1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Go Daddy cert not valid.

Discussion in 'Virus & Other Malware Removal' started by gposter, Feb 13, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. gposter

    gposter Thread Starter

    Joined:
    Sep 5, 2011
    Messages:
    12
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz, Intel64 Family 6 Model 30 Stepping 5
    Processor Count: 8
    RAM: 4084 Mb
    Graphics Card: NVIDIA GeForce GTX 460M, 1536 Mb
    Hard Drives: C: Total - 463819 MB, Free - 373230 MB;
    Motherboard: TOSHIBA, Qosmio X505-Q894
    Antivirus: avast! Antivirus, Updated and Enabled

    I keep getting a popup message about redirecting to a website that does not have a valid certificate, do i still want to proceed. This happens even when there is nothing else open on my computer. My computer had blue screened twice, done a check disk for errors spontaneously and can't successfully restore a previous windows restore point... although i think the windows restore issue is not related. I've had that issue since I bought the computer and even when it was put in for warranty for the issue it still couldn't update windows when they gave it back to me >.< I've backed up all my data. Thanks in advance for the assistance!
     
  2. gposter

    gposter Thread Starter

    Joined:
    Sep 5, 2011
    Messages:
    12
    Bump. Please and Thank you :)
     
  3. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Hi gposter,
    Let's get to the bottom of this.
    -----------------------------------------------------------
    Run the MGA Diagnostic Tool
    Download MGA Diagnostic Tool to your Desktop.
    • Double click MGADiag.exe to launch the program.
    • Click Continue and let the scan run.
    • When finished it will have created a log.
    • Click Copy.
    • Next open Notepad.
      • Click Start > Run type Notepad click OK.
      • This will open an empty Notepad file.
      • Right click in the empty file and choose Paste to copy the log from MGA Diagnostics into it.
      • Save the file to your Desktop.
    • Close MGA Diagnostic Tool.
    • Copy/Paste the Notepad log you just made in your next reply please.
    -----------------------------------------------------------
    Download and Run the Farbar Scan Tool
    • Download FRST64 and save to your Desktop.
    • Double click Frst64.exe to launch it.
    • FRST64 will start to run.
      • When the tool opens click Yes to disclaimer.
      • Press the Scan button.
      • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
    If you lose track of them, they will be saved in the same location as FRST64.exe
    Feel free to use separate replies if it's more convenient.

    askey127
     
  4. gposter

    gposter Thread Starter

    Joined:
    Sep 5, 2011
    Messages:
    12
    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-4F8HK-M4P73-W8DQG
    Windows Product Key Hash: Xs1iQgVeo0C+sObJxS7eu+FuBPQ=
    Windows Product ID: 00359-OEM-8992687-00057
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {652B0DF6-6E4D-4870-94F0-83154D764281}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.150113-1808
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{652B0DF6-6E4D-4870-94F0-83154D764281}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-W8DQG</PKey><PID>00359-OEM-8992687-00057</PID><PIDType>2</PIDType><SID>S-1-5-21-2744622841-2444319950-4175525256</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Qosmio X505-Q894</Model></SYSTEM><BIOS><Manufacturer>TOSHIBA</Manufacturer><Version>V2.90 </Version><SMBIOSVersion major="2" minor="6"/><Date>20101210000000.000000+000</Date></BIOS><HWID>53A13707018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSQCI</OEMID><OEMTableID>TOSQCI00</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00178-926-800057-02-1033-7600.0000-2342010
    Installation ID: 019373180474550851278703198262630192759385532043689682
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: W8DQG
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 2/20/2015 5:24:33 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 12:6:2014 18:17
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: MAAAAAEAAQABAAEAAgABAAAAAgABAAEA6GGg8PKqkkG0/doikk3omf60Wne0nXZW

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
    ACPI Table Name OEMID Value OEMTableID Value
    APIC PTLTD APIC
    FACP INTEL CALPELLA
    HPET INTEL CALPELLA
    BOOT PTLTD $SBFTBL$
    MCFG INTEL CALPELLA
    SLIC TOSQCI TOSQCI00
    DMAR INTEL CP_FIELD
    SSDT PmRef CpuPm
     
  5. gposter

    gposter Thread Starter

    Joined:
    Sep 5, 2011
    Messages:
    12
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
    Ran by Claudia (administrator) on CLAUDIA-PC on 20-02-2015 17:28:24
    Running from C:\Users\Claudia\Desktop
    Loaded Profiles: Claudia (Available profiles: Claudia)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    (TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
    (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
    () C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
    (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
    (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
    (TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
    (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
    (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
    (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
    (Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
    (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe
    (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
    (O2Micro International) C:\Windows\System32\drivers\o2flash.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
    (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    (Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
    (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
    (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
    (Google Inc.) C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
    (Google Inc.) C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe
    (TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
    (Google Inc.) C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Google Inc.) C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1810728 2009-07-30] (Synaptics Incorporated)
    HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA Corporation)
    HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
    HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
    HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [910136 2009-11-10] (TOSHIBA Corporation)
    HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1037728 2010-07-21] (TOSHIBA Corporation.)
    HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1519016 2010-07-28] (TOSHIBA Corporation)
    HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-07-22] (TOSHIBA Corporation)
    HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
    HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
    HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
    HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
    HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
    HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
    HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [TUSBSleepChargeSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [253312 2009-10-26] (TOSHIBA)
    HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
    HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
    HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-06-11] (Toshiba)
    HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218792 2010-06-02] (Toshiba)
    HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
    HKLM-x32\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
    HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4369952 2014-11-07] (Fitbit, Inc.)
    HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1063632 2015-01-19] (Carbonite, Inc.)
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Google Update] => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-19] (Google Inc.)
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4369952 2014-11-07] (Fitbit, Inc.)
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\RunOnce: [Adobe Speed Launcher] => 1424470767
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {054f1468-3a53-11e3-b8e4-e89a8f852d06} - E:\MotorolaDeviceManagerSetup.exe -a
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {376d29a7-d0ae-11e2-b704-e89a8f852d06} - E:\VZW_Software_upgrade_assistant_installer.exe
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {f1aa6be7-a479-11e2-8a4d-e89a8f852d06} - E:\setup.exe -a
    ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
    ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
    ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
    ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
    ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND
    SearchScopes: HKLM -> DefaultScope {A65C8359-ECEE-4F39-B976-EF17555F90A2} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {A65C8359-ECEE-4F39-B976-EF17555F90A2} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
    SearchScopes: HKLM-x32 -> DefaultScope {1383BC91-9D22-4728-A580-653E059CCE24} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {1383BC91-9D22-4728-A580-653E059CCE24} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
    SearchScopes: HKU\.DEFAULT -> DefaultScope {A65C8359-ECEE-4F39-B976-EF17555F90A2} URL =
    SearchScopes: HKU\.DEFAULT -> {A65C8359-ECEE-4F39-B976-EF17555F90A2} URL =
    SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={FAF3DF4B-DE11-4DA2-8DF4-804E9EED0EE5}&mid=c381cb39e97e47d0bbdb39d3c961c4f5-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-06-15 23:30:33&v=12.2.5.32&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> {1383BC91-9D22-4728-A580-653E059CCE24} URL =
    SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={FAF3DF4B-DE11-4DA2-8DF4-804E9EED0EE5}&mid=c381cb39e97e47d0bbdb39d3c961c4f5-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-06-15 23:30:33&v=12.2.5.32&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> {96B67FC5-B84C-43A2-8E7D-835FFC172B9C} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
    SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> {A65C8359-ECEE-4F39-B976-EF17555F90A2} URL =
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
    Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2744622841-2444319950-4175525256-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Claudia\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKU\S-1-5-21-2744622841-2444319950-4175525256-1001: @talk.google.com/O1DPlugin -> C:\Users\Claudia\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKU\S-1-5-21-2744622841-2444319950-4175525256-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-2744622841-2444319950-4175525256-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Claudia\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Claudia\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-14]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.com/
    CHR StartupUrls: Default -> "https://www.google.com/"
    CHR Profile: C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
    CHR Extension: (YouTube) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-19]
    CHR Extension: (Google Search) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-19]
    CHR Extension: (AdBlock) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-25]
    CHR Extension: (http://www.runescape.com/game.ws?beta=true&j=) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\glgebdjlojgcilmndlcejlcigmngplkg [2012-08-18]
    CHR Extension: (Google Wallet) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
    CHR Extension: (Gmail) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-19]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-14]
    StartMenuInternet: Google Chrome - C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-07] (AVAST Software)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-07] (Avast Software)
    R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5738528 2014-11-07] (Fitbit, Inc.)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2015-01-27] (Verizon)
    R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
    R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [103792 2010-01-28] (Symantec Corporation)
    R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)
    R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-07] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-07] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-07] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-07] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-14] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-07] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-07] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-07] ()
    R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49568 2009-08-18] (O2Micro )
    S3 Tosrfcom; No ImagePath
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-07] (Avast Software)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-20 17:28 - 2015-02-20 17:28 - 00022642 _____ () C:\Users\Claudia\Desktop\FRST.txt
    2015-02-20 17:28 - 2015-02-20 17:28 - 00000000 ____D () C:\FRST
    2015-02-20 17:27 - 2015-02-20 17:27 - 02086912 _____ (Farbar) C:\Users\Claudia\Desktop\FRST64.exe
    2015-02-20 17:24 - 2015-02-20 17:24 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
    2015-02-20 17:24 - 2015-02-20 17:24 - 00000000 ____D () C:\MGADiagToolOutput
    2015-02-20 17:23 - 2015-02-20 17:23 - 02031992 _____ (Microsoft Corporation) C:\Users\Claudia\Desktop\MGADiag.exe
    2015-02-20 17:23 - 2015-02-20 17:23 - 00000197 _____ () C:\windows\system32\2015-02-20-22-23-27.037-AvastVBoxSVC.exe-2724.log
    2015-02-20 15:50 - 2015-02-20 15:50 - 00000197 _____ () C:\windows\system32\2015-02-20-20-50-49.067-AvastVBoxSVC.exe-3572.log
    2015-02-20 01:56 - 2015-02-20 01:56 - 00000247 _____ () C:\windows\system32\2015-02-20-06-56-01.015-aswFe.exe-6260.log
    2015-02-20 01:45 - 2015-02-20 01:55 - 00000247 _____ () C:\windows\system32\2015-02-20-06-45-43.020-aswFe.exe-4708.log
    2015-02-20 01:45 - 2015-02-20 01:45 - 00000197 _____ () C:\windows\system32\2015-02-20-06-45-39.017-AvastVBoxSVC.exe-4668.log
    2015-02-19 13:39 - 2015-02-19 13:39 - 00000197 _____ () C:\windows\system32\2015-02-19-18-39-49.021-AvastVBoxSVC.exe-5556.log
    2015-02-18 19:55 - 2015-02-18 19:55 - 00000197 _____ () C:\windows\system32\2015-02-19-00-55-02.092-AvastVBoxSVC.exe-3628.log
    2015-02-18 11:00 - 2015-02-18 11:00 - 00000197 _____ () C:\windows\system32\2015-02-18-16-00-41.023-AvastVBoxSVC.exe-4412.log
    2015-02-17 19:38 - 2015-02-17 19:38 - 00000197 _____ () C:\windows\system32\2015-02-18-00-38-28.067-AvastVBoxSVC.exe-4824.log
    2015-02-17 13:49 - 2015-02-17 13:49 - 00000247 _____ () C:\windows\system32\2015-02-17-18-49-00.064-aswFe.exe-221496.log
    2015-02-17 13:44 - 2015-02-17 13:48 - 00000247 _____ () C:\windows\system32\2015-02-17-18-44-05.049-aswFe.exe-108380.log
    2015-02-17 13:44 - 2015-02-17 13:44 - 00000197 _____ () C:\windows\system32\2015-02-17-18-44-01.077-AvastVBoxSVC.exe-52416.log
    2015-02-17 13:38 - 2015-02-17 13:38 - 00000197 _____ () C:\windows\system32\2015-02-17-18-38-23.081-AvastVBoxSVC.exe-32564.log
    2015-02-15 11:23 - 2015-02-15 11:24 - 00000197 _____ () C:\windows\system32\2015-02-15-16-23-48.091-AvastVBoxSVC.exe-4672.log
    2015-02-14 20:29 - 2015-02-14 20:29 - 00000197 _____ () C:\windows\system32\2015-02-15-01-29-25.095-AvastVBoxSVC.exe-4972.log
    2015-02-14 11:23 - 2015-02-14 11:24 - 00000197 _____ () C:\windows\system32\2015-02-14-16-23-46.002-AvastVBoxSVC.exe-1876.log
    2015-02-14 03:47 - 2015-02-14 03:47 - 00000197 _____ () C:\windows\system32\2015-02-14-08-47-44.080-AvastVBoxSVC.exe-4856.log
    2015-02-13 18:34 - 2015-02-13 18:34 - 00000197 _____ () C:\windows\system32\2015-02-13-23-34-58.037-AvastVBoxSVC.exe-5732.log
    2015-02-13 13:27 - 2015-02-13 13:27 - 00509440 _____ (Tech Support Guy System) C:\Users\Claudia\Downloads\SysInfo.exe
    2015-02-13 13:04 - 2015-02-13 13:04 - 00000197 _____ () C:\windows\system32\2015-02-13-18-04-48.073-AvastVBoxSVC.exe-5112.log
    2015-02-13 11:41 - 2015-02-13 11:41 - 00000197 _____ () C:\windows\system32\2015-02-13-16-41-34.048-AvastVBoxSVC.exe-5152.log
    2015-02-12 15:15 - 2015-02-12 15:15 - 00000197 _____ () C:\windows\system32\2015-02-12-20-15-02.052-AvastVBoxSVC.exe-4680.log
    2015-02-12 14:45 - 2015-02-12 14:45 - 00000197 _____ () C:\windows\system32\2015-02-12-19-45-42.063-AvastVBoxSVC.exe-4652.log
    2015-02-12 12:50 - 2015-02-12 12:50 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\GeoGebra 5.0
    2015-02-12 11:48 - 2015-02-12 11:48 - 00000247 _____ () C:\windows\system32\2015-02-12-16-48-25.037-aswFe.exe-5532.log
    2015-02-12 11:42 - 2015-02-12 11:48 - 00000247 _____ () C:\windows\system32\2015-02-12-16-42-30.086-aswFe.exe-5988.log
    2015-02-12 11:42 - 2015-02-12 11:42 - 00000197 _____ () C:\windows\system32\2015-02-12-16-42-27.013-AvastVBoxSVC.exe-2784.log
    2015-02-12 11:36 - 2015-02-12 11:36 - 00000197 _____ () C:\windows\system32\2015-02-12-16-36-42.068-AvastVBoxSVC.exe-4608.log
    2015-02-12 10:21 - 2015-02-12 10:21 - 00000197 _____ () C:\windows\system32\2015-02-12-15-21-16.063-AvastVBoxSVC.exe-5116.log
    2015-02-12 09:04 - 2015-02-12 09:04 - 00000197 _____ () C:\windows\system32\2015-02-12-14-04-50.097-AvastVBoxSVC.exe-1216.log
    2015-02-11 20:01 - 2015-02-11 20:01 - 00000197 _____ () C:\windows\system32\2015-02-12-01-01-32.061-AvastVBoxSVC.exe-4160.log
    2015-02-11 16:29 - 2015-01-22 23:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
    2015-02-11 16:29 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2015-02-11 16:29 - 2015-01-22 22:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2015-02-11 16:29 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2015-02-11 13:41 - 2015-02-11 13:41 - 00000197 _____ () C:\windows\system32\2015-02-11-18-41-15.019-AvastVBoxSVC.exe-3344.log
    2015-02-11 03:23 - 2015-02-03 22:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
    2015-02-11 03:23 - 2015-02-03 22:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
    2015-02-11 03:23 - 2015-02-03 22:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
    2015-02-11 03:23 - 2015-02-03 22:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
    2015-02-11 03:23 - 2015-02-03 22:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
    2015-02-11 03:23 - 2015-02-03 22:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
    2015-02-11 03:23 - 2015-02-03 22:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
    2015-02-11 03:23 - 2015-01-27 18:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
    2015-02-11 03:22 - 2015-01-14 00:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2015-02-11 03:22 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2015-02-11 03:22 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2015-02-11 03:22 - 2015-01-11 21:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
    2015-02-11 03:22 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2015-02-11 03:22 - 2015-01-11 21:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
    2015-02-11 03:22 - 2015-01-11 21:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
    2015-02-11 03:22 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
    2015-02-11 03:22 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2015-02-11 03:22 - 2015-01-11 21:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
    2015-02-11 03:22 - 2015-01-11 20:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
    2015-02-11 03:22 - 2015-01-11 20:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2015-02-11 03:22 - 2015-01-11 20:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
    2015-02-11 03:22 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
    2015-02-11 03:22 - 2015-01-11 20:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-02-11 03:22 - 2015-01-11 20:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
    2015-02-11 03:22 - 2015-01-11 20:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2015-02-11 03:22 - 2015-01-11 20:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2015-02-11 03:22 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2015-02-11 03:22 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2015-02-11 03:22 - 2015-01-11 20:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
    2015-02-11 03:22 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2015-02-11 03:22 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2015-02-11 03:22 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2015-02-11 03:22 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2015-02-11 03:21 - 2015-01-14 00:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2015-02-11 03:21 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2015-02-11 03:21 - 2015-01-11 22:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
    2015-02-11 03:21 - 2015-01-11 22:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
    2015-02-11 03:21 - 2015-01-11 21:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
    2015-02-11 03:21 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2015-02-11 03:21 - 2015-01-11 21:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
    2015-02-11 03:21 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
    2015-02-11 03:21 - 2015-01-11 21:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
    2015-02-11 03:21 - 2015-01-11 21:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
    2015-02-11 03:21 - 2015-01-11 21:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2015-02-11 03:21 - 2015-01-11 21:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
    2015-02-11 03:21 - 2015-01-11 21:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
    2015-02-11 03:21 - 2015-01-11 21:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
    2015-02-11 03:21 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
    2015-02-11 03:21 - 2015-01-11 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
    2015-02-11 03:21 - 2015-01-11 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
    2015-02-11 03:21 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2015-02-11 03:21 - 2015-01-11 21:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2015-02-11 03:21 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2015-02-11 03:21 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2015-02-11 03:21 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2015-02-11 03:21 - 2015-01-11 20:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
    2015-02-11 03:21 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2015-02-11 03:21 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2015-02-11 03:21 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2015-02-11 03:21 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2015-02-11 03:20 - 2015-01-15 03:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
    2015-02-11 03:20 - 2015-01-15 03:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
    2015-02-11 03:20 - 2015-01-15 03:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2015-02-11 03:20 - 2015-01-15 03:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
    2015-02-11 03:20 - 2015-01-15 03:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
    2015-02-11 03:20 - 2015-01-15 03:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
    2015-02-11 03:20 - 2015-01-15 03:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
    2015-02-11 03:20 - 2015-01-15 03:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
    2015-02-11 03:20 - 2015-01-15 03:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
    2015-02-11 03:20 - 2015-01-15 03:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
    2015-02-11 03:20 - 2015-01-15 03:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
    2015-02-11 03:20 - 2015-01-15 02:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
    2015-02-11 03:20 - 2015-01-15 02:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
    2015-02-11 03:20 - 2015-01-15 02:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
    2015-02-11 03:20 - 2015-01-15 02:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
    2015-02-11 03:20 - 2015-01-15 02:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
    2015-02-11 03:20 - 2015-01-15 02:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
    2015-02-11 03:20 - 2015-01-14 23:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
    2015-02-11 03:20 - 2015-01-12 22:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
    2015-02-11 03:20 - 2015-01-12 21:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
    2015-02-11 03:19 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2015-02-11 03:19 - 2014-12-12 00:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
    2015-02-11 03:19 - 2014-12-12 00:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
    2015-02-11 03:19 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
    2015-02-11 03:19 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
    2015-02-11 03:19 - 2014-11-25 22:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
    2015-02-11 03:19 - 2014-11-25 22:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
    2015-02-11 03:19 - 2014-10-03 21:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
    2015-02-11 03:19 - 2014-10-03 20:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
    2015-02-11 03:19 - 2014-10-03 20:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
    2015-02-10 23:29 - 2015-02-10 23:29 - 00004152 _____ () C:\windows\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
    2015-02-10 23:29 - 2015-02-10 23:29 - 00002147 _____ () C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
    2015-02-10 23:29 - 2015-02-10 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
    2015-02-10 23:29 - 2015-02-10 23:29 - 00000000 ____D () C:\ProgramData\Carbonite
    2015-02-10 23:29 - 2015-02-10 23:29 - 00000000 ____D () C:\Program Files\Carbonite
    2015-02-10 23:29 - 2015-02-10 23:29 - 00000000 ____D () C:\Program Files (x86)\Carbonite
    2015-02-10 20:17 - 2015-01-14 00:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
    2015-02-10 20:17 - 2015-01-14 00:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
    2015-02-10 20:17 - 2015-01-14 00:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
    2015-02-10 20:16 - 2015-01-14 01:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
    2015-02-10 20:16 - 2015-01-14 01:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
    2015-02-10 20:16 - 2015-01-14 01:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
    2015-02-10 20:16 - 2015-01-14 01:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
    2015-02-10 20:13 - 2015-02-10 20:13 - 00000197 _____ () C:\windows\system32\2015-02-11-01-13-28.053-AvastVBoxSVC.exe-3432.log
    2015-02-10 19:55 - 2015-01-10 01:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
    2015-02-10 19:55 - 2015-01-10 01:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
    2015-02-10 19:55 - 2015-01-10 01:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2015-02-10 19:55 - 2015-01-10 01:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
    2015-02-10 19:55 - 2015-01-10 01:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
    2015-02-10 19:55 - 2015-01-10 01:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2015-02-10 19:55 - 2015-01-10 01:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2015-02-10 19:55 - 2015-01-10 01:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
    2015-02-10 19:55 - 2015-01-10 01:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2015-02-10 19:55 - 2015-01-10 01:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
    2015-02-10 19:55 - 2015-01-10 01:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
    2015-02-10 19:55 - 2015-01-10 01:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
    2015-02-10 19:55 - 2015-01-10 01:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2015-02-10 19:55 - 2015-01-10 01:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2015-02-10 12:43 - 2015-02-10 19:31 - 00000000 ____D () C:\Users\Claudia\AppData\Local\AVG Web TuneUp
    2015-02-10 12:43 - 2015-02-10 19:31 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
    2015-02-10 12:43 - 2015-02-10 12:43 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
    2015-02-10 12:43 - 2015-02-10 12:43 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
    2015-02-10 12:35 - 2015-02-10 12:35 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\AVG2015
    2015-02-10 12:34 - 2015-02-10 12:34 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\TuneUp Software
    2015-02-10 12:32 - 2015-02-10 12:34 - 00000000 ____D () C:\ProgramData\AVG2015
    2015-02-10 12:32 - 2015-02-10 12:32 - 00000000 ___HD () C:\$AVG
    2015-02-10 12:27 - 2015-02-10 12:42 - 00000000 ____D () C:\Users\Claudia\AppData\Local\Avg2015
    2015-02-10 12:27 - 2015-02-10 12:27 - 00000000 ____D () C:\Users\Claudia\AppData\Local\MFAData
    2015-02-02 20:48 - 2015-02-02 20:48 - 00000197 _____ () C:\windows\system32\2015-02-03-01-48-28.040-AvastVBoxSVC.exe-4876.log
    2015-02-01 08:56 - 2015-02-01 08:57 - 00000197 _____ () C:\windows\system32\2015-02-01-13-56-40.084-AvastVBoxSVC.exe-4884.log
    2015-01-31 23:41 - 2015-01-31 23:41 - 00000197 _____ () C:\windows\system32\2015-02-01-04-41-10.094-AvastVBoxSVC.exe-4204.log
    2015-01-31 18:30 - 2015-01-31 18:31 - 00000197 _____ () C:\windows\system32\2015-01-31-23-30-51.090-AvastVBoxSVC.exe-4192.log
    2015-01-31 12:25 - 2015-01-31 12:25 - 00000197 _____ () C:\windows\system32\2015-01-31-17-25-24.015-AvastVBoxSVC.exe-4524.log
    2015-01-30 22:56 - 2015-02-10 20:04 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Mozilla
    2015-01-30 20:52 - 2015-01-30 20:52 - 00000197 _____ () C:\windows\system32\2015-01-31-01-52-39.024-AvastVBoxSVC.exe-4332.log
    2015-01-30 13:44 - 2015-01-30 13:44 - 00000197 _____ () C:\windows\system32\2015-01-30-18-44-30.013-AvastVBoxSVC.exe-4848.log
    2015-01-30 11:38 - 2015-01-30 11:38 - 00000197 _____ () C:\windows\system32\2015-01-30-16-38-38.047-AvastVBoxSVC.exe-5224.log
    2015-01-30 11:00 - 2015-01-30 11:01 - 00000197 _____ () C:\windows\system32\2015-01-30-16-00-23.064-AvastVBoxSVC.exe-4868.log
    2015-01-29 20:57 - 2015-01-29 20:58 - 00000197 _____ () C:\windows\system32\2015-01-30-01-57-58.035-AvastVBoxSVC.exe-4956.log
    2015-01-29 14:34 - 2015-01-29 14:34 - 00000197 _____ () C:\windows\system32\2015-01-29-19-34-43.026-AvastVBoxSVC.exe-4600.log
    2015-01-29 10:16 - 2015-01-29 10:16 - 00000197 _____ () C:\windows\system32\2015-01-29-15-16-16.098-AvastVBoxSVC.exe-4232.log
    2015-01-28 14:55 - 2015-01-28 14:56 - 00000197 _____ () C:\windows\system32\2015-01-28-19-55-41.089-AvastVBoxSVC.exe-5036.log
    2015-01-27 17:47 - 2015-01-27 17:47 - 00000197 _____ () C:\windows\system32\2015-01-27-22-47-28.020-AvastVBoxSVC.exe-3524.log
    2015-01-26 19:29 - 2015-01-26 19:30 - 00000197 _____ () C:\windows\system32\2015-01-27-00-29-43.016-AvastVBoxSVC.exe-4768.log
    2015-01-25 13:02 - 2015-01-25 13:03 - 00000197 _____ () C:\windows\system32\2015-01-25-18-02-49.040-AvastVBoxSVC.exe-5236.log
    2015-01-24 21:07 - 2015-01-24 21:07 - 00000197 _____ () C:\windows\system32\2015-01-25-02-07-27.030-AvastVBoxSVC.exe-4660.log
    2015-01-24 07:34 - 2015-01-24 07:35 - 00000197 _____ () C:\windows\system32\2015-01-24-12-34-32.038-AvastVBoxSVC.exe-4432.log
    2015-01-23 23:32 - 2015-01-23 23:32 - 00000197 _____ () C:\windows\system32\2015-01-24-04-32-13.009-AvastVBoxSVC.exe-4740.log
    2015-01-23 10:59 - 2015-01-23 10:59 - 00000197 _____ () C:\windows\system32\2015-01-23-15-59-13.066-AvastVBoxSVC.exe-4140.log
    2015-01-22 14:31 - 2015-01-22 14:32 - 00000197 _____ () C:\windows\system32\2015-01-22-19-31-53.068-AvastVBoxSVC.exe-4324.log
    2015-01-22 10:12 - 2015-01-22 10:13 - 00000197 _____ () C:\windows\system32\2015-01-22-15-12-58.071-AvastVBoxSVC.exe-4472.log
    2015-01-22 09:26 - 2015-01-22 09:26 - 00000197 _____ () C:\windows\system32\2015-01-22-14-26-33.007-AvastVBoxSVC.exe-1336.log
    2015-01-22 06:32 - 2015-01-22 06:32 - 00000197 _____ () C:\windows\system32\2015-01-22-11-32-28.065-AvastVBoxSVC.exe-4684.log
    2015-01-21 15:12 - 2015-01-21 15:12 - 00000197 _____ () C:\windows\system32\2015-01-21-20-12-23.035-AvastVBoxSVC.exe-4540.log
    2015-01-21 10:01 - 2015-01-21 10:01 - 00000197 _____ () C:\windows\system32\2015-01-21-15-01-50.017-AvastVBoxSVC.exe-4488.log
    2015-01-21 06:36 - 2015-01-21 06:36 - 00000197 _____ () C:\windows\system32\2015-01-21-11-36-00.032-AvastVBoxSVC.exe-4300.log

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-20 17:25 - 2012-06-15 19:35 - 01451329 _____ () C:\windows\WindowsUpdate.log
    2015-02-20 17:19 - 2012-11-17 05:15 - 00000000 ____D () C:\Temp
    2015-02-20 17:19 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2015-02-20 17:18 - 2009-07-13 23:51 - 00141630 _____ () C:\windows\setupact.log
    2015-02-20 16:20 - 2012-06-16 08:09 - 00000024 _____ () C:\Users\Claudia\random.dat
    2015-02-20 16:08 - 2012-06-19 05:47 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001UA.job
    2015-02-20 16:01 - 2013-03-13 17:37 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
    2015-02-20 15:59 - 2012-06-16 08:09 - 00000024 _____ () C:\Users\Claudia\jagexappletviewer.preferences
    2015-02-20 15:58 - 2009-07-13 23:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-20 15:58 - 2009-07-13 23:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-20 15:49 - 2012-09-14 09:53 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
    2015-02-20 15:49 - 2012-06-16 08:09 - 00000046 _____ () C:\Users\Claudia\jagex_cl_runescape_LIVE.dat
    2015-02-20 07:18 - 2012-06-16 08:13 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Skype
    2015-02-20 02:13 - 2013-12-15 22:23 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\TS3Client
    2015-02-20 01:32 - 2014-02-26 21:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2015-02-20 01:32 - 2012-06-16 08:13 - 00000000 ____D () C:\ProgramData\Skype
    2015-02-19 22:42 - 2012-06-19 05:47 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001Core.job
    2015-02-16 05:48 - 2014-03-12 22:02 - 00000000 ____D () C:\Users\Claudia\Documents\Recipes
    2015-02-16 00:29 - 2013-04-04 18:37 - 00000047 _____ () C:\Users\Claudia\jagex_cl_runescape_LIVE1.dat
    2015-02-14 22:32 - 2012-06-19 20:21 - 00000000 ____D () C:\Users\Claudia\Documents\RS
    2015-02-12 15:56 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
    2015-02-12 10:30 - 2009-07-14 00:08 - 00032552 _____ () C:\windows\Tasks\SCHEDLGU.TXT
    2015-02-11 13:38 - 2009-07-13 23:45 - 00297432 _____ () C:\windows\system32\FNTCACHE.DAT
    2015-02-11 04:50 - 2014-12-10 10:38 - 00000000 ____D () C:\windows\system32\appraiser
    2015-02-11 04:50 - 2014-05-06 21:47 - 00000000 ___SD () C:\windows\system32\CompatTel
    2015-02-11 03:09 - 2013-07-17 08:59 - 00000000 ____D () C:\windows\system32\MRT
    2015-02-11 03:02 - 2012-06-15 17:49 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2015-02-10 23:18 - 2013-08-28 22:11 - 00000000 ____D () C:\Users\Claudia\Documents\Pathfinder
    2015-02-10 22:48 - 2013-01-22 02:20 - 00000000 ____D () C:\Users\Claudia\Documents\Schoolwork
    2015-02-10 22:47 - 2012-11-30 19:41 - 00000000 ____D () C:\Users\Claudia\Documents\LifeSkills
    2015-02-10 22:01 - 2013-03-13 17:37 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2015-02-10 22:01 - 2013-03-13 17:37 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-10 22:01 - 2013-03-13 17:37 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-10 21:03 - 2012-06-19 05:47 - 00003890 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001UA
    2015-02-10 21:03 - 2012-06-19 05:47 - 00003494 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001Core
    2015-02-10 20:21 - 2014-05-14 00:00 - 00001128 _____ () C:\Users\Public\Desktop\Vz In-Home Agent.lnk
    2015-02-10 20:11 - 2012-06-15 17:15 - 00000000 ____D () C:\Users\Claudia
    2015-02-10 20:09 - 2013-03-13 17:37 - 00000000 ____D () C:\windows\system32\Macromed
    2015-02-10 20:09 - 2010-08-23 03:32 - 00000000 ____D () C:\windows\SysWOW64\Macromed
    2015-02-10 20:09 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\PolicyDefinitions
    2015-02-10 20:08 - 2014-12-26 11:14 - 00000000 ____D () C:\ProgramData\FitbitConnect
    2015-02-10 20:08 - 2014-12-26 11:14 - 00000000 ____D () C:\Program Files (x86)\Fitbit Connect
    2015-02-10 20:08 - 2014-12-14 09:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2015-02-10 20:08 - 2013-08-30 18:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
    2015-02-10 20:08 - 2013-08-24 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vz In-Home Agent
    2015-02-10 20:08 - 2012-06-19 05:48 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-02-10 20:08 - 2012-06-16 08:09 - 00000000 ____D () C:\.jagex_cache_32
    2015-02-10 20:08 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\registration
    2015-02-10 20:08 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\AppCompat
    2015-02-10 20:04 - 2014-12-01 21:20 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Corel
    2015-02-10 20:04 - 2014-10-06 21:41 - 00000000 ____D () C:\Users\Claudia\Desktop\OpenOffice 4.1.1 (en-US) Installation Files
    2015-02-10 20:04 - 2014-09-23 15:39 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Dropbox
    2015-02-10 20:04 - 2013-12-18 16:45 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Motorola Mobility
    2015-02-10 20:04 - 2013-09-03 21:22 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\OpenOffice
    2015-02-10 20:04 - 2013-08-25 13:24 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Verizon
    2015-02-10 20:04 - 2013-08-17 22:12 - 00000000 ____D () C:\Users\Claudia\Documents\Electronic Arts
    2015-02-10 20:04 - 2013-04-04 18:37 - 00000000 ____D () C:\Users\Claudia\jagexcache1
    2015-02-10 20:04 - 2012-09-23 08:47 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\.minecraft
    2015-02-10 20:04 - 2012-06-16 08:07 - 00000000 ____D () C:\Users\Claudia\jagexcache
    2015-02-10 20:03 - 2014-08-31 15:00 - 00000000 ____D () C:\Users\Claudia\AppData\Local\Citrix
    2015-02-10 20:03 - 2014-08-10 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis
    2015-02-10 20:03 - 2014-02-26 21:23 - 00000000 ____D () C:\Users\Claudia\AppData\Local\Skype
    2015-02-10 20:03 - 2013-12-18 16:45 - 00000000 ____D () C:\ProgramData\Motorola
    2015-02-10 20:03 - 2013-10-16 15:47 - 00000000 ____D () C:\ProgramData\Oracle
    2015-02-10 20:03 - 2013-08-17 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
    2015-02-10 20:03 - 2013-07-17 08:53 - 00000000 ____D () C:\Users\Claudia\AppData\Local\SupportSoft
    2015-02-10 20:02 - 2013-12-18 16:42 - 00000000 ____D () C:\Program Files\Common Files\Motorola Shared
    2015-02-10 20:02 - 2013-11-29 08:38 - 00000000 ___HD () C:\ProgramData\CanonBJ
    2015-02-10 20:02 - 2013-09-15 21:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-02-10 20:02 - 2013-08-17 22:12 - 00000000 ____D () C:\ProgramData\EA Core
    2015-02-10 20:02 - 2013-08-17 19:38 - 00000000 ____D () C:\ProgramData\Electronic Arts
    2015-02-10 20:02 - 2012-09-14 09:53 - 00000000 ____D () C:\ProgramData\AVAST Software
    2015-02-10 20:01 - 2015-01-14 23:06 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 5.0
    2015-02-10 20:01 - 2014-10-21 15:38 - 00000000 ____D () C:\Program Files (x86)\Java
    2015-02-10 20:01 - 2014-08-10 17:35 - 00000000 ____D () C:\Program Files (x86)\Maxis
    2015-02-10 20:01 - 2014-05-21 07:41 - 00000000 ____D () C:\Program Files (x86)\GanttProject-2.6
    2015-02-10 20:01 - 2013-12-18 16:44 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
    2015-02-10 20:01 - 2013-12-18 16:44 - 00000000 ____D () C:\Program Files (x86)\Motorola
    2015-02-10 20:01 - 2013-12-15 22:23 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
    2015-02-10 20:01 - 2013-09-15 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2015-02-10 20:01 - 2013-09-03 21:20 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
    2015-02-10 20:01 - 2013-08-18 11:48 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
    2015-02-10 20:01 - 2013-08-17 19:52 - 00000000 ____D () C:\Program Files (x86)\Origin Games
    2015-02-10 20:01 - 2013-08-17 19:38 - 00000000 ____D () C:\Program Files (x86)\Origin
    2015-02-10 20:01 - 2013-07-17 08:53 - 00000000 ____D () C:\Program Files (x86)\Verizon
    2015-02-10 20:01 - 2013-02-20 10:13 - 00000000 ____D () C:\Program Files (x86)\Adobe
    2015-02-10 20:01 - 2012-09-14 09:53 - 00000000 ____D () C:\Program Files\AVAST Software
    2015-02-10 19:31 - 2012-06-15 22:25 - 00000000 ____D () C:\ProgramData\MFAData
    2015-02-10 12:32 - 2012-06-15 22:28 - 00000000 ____D () C:\Program Files (x86)\AVG
    2015-01-24 14:52 - 2014-10-21 15:38 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
    2015-01-24 14:52 - 2014-10-21 15:38 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
    2015-01-24 14:52 - 2014-10-21 15:38 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
    2015-01-24 14:52 - 2014-10-21 15:38 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

    ==================== Files in the root of some directories =======

    2012-06-19 05:44 - 2012-06-19 05:44 - 0034764 _____ () C:\Users\Claudia\AppData\Local\dt.dat
    2014-12-01 20:36 - 2014-12-10 18:56 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

    Files to move or delete:
    ====================
    C:\Users\Claudia\jagex_cl_runescape_LIVE.dat
    C:\Users\Claudia\jagex_cl_runescape_LIVE1.dat
    C:\Users\Claudia\jagex_cl_runescape_LIVE_BETA.dat
    C:\Users\Claudia\random.dat


    Some content of TEMP:
    ====================
    C:\Users\Claudia\AppData\Local\Temp\avguidx.dll
    C:\Users\Claudia\AppData\Local\Temp\CommonInstaller.exe
    C:\Users\Claudia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_e2tyd.dll
    C:\Users\Claudia\AppData\Local\Temp\fwoqwd7w.dll
    C:\Users\Claudia\AppData\Local\Temp\iGearedHelper.dll
    C:\Users\Claudia\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
    C:\Users\Claudia\AppData\Local\Temp\jre-8u31-windows-au.exe
    C:\Users\Claudia\AppData\Local\Temp\MachineIdCreator.exe
    C:\Users\Claudia\AppData\Local\Temp\mk17rim1.dll
    C:\Users\Claudia\AppData\Local\Temp\MotoCast_Installer_2.0405.exe
    C:\Users\Claudia\AppData\Local\Temp\oi_{A68D9BA4-BB38-4CBA-9EA9-4B1158DF2BFF}.exe
    C:\Users\Claudia\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Claudia\AppData\Local\Temp\ToolbarInstaller.exe
    C:\Users\Claudia\AppData\Local\Temp\UNINSTALL.EXE


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-02-13 12:16

    ==================== End Of Log ============================
     
  6. gposter

    gposter Thread Starter

    Joined:
    Sep 5, 2011
    Messages:
    12
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
    Ran by Claudia at 2015-02-20 17:29:31
    Running from C:\Users\Claudia\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
    Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.16(T) - TOSHIBA CORPORATION)
    Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.2 build 4667 (Jan-19-2015) - Carbonite)
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Conexant HD Audio (HKLM\...\CNXT_AUDIO) (Version: 4.126.0.62 - Conexant)
    Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.110 - Corel Inc.)
    Dolby Control Center (HKLM\...\{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}) (Version: 2.2.1 - Dolby)
    FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Fitbit Connect (HKLM-x32\...\{E54705FB-98A6-4C03-B2DC-D8C3B5486DCD}) (Version: 2.0.0.6512 - Fitbit Inc.)
    GanttProject (HKLM-x32\...\GanttProject) (Version: - )
    GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.57.0 - International GeoGebra Institute)
    Google Chrome (HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
    Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
    HDMI Control Manager (HKLM-x32\...\InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA CORPORATION)
    HDMI Control Manager (Version: 2.0 - TOSHIBA CORPORATION) Hidden
    HDMI Control Manager (x32 Version: 2.0 - TOSHIBA CORPORATION) Hidden
    IHA_MessageCenter (HKLM-x32\...\{834265C4-CDF4-44D3-BD24-31531617EFB8}) (Version: 1.8.70 - Verizon)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.1.1001 - Intel Corporation)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    [email protected] 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
    Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
    Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5912 - NVIDIA Corporation)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
    NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
    O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{6408053B-4FC3-4087-BB58-68C220D02BA4}) (Version: 2.0.56 - O2Micro International LTD.)
    O2Micro Flash Memory Card Windows Driver (Version: 2.0.56 - O2Micro International LTD.) Hidden
    OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
    Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
    Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.7.3 - Synaptics Incorporated)
    TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
    The Sims Deluxe Edition (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version: - )
    The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts)
    The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
    Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.2.0 - Toshiba)
    TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
    TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
    TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
    TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
    TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.2.12-A - TOSHIBA Corporation)
    TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.18.64 - TOSHIBA Corporation)
    TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
    TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.02.01.00 - )
    TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.4 - TOSHIBA Corporation)
    TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
    Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.3.198 - Symantec Corporation)
    TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
    TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION)
    Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.24 - Toshiba)
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.1.64 - TOSHIBA Corporation)
    TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
    TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation)
    TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
    TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.02.01.00 - )
    TOSHIBA USB Sleep and Charge Utility (HKLM-x32\...\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}) (Version: 1.3.4.0 - TOSHIBA Corporation)
    TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.40.64 - TOSHIBA Corporation)
    TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.16 - TOSHIBA Corporation)
    ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
    Verizon Activation (HKLM-x32\...\{92125850-CE9E-405F-8DC7-774DC36AE76C}_is1) (Version: - Verizon)
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    Vz In-Home Agent (HKLM-x32\...\VzInHomeAgent) (Version: 9.0.71.0 - Verizon)
    Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden
    WinASO Registry Optimizer 4.7.6 (HKLM-x32\...\WinASO Registry Optimizer_is1) (Version: - X.M.Y International LLC)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
    Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
    Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Claudia\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
    CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

    ==================== Restore Points =========================

    17-02-2015 19:59:26 Scheduled Checkpoint
    17-02-2015 20:24:07 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {067410F4-4398-4168-BE7E-1A8D48C94D0B} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
    Task: {2D0A50D8-C30B-4EA6-A38E-F0D88D79272B} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {5C64FBA6-2F4D-4F68-A770-FBF57ACC5304} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {5D71B1E6-0535-4F7C-9133-8E9043363B03} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-10] (Adobe Systems Incorporated)
    Task: {6E59D547-D8A3-4E3F-97F6-F9490AD39E65} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-07] (AVAST Software)
    Task: {7F701CC7-A354-4C4F-86A4-334365541ABC} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
    Task: {7FFCD880-F2AB-499E-ACAE-826402FCD255} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
    Task: {8331DCA4-19C7-43AE-BA68-448F443BDF4C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001UA => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-19] (Google Inc.)
    Task: {B1F22ABC-E904-4CE6-B749-8FE9BB4F228D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001Core => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-19] (Google Inc.)
    Task: {C19C617E-BE3E-4B9C-80B7-8C3E7959F786} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {CEF9ACF7-4F63-4B10-8F10-C36F6AD3D4D3} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
    Task: {ECAEEB97-EC00-4754-9B95-68CFAB107412} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001Core.job => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001UA.job => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2009-10-18 17:20 - 2009-10-18 17:20 - 07959864 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
    2009-11-03 15:26 - 2009-11-03 15:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
    2010-08-23 03:27 - 2009-06-22 17:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
    2009-03-12 21:08 - 2009-03-12 21:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
    2009-07-25 19:38 - 2009-07-25 19:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
    2010-01-07 18:52 - 2010-01-07 18:52 - 00417592 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
    2014-12-07 19:50 - 2014-12-07 19:50 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
    2014-12-07 19:50 - 2014-12-07 19:50 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
    2010-02-05 19:44 - 2010-02-05 19:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
    2015-02-20 15:49 - 2015-02-20 15:49 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15022001\algo.dll
    2014-12-07 19:50 - 2014-12-07 19:50 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
    2014-10-28 12:22 - 2014-10-28 12:22 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
    2014-12-07 19:50 - 2014-12-07 19:50 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2013-10-31 10:05 - 2013-10-31 10:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
    2015-02-19 14:09 - 2015-02-17 17:44 - 01117512 _____ () C:\Users\Claudia\AppData\Local\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
    2015-02-19 14:09 - 2015-02-17 17:44 - 00211272 _____ () C:\Users\Claudia\AppData\Local\Google\Chrome\Application\40.0.2214.115\libegl.dll
    2015-02-19 14:09 - 2015-02-17 17:44 - 09171272 _____ () C:\Users\Claudia\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

    ==================== Accounts: =============================

    Administrator (S-1-5-21-2744622841-2444319950-4175525256-500 - Administrator - Disabled)
    Claudia (S-1-5-21-2744622841-2444319950-4175525256-1001 - Administrator - Enabled) => C:\Users\Claudia
    Guest (S-1-5-21-2744622841-2444319950-4175525256-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2744622841-2444319950-4175525256-1002 - Limited - Enabled)

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/20/2015 05:20:21 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: carboniteservice.exe, version: 5.7.2.4667, time stamp: 0x54bd3043
    Faulting module name: carboniteservice.exe, version: 5.7.2.4667, time stamp: 0x54bd3043
    Exception code: 0xc0000005
    Fault offset: 0x0000000000148057
    Faulting process id: 0x470
    Faulting application start time: 0xcarboniteservice.exe0
    Faulting application path: carboniteservice.exe1
    Faulting module path: carboniteservice.exe2
    Report Id: carboniteservice.exe3

    Error: (02/20/2015 05:19:54 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
    Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
    Parameter name: dueTime
    Stack Trace:
    at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
    at System.Timers.Timer.set_Enabled(Boolean value)
    at SnappCloud.ActivationReminder.AraClient.PostInit()
    at SnappCloud.ActivationReminder.Program.Main(String[] args)

    Error: (02/20/2015 03:49:33 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
    Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
    Parameter name: dueTime
    Stack Trace:
    at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
    at System.Timers.Timer.set_Enabled(Boolean value)
    at SnappCloud.ActivationReminder.AraClient.PostInit()
    at SnappCloud.ActivationReminder.Program.Main(String[] args)

    Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070013, The media is write protected.
    .

    Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 13) (User: )
    Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
    ]

    Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070013, The media is write protected.
    .

    Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 13) (User: )
    Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
    ]

    Error: (02/20/2015 05:48:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program hsplayer.exe version 10.5.0.5 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: d18

    Start Time: 01d04cd75baee051

    Termination Time: 5

    Application Path: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\hsplayer.exe

    Report Id: e4967291-b8ed-11e4-b75a-e89a8f852d06

    Error: (02/20/2015 01:32:32 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Claudia-PC)
    Description: Application or service 'Windows Defender' could not be shut down.

    Error: (02/20/2015 01:32:20 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Claudia-PC)
    Description: Application or service 'Windows Defender' could not be shut down.


    System errors:
    =============
    Error: (02/20/2015 05:22:01 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error:
    %%1056

    Error: (02/20/2015 05:20:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The CarboniteService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (02/20/2015 02:00:45 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error:
    %%1056

    Error: (02/20/2015 01:59:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The CarboniteService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (02/19/2015 10:43:02 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

    Error: (02/19/2015 02:33:50 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
    Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

    Error: (02/19/2015 01:38:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The IHA_MessageCenter service failed to start due to the following error:
    %%1053

    Error: (02/19/2015 01:38:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.

    Error: (02/19/2015 01:37:34 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 1:45:05 AM on &#8206;2/&#8206;19/&#8206;2015 was unexpected.

    Error: (02/18/2015 10:53:17 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error:
    %%1056


    Microsoft Office Sessions:
    =========================
    Error: (02/20/2015 05:20:21 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: carboniteservice.exe5.7.2.466754bd3043carboniteservice.exe5.7.2.466754bd3043c0000005000000000014805747001d04d5b42a46447C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exeC:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exea838d550-b94e-11e4-9084-e89a8f852d06

    Error: (02/20/2015 05:19:54 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
    Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
    Parameter name: dueTime
    Stack Trace:
    at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
    at System.Timers.Timer.set_Enabled(Boolean value)
    at SnappCloud.ActivationReminder.AraClient.PostInit()
    at SnappCloud.ActivationReminder.Program.Main(String[] args)

    Error: (02/20/2015 03:49:33 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
    Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
    Parameter name: dueTime
    Stack Trace:
    at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
    at System.Timers.Timer.set_Enabled(Boolean value)
    at SnappCloud.ActivationReminder.AraClient.PostInit()
    at SnappCloud.ActivationReminder.Program.Main(String[] args)

    Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: CoCreateInstance0x80070013, The media is write protected.

    Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 13) (User: )
    Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, The media is write protected.

    Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: CoCreateInstance0x80070013, The media is write protected.

    Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 13) (User: )
    Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, The media is write protected.

    Error: (02/20/2015 05:48:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: hsplayer.exe10.5.0.5d1801d04cd75baee0515C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\hsplayer.exee4967291-b8ed-11e4-b75a-e89a8f852d06

    Error: (02/20/2015 01:32:32 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Claudia-PC)
    Description: 1svchost.exeWindows Defender03026216150720

    Error: (02/20/2015 01:32:20 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Claudia-PC)
    Description: 0svchost.exeWindows Defender03026216150720


    CodeIntegrity Errors:
    ===================================
    Date: 2015-02-08 12:07:42.741
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-08 12:07:42.531
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-08 12:07:42.391
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-08 12:07:42.211
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-08 12:07:42.071
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-08 12:07:41.901
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-08 12:07:41.751
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-08 12:07:41.521
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-08 12:07:41.361
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-08 12:07:40.861
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
    Percentage of memory in use: 52%
    Total physical RAM: 4084.48 MB
    Available physical RAM: 1929.43 MB
    Total Pagefile: 8167.15 MB
    Available Pagefile: 5715.75 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB

    ==================== Drives ================================

    Drive c: (TI105970W0D) (Fixed) (Total:452.95 GB) (Free:359.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 89B15EC1)
    Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
    Partition 2: (Not Active) - (Size=452.9 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=11.3 GB) - (Type=17)

    ==================== End Of Log ============================
     
  7. gposter

    gposter Thread Starter

    Joined:
    Sep 5, 2011
    Messages:
    12
    Thank you so much! I believe that is everything. Let me know if you need anything else.
     
  8. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    gposter,
    You don't have to open any file from the GoDaddy server if you don't want to.
    They have been tolerating adware distributors (at least) on their servers for a long time, based on many reports.
    I can't say for sure yet what's calling it..
    --------------------------------------------------------
    Run A Fix With FRST
    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both the program FRST64.exe and Fixlist.txt be in the same location, or the fix will not work.
    (Both on the Desktop is OK, or both in the same folder elsewhere)

    Run FRST64 and press the Fix button just once and wait. DO NOT PRESS THE SCAN BUTTON.
    If for some reason the tool needs a restart, please make sure you let the system restart normally.
    The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
    When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.

    askey127
     

    Attached Files:

  9. gposter

    gposter Thread Starter

    Joined:
    Sep 5, 2011
    Messages:
    12
    ix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
    Ran by Claudia at 2015-02-20 23:53:37 Run:1
    Running from C:\Users\Claudia\Desktop
    Loaded Profiles: Claudia (Available profiles: Claudia)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [103792 2010-01-28] (Symantec Corporation)
    R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)
    2015-02-10 12:43 - 2015-02-10 12:43 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
    2015-02-10 12:43 - 2015-02-10 12:43 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
    2015-02-10 12:35 - 2015-02-10 12:35 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\AVG2015
    2015-02-10 12:32 - 2015-02-10 12:34 - 00000000 ____D () C:\ProgramData\AVG2015
    2015-02-10 12:27 - 2015-02-10 12:42 - 00000000 ____D () C:\Users\Claudia\AppData\Local\Avg2015
    2015-02-10 12:32 - 2012-06-15 22:28 - 00000000 ____D () C:\Program Files (x86)\AVG
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Google Update] => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-19] (Google Inc.)
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4369952 2014-11-07] (Fitbit, Inc.)
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\RunOnce: [Adobe Speed Launcher] => 1424470767
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {054f1468-3a53-11e3-b8e4-e89a8f852d06} - E:\MotorolaDeviceManagerSetup.exe -a
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {376d29a7-d0ae-11e2-b704-e89a8f852d06} - E:\VZW_Software_upgrade_assistant_installer.exe
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {f1aa6be7-a479-11e2-8a4d-e89a8f852d06} - E:\setup.exe -a
    SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={FAF3DF4B-DE11-4DA2-8DF4-804E9EED0EE5}&mid=c381cb39e97e47d0bbdb39d3c961c4f5-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-06-15 23:30:33&v=12.2.5.32&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={FAF3DF4B-DE11-4DA2-8DF4-804E9EED0EE5}&mid=c381cb39e97e47d0bbdb39d3c961c4f5-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-06-15 23:30:33&v=12.2.5.32&sap=dsp&q={searchTerms}

    *****************

    Norton PC Checkup Application Launcher => Unable to stop service
    Norton PC Checkup Application Launcher => Service deleted successfully.
    PCCUJobMgr => Unable to stop service
    PCCUJobMgr => Service deleted successfully.
    C:\ProgramData\AVG Security Toolbar => Moved successfully.
    C:\ProgramData\AVG Web TuneUp => Moved successfully.
    C:\Users\Claudia\AppData\Roaming\AVG2015 => Moved successfully.
    C:\ProgramData\AVG2015 => Moved successfully.
    C:\Users\Claudia\AppData\Local\Avg2015 => Moved successfully.
    C:\Program Files (x86)\AVG => Moved successfully.
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Fitbit Connect => value deleted successfully.
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Gyazo => value deleted successfully.
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
    "HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{054f1468-3a53-11e3-b8e4-e89a8f852d06}" => Key deleted successfully.
    HKCR\CLSID\{054f1468-3a53-11e3-b8e4-e89a8f852d06} => Key not found.
    "HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{376d29a7-d0ae-11e2-b704-e89a8f852d06}" => Key deleted successfully.
    HKCR\CLSID\{376d29a7-d0ae-11e2-b704-e89a8f852d06} => Key not found.
    "HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1aa6be7-a479-11e2-8a4d-e89a8f852d06}" => Key deleted successfully.
    HKCR\CLSID\{f1aa6be7-a479-11e2-8a4d-e89a8f852d06} => Key not found.
    "HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
    HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
    HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.


    The system needed a reboot.

    ==== End of Fixlog 23:53:49 ====
     
  10. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    gposter,
    -------------------------------------------------------------
    AdwCleaner Download and Run

    Download AdwCleaner and save it to your desktop or somewhere you can find it.
    Take care NOT to click on any ad, like from PC Optimizer Pro. The correct link is the button labeled "Download from Bleeping Computer".
    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and double click on this icon on your desktop:

    [​IMG]

    You will then see the screen below. Click on the Scan button (as indicated), accept any prompts that appear and allow it to run.
    It may take several minutes to complete.
    When it is done, click on the Clean button, accept any prompts that appear and allow the system to Reboot.
    You will then be presented with the report. Copy & Paste it into a reply here.

    [​IMG]
    If you lose track of the log, it is saved in this folder C:\AdwCleaner\
    The filename will be adwcleaner[xx].txt where [xx] will be S1, or S2, etc. whichever filename is newest.

    Also Tell me how the machine is behaving.
    askey127
     
  11. gposter

    gposter Thread Starter

    Joined:
    Sep 5, 2011
    Messages:
    12
    # AdwCleaner v4.111 - Logfile created 21/02/2015 at 18:57:51
    # Updated 18/02/2015 by Xplode
    # Database : 2015-02-18.3 [Server]
    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)
    # Username : Claudia - CLAUDIA-PC
    # Running from : C:\Users\Claudia\Desktop\AdwCleaner.exe
    # Option : Cleaning

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Partner
    Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    File Deleted : C:\Users\Claudia\AppData\Local\Temp\Uninstall.exe
    File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
    File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal
    File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
    File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
    File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
    File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage

    ***** [ Scheduled tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKCU\Software\IGearSettings
    Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;192.168.*.*

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17631


    -\\ Google Chrome v

    [C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={FAF3DF4B-DE11-4DA2-8DF4-804E9EED0EE5}&mid=c381cb39e97e47d0bbdb39d3c961c4f5-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-06-15 23:30:33&v=12.2.5.32&sap=dsp&q={searchTerms}
    [C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

    *************************

    AdwCleaner[R0].txt - [3318 bytes] - [21/02/2015 18:54:29]
    AdwCleaner[S0].txt - [3236 bytes] - [21/02/2015 18:57:51]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3295 bytes] ##########
     
  12. gposter

    gposter Thread Starter

    Joined:
    Sep 5, 2011
    Messages:
    12
    I haven't been on all day to see how it's running. I will let you know in a few hours. Thank you so much!!
     
  13. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    I'll be here.
     
  14. gposter

    gposter Thread Starter

    Joined:
    Sep 5, 2011
    Messages:
    12
    I have not had any more problems :) Thank you soooo much!!! I will mark solved
     
  15. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1143018

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice