}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B8AC15AE-D3AD-434E-A8C4-59471383C8D7}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B8B907D4-618A-4F56-B64F-6BF107B84303}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B8F1EC8D-C063-4CF7-8B8F-05ECB1C1E5FF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{B947A4E8-527D-46A0-A6E7-1631230E418E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BB577332-2017-4F94-9996-E4513B4901CF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BBBA8BB1-F72B-4100-821A-16B54128EEDB}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BC2FAFE3-167D-423B-8D37-6DF8D7130513}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BCA5DA3C-D72D-43F1-B99F-AEAD8C511A09}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BCB34096-29D8-44D3-A9A8-467D64037BFD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BD3D399D-05CE-4027-8C64-DD1126A5B542}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BD92F876-4A10-4186-B281-04E4AEA6D689}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BD983671-E651-439D-AD4B-92FE3ACE21D0}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BDC609A9-897F-4887-BCE2-493972A0B541}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BEE9AC45-9BFC-4514-86A8-69D4D1A0CDC3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BF519545-5BE8-4ED5-82C8-EFFBD5DD51BB}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{BF657D36-3058-4C38-A2D9-8F90FDE20DA5}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C2AB1CBF-6BDA-4BEA-B49E-1A54A5784165}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C2BD3EE6-F1E0-488E-94F0-B213C64F78E4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C2EFEB81-7F60-4E03-A790-45E65D4FD525}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C339944D-5E52-4B41-A973-BBA63F0AB8F3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C35D34A1-82BE-4183-891A-978327EE2ADD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C40ACB6B-D15E-4E9C-8A6E-8D9B41795F9F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C414AEE4-14DE-4ACF-8932-68427283EA2E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C44092A2-3D62-4ABB-9771-AB82FD943B25}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C455C513-0754-4649-BD6B-9364B03FF553}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C461653B-246F-4D9F-B7F3-34F42B1133E7}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C4751FD4-01B2-447C-B944-080A2501B7E0}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C4C699D8-DC4C-4B39-8D34-DB9AAE3DCCB4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C52098F3-0319-4C20-9542-485D18D88BF2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C5420B0E-6222-47F6-9AB3-2D7FAD2EADA9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C591F7B4-5FC8-43FF-9206-48253A5F7268}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C59867FA-9419-4D03-9DC7-8668C6330660}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C6AB6BB2-A8D4-419B-A4C2-A6AFF64DB13B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C6E91FAC-4CD1-4B6C-BCAA-51D8601959E9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C797B188-213F-41F2-90BE-676D5FA39844}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C813041E-D811-4CEF-B037-E301AB757B74}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C831A199-54D5-4E5E-A727-5AC975B45B30}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C8795F5B-51CE-44AD-916C-8EF6D38ADB8E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C8E44E74-9F92-4921-A6BE-45111B473113}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C930B68D-294A-4A0B-9B14-A406A05D67AC}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{C9C7E291-B621-41FC-A859-0498F329B114}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CA65F958-EEAE-4AA6-BC33-4F82A3548CED}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CADD7DB5-FD56-4123-B139-AFB06ACBB306}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CB0AD117-D5D4-4283-AF92-2E51D84696DD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CCBA856C-45B3-42D5-BE90-498671F24B1F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CCE24D9B-174D-4CBB-A720-FCC90923DBB4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CD34B739-9878-4B23-B649-476438E71EAD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CDA92619-5586-473A-BBDA-30809FB574DA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CDE189F3-8EEA-4A43-9D31-AD9E708F2B49}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CECDCD65-CDEF-4B83-9499-4387F050B8C1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CED07DB5-8417-4D0B-B559-57ABB907C04F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CFC03BE4-5B6C-402A-8681-9175BCD61333}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CFF8F192-A3EC-4A4B-A782-229E5598E4BF}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{CFFCEB1C-8064-4761-8EDF-A741B0DE494F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D0367965-7988-4B21-B16B-FEAEC04D1A8C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D07FF543-707D-47D5-9720-10E9548ACB5C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D0F07F58-7161-4DFC-9DEB-D7CE20D21A13}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D1AA54AA-6B51-45CB-9F96-DE7B60CFA42C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D1CC5077-86AB-45FA-AB42-C33DEABBF2BD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D31E40D2-CDB2-4DA5-9C80-C601EFAF9BA8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D4C8CCDC-E42C-4CB0-92E6-4522C3F6DD72}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D651B8FF-E21D-4DBD-9E4F-106E52602982}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D7D31A81-E958-42AD-A6B5-EBBEF1879AA2}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D8121274-4737-457A-9851-0D394E23994C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D866BBD7-45AF-491A-AE50-41BE73929C02}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D87ECB46-13E7-4DEC-B46B-9D293A56A1CB}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D8FD604E-99E6-46AE-907C-FAF624F80F2E}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D8FF8E3C-B77E-42E4-9BE7-7C81B6F8C258}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D93582FE-952A-4C22-9413-437654E536D0}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D96B2412-A890-4823-BF7F-EA2DDABC8234}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D9866659-D220-4A3A-B0B8-F1C63CA02878}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{D9DEC89D-59D4-4AE0-84CE-89993828D555}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{DC10DDB2-0228-4A4F-9908-ABDA88CDF425}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{DC124F0B-9B83-4C58-AB9B-70A0F57DDBF4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{DD6FF377-E6C2-411B-8345-C73FAF6DB210}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{DE31D06F-4008-46CF-AEEC-DBEF22D81C2B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{DE755BE3-602F-4607-8F7F-F7F426260222}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{DEDBC548-7C92-48DA-AF2E-EB4F116E6C3A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{DF0DE016-F81F-420F-A402-01A354864303}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{DFCC8126-A81C-4C51-86BE-7F8031525257}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E1498AE9-E217-457F-8690-5ECB2C7446C3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E1636F0D-EACF-497C-8C8A-CF1A4FA10A91}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E1AA518D-3D5F-4626-B252-6FB69380FB7A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E1B0CEF9-70F7-4850-82D4-C3E723F249B3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E1F78E69-DBDC-4020-BA52-8D623BF1710B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E2CEF310-694A-4976-98CE-22201631AE8B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E3800437-44DD-4496-A3B8-C03CF937A8A5}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E3E1FE29-6BAF-4C32-B6FE-5B9984695B6F}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E3F067B6-DEE3-496F-AEB0-1991D1A8C059}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E42B7F20-7996-44DD-AD21-6F4497E09B7D}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E45720F6-9793-4285-BACC-84FF2021FF5C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E77FA9CE-642D-4313-AB46-3E76668FE934}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E8CB4CDD-576C-4A44-8CC9-2703629BDEF6}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E8D9FCD4-AD3B-483B-87A8-7D6DBE2585D9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E9799828-AC52-4C5B-B15D-8F649BDB6134}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{E97AC649-3A5E-4246-BE53-58E6478BE526}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{EA2E9636-A2BC-4AAB-A37F-D32DE7FB212C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{EA6F04E7-A38F-429C-9358-24A20E9C370B}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{EAC0EFC0-2353-4BA6-AC6F-308F3B1EBB22}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{EB2F6D9D-40C8-4615-A431-B5D71BCF467C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{EB4C9864-37D5-465F-80D1-59B2461443AA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{ED6E61A8-6273-4390-8688-223B1CD26777}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{EDCF7E55-8878-4F3E-BE4D-AD436234341C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{EE6957A1-7792-43FF-8A2D-F484EB191184}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{EF485488-4A23-453E-BEE7-D97601A1853A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{EFC061E5-BDDC-41EC-ADD2-05A8CE82503A}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F049874A-856E-421E-BEF7-8FDA9A77DB43}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F0E0986A-E09F-4830-AAF7-9311BB4E9CFA}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F20F3852-E2F0-49F4-9462-1BFB4E4AE6C8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F2CCF61A-6C6F-41D7-8FDB-98E4829746E4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F2DE6CF8-4620-4BAA-8C55-F4F59E171FC9}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F4766FD3-FF35-4723-8632-9376E5392340}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F516D049-4A2B-4EBC-A7D9-6A1FE1290EB3}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F57FE7FB-8559-4EB1-86E8-3309D16D5B94}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F66096AF-CF13-48AD-96F6-3E9E21EFB6A4}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F6B2EC00-2F18-470E-975C-28C9C966E7B1}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F712BFA3-3F12-4897-A490-7C3B693384A8}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F914FB4B-D464-45BF-B769-5AFA78442469}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{F933F671-AD12-4233-A4C8-221C7ABD335C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FA8C0395-991F-4F72-980D-73F5169437FE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FAAADB89-4CE3-438F-87BA-AE5CD324F659}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FABD6CD7-B1A4-44A5-A11F-C57B977A2832}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FB5248C2-00E8-40D1-B062-145153D61B20}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FBB13F58-03E6-4B64-8803-F1F9AE54E159}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FBC0AB05-986A-4FFC-8191-8EF151D80E18}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FC5FBDB6-1B23-4F27-AC3F-FE2784907D34}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FCB17762-05CD-4B8D-8413-A8858AFC334C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FCB8B112-224E-4B6B-9352-017A8A1AC267}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FD84D449-147B-4399-AB67-76901FCCA2AE}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FDC7A62B-F44C-490F-AE65-9CA1B7C5971C}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FF4F1ACB-D633-478E-9414-B77CBB34C8AD}
Successfully deleted: [Empty Folder] C:\Users\Frank\appdata\local\{FFE080AB-6FB0-4FAD-B80F-B937A4C84EE8}

~~~ Event Viewer Logs were cleared


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/18/2014 at 18:50:11.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


JRT closed spontaneously.

I'll run MwB per your instructions.
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,544 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
18-Jan-2014, 09:58 PM #13
Ok, thanks for the update. Post Malwarebytes log when ready, also give update on any remaining issues/concerns....

Local time for me is almost 2am, i`ll be off to bed very shortly.....zzzzzzzzzzzzzzzzz
ank44's Avatar
ank44 ank44 is offline
Member with 26 posts.
THREAD STARTER
 
Join Date: Jan 2014
18-Jan-2014, 10:38 PM #14
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.01.19.01
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Frank :: INTERNET [administrator]
1/18/2014 6:55:47 PM
mbam-log-2014-01-18 (18-55-47).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209702
Time elapsed: 4 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 13
HKCR\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCR\TypeLib\{EA3802D2-C00A-4478-9319-34075A31C28F} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCR\Interface\{483F56D2-1D67-44A5-A4C5-67DBB724F7A0} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0F12903-DE76-4DF7-BCDC-0A0689151189} (PUP.Optional.SaveValet.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0F12903-DE76-4DF7-BCDC-0A0689151189} (PUP.Optional.SaveValet.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Highlightly (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 5
C:\Users\Frank\AppData\Local\Temp\nsb3B3D.tmp\ChromeUninstaller45914.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsb11E.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsb5B0.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsbEE39.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsbEE3A.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
(end)


Dear Kevin:
After a shut down & reboot, the computer has:
1. No unwanted popups;
2. No re-directs;
3. No BSOD with msg about DPC-Watchdog_violation.

I would like to check for rootkits.

What is your opinion?

If so, please suggest as many rootkit detection utilities / programs / apps as you think necessary.

Thank you.

AND, you are almost at the 9000 post milestone.
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,544 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
19-Jan-2014, 06:25 AM #15
We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that we may have missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

Run Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

When the scan is complete
  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

If threats were found
  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

close program

copy and paste the report in next reply

Thank you,

Kevin....
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑