HTMI Virus again

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Gene321

Thread Starter
Joined
Apr 9, 2015
Messages
35
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD Athlon(tm) II 170u Processor, AMD64 Family 16 Model 6 Stepping 3
Processor Count: 1
RAM: 1790 Mb
Graphics Card: NVIDIA GeForce 6150SE nForce 430, 256 Mb
Hard Drives: C: Total - 465943 MB, Free - 354503 MB; D: Total - 10893 MB, Free - 1571 MB;
Motherboard: PEGATRON CORPORATION, NARRA5
Antivirus: AVG AntiVirus Free Edition 2014, Updated and Enabled
P C is running very slow at times, System Restore won't run, AVG just said I had the HTML Frammer virus again. Got a virus last Dec (HTMI) where it first looked like my hard drive was wiped out but later found my info was still in disk C &D. At that time I tried to use System Restore but when it said I had to uninstall AVG it wouldn't uninstall so System Restore wouldn't work.used the one time use of Malwarebites.com I think it was called and than I could uninstall AVG so I could run System Restore and got most of my stuff back. But about a month ago the pc started running slow, slow typing, slow to shut down etc and today after doing a scan AVG said I had the HTMI Frammer again. Please help, Gene
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Welcome :)

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another log (Addition.txt ). Please attach this to your reply.
 

Gene321

Thread Starter
Joined
Apr 9, 2015
Messages
35
I'm writting from an old computer with the hard drive about to go. I downloaded Advanced Systems virus tool or something like that on my win 7 and this morning I did an update on what I think is part of that program thats called Orbit or something like that, well when I rebooted I can't get my password to windows to work, It just says I need to use the reset password disk or usb to change password, other than being able to turn off the pc and make things lighter or darker, enlarge, etc there isn't any other places to go on that password page. So I can't download that program you told me to download on my Win 7 till we can fix the password to windows. Getting desperate LOL, Gene
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Forum rules do not allow help with passwords. Let me know when you resolve this issue.
 

Gene321

Thread Starter
Joined
Apr 9, 2015
Messages
35
So your saying there is no way to get my windows password to work ? Maybe you misunderstand me I know my pass word to get into my computer on win 7 I just can't type it into the screen. Nothing shows up
when I type there. This will really suck if I have to throw away an unbacked up computer !
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Try this:

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Plug the flash drive into the infected PC.
  • If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
  • Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html



    To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt

    Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 

Gene321

Thread Starter
Joined
Apr 9, 2015
Messages
35
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-04-2015
Ran by Gene (administrator) on GENE-NUMSKULL on 11-04-2015 09:24:02
Running from C:\Users\Gene\Downloads
Loaded Profiles: Gene (Available profiles: Gene)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Mindspark) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Windows\SysWOW64\UTSCSI.EXE
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVG Secure Search) C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHSA.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.3.0\ScriptHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2015-04-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-02-24] (Affinegy, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2503704 2015-03-05] ()
HKLM-x32\...\Run: [EMET 4.1 Agent] => C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [78992 2013-11-21] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2015-01-26] (Mindspark)
HKLM-x32\...\Run: [InboxAce AppIntegrator 32-bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator.exe [225864 2015-01-26] (Mindspark)
HKLM-x32\...\Run: [InboxAce AppIntegrator 64-bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [258632 2015-01-26] (Mindspark)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5768992 2015-03-06] (IObit)
HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-05-07] (Google Inc.)
HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7806232 2015-03-26] (SUPERAntiSpyware)
HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\...\Run: [cdloader] => C:\Users\Gene\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHSA.EXE [241280 2015-03-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\EARTHB~1.SCR
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com/?type=hp&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com/?type=hp&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com/?type=hp&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com/?type=hp&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C&q={searchTerms}
HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com/?type=hp&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C
URLSearchHook: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 - (No Name) - {5fdb0cd8-5760-44d1-8d13-a78bf558c3c7} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {3B82CD0C-9BE4-431E-8998-4155E30A2108} URL = http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {82C848BE-55DE-4074-9506-A70E2ADBBF04} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C&q={searchTerms}
SearchScopes: HKLM-x32 -> {3B82CD0C-9BE4-431E-8998-4155E30A2108} URL = http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {82C848BE-55DE-4074-9506-A70E2ADBBF04} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
SearchScopes: HKLM-x32 -> {8fe8d013-c3fd-4802-af48-79274e9f969e} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^YO^xdm135^YYA^us&si=314029&ptb=01BF18A9-9440-481C-809D-FA1432C7DFB3&psa=&ind=2015012617&st=sb&n=781aa709&searchfor={searchTerms}
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\.DEFAULT -> {82C848BE-55DE-4074-9506-A70E2ADBBF04} URL =
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> DefaultScope {C39043E4-C970-48F9-962C-0AB5AB725588} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie10
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {0D4B1CC9-3A51-41D2-A1B8-1ADE57BB7EEB} URL = http://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {3B82CD0C-9BE4-431E-8998-4155E30A2108} URL = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZUxdm45899us&ptnrS=ZUxdm45899us&si=COy3jPS_tK0CFYHAKgodAGdymA&ptb=qyFaxzlDvgkJcyqpbYMVNQ&ind=2012010313&n=77ecd749&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {68138196-B7FB-42EF-B423-73808D053060} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282137&CUI=UN40276179851512221
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {82C848BE-55DE-4074-9506-A70E2ADBBF04} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {8fe8d013-c3fd-4802-af48-79274e9f969e} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^YO^xdm135^YYA^us&si=314029&ptb=01BF18A9-9440-481C-809D-FA1432C7DFB3&psa=&ind=2015012617&st=sb&n=781aa709&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={F3A5F81B-26B6-4BFE-A687-77ECBDF4511E}&mid=f29c5dc0aa2c47d18925a138fa564320-ebaed82711113639aef42898eb4934f5defd2e1a&lang=en&ds=AVG&pr=fr&d=2013-01-20 10:01:28&v=15.3.0.11&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {A6AAFEE5-56A8-49E2-B524-921A29FB4506} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=C588DFC2-81F8-414F-ABC9-D4D345FD4C60&apn_sauid=E5309460-16D4-4381-B324-5B54F50A973D&
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {C39043E4-C970-48F9-962C-0AB5AB725588} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie10
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredimail.com/1/?search={searchTerms}&loc=search_box&a=1pcqSpH6aRr
SearchScopes: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> {E5DE9B82-09EE-495A-9021-D14F1B94B6EB} URL = http://delicious.com/search?p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-28] (IObit)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-08-07] (Yahoo! Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll [2015-01-26] (Mindspark)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-05] (AVG Secure Search)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll [2015-01-26] (Mindspark)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -> No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-05] (AVG Secure Search)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-08-07] (Yahoo! Inc.)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll [2015-01-26] (Mindspark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-3523205850-2673497747-2435249067-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-03-05] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com/?type=sc&ts=1385929631&from=tugs&uid=126614527_1052515_A8E7A37C

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @mywebsearch.com/Plugin -> C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3523205850-2673497747-2435249067-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101772.dll [2012-12-27] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-09-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012-11-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml [2013-05-21]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2013-11-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\MyWebSearch\bar\1.bin
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.113
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.113 [2014-01-10]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.nationzoom.com/?type=hp&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C"
CHR Profile: C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (FromDocToPDF) - C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Extensions\lplgmijfnicgfhoccpjcbkidkkcaiapo [2014-12-11]
CHR Extension: (AVG SafeGuard) - C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-07-10]
CHR Extension: (Google Wallet) - C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-03]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Gene\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-13] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-02-24] (Affinegy, Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [90696 2015-01-26] (Mindspark)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-07-21] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2015-04-10] (Realtek Semiconductor)
R2 UTSCSI; C:\Windows\SysWOW64\UTSCSI.EXE [45056 2013-01-14] () [File not signed]
R2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1802776 2015-03-05] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2014-11-10] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-28] (REALiX(tm))
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2014-11-10] (IObit.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-12-12] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2014-11-10] (IObit.com)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-11 09:24 - 2015-04-11 09:25 - 00028636 _____ () C:\Users\Gene\Downloads\FRST.txt
2015-04-11 09:23 - 2015-04-11 09:24 - 00000000 ____D () C:\FRST
2015-04-11 09:22 - 2015-04-11 09:22 - 02095616 _____ (Farbar) C:\Users\Gene\Downloads\FRST64.exe
2015-04-11 09:19 - 2015-04-11 09:19 - 01135104 _____ (Farbar) C:\Users\Gene\Downloads\FRST (1).exe
2015-04-11 09:17 - 2015-04-11 09:18 - 01135104 _____ (Farbar) C:\Users\Gene\Downloads\FRST.exe
2015-04-10 10:06 - 2015-04-10 10:06 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-04-10 10:06 - 2015-04-10 10:06 - 04408792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-04-10 10:06 - 2015-04-10 10:06 - 03218800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 02888920 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 02808176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-04-10 10:06 - 2015-04-10 10:06 - 01709083 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-04-10 10:06 - 2015-04-10 10:06 - 01708248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 01411096 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 01298136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 00451608 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 00366616 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-04-10 10:06 - 2015-04-10 10:06 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-04-10 10:05 - 2015-04-10 10:05 - 02902040 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-04-09 14:37 - 2015-04-09 14:37 - 00509440 _____ (Tech Support Guy System) C:\Users\Gene\Downloads\SysInfo (1).exe
2015-04-09 14:08 - 2015-04-09 14:08 - 00509440 _____ (Tech Support Guy System) C:\Users\Gene\Downloads\SysInfo.exe
2015-04-08 09:05 - 2015-04-08 09:05 - 00000000 _____ () C:\Windows\SysWOW64\sho4F77.tmp
2015-04-06 11:40 - 2015-04-06 11:40 - 00002227 _____ () C:\Users\Gene\Desktop\HP Support Assistant.lnk
2015-04-06 11:40 - 2015-04-06 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-04-06 11:24 - 2012-05-29 15:53 - 00027456 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\cpqdfw.sys
2015-04-06 11:19 - 2015-04-06 11:19 - 00000000 ____D () C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
2015-04-05 12:23 - 2015-04-05 12:23 - 00002912 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Gene
2015-04-03 09:15 - 2015-04-11 08:20 - 00002882 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Gene)
2015-03-29 15:49 - 2015-04-08 09:17 - 00030116 _____ () C:\Windows\PFRO.log
2015-03-28 14:57 - 2015-03-28 14:57 - 00003192 _____ () C:\Windows\System32\Tasks\SmartDefrag4_Startup
2015-03-28 14:57 - 2015-03-28 14:57 - 00003192 _____ () C:\Windows\System32\Tasks\ASC8_PerformanceMonitor
2015-03-28 14:57 - 2015-03-28 14:57 - 00003190 _____ () C:\Windows\System32\Tasks\SmartDefrag4_Update
2015-03-28 14:57 - 2015-03-28 14:57 - 00002880 _____ () C:\Windows\System32\Tasks\ASC8_SkipUac_Gene
2015-03-28 14:56 - 2015-03-28 14:56 - 00001180 _____ () C:\Users\Public\Desktop\Smart Defrag 4.lnk
2015-03-28 14:56 - 2015-03-28 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-03-28 14:56 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2015-03-28 14:55 - 2015-03-31 09:00 - 00002191 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-03-28 14:55 - 2015-03-28 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-03-28 14:55 - 2015-03-28 14:55 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-03-28 14:52 - 2015-03-28 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-03-28 14:45 - 2015-03-28 14:44 - 00120320 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMHSA.DLL
2015-03-28 14:45 - 2015-03-28 14:44 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BHSA.DLL
2015-03-28 14:42 - 2015-04-11 08:36 - 00005932 _____ () C:\Windows\setupact.log
2015-03-28 14:42 - 2015-03-28 14:42 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-28 14:41 - 2015-03-28 14:41 - 00000000 ____D () C:\Windows\system32\SRSLabs
2015-03-28 14:38 - 2015-03-28 14:38 - 01550528 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-03-28 14:38 - 2015-03-28 14:38 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-03-28 14:30 - 2015-04-10 10:16 - 00002156 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-03-28 14:30 - 2015-04-03 09:15 - 00003240 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2015-03-28 14:30 - 2015-04-03 09:15 - 00003184 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-03-28 14:30 - 2015-04-03 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-03-28 14:30 - 2015-03-28 14:30 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-03-28 13:46 - 2015-04-02 09:13 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-03-28 13:46 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-03-28 13:45 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-03-28 13:43 - 2015-03-28 14:52 - 00001107 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-03-28 13:28 - 2014-02-17 13:41 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2015-03-28 13:19 - 2015-03-28 13:19 - 67940352 _____ () C:\Windows\system32\config\software.iobit
2015-03-28 13:19 - 2015-03-28 13:19 - 40300544 _____ () C:\Windows\system32\config\components.iobit
2015-03-28 13:19 - 2015-03-28 13:19 - 00843776 _____ () C:\Windows\system32\config\default.iobit
2015-03-28 13:19 - 2015-03-28 13:19 - 00024576 _____ () C:\Windows\system32\config\security.iobit
2015-03-28 13:19 - 2015-03-28 13:19 - 00020480 _____ () C:\Windows\system32\config\sam.iobit
2015-03-28 12:38 - 2015-03-28 12:38 - 00002884 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2015-03-28 12:38 - 2015-03-28 12:38 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2015-03-28 12:36 - 2015-03-28 12:36 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2015-03-28 12:35 - 2015-03-28 12:35 - 00000450 _____ () C:\ASCInit.log
2015-03-28 12:29 - 2015-04-04 12:47 - 00000737 _____ () C:\Users\Gene\Desktop\Advanced SystemCare Ultimate Installer.lnk
2015-03-28 12:04 - 2015-04-05 12:21 - 00000000 ____D () C:\Users\Gene\AppData\Roaming\ProductData
2015-03-28 12:03 - 2015-03-28 12:03 - 00000000 ____D () C:\Users\Gene\AppData\Roaming\Apple Computer
2015-03-28 12:02 - 2015-04-05 12:22 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-28 12:02 - 2015-03-28 14:55 - 00001162 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-03-28 12:02 - 2015-03-28 12:02 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2015-03-28 12:02 - 2015-03-28 12:02 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2015-03-28 11:58 - 2015-03-29 15:49 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-28 11:58 - 2015-03-28 14:57 - 00000000 ____D () C:\ProgramData\IObit
2015-03-28 11:58 - 2015-03-28 14:56 - 00000000 ____D () C:\Users\Gene\AppData\Roaming\IObit
2015-03-28 11:57 - 2015-03-28 11:57 - 01262912 _____ (IObit) C:\Users\Gene\Downloads\ASCU_Downloader (1).exe
2015-03-28 11:56 - 2015-03-28 11:56 - 01262912 _____ (IObit) C:\Users\Gene\Downloads\ASCU_Downloader.exe
2015-03-25 12:38 - 2015-03-25 12:38 - 00000000 ____D () C:\Users\Gene\AppData\Local\{BBD3CF02-C492-41DA-87F6-4418DF060345}
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-19 11:37 - 2015-03-19 11:37 - 00000000 ____D () C:\Users\Gene\AppData\Local\{85784DA9-58AB-408C-B8BC-C9C13178385D}
2015-03-16 11:55 - 2015-03-16 11:55 - 00000000 ____D () C:\Users\Gene\AppData\Local\{15F0667E-C32E-43E2-B2EB-EA82D7ADD56A}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-11 09:19 - 2011-05-01 10:40 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-11 09:11 - 2011-05-07 10:16 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-11 08:46 - 2012-04-03 14:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-11 08:28 - 2009-07-13 22:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-11 08:28 - 2009-07-13 22:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-11 08:27 - 2011-03-01 01:44 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A70F3AA6-920E-4295-B68E-A8359F5B55D1}
2015-04-11 08:19 - 2011-05-07 10:16 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-11 08:18 - 2013-05-25 10:37 - 00000352 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job
2015-04-11 08:17 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-10 10:28 - 2013-02-25 11:07 - 00783464 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-10 10:13 - 2010-08-27 19:44 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-04-10 09:52 - 2011-08-04 10:30 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-04-10 09:52 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-04-09 18:28 - 2010-10-16 10:37 - 01557508 _____ () C:\Windows\WindowsUpdate.log
2015-04-07 08:21 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\Help
2015-04-06 12:20 - 2015-01-28 13:54 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForGene
2015-04-06 12:20 - 2015-01-28 13:54 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForGene.job
2015-04-06 11:40 - 2010-08-27 19:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-06 11:21 - 2010-08-27 19:51 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-04-06 11:18 - 2010-08-27 20:13 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-04-06 11:15 - 2010-08-27 20:10 - 00000000 ____D () C:\swsetup
2015-04-05 12:21 - 2009-07-13 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-04 12:43 - 2009-07-13 22:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-04-01 09:00 - 2011-06-07 11:08 - 00000000 ____D () C:\Users\Gene\AppData\Local\Windows Live Writer
2015-04-01 08:59 - 2011-03-10 13:45 - 00000000 ____D () C:\Users\Gene\AppData\Local\CrashDumps
2015-03-31 09:36 - 2012-11-11 16:46 - 00000000 ___HD () C:\$AVG
2015-03-31 09:34 - 2014-12-08 14:14 - 00000971 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-03-28 16:53 - 2011-03-01 01:21 - 00000000 ____D () C:\Users\Gene
2015-03-28 14:03 - 2011-03-01 01:32 - 00001202 _____ () C:\Users\Gene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-28 13:27 - 2010-08-27 20:34 - 00000000 ____D () C:\Windows\Panther
2015-03-28 13:22 - 2013-01-13 11:32 - 00000000 ____D () C:\Users\Gene\AppData\Roaming\Winamp
2015-03-25 12:45 - 2011-03-03 01:26 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-21 09:09 - 2014-06-29 08:39 - 00000000 ____D () C:\Users\Gene\AppData\Local\Adobe
2015-03-21 09:09 - 2012-04-03 14:01 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-21 09:09 - 2012-04-03 14:01 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-21 09:09 - 2011-05-23 11:01 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-20 19:59 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 09:14 - 2009-07-13 22:45 - 00277224 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 09:12 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 09:12 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\Dism

==================== Files in the root of some directories =======

2013-06-26 11:26 - 2013-11-21 11:06 - 0003724 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-02-22 11:55 - 2013-02-22 11:55 - 0000597 _____ () C:\Users\Gene\AppData\Roaming\com.zoosk.Desktop_state.xml
2014-12-21 15:41 - 2014-12-21 15:41 - 0003584 _____ () C:\Users\Gene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-20 16:55

==================== End Of Log ============================
 

Gene321

Thread Starter
Joined
Apr 9, 2015
Messages
35
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-04-2015
Ran by Gene at 2015-04-11 09:26:10
Running from C:\Users\Gene\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4328 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.3.0.885 - AVG Technologies)
BabylonObjectInstaller (HKLM-x32\...\{83AA2913-C123-4146-85BD-AD8F93971D39}) (Version: 2.0.0.2 - Babylon Ltd) <==== ATTENTION
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version: - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Driver Booster 2.2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.2 - IObit)
EarthBrowser (HKLM-x32\...\EarthBrowser) (Version: - )
EMET 4.1 (HKLM-x32\...\{65BC2BDA-D828-4596-99E4-A8799C45C84C}) (Version: 4.1 - Microsoft Corporation)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Download Navigator (HKLM-x32\...\{10F63395-157F-4B93-AB4D-702A2FF11942}) (Version: 1.0.1 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WorkForce 845 Series Printer Uninstall (HKLM\...\EPSON WorkForce 845 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
InboxAce Internet Explorer Toolbar (HKLM-x32\...\InboxAce_1gbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}) (Version: 1.18.17.1 - LightScribe)
magicJack (HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
Media Player (HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\...\Media Player) (Version: - ) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3503 - CyberLink Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.0 - IObit)
Stellarium 0.11.2 (HKLM-x32\...\Stellarium_is1) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1108 - SUPERAntiSpyware.com)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

24-03-2015 09:55:29 Windows Update
28-03-2015 14:37:19 Driver Booster : Realtek High Definition Audio
31-03-2015 09:18:32 Windows Update
03-04-2015 09:19:29 Driver Booster : EPSON WorkForce 845 Series
06-04-2015 10:56:09 Windows Update
06-04-2015 11:19:55 Installed HP Support Assistant
07-04-2015 08:17:49 Windows Modules Installer
07-04-2015 08:19:25 Windows Modules Installer
09-04-2015 09:34:35 Restore Operation
10-04-2015 10:04:06 Driver Booster : Realtek High Definition Audio

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {14B8DE62-35EC-4AA4-A2B7-2DB2AFD1C5A8} - System32\Tasks\Driver Booster SkipUAC (Gene) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit)
Task: {1528ED6F-6584-431C-91FF-65DDFC35650E} - System32\Tasks\Uninstaller_SkipUac_Gene => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {1C797B60-7BE2-4AEE-B6AB-F1B38CA3E7E6} - System32\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe [2013-05-25] (AVG Secure Search)
Task: {2CDAFCDA-F249-47A7-B0A3-09F71D7D00C3} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-03-06] (IObit)
Task: {2D03B85F-A61C-45B0-8370-87666C2899B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {41A2A130-8F6B-470D-A2E9-90849DF13E68} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
Task: {520821E9-042B-4AD0-BAF8-BC751A28715C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.)
Task: {600686FE-2D8B-4A23-90C4-E83066C46B50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {72DB3978-EF93-4BC0-8C66-86A765115D38} - System32\Tasks\{B6551381-082E-4F86-8E16-546617B7FA1B} => Chrome.exe
Task: {85E12038-2180-4BFA-8F62-7D831837ADF9} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit)
Task: {861A7BCF-823F-4A40-88B3-E1552759D954} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {862AF7C9-C6EF-4EC5-97FB-B04DCEFE7D4C} - System32\Tasks\LaunchApp => C:\Program Files (x86)\JustCloud\JustCloud.exe
Task: {88323570-C054-4B16-8348-03569B6B4362} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {B4B8DCAA-B040-439E-BE77-182265989FF9} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit)
Task: {BFCB7221-C71F-40D6-8BD5-8677E2B3CA9A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-21] (Adobe Systems Incorporated)
Task: {C01B370A-FC4A-4A81-A022-720D215D994D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C08853AB-307E-4759-BB45-1175C474433E} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {C6530239-D5CE-45F3-861B-28FE49F0560A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {CD0B77C6-671B-4801-B342-69A5285BF69E} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {D02703A8-ED97-4084-A98C-87A9DF025F85} - System32\Tasks\ASC8_SkipUac_Gene => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
Task: {D82FC2D1-A519-4A5A-AD81-12EC2D886674} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {DD2FFBC1-6B69-47DF-AF7A-D1EE9EC78580} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-02-04] (IObit)
Task: {F16E3FE1-86E6-4B22-BD4B-100F6AD50216} - System32\Tasks\HPCeeScheduleForGene => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {FBCCACB0-D325-4FB8-89BD-7F3B436AB5E0} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {FF092078-7C51-446D-96BA-71C407C978D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForGene.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Loaded Modules (whitelisted) ==============

2013-01-14 15:17 - 2013-01-14 15:17 - 00045056 _____ () C:\Windows\SysWOW64\UTSCSI.EXE
2015-03-05 11:52 - 2015-03-05 11:51 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
2013-01-20 11:01 - 2015-03-05 11:51 - 02503704 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-11-21 10:14 - 2013-11-21 10:14 - 00114176 _____ () C:\Program Files (x86)\EMET 4.1\HelperLib.dll
2013-11-12 09:22 - 2013-11-12 09:22 - 00028672 _____ () C:\Program Files (x86)\EMET 4.1\ReportingSubsystem.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00348160 _____ () C:\Program Files (x86)\EMET 4.1\DevExpress.UserSkins.HighContrast.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00023040 _____ () C:\Program Files (x86)\EMET 4.1\TrayIconSubsystem.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00042496 _____ () C:\Program Files (x86)\EMET 4.1\PKIPinningSubsystem.dll
2015-03-28 14:55 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-03-28 13:43 - 2015-01-09 18:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2011-12-09 14:57 - 2011-02-24 22:08 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2015-03-05 11:52 - 2015-03-05 11:51 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\log4cplusU.dll
2011-12-09 14:57 - 2011-02-15 14:15 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2011-12-09 14:57 - 2011-02-15 14:15 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2011-12-09 14:57 - 2011-02-15 14:16 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2011-12-09 14:57 - 2011-02-15 14:15 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2011-12-09 17:14 - 2011-02-15 13:25 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2014-01-10 12:02 - 2014-08-11 09:49 - 01654296 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
2009-07-13 15:03 - 2009-07-13 19:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2011-12-09 17:14 - 2011-02-24 21:39 - 00658432 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2015-03-28 13:43 - 2015-01-09 18:46 - 00182048 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2015-03-28 13:43 - 2015-01-09 18:46 - 00145184 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2015-03-28 12:02 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-03-28 12:02 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-03-28 12:02 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2013-11-21 10:14 - 2013-11-21 10:14 - 00080528 _____ () C:\Program Files (x86)\EMET 4.1\EMET_CE.DLL
2015-04-04 10:14 - 2015-03-30 15:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-04 10:14 - 2015-03-30 15:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-04 10:14 - 2015-03-30 15:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
2015-04-04 10:14 - 2015-03-30 15:07 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3523205850-2673497747-2435249067-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gene\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Gene^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ZooskMessenger.lnk => C:\Windows\pss\ZooskMessenger.lnk.Startup

==================== Accounts: =============================

Administrator (S-1-5-21-3523205850-2673497747-2435249067-500 - Administrator - Disabled)
Gene (S-1-5-21-3523205850-2673497747-2435249067-1000 - Administrator - Enabled) => C:\Users\Gene
Guest (S-1-5-21-3523205850-2673497747-2435249067-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/10/2015 10:34:28 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/10/2015 10:22:49 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/10/2015 10:20:24 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/10/2015 10:17:48 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/10/2015 10:17:48 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/10/2015 09:51:24 AM) (Source: System Restore) (EventID: 8209) (User: )
Description: System Restore did not run because the system was restarted, lost power, or stopped responding. Additional information: (Windows Update).

Error: (04/09/2015 06:28:37 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/09/2015 06:28:37 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/09/2015 01:13:57 PM) (Source: System Restore) (EventID: 8209) (User: )
Description: System Restore did not run because the system was restarted, lost power, or stopped responding. Additional information: (Windows Update).

Error: (04/09/2015 00:38:30 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid


System errors:
=============
Error: (04/09/2015 09:32:32 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (04/08/2015 09:06:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache service.

Error: (04/08/2015 09:05:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

Error: (04/08/2015 09:05:00 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.

Error: (04/08/2015 09:04:27 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

Error: (04/08/2015 09:03:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

Error: (04/08/2015 08:21:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

Error: (04/07/2015 08:20:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Search service hung on starting.

Error: (04/06/2015 11:19:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%2

Error: (04/06/2015 11:19:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (04/10/2015 10:34:28 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/10/2015 10:22:49 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/10/2015 10:20:24 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/10/2015 10:17:48 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/10/2015 10:17:48 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/10/2015 09:51:24 AM) (Source: System Restore) (EventID: 8209) (User: )
Description: Windows Update

Error: (04/09/2015 06:28:37 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/09/2015 06:28:37 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (04/09/2015 01:13:57 PM) (Source: System Restore) (EventID: 8209) (User: )
Description: Windows Update

Error: (04/09/2015 00:38:30 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid


==================== Memory info ===========================

Processor: AMD Athlon(tm) II 170u Processor
Percentage of memory in use: 80%
Total physical RAM: 1790.49 MB
Available physical RAM: 343.56 MB
Total Pagefile: 3580.98 MB
Available Pagefile: 973.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (COMPAQ) (Fixed) (Total:455.02 GB) (Free:346.51 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.64 GB) (Free:1.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=455 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=10.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 

Gene321

Thread Starter
Joined
Apr 9, 2015
Messages
35
I got my windows 7 password page to finally take my password as it wouldn't type password probably because of the virus, Two friends told me last night to keep hitting F 10 over and over when it was booting up, when I did this I could finally type my password to get into this computer again, how come you guys didn't tell me about this ???
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
As I mentioned before, no password assistance is provided.

Please remove the following program:

Advanced SystemCare 8

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Download AdwCleaner from here. Save the file to the desktop.


NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:

  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this

  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    1. Enable free trial of Malwarebytes Anti-Malware Premium
    2. Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

The log is available throughout History ->Application logs. Please post it contents in your next reply.
 

Gene321

Thread Starter
Joined
Apr 9, 2015
Messages
35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.3 (04.07.2015:1)
OS: Windows 7 Home Premium x64
Ran by Gene on Sat 04/11/2015 at 10:46:41.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] inboxace_1gservice
Successfully deleted: [Service] inboxace_1gservice



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.FeedManager
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.FeedManager.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.HTMLMenu
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.HTMLMenu.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.MultipleButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.MultipleButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.PseudoTransparentPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.PseudoTransparentPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ScriptButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ScriptButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.SettingsPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.SettingsPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ThirdPartyInstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ThirdPartyInstaller.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ToolbarProtector.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\MyBabylonTB_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\MyBabylonTB_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeepInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeepInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeepInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeepInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{68138196-B7FB-42EF-B423-73808D053060}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{82C848BE-55DE-4074-9506-A70E2ADBBF04}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A6AAFEE5-56A8-49E2-B524-921A29FB4506}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{82C848BE-55DE-4074-9506-A70E2ADBBF04}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}



~~~ Files

Successfully deleted: [File] "C:\Users\Gene\desktop\live pc help.lnk"
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf
Successfully deleted: [File] C:\Windows\prefetch\TOOLBARUPDATER.EXE-678CD7F9.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Gene\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Gene\appdata\local\iac"
Successfully deleted: [Folder] "C:\Users\Gene\appdata\local\inboxace_1g"
Successfully deleted: [Folder] "C:\Users\Gene\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Gene\appdata\locallow\funwebproducts"
Successfully deleted: [Folder] "C:\Users\Gene\appdata\locallow\inboxace_1g"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\flvplayer"
Successfully deleted: [Folder] "C:\Program Files (x86)\inboxace_1g"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\pricepeep"
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{0095F261-5193-4AD6-92BB-B3A2D96BD912}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{00ED3502-7873-4A68-BFDE-6FD3ACFCC096}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{018951E5-8DE9-4727-8806-70C72F274624}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{01C678B9-6BB5-4F25-A0A7-4AB0A2A21D52}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{046518EE-0393-4D50-A3CE-017E110C8C7D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{0498C2D4-B037-453A-A58E-A9F2DC55750D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{04D2C692-BA48-4EC5-B00B-E123031066EC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{054535A0-5AD5-4098-8253-389CF97846CC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{05567448-4C87-4A8F-9B79-B15A0E4FB7AC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{059F9509-D441-403C-9821-E65D0BA38360}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{0658A8ED-DA28-4AD1-93C7-49D60AE72EE1}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{074F297C-4A07-4C42-87CD-0AA936B88953}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{08A54F31-9208-40AD-9C00-370C82B5E08A}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{08E695F6-2C25-4C4B-8527-BAEE07827B06}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{098DBAD1-D895-48B0-82BC-B38A05AA052F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{0AB05666-E887-4DAF-9E4B-DC75F282E402}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{0E456A2D-DBED-487B-ADB6-8A9C4F646436}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{0EACF852-6127-48D7-B3E7-30415345306A}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{0F82E3ED-D7B3-4420-AE06-08E8E961EDA6}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{0FF90615-E3B3-42F4-BFE2-AB4EE8210A92}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{11569973-CAD2-4996-A6F3-B417EFAEC0AE}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{11B13713-55B1-4081-9F99-E10391D43055}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{11F9E1E2-69D0-4B8C-83A8-A70F97852B02}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{12CB5DE7-8F4C-4DCA-BFA3-1A45D3322C97}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{1322349C-1C68-4014-B8F5-75FADBC4208E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{13ABCC91-A06E-4E9F-B24E-D036CB318C37}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{1413D228-1661-48C8-AA33-77C385914087}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{14876CCD-1ACA-4A4A-A91E-7BCB65BB0C4E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{155B2DB2-4151-4EFA-AD31-33052426AA67}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{158267C4-2346-4B04-916D-CAEB6A84A8EA}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{15D8D04B-EFED-45E2-ACB5-6148C9E709B7}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{15F0667E-C32E-43E2-B2EB-EA82D7ADD56A}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{16449E82-81B4-46DF-A4A8-A0E937069C0B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{174E8851-657A-4D5D-BB90-4A474287B6AC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{18C6903A-4844-43FB-8410-3F5BFB6ADA95}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{1AD0722A-C345-4E46-92AA-1EE06031EA6A}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{1C08F7B9-F7A5-4168-8D11-8CF6EC8E0410}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{1C4F36BF-EAAC-4CD4-A8DC-2B6B7D75D992}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{1CA72876-47D0-4FCF-AF08-D3626BC6243C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{1E704C70-A86C-4A6C-A0A3-83FDC67714E2}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{1FBCEBDF-E43A-4C6E-B2D6-8A501283C36E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{1FD11639-094A-4ED7-8A6D-704E2AA16A52}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{212635E8-3E9F-4CA6-95EA-59AC7739E083}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{21ACE64F-705B-496A-821C-0E3B76669C73}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{23990581-5F00-4359-B44B-47DEFD498379}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{244F99BA-8FA1-4880-B3FF-492CE7396911}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{24665D9B-836A-4F57-9AF3-2FDFF80BD6EF}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{261D5230-5993-476B-956D-30CEE5ECA0A3}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{268AD695-DF43-427B-AB32-3A440C965DC7}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{26B0BEC1-7C03-4C95-B9BD-E509CAE2AC2C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{286A53A5-C7CC-43A3-8EDA-D60A688594DC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{2900AFE3-3404-4B8D-B831-4DFC85E4A329}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{2A239D93-2E91-4317-B8CF-7B1ECEBF43C6}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{2BCEE34A-7A21-45AE-9B5B-A23842CE9F2C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{2BF3E6DF-C6FA-46B9-BB7B-3CBA1541BE78}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{2CA7D2E4-1709-4EB9-B491-2F21CC9A44C3}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{2DC98D6A-D5FE-4EC2-98FB-9447011EB25A}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{2FCE74DB-BF06-4874-B5A7-E6058C71A1E5}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{2FE9FDFD-2B27-4C90-AAD5-C397F6D6475F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{310664B3-1200-4216-8059-384268CBF6BD}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3214CD0D-FA36-4AC7-8FF9-1F5407913F07}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3289FA21-E9E0-4EFB-9FD0-9529E97D0794}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{32D54A3B-364B-4E28-BADA-3EE553FA1CB9}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{33D6D368-D739-49CE-87E7-E35E48ABE0A5}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{347DF475-3C9D-4C94-806A-1D6036097C70}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{34EBBE90-4D7F-40B6-B92A-53A7943564B8}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3520F355-FA2B-4343-B557-CA69CD7D8822}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{354CD5C4-59BD-48DD-9FC6-A651145AE754}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{35CE42C0-2A54-4C67-A14E-F23E33A0FB54}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{36F48AB9-7743-4115-B2B6-3D2EFF0A4E1F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{37330712-AC12-4FDA-93F4-599EEB0B6FDC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{385E7817-1E8D-4BEE-9D39-E2ED8A57F3C7}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{390A0D0D-36FB-4615-8661-6472366EF44D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3BBF5E33-2A0D-4A8D-92C9-52594DC24599}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3BDB45DA-E7BE-4EF3-AE51-55B68805F88A}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3CB6296A-15FA-45CC-926B-199A2FA9540B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3CB6F310-38CA-435A-B870-FFEB61E6616F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3E099001-C386-48C3-9F55-9A5F409C1A15}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3E5A6E68-DBC1-486C-860B-08072B36A467}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3E76669D-2D38-48A0-8623-73DFB4AEE2CC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{3EA5A21B-06A3-4A87-9F34-7654492ABEA0}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{409E2C8E-5B03-40DF-9089-7EF6402B8D1F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4136264D-EF4A-468D-A97C-1FD2B5F87F82}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{415777CF-81FC-4266-9AF3-DAC3CDA11045}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{42A6A24F-24FA-4E32-854C-2F30E2274D6E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{42ED8CF4-9C7F-42C7-AFFE-5CAA4338B184}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{43079D1B-C307-4ABC-901E-94D9B27D1FDD}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{43C2A8C8-D05A-4B30-8632-9978AB4DDF84}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{450609EC-2B1F-4AA4-BAF5-EDDB521A39BB}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{45EAFF14-2A18-4DE7-A3E7-B1F80E99CEA5}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{46C40ECE-0668-4E92-A458-02AA420D6ED4}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{46CCCC4F-7231-4EEB-A3B6-853C5546E0CF}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{47EF66EA-9165-43B1-B780-B5724BA3FC5D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4815B3FB-CE9C-4227-9718-1313C36368A4}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4824F7A8-D8FB-4F8F-915F-B6A255E690E4}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{496D685E-CBA0-45A4-ACB9-EE58F253089E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{49DFB357-5FA0-4097-A7CF-22D3702C56FE}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4AE0C2BD-0F28-4B48-802B-93ACF9CB1209}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4BB59D60-0369-4AD1-ACF2-CCD346E9A443}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4C13F290-E8B1-4742-A3C0-2E8BE8AA0985}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4C555C57-7D0B-49A7-871D-FAB3CD9FD9DA}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4C7AAD26-AA7D-4EA0-B26C-E3CC93822D3C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4CD2EFEB-DD09-4CBE-B8CB-E95CB571A4C8}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4E917FC3-7A8C-4F0F-A432-69AFD2D17548}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4EA206BD-2390-4B0A-9968-4900D75C3BD9}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{4F9B8C2E-0493-479F-A13D-A0A83DA248B7}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{5096A681-E18F-4FB7-9B1E-36C8FF5E77DE}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{50E54553-E102-4E58-ABE0-8BDD2B4550A6}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{52383E20-0317-4E48-99A4-0D6F27E1680C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{53FD8F4C-6339-4C23-9CCB-AA75DE57C6B5}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{5629DFF7-43C0-44B0-930B-7219C78EB9AA}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{570845C7-F625-43A8-A098-5857C7B1DB3E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{574FA740-6488-4D77-9BAB-F069C1AE7831}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{5832D258-6F0D-4FC9-9E74-9AA5CE4D128D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{59CF79BE-DF72-4661-B69D-19BB2DF6E2B5}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{5AD1ADA8-2009-423C-B9C6-8EE23DC6DE35}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{5B82CA9C-6FFC-4F87-9A3E-70DB8BD82B00}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{5BB8B7C7-E34F-4255-96C5-90D76B2BC145}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{5C975280-DF3D-4A83-9F21-0D69B51CD766}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{5ECCFECE-B969-4477-8B91-820357188A7F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{60CDFF75-0117-48D1-8B1A-88597269691F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{613217E9-D760-4FC0-BB2E-7604F894D8AA}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{617C3FFE-6C92-409C-90EA-271328EEE0E6}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{6280F016-5E26-4A86-997F-9BD3DC394133}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{63AD47B6-77B2-49F0-8A6C-5613F38AA277}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{656DF790-442B-4D5E-BB33-6EC7AB1CB640}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{65D9770E-5078-4DEA-A0C4-41FCBDA06393}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{66246C52-ED2F-4E84-A0EE-25B40C708886}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{66931F61-7E52-4E94-88A8-85C3D52FA36D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{66F47547-D80B-4837-A39A-922CE5BF5F3D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{69DE0D34-95B9-4DC4-A499-BF568E135E6E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{69E3ACA9-46EE-4AA9-8BD9-75466E1EC0ED}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{69EF5F9C-6F79-4D97-B7BB-203AAEAE700C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{6B50DCF8-C1D0-42E6-A451-557A3E2F2113}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{6B63EE52-D1CB-4482-B071-5B46EE48BE5C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{6C4E6261-74A2-4EF2-B9F9-A14267D84959}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{6DEF8BD7-3AAD-4BB5-9701-9FAFDA2DCDF4}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{6DFB8389-CF3C-46D7-A93A-AF61E9AA053E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{6F9B9F90-709E-40E0-B3E5-75827DAFB5E9}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{6FD5AD8A-4296-4A25-A93C-902E8014A693}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7015AC07-C684-4B70-9D74-6E672D61A55C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{71422556-0529-4C41-908C-C6AFA689E15C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7144C946-C4E0-4A89-A7A5-F10BBD4AB040}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{717EB014-CC30-4E50-8A3B-F000D692BA54}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{72821DBA-2A29-4643-9895-1A4988B6F667}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{72EE59E4-AF78-4EE5-81D3-F3878F659052}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7325D75D-2ADA-4AB9-A8E3-D85DEFF1516B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{73CD405E-9AD2-4B3A-A44D-C60C2797343C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{74C7295F-C176-464B-A8CA-C3C735ACBF24}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{750F1834-78D9-410F-BA66-B66573CD6DAE}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{75B334E3-5E16-48F6-AD79-ECDE6AA7B71A}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{75D060C6-8D0D-437C-8C0D-3F3674DB5859}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7676DA9B-A002-48D5-B516-9866DA2684A9}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{774A96E9-CACF-4AC3-BC5C-6BE0BB4CC963}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{79201423-A755-4DBF-BD5D-81B75B2E59EB}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{799DE0A6-98BC-45F9-8F3A-133AFFB52E15}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{79F6616D-3C67-48D8-BD2C-B78E9170BD88}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7A02634B-5DBA-4874-BA31-FF90B7DA0972}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7C171AEA-C29E-48D8-9D8B-5D57C8BBF8E3}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7D4AA8C1-3C38-4392-931E-864AD211B47D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7EFE2443-2475-4C29-8CED-7F0F490F6CA6}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7F1DD738-7F8A-464D-8BF1-7CAD0E1CC78A}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7F254A09-907F-41FF-B6B2-EF2D0559AAA8}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{7F6E12C9-0CEF-483F-B050-170BB65FBEFF}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{803F7C1F-B0C5-426D-B153-77FC8CBDEE70}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{80819E25-D982-447C-A809-24AFFCC0128F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8176EF54-54B5-4E99-9E98-22A6C00B112D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{817F04F5-DEB0-4E44-8143-F19BCFDB64CE}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{81966057-506C-42BC-943A-3C5E8957A0F6}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{824F346D-E9CB-4539-9551-F3A32FE2EDF8}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{82A9122C-AC26-49E6-A09C-2DD6BA4A36E2}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{835B9991-E504-4A9C-8A72-29C6B091C5C0}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{85784DA9-58AB-408C-B8BC-C9C13178385D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{85863994-809E-4521-BAB7-374A12EA815F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{859CE557-2C30-469F-9BBA-E4BCDF5FFC06}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{85F3A283-90AD-49F5-8F48-8BE37F54CF01}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{86856AC9-BBB2-47FB-8364-CCE7ED8642CF}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{86C5577C-7753-4546-B614-F40E089EFDBE}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{87227134-441C-4136-B40E-EE66E59A3077}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8749290C-BACF-4926-94F9-91A0683BC63E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{87635DDB-CB4B-4431-A3BA-4E231C4009C0}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{88502E41-5092-4114-9B69-9BAA05A72A53}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{89346DA5-E960-4462-ABFC-5162A96705FD}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8A3CD6AB-92B1-4B4F-9725-B27C39770848}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8A463946-CFFE-4AC5-BBEC-D6258D6E6D75}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8A7F5862-083B-4845-AC12-0FF765E35AFD}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8A9B2F13-E961-4CCE-BA50-4C3C3C0E4943}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8BBFC2E6-EA16-44C6-9251-57DEB1E7553E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8C435F9D-50DD-47E7-A379-AB854B366495}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8C57F7E2-4BEB-43F1-AD8F-CE219BFCBD9C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8DA6C202-1D03-44C5-8BC4-CCF453F5D157}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8E4D7406-2FBF-460E-9E6C-4922B6D039AF}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{8E57FBA3-228A-46F1-9C10-41A526428EDC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{90EF2FE7-942B-4B24-881F-12FED6D1CCE4}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{91AC51ED-F30B-48DA-AFD2-3266D4CCD88B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{91E8E72F-4E12-47B7-A12F-DB9A3969F5FB}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{9303437E-4D38-4AFA-9D05-D7DB9D252712}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{930A944C-EA05-4D69-A227-B48FF1C071AC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{9396DA5E-D33C-4FAC-9C91-EC1847012A22}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{9405098D-80BE-4675-879F-4F54107C807B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{94E951DD-F38B-4A06-AC3B-221B93901EE1}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{9506F323-8FD4-46B0-84E7-651EE1EB7C24}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{96391977-F723-4A87-A6B0-BC36E6A69881}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{978DE271-A7E6-4D28-AB36-D094D8F8AED2}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{97DEC13B-3AF1-4668-8046-7975F2601881}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{9AA91CD5-8EC0-4B36-B36D-B0C55537FAC6}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{9C982054-8B57-4379-9BDC-23DED06521AC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A04A32D6-245D-43B6-BC9C-76BFE6F5E683}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A1262B44-3FFA-43CB-AAAE-8B3B060CBCF6}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A2AA2DA4-C7E0-4C05-8107-E1D015C13AE0}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A2EED455-C9AD-4281-8DD4-FF7CE57DC59F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A33C568D-BD1D-4EA1-8C9A-AF8B8FE11347}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A36CBA5F-5697-443B-8AAA-66AD0E5B08F4}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A3899252-1F23-46A1-B187-2E565DD67E01}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A41EBAE9-BBCB-4001-A527-63D8FA7F32C1}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A485A7F2-732A-4AEB-A36C-D65CFC4784C1}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A4B54774-46CD-4C27-86A0-88D8193A6E31}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A5067CEF-9ED9-44A3-AD89-CA1D3F80C52C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A62EDB3C-09AD-46A5-BB23-0D9768F567F4}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A66FE791-4DB0-4605-9E2B-81D945A5D158}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A705968D-92AF-455B-8140-ED04EA7C5B87}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A710A5AD-08A0-48A8-9126-FC9514B455C7}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A8F98DC5-B141-4460-BADA-0EB2B2D76165}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A975590D-2C87-4A93-9BB4-7A886A787A32}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A979F248-65F8-47E4-8F95-45AA89528C77}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{A98A3B12-8995-42B8-B809-86FF5D8F8CD5}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{AA6BA085-9D80-4DD5-9E41-BFEE04B6FFB0}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{AAA9FA65-CBB0-4679-B430-C704A6411C65}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{AD2BE8EA-F010-40DE-9ACC-E1E8F5C019D7}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{ADA385DA-C385-4047-8B6F-AEB538545AC0}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{AE5E57E5-3AA4-439E-81A4-F6556017E968}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{AE684CAB-994E-410D-8D91-AA91A581B24F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{B0839596-401C-4736-A754-A2ADD0FAAF9D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{B194412E-8ADF-415E-8903-465A15B6AF4B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{B1DBBE40-999E-4C97-9A21-167C73CDA4AF}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{B261A01E-DD82-4982-85BC-3C05BEFE57DB}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{B312355E-8F20-481C-ADE2-23FB777A19BE}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{B3FB5D9E-8C2F-46C2-A135-E0A90A9F99F9}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{B4F75557-3412-414E-B3A7-F6A433D6EDD7}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{B6DD9DBD-2738-4559-9C94-3C853DFD3C9F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{B8C3A840-89DB-4C3D-A25B-D62D53BCA2FC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{B9A21E7F-D938-4B58-A886-6F22F14CCC28}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{BA1124DF-386C-4C78-8C02-A4E445AC5C4C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{BAFE49D1-634F-4763-A30C-FC055EB94CF1}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{BBD3CF02-C492-41DA-87F6-4418DF060345}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{BC2A438E-07AD-4735-B7E2-B1E4EF845228}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{BC2B8261-20BE-43F7-ABAD-4BD0A43203CF}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{BD1C5608-8024-4D05-9419-3960668208BD}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{BD4139F8-5918-4BBC-A7D5-AAE117345F28}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{BD6242D5-85C0-49B4-9C7C-EEA92BAF9259}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C0871825-324D-4BBB-8269-9338D50E8725}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C2C60624-B936-4E5E-AF87-AC5A34C8A9CD}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C41C200F-6677-4C87-86FA-285951CA90F0}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C4DEB6B8-3B89-47E8-9A88-22E57D221831}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C54E9058-CF04-4F90-809A-0A8B89732775}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C58D3FC0-7706-4D3E-AC4A-DAF901339E93}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C72AC00C-40F5-48FE-9AE6-824A6EBF2584}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C72E976C-59BD-4C4C-9F58-68525847E923}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C8086EAA-497E-423D-BC7F-B5105CBBE30C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C84D9C73-08C0-4E3A-B847-A251B013A59C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C92A4E5A-3BF2-4690-AFDE-715C85A0F6FB}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C9321409-4CAD-4316-8EC3-C5999FC5C703}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{C9A2F0F2-2C3C-401E-B869-6A2AA3AC8C63}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{CA05DF4D-8247-456A-8E90-5C31FF31892E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{CACB557D-0F65-460D-B01F-713BA575B44B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{CC759CE4-1379-4606-92D6-18CC19E37709}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{CC83AE04-FFB2-4F6B-9ADE-1FA876105E24}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{CD66CBC3-4C64-408C-BA64-6005AB85F6CC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{CDB02627-EFE5-4C68-A14C-2F6720296613}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{CE0EB937-1F82-4398-A075-B8F7786BA281}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{CF54BC8C-ACD3-458B-9C1F-E1243539166D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{CF7FC4FB-74FD-44C0-8140-251E06628944}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{D122333E-0559-4914-ABFE-BCFF275D63A8}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{D1FDAB00-5029-4F24-AAD8-DA4C7D9F8F19}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{D43DDEA0-EC8F-4697-B911-F0756CD76BF4}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{D477E7D2-9317-4C21-ADC6-64CB10ECCA80}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{D684D394-11B3-4510-B752-9B1E4D56B2FE}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{D6FD42BC-8768-4E04-90ED-4DBB95896D58}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{D75C5596-F6AE-42F6-A65E-24E82F9D3861}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{D89FE433-80F6-469C-A3D4-4D1A56F98991}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{D944437B-17A4-4CDC-89B3-A1372139C0CD}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{D9590961-67ED-4A2C-802D-70F2F31E031B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{DAA8C6F8-FE59-41BF-89B1-7EA99F57D497}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{DC6E229F-6D11-4514-B89D-1D67634B9664}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{DDE6A686-8F0A-4D2F-AE2D-63CA9AB3D685}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{DE6EBF0A-FCE6-4213-9BA3-98C363085D97}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{DE8D48C6-5FF6-4351-8D03-F7550B295389}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E3022E3B-3213-4F37-8F0F-780ADDE8CB93}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E31EB2A9-A755-47D5-AFAF-9413078459B6}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E34F42E9-FD8F-4E78-ADB6-92BE80A70FF0}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E3ADDA66-3496-4813-97A2-54FF2D6D893D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E3E99230-D430-4915-A05A-AC633424247E}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E52CDCBA-8A81-414B-AE7C-186B2C00D6BE}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E56314A2-9FC5-4708-8426-42AA37693642}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E6604D18-3B50-4C61-A918-5DF876CE4588}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E6A300BC-5784-421D-A510-2D6EBC3283EC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E6D818F9-41EE-48AB-9A87-83B6D769DAB5}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E70F4D83-668C-473B-883F-1A85DAA7536D}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E8E05800-09BC-4A2C-9134-E95487189DBC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{E914BAA7-6CC1-47EE-AD0E-E403CF04F71C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{EAF2A0B3-137B-41D0-B8FD-603A5B8130EE}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{EC4FC052-D758-4323-868E-EF49F1895D5A}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{EE1BDA65-FCDB-4AF8-82F1-004581BE74FD}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{EF347078-4E0D-4602-BE74-A394DF807DD7}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F0415FA9-F3D9-49F0-9EC6-F835B94EFE8C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F096AE2C-2223-41A0-9616-7DC0FD2341F7}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F0C651CD-C762-44A1-BD94-EA265F70E1B0}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F157F2E2-3B64-4363-85E3-2E7D3A9D096B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F226C317-7B78-4D1F-AAA8-D649DB44F1A9}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F2C3470D-AFEB-4EE2-835B-5A5B9D226486}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F4BCF2E0-B705-4D98-B76A-9F16FA226D46}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F5F03558-290B-4FC4-B729-D71F2069CD2A}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F5F1B4A1-3557-4308-B618-466B548CAA52}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F678ACC0-C46F-4A7B-8120-D428E99BFE3C}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F7A2D4FC-181E-4AFB-9D82-772ABC30089B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F8A6E2AC-84A1-4DC4-B604-2996F5DF19DC}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F8AB80D8-8BAB-4767-864F-1BC7954E7F81}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F9EBFA4E-5A6C-480A-8E2B-7F03B880B396}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{F9FF39C6-2C9B-47AA-BB06-61B1E236A79F}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{FCDF5B70-6254-4A5D-9D87-7994B0B9440B}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{FEEB1201-7472-42EF-AE64-26E59E94F8B6}
Successfully deleted: [Empty Folder] C:\Users\Gene\appdata\local\{FF203E94-6007-4225-8EFB-3733B331FBC3}



~~~ Chrome

Failed to delete: [Folder] C:\Users\Gene\appdata\local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 04/11/2015 at 11:06:06.87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Gene321

Thread Starter
Joined
Apr 9, 2015
Messages
35
When I did the CDW Cleaner two items were there - Yahoo AU service and vToolbar Updater 18.3.0. I unchecked them both and than clicked on clean. Was that the correct thing to do ?
Heres the following# AdwCleaner v4.201 - Logfile created 11/04/2015 at 11:32:38
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Gene - GENE-NUMSKULL
# Running from : C:\Users\Gene\Downloads\adwcleaner_4.201.exe
# Option : Cleaning

***** [ Services ] *****

[x] Not Deleted : YahooAUService
[x] Not Deleted : vToolbarUpdater18.3.0

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Uninstaller
Folder Deleted : C:\Users\Gene\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Gene\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Gene\AppData\LocalLow\Yahoo! Companion
Folder Deleted : C:\Users\TEMP\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\TEMP\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage
File Deleted : C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage-journal
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\System32\roboot64.exe

***** [ Scheduled tasks ] *****

Task Deleted : AVG-Secure-Search-Update_MAY2013_TB_rel
Task Deleted : LaunchApp

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DealScout.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3775AFD7-5921-4571-968F-85A631203D1C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3775AFD7-5921-4571-968F-85A631203D1C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3775AFD7-5921-4571-968F-85A631203D1C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3775AFD7-5921-4571-968F-85A631203D1C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{5FDB0CD8-5760-44D1-8D13-A78BF558C3C7}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{82C848BE-55DE-4074-9506-A70E2ADBBF04}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Tune
Key Deleted : HKCU\Software\CoinisRS
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\I Want This
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ImInstaller
Key Deleted : HKLM\SOFTWARE\nationzoomSoftware
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tune
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v41.0.2272.118

[C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
[C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
[C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : hxxp://www.nationzoom.com/?type=hp&ts=1385929753&from=tugs&uid=126614527_1052515_A8E7A37C
[C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : dhkplhfnhceodhffomolpfigojocbpcb
[C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
[C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : mpfapcdfbbledbojijcbcclmlieaoogk

*************************

AdwCleaner[R0].txt - [16227 bytes] - [11/04/2015 11:29:20]
AdwCleaner[S0].txt - [15191 bytes] - [11/04/2015 11:32:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15251 bytes] ##########
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
When I did the CDW Cleaner two items were there - Yahoo AU service and vToolbar Updater 18.3.0. I unchecked them both and than clicked on clean. Was that the correct thing to do ?
They are part of AVG Secure search, which in turn is a redirector. I would remove them.

Run Malwarebytes Antimalware and post its report.
 

Gene321

Thread Starter
Joined
Apr 9, 2015
Messages
35
First off I don't see the post I last sent yesterday about the Malwarebytes data here.
Starting to think this house is haunted LOL. Computer worked flawlessly yesterday when I ran the scans and sent in the reports, well looks like the last one is missing but every time I take the computer, mouse, screen, & typing pad back upstairs where I normally have it I still can't type into my blue window 7 password screen, I"ve done this 3 times and every time it works down stairs but not upstairs. I know you arn't allowed to work on password issues but this issue is really got me scratching my head, The old XP machine that I hooked up upstairs to first talk to you guys works just fine upstairs !!! This is one for the books.
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Perhaps keyboard problems? F10 is not helping? If able to boot, go to User Accounts and remove your password. Logon straight in, without a password..
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Members online

Top