« previous next »
Pages: [1]

Author Topic: nativemessaging on chrome  (Read 1287 times)

Offline x_breath_x

  • Jr. Member
  • **
  • Posts: 80
  • Karma: +0/-0
    • View Profile
nativemessaging on chrome
« on: January 17, 2014, 10:10:40 PM »

hey sorry about my last topic. i had the computer traded. i just figured itd be easier. however this computer has some slike problems. i dont know why maybe its something ive downloaded.


 


the hijackthis didnt work agan so ive done a scan with otl.


here is the otl.txt first and then extras.txt


 


 


 


 


OTL logfile created on: 1/17/2014 8:40:40 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\\Users\\Kaila\\Desktop

 Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16750)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

1013.09 Mb Total Physical Memory | 531.36 Mb Available Physical Memory | 52.45% Memory free

3.10 Gb Paging File | 1.08 Gb Available in Paging File | 35.01% Paging File free

Paging file location(s): ?:\\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files

Drive C: | 219.79 Gb Total Space | 163.52 Gb Free Space | 74.40% Space Free | Partition Type: NTFS

 

Computer Name: JOHN | User Name: Kaila | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014/01/17 20:38:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Kaila\\Desktop\\OTL.exe

PRC - [2013/12/20 19:14:09 | 003,764,024 | ---- | M] (AVAST Software) -- C:\\Program Files\\AVAST Software\\Avast\\AvastUI.exe

PRC - [2013/12/20 19:14:09 | 000,050,344 | ---- | M] (AVAST Software) -- C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe

PRC - [2013/09/27 21:41:39 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\\Program Files\\Common Files\\AVG Secure Search\\vToolbarUpdater\\17.0.1\\ToolbarUpdater.exe

PRC - [2013/02/05 12:10:48 | 000,581,624 | ---- | M] (NTI Corporation) -- C:\\Program Files\\NTI\\NTI Backup Now EZ\\BackupNowEZtray.exe

PRC - [2013/02/05 12:10:46 | 000,046,072 | ---- | M] (NTI Corporation) -- C:\\Program Files\\NTI\\NTI Backup Now EZ\\BackupNowEZSvr.exe

PRC - [2012/11/22 20:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\taskhost.exe

PRC - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () -- C:\\Program Files\\Motorola Mobility\\Motorola Device Manager\\MotoHelperService.exe

PRC - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\\Program Files\\Motorola Mobility\\Motorola Device Manager\\MotoHelperAgent.exe

PRC - [2011/10/18 16:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\\Program Files\\Common Files\\mcafee\\systemcore\\mfevtps.exe

PRC - [2011/10/18 16:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\\Program Files\\Common Files\\mcafee\\systemcore\\mfefire.exe

PRC - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\\Program Files\\Motorola\\MotForwardDaemon\\ForwardDaemon.exe

PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\explorer.exe

PRC - [2010/11/12 00:24:10 | 001,602,344 | ---- | M] (ELAN Microelectronics Corp.) -- C:\\Program Files\\Elantech\\ETDCtrlHelper.exe

PRC - [2010/11/12 00:24:08 | 001,812,264 | ---- | M] (ELAN Microelectronics Corp.) -- C:\\Program Files\\Elantech\\ETDCtrl.exe

PRC - [2010/08/10 03:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\\Program Files\\Launch Manager\\LManager.exe

PRC - [2010/08/10 03:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\\Program Files\\Launch Manager\\dsiwmis.exe

PRC - [2010/08/10 03:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\\Program Files\\Launch Manager\\LMworker.exe

PRC - [2010/06/11 16:28:06 | 000,715,296 | ---- | M] (Acer Incorporated) -- C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe

PRC - [2010/06/11 16:28:02 | 000,735,776 | ---- | M] (Acer Incorporated) -- C:\\Program Files\\Acer\\Acer ePower Management\\ePowerSvc.exe

PRC - [2010/06/11 16:27:54 | 000,469,536 | ---- | M] (Acer Incorporated) -- C:\\Program Files\\Acer\\Acer ePower Management\\ePowerEvent.exe

PRC - [2010/03/11 00:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\\Program Files\\EgisTec IPS\\PmmUpdate.exe

PRC - [2010/03/11 00:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\\Program Files\\EgisTec IPS\\EgisUpdate.exe

PRC - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\\Program Files\\Acer\\Acer VCM\\RS_Service.exe

PRC - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\\Program Files\\Acer\\Acer Updater\\UpdaterService.exe

PRC - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\\Program Files\\Acer\\Registration\\GREGsvc.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2013/12/20 19:14:12 | 019,336,120 | ---- | M] () -- C:\\Program Files\\AVAST Software\\Avast\\libcef.dll

MOD - [2013/02/05 12:11:18 | 000,465,824 | ---- | M] () -- C:\\Program Files\\NTI\\NTI Backup Now EZ\\sqlite3.dll

MOD - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\\Program Files\\Motorola Mobility\\Motorola Device Manager\\MotoHelperAgent.exe

MOD - [2012/08/27 23:33:32 | 000,087,912 | ---- | M] () -- C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\zlib1.dll

MOD - [2012/08/27 23:33:08 | 001,242,512 | ---- | M] () -- C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\libxml2.dll

MOD - [2009/05/20 00:02:04 | 000,072,200 | ---- | M] () -- C:\\Program Files\\Launch Manager\\CdDirIo.dll

 

 

========== Services (SafeList) ==========

 

SRV - [2013/12/20 19:14:09 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe -- (avast! Antivirus)

SRV - [2013/12/13 19:20:00 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\System32\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/09/27 21:41:39 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\\Program Files\\Common Files\\AVG Secure Search\\vToolbarUpdater\\17.0.1\\ToolbarUpdater.exe -- (vToolbarUpdater17.0.1)

SRV - [2013/05/26 22:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)

SRV - [2013/02/05 12:10:46 | 000,046,072 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\\Program Files\\NTI\\NTI Backup Now EZ\\BackupNowEZSvr.exe -- (NTI BackupNowEZSvr)

SRV - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () [Auto | Running] -- C:\\Program Files\\Motorola Mobility\\Motorola Device Manager\\MotoHelperService.exe -- (Motorola Device Manager)

SRV - [2011/10/18 16:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\\Program Files\\Common Files\\mcafee\\systemcore\\mfevtps.exe -- (mfevtp)

SRV - [2011/10/18 16:28:34 | 000,160,608 | ---- | M] () [Auto | Running] -- C:\\Program Files\\Common Files\\McAfee\\SystemCore\\\\mfefire.exe -- (mfefire)

SRV - [2011/10/18 16:28:18 | 000,166,288 | ---- | M] () [Auto | Stopped] -- C:\\Program Files\\Common Files\\McAfee\\SystemCore\\\\mcshield.exe -- (McShield)

SRV - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\\Program Files\\Motorola\\MotForwardDaemon\\ForwardDaemon.exe -- (PST Service)

SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\\Program Files\\WildTangent Games\\App\\GamesAppService.exe -- (GamesAppService)

SRV - [2010/08/10 03:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\\Program Files\\Launch Manager\\dsiwmis.exe -- (DsiWMIService)

SRV - [2010/06/11 16:28:02 | 000,735,776 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\\Program Files\\Acer\\Acer ePower Management\\ePowerSvc.exe -- (ePowerSvc)

SRV - [2010/05/26 21:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\\Program Files\\EgisTec MyWinLocker\\x86\\MWLService.exe -- (MWLService)

SRV - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\\Program Files\\Acer\\Acer VCM\\RS_Service.exe -- (RS_Service)

SRV - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\\Program Files\\Acer\\Acer Updater\\UpdaterService.exe -- (Updater Service)

SRV - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\\Program Files\\Acer\\Registration\\GREGsvc.exe -- (GREGService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | System | Stopped] -- C:\\Windows\\system32\\drivers\\SBREdrv.sys -- (SBRE)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\motusbdevice.sys -- (motusbdevice)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\Motousbnet.sys -- (Motousbnet)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\motswch.sys -- (MotoSwitchService)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\motccgpfl.sys -- (motccgpfl)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\motccgp.sys -- (motccgp)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\motfilt.sys -- (BTCFilterService)

DRV - [2013/12/20 19:14:56 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\aswstm.sys -- (aswStm)

DRV - [2013/12/20 19:14:16 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\aswSnx.sys -- (aswSnx)

DRV - [2013/12/20 19:14:16 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\aswSP.sys -- (aswSP)

DRV - [2013/12/20 19:14:16 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\\Windows\\System32\\drivers\\aswVmm.sys -- (aswVmm)

DRV - [2013/12/20 19:14:16 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\aswRdr2.sys -- (aswRdr)

DRV - [2013/12/20 19:14:16 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\\Windows\\System32\\drivers\\aswMonFlt.sys -- (aswMonFlt)

DRV - [2013/12/20 19:14:16 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\\Windows\\System32\\drivers\\aswRvrt.sys -- (aswRvrt)

DRV - [2012/08/23 08:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV - [2012/08/23 08:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2012/03/26 16:50:12 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\netaapl.sys -- (Netaapl)

DRV - [2011/10/15 15:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\\Windows\\System32\\drivers\\mfehidk.sys -- (mfehidk)

DRV - [2011/10/15 15:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\mfefirek.sys -- (mfefirek)

DRV - [2011/10/15 15:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\mfeavfk.sys -- (mfeavfk)

DRV - [2011/10/15 15:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\\Windows\\System32\\drivers\\mfewfpk.sys -- (mfewfpk)

DRV - [2011/10/15 15:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\mfeapfk.sys -- (mfeapfk)

DRV - [2011/10/15 15:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\mferkdet.sys -- (mferkdet)

DRV - [2011/10/15 15:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\mfenlfk.sys -- (mfenlfk)

DRV - [2011/10/15 15:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\mfebopk.sys -- (mfebopk)

DRV - [2011/10/15 15:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\cfwids.sys -- (cfwids)

DRV - [2010/12/03 00:30:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\nx6000.sys -- (MSHUSBVideo)

DRV - [2010/11/20 03:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\winusb.sys -- (WinUsb)

DRV - [2010/08/24 03:55:52 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\L1C62x86.sys -- (L1C)

DRV - [2010/07/15 15:57:36 | 001,906,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\athr.sys -- (athr)

DRV - [2010/06/17 00:50:38 | 000,082,768 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\EUCR6SK.sys -- (EUCR)

DRV - [2009/07/13 17:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\vwifimp.sys -- (vwifimp)

DRV - [2009/06/02 21:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV - [2009/06/02 21:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV - [2009/06/02 21:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV - [2008/05/06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\wdcsam.sys -- (WDC_SAM)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\\..\\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://start.funmoods.com/results.php?f=4&q=\'>http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzuzzzzzy0F0F0AtDyDtByB0FyBtA0ByE0EtN0D0Tzu0CtByEyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=672521081

IE - HKLM\\..\\SearchScopes\\{507E350E-949D-BB7D-314C-7539CF247C38}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox



IE - HKLM\\..\\SearchScopes\\{EEE6C360-6118-11DC-9C72-001320C79847}: \"URL\" = http://search.sweetim.com/search.asp?src=6&q=\'>http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005

 

 

IE - HKU\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0

 

IE - HKU\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0

 

 

 

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Backup.Old.Start Page = http://acer.msn.com\'>http://acer.msn.com

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://search.findwide.com/?guid=\'>http://search.findwide.com/?guid={FAD49E06-D413-4B08-8349-8A71DBFA0C8C}&serpv=22

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Search Bar = www.bing.com

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Search Page = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_def&mntrId=AC9F929FFA0527F7&affID=115076&tsp=5114\'>http://www.buenosearch.com/?babsrc=HP_def&mntrId=AC9F929FFA0527F7&affID=115076&tsp=5114



IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\URLSearchHook: {96f454ea-9d38-474f-b504-56193e00c1a5} - SOFTWARE\\Classes\\CLSID\\{96f454ea-9d38-474f-b504-56193e00c1a5}\\InprocServer32 File not found

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}


IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://start.funmoods.com/results.php?f=4&q=\'>http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzuzzzzzy0F0F0AtDyDtByB0FyBtA0ByE0EtN0D0Tzu0CtByEyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=672521081

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\SearchScopes\\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: \"URL\" = http://www.buenosearch.com/?q=\'>http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_def&mntrId=AC9F929FFA0527F7&affID=115076&tsp=5114

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\SearchScopes\\{18E7AACF-9B3E-46E8-8382-BAB463727B5E}: \"URL\" = http://search.yahoo.com/search?p=\'>http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10743

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\SearchScopes\\{2ED3B46A-A91C-47C9-92D7-3EF05BB5429B}: \"URL\" = http://www.mysearchresults.com/search?c=2652&t=01&q=\'>http://www.mysearchresults.com/search?c=2652&t=01&q={searchTerms}

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\SearchScopes\\{50349BBE-F1B2-4659-B85A-16401AF9064C}: \"URL\" = http://search.findwide.com/serp?guid=\'>http://search.findwide.com/serp?guid={FAD49E06-D413-4B08-8349-8A71DBFA0C8C}&action=default_search&serpv=22&k={searchTerms}

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\SearchScopes\\{6F47C78D-F91C-4A9E-9641-012D759138CA}: \"URL\" = http://search.conduit.com/ResultsExt.aspx?q=\'>http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN29404707102509210&UM=2

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\SearchScopes\\{95B7759C-8C7F-4BF1-B163-73684A933233}: \"URL\" = http://isearch.avg.com/search?cid=\'>http://isearch.avg.com/search?cid={93571EB7-16F3-4270-AB3A-4EAC59A4339E}&mid=d70f5103086f47d0a7d443d6bce1ce04-b15497609ebbdddff297f5f09ac63dcb18fcd1a3&lang=en&ds=ft011&pr=sa&d=2012-10-14 16:15:50&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}




IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\SearchScopes\\{EEE6C360-6118-11DC-9C72-001320C79847}: \"URL\" = http://search.sweetim.com/search.asp?src=6&q=\'>http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0

IE - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyOverride\" = 192.168.*.*

 

 

========== FireFox ==========

 

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=:  File not found

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=1.0: C:\\Program Files\\iTunes\\Mozilla Plugins\\npitunes.dll ()

FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.51.2: C:\\Program Files\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.51.2: C:\\Program Files\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: c:\\Program Files\\Microsoft Silverlight\\5.1.20913.0\\npctrl.dll ( Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3502.0922: C:\\Program Files\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3508.1109: C:\\Program Files\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.0.0: C:\\Program Files\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\\Program Files\\WildTangent Games\\App\\BrowserIntegration\\Registered\\4\\NP_wtapp.dll ()

FF - HKCU\\Software\\MozillaPlugins\\@Skype Limited.com/Facebook Video Calling Plugin: C:\\Users\\Kaila\\AppData\\Local\\Facebook\\Video\\Skype\\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=3: C:\\Users\\Kaila\\AppData\\Local\\Google\\Update\\1.3.22.3\\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=9: C:\\Users\\Kaila\\AppData\\Local\\Google\\Update\\1.3.22.3\\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Firefox\\Extensions\\\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\\Program Files\\Common Files\\McAfee\\SystemCore [2012/09/02 00:16:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Firefox\\Extensions\\\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\\Program Files\\PremierOpinion

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Firefox\\Extensions\\\\[email protected]: C:\\Program Files\\Babylon\\Babylon-Pro\\Utils\\[email protected]

 

[2013/12/13 16:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Kaila\\AppData\\Roaming\\mozilla\\Firefox\\extensions

[2013/12/05 15:07:08 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\\Users\\Kaila\\AppData\\Roaming\\mozilla\\Firefox\\extensions\\{96f454ea-9d38-474f-b504-56193e00c1a5}

[2013/12/31 22:07:34 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files\\Mozilla Firefox\\extensions

 

========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},


CHR - plugin: Shockwave Flash (Enabled) = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\PepperFlash\\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Disabled) = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\pdf.dll

CHR - plugin: npDefaultTabSearch plugin (Enabled) = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\kdidombaedgpfiiedeimiebkmbilgmlc\\1.1.14_0\\plugins/npDefaultTabSearch.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Browser\\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npjp2.dll

CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\\Program Files\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\13.2.0\\\\npsitesafety.dll

CHR - plugin: VLC Web Plugin (Enabled) = C:\\Program Files\\VideoLAN\\VLC\\npvlc.dll

CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\\Program Files\\WildTangent Games\\App\\BrowserIntegration\\Registered\\2\\NP_wtapp.dll

CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\\Program Files\\Windows Live\\Photo Gallery\\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\\Program Files\\iTunes\\Mozilla Plugins\\npitunes.dll

CHR - plugin: Google Update (Enabled) = C:\\Users\\Kaila\\AppData\\Local\\Google\\Update\\1.3.21.135\\npGoogleUpdate3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\\Program Files\\Microsoft Silverlight\\5.1.20125.0\\npctrl.dll

CHR - Extension: uTorrentControl_v6 = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\cflheckfmhopnialghigdlggahiomebp\\10.26.0.540_0\\

CHR - Extension: uTorrentControl_v6 = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\cflheckfmhopnialghigdlggahiomebp\\10.26.0.540_0\\nativeMessaging\\nmHost

CHR - Extension: Dark Vibe = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\dkckeanhmkjaechlhllmapjaaglgpcbj\\1.1_0\\

CHR - Extension: ShopAtHome.com extension = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\dlmebkoiahbppacaicbgncnjhbpdfkcc\\7.1.0.16_0\\

CHR - Extension: avast! Online Security = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\gomekmidlodglbbmalcneegieacbdmki\\9.0.2011.70_0\\

CHR - Extension: avast! Online Security = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\gomekmidlodglbbmalcneegieacbdmki\\9.0.2013.75_0\\

CHR - Extension: No name found = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\njkkjobcechefaoknodniidfjapgfoco\\2.2.7_0\\

CHR - Extension: Google Wallet = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nmmhkkegccagdldgiimedpiccmgmieda\\0.0.6.0_0\\

CHR - Extension: Bitdefender QuickScan = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pdnkcidphdcakpkheohlhocaicfamjie\\0.9.9.131_0\\

CHR - Extension: uTorrentControl_v6 = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\cflheckfmhopnialghigdlggahiomebp\\10.26.0.540_0\\

CHR - Extension: uTorrentControl_v6 = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\cflheckfmhopnialghigdlggahiomebp\\10.26.0.540_0\\nativeMessaging\\nmHost

CHR - Extension: Dark Vibe = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\dkckeanhmkjaechlhllmapjaaglgpcbj\\1.1_0\\

CHR - Extension: ShopAtHome.com extension = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\dlmebkoiahbppacaicbgncnjhbpdfkcc\\7.1.0.16_0\\

CHR - Extension: avast! Online Security = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\gomekmidlodglbbmalcneegieacbdmki\\9.0.2011.70_0\\

CHR - Extension: avast! Online Security = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\gomekmidlodglbbmalcneegieacbdmki\\9.0.2013.75_0\\

CHR - Extension: No name found = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\njkkjobcechefaoknodniidfjapgfoco\\2.2.7_0\\

CHR - Extension: Google Wallet = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nmmhkkegccagdldgiimedpiccmgmieda\\0.0.6.0_0\\

CHR - Extension: Bitdefender QuickScan = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pdnkcidphdcakpkheohlhocaicfamjie\\0.9.9.131_0\\

 

O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\\Windows\\System32\\drivers\\etc\\hosts

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\\PROGRA~1\\mcafee\\msk\\mskapbho.dll File not found

O2 - BHO: (Music Box Toolbar (Dist. by iMesh, Inc.)) - {45177936-603b-4261-8d42-df6f7091d5d0} - C:\\PROGRA~1\\MUSICT~1\\Datamngr\\SRTOOL~1\\IE\\searchresultsDx.dll File not found

O2 - BHO: (MyWordTool) - {45470599-8237-486D-87B5-E89CD6AED154} - C:\\Users\\Kaila\\AppData\\Roaming\\MyWordTool\\temp.dat ()

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\\Program Files\\Common Files\\mcafee\\systemcore\\ScriptSn.20120112163500.dll (McAfee, Inc.)

O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (uTorrentControl_v6 Toolbar) - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\\Program Files\\uTorrentControl_v6\\prxtbuTor.dll File not found

O2 - BHO: (no name) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - No CLSID value found.

O2 - BHO: (Tidy Network) - {D8A98206-1249-3EBA-FB18-4ADF7ED746FD} - C:\\Program Files\\TidyNetwork\\petn.dll ()

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\\..\\Toolbar: (Music Box Toolbar (Dist. by iMesh, Inc.)) - {45177936-603b-4261-8d42-df6f7091d5d0} - C:\\PROGRA~1\\MUSICT~1\\Datamngr\\SRTOOL~1\\IE\\searchresultsDx.dll File not found

O3 - HKLM\\..\\Toolbar: (uTorrentControl_v6 Toolbar) - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\\Program Files\\uTorrentControl_v6\\prxtbuTor.dll File not found

O3 - HKLM\\..\\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\\..\\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\\..\\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\..\\Toolbar\\WebBrowser: (uTorrentControl_v6 Toolbar) - {96F454EA-9D38-474F-B504-56193E00C1A5} - C:\\Program Files\\uTorrentControl_v6\\prxtbuTor.dll File not found

O4 - HKLM..\\Run: [Acer ePower Management] C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe (Acer Incorporated)

O4 - HKLM..\\Run: [APSDaemon] C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\\Run: [AvastUI.exe] C:\\Program Files\\AVAST Software\\Avast\\AvastUI.exe (AVAST Software)

O4 - HKLM..\\Run: [BackupNowEZtray] C:\\Program Files\\NTI\\NTI Backup Now EZ\\BackupNowEZtray.exe (NTI Corporation)

O4 - HKLM..\\Run: [EgisTecPMMUpdate] C:\\Program Files\\EgisTec IPS\\PmmUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\\Run: [EgisUpdate] C:\\Program Files\\EgisTec IPS\\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\\Run: [ETDCtrl] C:\\Program Files\\Elantech\\ETDCtrl.exe (ELAN Microelectronics Corp.)

O4 - HKLM..\\Run: [LManager] C:\\Program Files\\Launch Manager\\LManager.exe (Dritek System Inc.)

O4 - HKLM..\\Run: [ROC_roc_ssl_v12] \"C:\\Program Files\\AVG Secure Search\\ROC_roc_ssl_v12.exe\" / /PROMPT /CMPID=roc_ssl_v12 File not found

O4 - HKLM..\\Run: [SBRegRebootCleaner] \"C:\\Program Files\\Ad-Aware Antivirus\\SBRC.exe\" File not found

O4 - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000..\\Run: [Facebook Update] C:\\Users\\Kaila\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe (Facebook Inc.)

O4 - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000..\\Run: [uTorrent] C:\\Users\\Kaila\\AppData\\Roaming\\uTorrent\\uTorrent.exe (BitTorrent Inc.)

O4 - HKU\\S-1-5-19..\\RunOnce: [mctadmin] C:\\Windows\\System32\\mctadmin.exe (Microsoft Corporation)

O4 - HKU\\S-1-5-20..\\RunOnce: [mctadmin] C:\\Windows\\System32\\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3

O7 - HKU\\S-1-5-21-2509488165-3742344647-2209741551-1000\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\\Program Files\\Paltalk Messenger\\paltalk.exe (AVM Software Inc.)

O13 - gopher Prefix: missing




O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{15EAC838-19E9-4FA3-B6AC-CE7E9B30E965}: DhcpNameServer = 172.26.38.1 172.26.38.2

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{A81087B2-589B-456F-8D51-F5A5BADAE6F1}: DhcpNameServer = 192.168.1.1

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{B74E8B87-E008-4422-BD86-86D613D27F22}: DhcpNameServer = 192.168.1.1

O18 - Protocol\\Handler\\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\\Program Files\\Windows Live\\Messenger\\msgrapp.dll File not found

O18 - Protocol\\Handler\\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\\Program Files\\Windows Live\\Messenger\\msgrapp.dll File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\\Windows\\system32\\userinit.exe) - C:\\Windows\\System32\\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\\Windows\\System32\\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O27 - HKLM IFEO\\bitguard.exe: Debugger - C:\\Windows\\System32\\tasklist.exe (Microsoft Corporation)

O27 - HKLM IFEO\\bprotect.exe: Debugger - C:\\Windows\\System32\\tasklist.exe (Microsoft Corporation)

O27 - HKLM IFEO\\browserdefender.exe: Debugger - C:\\Windows\\System32\\tasklist.exe (Microsoft Corporation)

O27 - HKLM IFEO\\browserprotect.exe: Debugger - C:\\Windows\\System32\\tasklist.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\\{c001a154-d848-11e0-b3a4-1c7508b345b6}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{c001a154-d848-11e0-b3a4-1c7508b345b6}\\Shell\\AutoRun\\command - \"\" = \"D:\\WD SmartWare.exe\" autoplay=true

O33 - MountPoints2\\{fed23421-ccaf-11e2-a2ff-889ffa0527f7}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{fed23421-ccaf-11e2-a2ff-889ffa0527f7}\\Shell\\AutoRun\\command - \"\" = D:\\MotoCastSetup.exe -a

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\\..comfile [open] -- \"%1\" %*

O35 - HKLM\\..exefile [open] -- \"%1\" %*

O36 - AppCertDlls: x64 - (c:\\program files\\music toolbar\\datamngr\\x64\\apcrtldr.dll) -  File not found

O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*

O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014/01/17 20:38:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\Kaila\\Desktop\\OTL.exe

[2014/01/17 20:28:12 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Chrome Apps

[2014/01/17 19:48:32 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\\Windows\\System32\\javaws.exe

[2014/01/17 19:48:04 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\\Windows\\System32\\javaw.exe

[2014/01/17 19:48:04 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\\Windows\\System32\\java.exe

[2014/01/17 19:48:04 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\\Windows\\System32\\WindowsAccessBridge.dll

[2014/01/17 19:48:04 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Java

[2014/01/14 21:45:27 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\win32k.sys

[2014/01/14 21:45:24 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\drivers\\netio.sys

[2014/01/14 21:45:21 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\drivers\\usbport.sys

[2014/01/14 21:45:18 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\drivers\\usbd.sys

[2014/01/12 19:52:53 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\Desktop\\Movies

[2014/01/08 16:28:48 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\Desktop\\Insanity Workout

[2013/12/31 22:07:57 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\AppData\\Roaming\\BabSolution

[2013/12/31 22:07:34 | 000,000,000 | ---D | C] -- C:\\Program Files\\Mozilla Firefox

[2013/12/31 22:07:31 | 000,000,000 | ---D | C] -- C:\\Program Files\\Babylon

[2013/12/23 22:30:56 | 000,000,000 | ---D | C] -- C:\\Program Files\\ToniArts

[2013/12/23 22:30:54 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\EasyCleaner

[2013/12/23 22:12:21 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\AppData\\Roaming\\ParetoLogic

[2013/12/23 22:12:21 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\AppData\\Roaming\\DriverCure

[2013/12/23 22:11:51 | 000,000,000 | ---D | C] -- C:\\ProgramData\\ParetoLogic

[2013/12/23 21:59:23 | 000,000,000 | ---D | C] -- C:\\AdwCleaner

[2013/12/20 19:15:36 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\AppData\\Roaming\\AVAST Software

[2013/12/20 19:15:16 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Avast

[2013/12/20 19:14:29 | 000,775,952 | ---- | C] (AVAST Software) -- C:\\Windows\\System32\\drivers\\aswSnx.sys

[2013/12/20 19:14:29 | 000,064,168 | ---- | C] (AVAST Software) -- C:\\Windows\\System32\\drivers\\aswstm.sys

[2013/12/20 19:14:28 | 000,410,528 | ---- | C] (AVAST Software) -- C:\\Windows\\System32\\drivers\\aswSP.sys

[2013/12/20 19:14:27 | 000,067,824 | ---- | C] (AVAST Software) -- C:\\Windows\\System32\\drivers\\aswMonFlt.sys

[2013/12/20 19:14:26 | 000,079,720 | ---- | C] (AVAST Software) -- C:\\Windows\\System32\\drivers\\aswRdr2.sys

[2013/12/20 19:14:22 | 000,270,240 | ---- | C] (AVAST Software) -- C:\\Windows\\System32\\aswBoot.exe

[2013/12/20 19:14:14 | 000,043,152 | ---- | C] (AVAST Software) -- C:\\Windows\\avastSS.scr

[2013/12/20 19:12:59 | 000,000,000 | ---D | C] -- C:\\Program Files\\AVAST Software

[2013/12/20 19:09:37 | 000,000,000 | ---D | C] -- C:\\ProgramData\\AVAST Software

[2013/12/20 18:56:08 | 000,000,000 | ---D | C] -- C:\\ProgramData\\GFI Software

[2013/12/20 18:39:55 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\AppData\\Roaming\\QuickScan

[2013/12/20 18:27:37 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Licenses

[2013/12/20 18:27:13 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\SpywareBlaster

[2013/12/20 18:27:12 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\MSCOMCTL.OCX

[2013/12/20 18:27:11 | 000,129,872 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\MSSTDFMT.DLL

[2013/12/20 18:27:04 | 000,000,000 | ---D | C] -- C:\\Program Files\\SpywareBlaster

[2013/12/20 17:11:09 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\HiJackThis

[2013/12/20 17:11:08 | 000,000,000 | ---D | C] -- C:\\Program Files\\Trend Micro

 

========== Files - Modified Within 30 Days ==========

 

[2014/01/17 20:38:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Kaila\\Desktop\\OTL.exe

[2014/01/17 20:28:20 | 000,000,830 | ---- | M] () -- C:\\Windows\\tasks\\Adobe Flash Player Updater.job

[2014/01/17 20:27:10 | 000,002,326 | ---- | M] () -- C:\\Users\\Kaila\\Desktop\\Chrome App Launcher.lnk

[2014/01/17 20:09:01 | 000,000,908 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskUserS-1-5-21-2509488165-3742344647-2209741551-1000UA.job

[2014/01/17 20:03:05 | 000,000,928 | ---- | M] () -- C:\\Windows\\tasks\\FacebookUpdateTaskUserS-1-5-21-2509488165-3742344647-2209741551-1000UA.job

[2014/01/17 16:14:20 | 000,009,696 | -H-- | M] () -- C:\\Windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/01/17 16:14:20 | 000,009,696 | -H-- | M] () -- C:\\Windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/01/17 16:04:48 | 000,000,350 | ---- | M] () -- C:\\Windows\\tasks\\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

[2014/01/17 16:02:03 | 000,259,112 | ---- | M] () -- C:\\Windows\\System32\\FNTCACHE.DAT

[2014/01/17 16:01:59 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat

[2014/01/17 16:00:13 | 796,729,344 | -HS- | M] () -- C:\\hiberfil.sys

[2014/01/17 15:48:39 | 000,000,856 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskUserS-1-5-21-2509488165-3742344647-2209741551-1000Core.job

[2014/01/17 15:32:16 | 000,000,906 | ---- | M] () -- C:\\Windows\\tasks\\FacebookUpdateTaskUserS-1-5-21-2509488165-3742344647-2209741551-1000Core.job

[2013/12/20 19:15:16 | 000,002,087 | ---- | M] () -- C:\\Users\\Public\\Desktop\\avast! Free Antivirus.lnk

[2013/12/20 19:14:56 | 000,064,168 | ---- | M] (AVAST Software) -- C:\\Windows\\System32\\drivers\\aswstm.sys

[2013/12/20 19:14:16 | 000,775,952 | ---- | M] (AVAST Software) -- C:\\Windows\\System32\\drivers\\aswSnx.sys

[2013/12/20 19:14:16 | 000,410,528 | ---- | M] (AVAST Software) -- C:\\Windows\\System32\\drivers\\aswSP.sys

[2013/12/20 19:14:16 | 000,180,248 | ---- | M] () -- C:\\Windows\\System32\\drivers\\aswVmm.sys

[2013/12/20 19:14:16 | 000,079,720 | ---- | M] (AVAST Software) -- C:\\Windows\\System32\\drivers\\aswRdr2.sys

[2013/12/20 19:14:16 | 000,067,824 | ---- | M] (AVAST Software) -- C:\\Windows\\System32\\drivers\\aswMonFlt.sys

[2013/12/20 19:14:16 | 000,049,944 | ---- | M] () -- C:\\Windows\\System32\\drivers\\aswRvrt.sys

[2013/12/20 19:14:14 | 000,270,240 | ---- | M] (AVAST Software) -- C:\\Windows\\System32\\aswBoot.exe

[2013/12/20 19:14:14 | 000,043,152 | ---- | M] (AVAST Software) -- C:\\Windows\\avastSS.scr

[2013/12/20 18:27:14 | 000,001,005 | ---- | M] () -- C:\\Users\\Public\\Desktop\\SpywareBlaster.lnk

[2013/12/20 17:11:10 | 000,002,963 | ---- | M] () -- C:\\Users\\Kaila\\Desktop\\HiJackThis.lnk

[2013/12/18 21:10:01 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\\Windows\\System32\\WindowsAccessBridge.dll

[2013/12/18 21:04:13 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\\Windows\\System32\\javaws.exe

[2013/12/18 21:04:09 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\\Windows\\System32\\javaw.exe

[2013/12/18 21:03:46 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\\Windows\\System32\\java.exe

 

========== Files Created - No Company Name ==========

 

[2014/01/17 20:27:10 | 000,002,326 | ---- | C] () -- C:\\Users\\Kaila\\Desktop\\Chrome App Launcher.lnk

[2013/12/20 19:15:16 | 000,002,087 | ---- | C] () -- C:\\Users\\Public\\Desktop\\avast! Free Antivirus.lnk

[2013/12/20 19:14:29 | 000,180,248 | ---- | C] () -- C:\\Windows\\System32\\drivers\\aswVmm.sys

[2013/12/20 19:14:28 | 000,049,944 | ---- | C] () -- C:\\Windows\\System32\\drivers\\aswRvrt.sys

[2013/12/20 18:27:14 | 000,001,005 | ---- | C] () -- C:\\Users\\Public\\Desktop\\SpywareBlaster.lnk

[2013/12/20 17:11:10 | 000,002,963 | ---- | C] () -- C:\\Users\\Kaila\\Desktop\\HiJackThis.lnk

[2013/12/11 20:20:46 | 000,000,218 | ---- | C] () -- C:\\Users\\Kaila\\AppData\\Local\\recently-used.xbel

[2013/09/09 10:22:27 | 000,000,258 | RHS- | C] () -- C:\\Users\\Kaila\\ntuser.pol

[2013/01/18 19:54:27 | 000,001,415 | ---- | C] () -- C:\\Windows\\wininit.ini

[2012/09/02 00:38:10 | 000,384,844 | ---- | C] () -- C:\\Users\\Kaila\\AppData\\Local\\funmoods-speeddial.crx

[2012/06/12 18:47:43 | 000,007,598 | ---- | C] () -- C:\\Users\\Kaila\\AppData\\Local\\Resmon.ResmonCfg

 

========== ZeroAccess Check ==========

 

[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\\Windows\\assembly\\Desktop.ini

 

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

 

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32]

 

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

\"\" = %SystemRoot%\\system32\\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Apartment

 

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32]

\"\" = %systemroot%\\system32\\wbem\\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Free

 

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32]

\"\" = %systemroot%\\system32\\wbem\\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Both

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 119 bytes -> C:\\ProgramData\\TEMP:5C321E34

 

< End of report >

 

 

 

 

 


OTL Extras logfile created on: 1/17/2014 8:40:40 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\\Users\\Kaila\\Desktop

 Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16750)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

1013.09 Mb Total Physical Memory | 531.36 Mb Available Physical Memory | 52.45% Memory free

3.10 Gb Paging File | 1.08 Gb Available in Paging File | 35.01% Paging File free

Paging file location(s): ?:\\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files

Drive C: | 219.79 Gb Total Space | 163.52 Gb Free Space | 74.40% Space Free | Partition Type: NTFS

 

Computer Name: JOHN | User Name: Kaila | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]

.cpl [@ = cplfile] -- C:\\Windows\\System32\\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\\Windows\\winhlp32.exe (Microsoft Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]

batfile [open] -- \"%1\" %*

cmdfile [open] -- \"%1\" %*

comfile [open] -- \"%1\" %*

cplfile [cplopen] -- %SystemRoot%\\System32\\control.exe \"%1\",%* (Microsoft Corporation)

exefile [open] -- \"%1\" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- \"%systemroot%\\system32\\rundll32.exe\" \"%systemroot%\\system32\\mshtml.dll\",PrintHTML \"%1\"

inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)

piffile [open] -- \"%1\" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- \"%1\"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- \"%1\" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- \"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\" ()

Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- \"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\" ()

Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center]

\"cval\" = 1

 

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Monitoring]

 

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc]

\"VistaSp1\" = Reg Error: Unknown registry data type -- File not found

\"AntiVirusOverride\" = 0

\"AntiSpywareOverride\" = 0

\"FirewallOverride\" = 0

 

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc\\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\DomainProfile]

\"DisableNotifications\" = 0

\"EnableFirewall\" = 1

 

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile]

\"DisableNotifications\" = 0

\"EnableFirewall\" = 1

 

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\PublicProfile]

\"DisableNotifications\" = 0

\"EnableFirewall\" = 1

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules]

\"{0C0D5611-BF79-4504-946C-D2C37BBAD9E2}\" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

\"{3F77DEE7-7879-4485-8CC3-FC4E8F5B907A}\" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\\system32\\svchost.exe | 

\"{88F8B91B-765F-4BEB-9026-010AB2F5BDAE}\" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\\system32\\svchost.exe | 

\"{98ADADB7-9290-423E-9F66-0FAADFD84AF9}\" = lport=2869 | protocol=6 | dir=in | app=system | 

\"{9BCC0A4B-1A53-4D36-8FC3-7639CB1ECFB6}\" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\\system32\\svchost.exe | 

\"{9EDBEE99-0510-4C62-9311-DB05CD5499A8}\" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\\system32\\svchost.exe | 

\"{B999610B-3359-495E-9E94-D049C2BE1731}\" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe | 

\"{BBE6E5ED-28B5-4378-8BBB-69869CEDC4FE}\" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

\"{BDE53792-1BFF-4EB1-B0F5-FA7289601E06}\" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\\system32\\svchost.exe | 

\"{C911DE0A-C213-468A-812B-007B520CB6A1}\" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

\"{EC6E6100-6001-4177-9E89-3739DF412387}\" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe | 

\"{F270A3AF-9EF5-4B04-AFD9-CAEB2FCD0117}\" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\\system32\\svchost.exe | 

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules]

\"{11845A41-0B1E-43E0-92E4-68287683418E}\" = protocol=17 | dir=in | app=c:\\program files\\hp\\hp officejet 6500 e710a-f\\bin\\devicesetup.exe | 

\"{1FBD6AEE-0D94-4004-8D0F-0342910CA692}\" = protocol=17 | dir=in | app=c:\\program files\\common files\\mcafee\\mcsvchost\\mcsvhost.exe | 

\"{26867199-43E4-4660-9287-5D37C939F37F}\" = protocol=6 | dir=in | app=c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe | 

\"{3E8717E2-5523-4E50-90C2-CC7127DCD750}\" = protocol=6 | dir=in | app=c:\\program files\\hp\\hp officejet 6500 e710a-f\\bin\\devicesetup.exe | 

\"{4D77B3C3-169B-4581-BC41-5919857C5391}\" = dir=in | app=c:\\users\\kaila\\appdata\\local\\facebook\\video\\skype\\facebookvideocalling.exe | 

\"{50AA8E9B-636A-489B-8EA5-D9F3F0C36BCB}\" = dir=in | app=c:\\program files\\itunes\\itunes.exe | 

\"{5579B851-31B4-489D-B1AC-2A19DDDB6C9F}\" = protocol=17 | dir=in | app=c:\\program files\\search results toolbar\\datamngr\\srtool~1\\dtuser.exe | 

\"{55F27024-7A86-455F-BBFF-C206C182E4A6}\" = dir=in | app=c:\\program files\\imesh applications\\imesh\\imesh.exe | 

\"{5ACF1ACB-F3F4-494F-B78D-8ADD91664A7B}\" = protocol=6 | dir=in | app=c:\\users\\kaila\\appdata\\local\\temp\\bundlesweetimsetup.exe | 

\"{5BF6070F-4107-479A-9947-197E516892AA}\" = protocol=6 | dir=in | app=c:\\program files\\hp\\hp officejet 6500 e710a-f\\bin\\hpnetworkcommunicator.exe | 

\"{5D957BE7-CC96-4EB5-A649-C4A5DF2DCB49}\" = dir=in | app=c:\\program files\\windows live\\mesh\\moe.exe | 

\"{6060F889-0A7A-4136-AD1E-7C2C91F787BC}\" = protocol=6 | dir=out | svc=upnph
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
nativemessaging on chrome
« Reply #1 on: January 18, 2014, 08:25:57 PM »

I\'ll lock your other topic.. Let\'s try again with this topic
-AdwCleaner-


Please download http://www.majorgeeks.com/files/details/adwcleaner.html\'>AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.

  • Double click on AdwCleaner.exe to run the tool.

  • Click the Scan button and wait for the process to complete.

  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.

  • Click on the Clean button follow the prompts.

  • A log file will automatically open after the scan has finished and the PC has rebooted.

  • Please post the content of that log file with your next answer.

  • You can also find the log file at C:\\AdwCleaner

-Junkware-Removal-Tool-


  • Please download http://www.majorgeeks.com/files/details/junkware_removal_tool.html\'>Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.

  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select \"Run as Administrator\".

  • The tool will open and start scanning your system.

  • Please be patient as this can take a while to complete depending on your system\'s specifications.

  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

  • Post the contents of JRT.txt into your next message.

Reopen OTL.exe and choose to Run a Scan, when done, post the log that opens>> OTL.txt


« Last Edit: January 18, 2014, 08:31:02 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline x_breath_x

  • Jr. Member
  • **
  • Posts: 80
  • Karma: +0/-0
    • View Profile
nativemessaging on chrome
« Reply #2 on: January 20, 2014, 12:11:19 PM »

the nativemessaging on chrome fixed with the first option you had me do. here is the log for the junkware removal tool.


 


 



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.0 (01.07.2014:1)

OS: Windows 7 Starter x86

Ran by Kaila on Mon 01/20/2014 at  9:32:30.75

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\\\sbregrebootcleaner

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Internet Explorer\\Main\\\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\\S-1-5-18\\Software\\Microsoft\\Internet Explorer\\Main\\\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\\S-1-5-19\\Software\\Microsoft\\Internet Explorer\\Main\\\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\\S-1-5-20\\Software\\Microsoft\\Internet Explorer\\Main\\\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\\S-1-5-21-2509488165-3742344647-2209741551-1000\\Software\\Microsoft\\Internet Explorer\\Main\\\\Start Page

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\\\DisplayName

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\\\URL

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\\dynconie.dynconieobject

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\\dynconie.dynconieobject.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\\Interface\\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\\TypeLib\\{781CA792-9B6E-400B-B36F-15C097D2CA54}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\InternetRegistry\\REGISTRY\\USER\\S-1-5-21-2509488165-3742344647-2209741551-1000\\Software\\sweetim

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Tracing\\strongvaultapp_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Tracing\\strongvaultapp_rasmancs

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{2ED3B46A-A91C-47C9-92D7-3EF05BB5429B}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{6F47C78D-F91C-4A9E-9641-012D759138CA}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{C8D1C99A-92F2-4AB8-9162-0449E1743972}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{45470599-8237-486D-87B5-E89CD6AED154}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{45177936-603b-4261-8d42-df6f7091d5d0}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\\CLSID\\{45177936-603b-4261-8d42-df6f7091d5d0}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{45177936-603b-4261-8d42-df6f7091d5d0}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{45470599-8237-486D-87B5-E89CD6AED154}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\\CLSID\\{45470599-8237-486D-87B5-E89CD6AED154}

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] \"C:\\Users\\Kaila\\AppData\\Roaming\\mywordtool\"

Successfully deleted: [Folder] \"C:\\Users\\Kaila\\appdata\\local\\cre\"

Successfully deleted: [Folder] \"C:\\Users\\Kaila\\appdata\\local\\stronghold_llc\"

Successfully deleted: [Folder] \"C:\\Users\\Kaila\\appdata\\locallow\\datamngr\"

Successfully deleted: [Folder] \"C:\\Windows\\system32\\ai_recyclebin\"

Successfully deleted: [Empty Folder] C:\\Users\\Kaila\\appdata\\local\\{097547FC-824E-47C8-A0CA-F420BCF1F6BB}

Successfully deleted: [Empty Folder] C:\\Users\\Kaila\\appdata\\local\\{23903FD9-325A-4987-9406-868768C67A16}

Successfully deleted: [Empty Folder] C:\\Users\\Kaila\\appdata\\local\\{A55F3603-DB32-45B8-BC55-D04A110A6A38}

Successfully deleted: [Empty Folder] C:\\Users\\Kaila\\appdata\\local\\{C808FF1A-DE48-4778-B563-B9540E9C1CFE}

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 01/20/2014 at  9:42:19.88

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
nativemessaging on chrome
« Reply #3 on: January 20, 2014, 12:26:55 PM »

I don\'t see the log for AdwCleaner?



 


You can also find the log file at C:\\AdwCleaner



 


In addition I don\'t see the new log from Otl.exe?



 


Reopen OTL.exe and choose to Run a Scan, when done, post the log that opens>> OTL.txt


Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline x_breath_x

  • Jr. Member
  • **
  • Posts: 80
  • Karma: +0/-0
    • View Profile
nativemessaging on chrome
« Reply #4 on: January 20, 2014, 12:34:28 PM »

here is the second log


 


 


OTL logfile created on: 1/20/2014 11:12:13 AM - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\\Users\\Kaila\\Desktop

 Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16750)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

1013.09 Mb Total Physical Memory | 127.41 Mb Available Physical Memory | 12.58% Memory free

1.99 Gb Paging File | 0.86 Gb Available in Paging File | 43.26% Paging File free

Paging file location(s): ?:\\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files

Drive C: | 219.79 Gb Total Space | 137.92 Gb Free Space | 62.75% Space Free | Partition Type: NTFS

 

Computer Name: JOHN | User Name: Kaila | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014/01/18 12:20:39 | 000,302,961 | ---- | M] () -- C:\\Program Files\\Hosts_Anti_Adwares_PUPs\\HOSTS_Anti-Adware_main.exe

PRC - [2014/01/17 20:38:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Kaila\\Desktop\\OTL.exe

PRC - [2013/12/20 19:14:09 | 003,764,024 | ---- | M] (AVAST Software) -- C:\\Program Files\\AVAST Software\\Avast\\AvastUI.exe

PRC - [2013/12/20 19:14:09 | 000,050,344 | ---- | M] (AVAST Software) -- C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe

PRC - [2013/02/05 12:10:48 | 000,581,624 | ---- | M] (NTI Corporation) -- C:\\Program Files\\NTI\\NTI Backup Now EZ\\BackupNowEZtray.exe

PRC - [2013/02/05 12:10:46 | 000,046,072 | ---- | M] (NTI Corporation) -- C:\\Program Files\\NTI\\NTI Backup Now EZ\\BackupNowEZSvr.exe

PRC - [2012/11/22 20:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\taskhost.exe

PRC - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () -- C:\\Program Files\\Motorola Mobility\\Motorola Device Manager\\MotoHelperService.exe

PRC - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\\Program Files\\Motorola Mobility\\Motorola Device Manager\\MotoHelperAgent.exe

PRC - [2011/10/18 16:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\\Program Files\\Common Files\\mcafee\\systemcore\\mfevtps.exe

PRC - [2011/10/18 16:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\\Program Files\\Common Files\\mcafee\\systemcore\\mfefire.exe

PRC - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\\Program Files\\Motorola\\MotForwardDaemon\\ForwardDaemon.exe

PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\explorer.exe

PRC - [2010/11/12 00:24:10 | 001,602,344 | ---- | M] (ELAN Microelectronics Corp.) -- C:\\Program Files\\Elantech\\ETDCtrlHelper.exe

PRC - [2010/11/12 00:24:08 | 001,812,264 | ---- | M] (ELAN Microelectronics Corp.) -- C:\\Program Files\\Elantech\\ETDCtrl.exe

PRC - [2010/08/10 03:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\\Program Files\\Launch Manager\\LManager.exe

PRC - [2010/08/10 03:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\\Program Files\\Launch Manager\\dsiwmis.exe

PRC - [2010/08/10 03:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\\Program Files\\Launch Manager\\LMworker.exe

PRC - [2010/06/11 16:28:06 | 000,715,296 | ---- | M] (Acer Incorporated) -- C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe

PRC - [2010/06/11 16:28:02 | 000,735,776 | ---- | M] (Acer Incorporated) -- C:\\Program Files\\Acer\\Acer ePower Management\\ePowerSvc.exe

PRC - [2010/06/11 16:27:54 | 000,469,536 | ---- | M] (Acer Incorporated) -- C:\\Program Files\\Acer\\Acer ePower Management\\ePowerEvent.exe

PRC - [2010/03/11 00:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\\Program Files\\EgisTec IPS\\PmmUpdate.exe

PRC - [2010/03/11 00:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\\Program Files\\EgisTec IPS\\EgisUpdate.exe

PRC - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\\Program Files\\Acer\\Acer VCM\\RS_Service.exe

PRC - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\\Program Files\\Acer\\Registration\\GREGsvc.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2014/01/18 12:20:39 | 000,302,961 | ---- | M] () -- C:\\Program Files\\Hosts_Anti_Adwares_PUPs\\HOSTS_Anti-Adware_main.exe

MOD - [2013/12/20 19:14:12 | 019,336,120 | ---- | M] () -- C:\\Program Files\\AVAST Software\\Avast\\libcef.dll

MOD - [2013/12/03 20:48:04 | 000,399,312 | ---- | M] () -- C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\ppGoogleNaClPluginChrome.dll

MOD - [2013/12/03 20:48:02 | 004,055,504 | ---- | M] () -- C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\pdf.dll

MOD - [2013/12/03 20:47:11 | 000,702,416 | ---- | M] () -- C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\libglesv2.dll

MOD - [2013/12/03 20:47:11 | 000,099,792 | ---- | M] () -- C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\libegl.dll

MOD - [2013/12/03 20:47:08 | 001,619,408 | ---- | M] () -- C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\ffmpegsumo.dll

MOD - [2013/02/05 12:11:18 | 000,465,824 | ---- | M] () -- C:\\Program Files\\NTI\\NTI Backup Now EZ\\sqlite3.dll

MOD - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\\Program Files\\Motorola Mobility\\Motorola Device Manager\\MotoHelperAgent.exe

MOD - [2012/08/27 23:33:32 | 000,087,912 | ---- | M] () -- C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\zlib1.dll

MOD - [2012/08/27 23:33:08 | 001,242,512 | ---- | M] () -- C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\libxml2.dll

MOD - [2009/05/20 00:02:04 | 000,072,200 | ---- | M] () -- C:\\Program Files\\Launch Manager\\CdDirIo.dll

 

 

========== Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] -- C:\\Program Files\\Common Files\\AVG Secure Search\\vToolbarUpdater\\17.0.1\\ToolbarUpdater.exe -- (vToolbarUpdater17.0.1)

SRV - [2014/01/18 12:20:37 | 000,285,795 | ---- | M] () [Auto | Stopped] -- C:\\Program Files\\Hosts_Anti_Adwares_PUPs\\HOSTS_Anti-Adware.exe -- (HOSTS Anti-PUPs)

SRV - [2013/12/20 19:14:09 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe -- (avast! Antivirus)

SRV - [2013/12/13 19:20:00 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\System32\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/05/26 22:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)

SRV - [2013/02/05 12:10:46 | 000,046,072 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\\Program Files\\NTI\\NTI Backup Now EZ\\BackupNowEZSvr.exe -- (NTI BackupNowEZSvr)

SRV - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () [Auto | Running] -- C:\\Program Files\\Motorola Mobility\\Motorola Device Manager\\MotoHelperService.exe -- (Motorola Device Manager)

SRV - [2011/10/18 16:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\\Program Files\\Common Files\\mcafee\\systemcore\\mfevtps.exe -- (mfevtp)

SRV - [2011/10/18 16:28:34 | 000,160,608 | ---- | M] () [Auto | Running] -- C:\\Program Files\\Common Files\\McAfee\\SystemCore\\\\mfefire.exe -- (mfefire)

SRV - [2011/10/18 16:28:18 | 000,166,288 | ---- | M] () [Auto | Stopped] -- C:\\Program Files\\Common Files\\McAfee\\SystemCore\\\\mcshield.exe -- (McShield)

SRV - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\\Program Files\\Motorola\\MotForwardDaemon\\ForwardDaemon.exe -- (PST Service)

SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\\Program Files\\WildTangent Games\\App\\GamesAppService.exe -- (GamesAppService)

SRV - [2010/08/10 03:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\\Program Files\\Launch Manager\\dsiwmis.exe -- (DsiWMIService)

SRV - [2010/06/11 16:28:02 | 000,735,776 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\\Program Files\\Acer\\Acer ePower Management\\ePowerSvc.exe -- (ePowerSvc)

SRV - [2010/05/26 21:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\\Program Files\\EgisTec MyWinLocker\\x86\\MWLService.exe -- (MWLService)

SRV - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\\Program Files\\Acer\\Acer VCM\\RS_Service.exe -- (RS_Service)

SRV - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\\Program Files\\Acer\\Acer Updater\\UpdaterService.exe -- (Updater Service)

SRV - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\\Program Files\\Acer\\Registration\\GREGsvc.exe -- (GREGService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | System | Stopped] -- C:\\Windows\\system32\\drivers\\SBREdrv.sys -- (SBRE)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\motusbdevice.sys -- (motusbdevice)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\Motousbnet.sys -- (Motousbnet)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\motswch.sys -- (MotoSwitchService)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\motccgpfl.sys -- (motccgpfl)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\motccgp.sys -- (motccgp)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\\DRIVERS\\motfilt.sys -- (BTCFilterService)

DRV - [2013/12/20 19:14:56 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\aswstm.sys -- (aswStm)

DRV - [2013/12/20 19:14:16 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\aswSnx.sys -- (aswSnx)

DRV - [2013/12/20 19:14:16 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\aswSP.sys -- (aswSP)

DRV - [2013/12/20 19:14:16 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\\Windows\\System32\\drivers\\aswVmm.sys -- (aswVmm)

DRV - [2013/12/20 19:14:16 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\aswRdr2.sys -- (aswRdr)

DRV - [2013/12/20 19:14:16 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\\Windows\\System32\\drivers\\aswMonFlt.sys -- (aswMonFlt)

DRV - [2013/12/20 19:14:16 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\\Windows\\System32\\drivers\\aswRvrt.sys -- (aswRvrt)

DRV - [2012/08/23 08:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV - [2012/08/23 08:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2012/03/26 16:50:12 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\netaapl.sys -- (Netaapl)

DRV - [2011/10/15 15:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\\Windows\\System32\\drivers\\mfehidk.sys -- (mfehidk)

DRV - [2011/10/15 15:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\mfefirek.sys -- (mfefirek)

DRV - [2011/10/15 15:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\mfeavfk.sys -- (mfeavfk)

DRV - [2011/10/15 15:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\\Windows\\System32\\drivers\\mfewfpk.sys -- (mfewfpk)

DRV - [2011/10/15 15:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\mfeapfk.sys -- (mfeapfk)

DRV - [2011/10/15 15:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\mferkdet.sys -- (mferkdet)

DRV - [2011/10/15 15:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\mfenlfk.sys -- (mfenlfk)

DRV - [2011/10/15 15:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\mfebopk.sys -- (mfebopk)

DRV - [2011/10/15 15:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\cfwids.sys -- (cfwids)

DRV - [2010/12/03 00:30:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\nx6000.sys -- (MSHUSBVideo)

DRV - [2010/11/20 03:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\winusb.sys -- (WinUsb)

DRV - [2010/08/24 03:55:52 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\L1C62x86.sys -- (L1C)

DRV - [2010/07/15 15:57:36 | 001,906,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\athr.sys -- (athr)

DRV - [2010/06/17 00:50:38 | 000,082,768 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\EUCR6SK.sys -- (EUCR)

DRV - [2009/07/13 17:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\vwifimp.sys -- (vwifimp)

DRV - [2009/07/13 17:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\serial.sys -- (Serial)

DRV - [2009/06/02 21:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV - [2009/06/02 21:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\\Windows\\System32\\drivers\\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV - [2009/06/02 21:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV - [2008/05/06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\wdcsam.sys -- (WDC_SAM)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\\..\\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\\..\\SearchScopes,DefaultScope = 

IE - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\\..\\SearchScopes\\{507E350E-949D-BB7D-314C-7539CF247C38}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

 

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://www.google.com\'>http://www.google.com

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Search Bar = www.bing.com

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Search Page = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.google.com\'>http://www.google.com

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Search,Default_Search_URL = http://www.google.com\'>http://www.google.com

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Search,SearchAssistant = http://www.google.com\'>http://www.google.com

IE - HKCU\\..\\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\\..\\SearchScopes,DefaultScope = 

IE - HKCU\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search\'>http://www.bing.com/search

IE - HKCU\\..\\SearchScopes\\{18E7AACF-9B3E-46E8-8382-BAB463727B5E}: \"URL\" = http://search.yahoo.com/search?p=\'>http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10743

IE - HKCU\\..\\SearchScopes\\{50349BBE-F1B2-4659-B85A-16401AF9064C}: \"URL\" = http://search.findwide.com/serp?guid=\'>http://search.findwide.com/serp?guid={FAD49E06-D413-4B08-8349-8A71DBFA0C8C}&action=default_search&serpv=22&k={searchTerms}

IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0

IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyOverride\" = 192.168.*.*

 

 

========== FireFox ==========

 

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=:  File not found

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=1.0: C:\\Program Files\\iTunes\\Mozilla Plugins\\npitunes.dll ()

FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.51.2: C:\\Program Files\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.51.2: C:\\Program Files\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: c:\\Program Files\\Microsoft Silverlight\\5.1.20913.0\\npctrl.dll ( Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3502.0922: C:\\Program Files\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3508.1109: C:\\Program Files\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.0.0: C:\\Program Files\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\\Program Files\\WildTangent Games\\App\\BrowserIntegration\\Registered\\4\\NP_wtapp.dll ()

FF - HKCU\\Software\\MozillaPlugins\\@Skype Limited.com/Facebook Video Calling Plugin: C:\\Users\\Kaila\\AppData\\Local\\Facebook\\Video\\Skype\\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=3: C:\\Users\\Kaila\\AppData\\Local\\Google\\Update\\1.3.22.3\\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=9: C:\\Users\\Kaila\\AppData\\Local\\Google\\Update\\1.3.22.3\\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Firefox\\Extensions\\\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\\Program Files\\Common Files\\McAfee\\SystemCore [2012/09/02 00:16:21 | 000,000,000 | ---D | M]

 

[2013/12/13 16:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Kaila\\AppData\\Roaming\\mozilla\\Firefox\\extensions

[2013/12/05 15:07:08 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\\Users\\Kaila\\AppData\\Roaming\\mozilla\\Firefox\\extensions\\{96f454ea-9d38-474f-b504-56193e00c1a5}

[2013/12/31 22:07:34 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files\\Mozilla Firefox\\extensions

 

========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},


CHR - plugin: Shockwave Flash (Enabled) = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\PepperFlash\\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Disabled) = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\pdf.dll

CHR - plugin: npDefaultTabSearch plugin (Enabled) = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\kdidombaedgpfiiedeimiebkmbilgmlc\\1.1.14_0\\plugins/npDefaultTabSearch.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Browser\\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npjp2.dll

CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\\Program Files\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\13.2.0\\\\npsitesafety.dll

CHR - plugin: VLC Web Plugin (Enabled) = C:\\Program Files\\VideoLAN\\VLC\\npvlc.dll

CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\\Program Files\\WildTangent Games\\App\\BrowserIntegration\\Registered\\2\\NP_wtapp.dll

CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\\Program Files\\Windows Live\\Photo Gallery\\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\\Program Files\\iTunes\\Mozilla Plugins\\npitunes.dll

CHR - plugin: Google Update (Enabled) = C:\\Users\\Kaila\\AppData\\Local\\Google\\Update\\1.3.21.135\\npGoogleUpdate3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\\Program Files\\Microsoft Silverlight\\5.1.20125.0\\npctrl.dll

CHR - Extension: Dark Vibe = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\dkckeanhmkjaechlhllmapjaaglgpcbj\\1.1_0\\

CHR - Extension: ShopAtHome.com extension = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\dlmebkoiahbppacaicbgncnjhbpdfkcc\\7.1.0.16_0\\

CHR - Extension: avast! Online Security = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\gomekmidlodglbbmalcneegieacbdmki\\9.0.2013.75_0\\

CHR - Extension: No name found = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\njkkjobcechefaoknodniidfjapgfoco\\2.2.7_0\\

CHR - Extension: Google Wallet = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nmmhkkegccagdldgiimedpiccmgmieda\\0.0.6.0_0\\

CHR - Extension: Bitdefender QuickScan = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pdnkcidphdcakpkheohlhocaicfamjie\\0.9.9.131_0\\

CHR - Extension: Dark Vibe = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\dkckeanhmkjaechlhllmapjaaglgpcbj\\1.1_0\\

CHR - Extension: ShopAtHome.com extension = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\dlmebkoiahbppacaicbgncnjhbpdfkcc\\7.1.0.16_0\\

CHR - Extension: avast! Online Security = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\gomekmidlodglbbmalcneegieacbdmki\\9.0.2013.75_0\\

CHR - Extension: No name found = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\njkkjobcechefaoknodniidfjapgfoco\\2.2.7_0\\

CHR - Extension: Google Wallet = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nmmhkkegccagdldgiimedpiccmgmieda\\0.0.6.0_0\\

CHR - Extension: Bitdefender QuickScan = C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pdnkcidphdcakpkheohlhocaicfamjie\\0.9.9.131_0\\

 

O1 HOSTS File: ([2014/01/19 10:21:03 | 000,039,784 | ---- | M]) - C:\\Windows\\System32\\drivers\\etc\\hosts

O1 - Hosts: 127.0.0.1 08sr.combineads.info # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 2010-fr.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 2012-new.biz # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 212link.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 24h00business.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 a.adorika.net # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 a.ad-sys.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ad.adn360.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 adeartss.eu # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 adesoeasy.eu # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 adm.soft365.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.aff.co # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.eorezo.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.hooqy.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.pornerbros.com # hosts anti-adware / pups

O1 - Hosts: 661 more lines...

O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\\PROGRA~1\\mcafee\\msk\\mskapbho.dll File not found

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\\Program Files\\Common Files\\mcafee\\systemcore\\ScriptSn.20120112163500.dll (McAfee, Inc.)

O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Tidy Network) - {D8A98206-1249-3EBA-FB18-4ADF7ED746FD} - C:\\Program Files\\TidyNetwork\\petn.dll File not found

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\\..\\Toolbar: (no name) - {45177936-603b-4261-8d42-df6f7091d5d0} - No CLSID value found.

O3 - HKLM\\..\\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\\..\\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\\..\\Toolbar: (no name) - Locked - No CLSID value found.

O4 - HKLM..\\Run: [Acer ePower Management] C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe (Acer Incorporated)

O4 - HKLM..\\Run: [APSDaemon] C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\\Run: [AvastUI.exe] C:\\Program Files\\AVAST Software\\Avast\\AvastUI.exe (AVAST Software)

O4 - HKLM..\\Run: [BackupNowEZtray] C:\\Program Files\\NTI\\NTI Backup Now EZ\\BackupNowEZtray.exe (NTI Corporation)

O4 - HKLM..\\Run: [EgisTecPMMUpdate] C:\\Program Files\\EgisTec IPS\\PmmUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\\Run: [EgisUpdate] C:\\Program Files\\EgisTec IPS\\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\\Run: [ETDCtrl] C:\\Program Files\\Elantech\\ETDCtrl.exe (ELAN Microelectronics Corp.)

O4 - HKLM..\\Run: [HOSTS Anti-Adware_PUPs] C:\\Program Files\\Hosts_Anti_Adwares_PUPs\\HOSTS_Anti-Adware_main.exe ()

O4 - HKLM..\\Run: [LManager] C:\\Program Files\\Launch Manager\\LManager.exe (Dritek System Inc.)

O4 - HKLM..\\Run: [ROC_roc_ssl_v12] \"C:\\Program Files\\AVG Secure Search\\ROC_roc_ssl_v12.exe\" / /PROMPT /CMPID=roc_ssl_v12 File not found

O4 - HKCU..\\Run: [Facebook Update] C:\\Users\\Kaila\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe (Facebook Inc.)

O4 - HKCU..\\Run: [uTorrent] C:\\Users\\Kaila\\AppData\\Roaming\\uTorrent\\uTorrent.exe (BitTorrent Inc.)

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\\Program Files\\Paltalk Messenger\\paltalk.exe (AVM Software Inc.)

O13 - gopher Prefix: missing




O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{15EAC838-19E9-4FA3-B6AC-CE7E9B30E965}: DhcpNameServer = 172.26.38.1 172.26.38.2

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{A81087B2-589B-456F-8D51-F5A5BADAE6F1}: DhcpNameServer = 192.168.1.1

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{B74E8B87-E008-4422-BD86-86D613D27F22}: DhcpNameServer = 192.168.1.1

O18 - Protocol\\Handler\\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\\Program Files\\Windows Live\\Messenger\\msgrapp.dll File not found

O18 - Protocol\\Handler\\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\\Program Files\\Windows Live\\Messenger\\msgrapp.dll File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\\Windows\\system32\\userinit.exe) - C:\\Windows\\System32\\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\\Windows\\System32\\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\\{c001a154-d848-11e0-b3a4-1c7508b345b6}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{c001a154-d848-11e0-b3a4-1c7508b345b6}\\Shell\\AutoRun\\command - \"\" = \"D:\\WD SmartWare.exe\" autoplay=true

O33 - MountPoints2\\{fed23421-ccaf-11e2-a2ff-889ffa0527f7}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{fed23421-ccaf-11e2-a2ff-889ffa0527f7}\\Shell\\AutoRun\\command - \"\" = D:\\MotoCastSetup.exe -a

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\\..comfile [open] -- \"%1\" %*

O35 - HKLM\\..exefile [open] -- \"%1\" %*

O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*

O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014/01/20 09:32:14 | 000,000,000 | ---D | C] -- C:\\Windows\\ERUNT

[2014/01/20 09:22:01 | 001,037,068 | ---- | C] (Thisisu) -- C:\\Users\\Kaila\\Desktop\\JRT.exe

[2014/01/19 11:01:42 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Elaborate Bytes

[2014/01/19 11:01:41 | 000,000,000 | ---D | C] -- C:\\Program Files\\Elaborate Bytes

[2014/01/18 12:20:34 | 000,000,000 | ---D | C] -- C:\\Program Files\\Hosts_Anti_Adwares_PUPs

[2014/01/17 20:38:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\Kaila\\Desktop\\OTL.exe

[2014/01/17 20:28:12 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Chrome Apps

[2014/01/17 19:48:32 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\\Windows\\System32\\javaws.exe

[2014/01/17 19:48:04 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\\Windows\\System32\\javaw.exe

[2014/01/17 19:48:04 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\\Windows\\System32\\java.exe

[2014/01/17 19:48:04 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\\Windows\\System32\\WindowsAccessBridge.dll

[2014/01/17 19:48:04 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Java

[2014/01/14 21:45:27 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\win32k.sys

[2014/01/14 21:45:24 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\drivers\\netio.sys

[2014/01/14 21:45:21 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\drivers\\usbport.sys

[2014/01/14 21:45:18 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\drivers\\usbd.sys

[2014/01/12 19:52:53 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\Desktop\\Movies

[2014/01/08 16:28:48 | 000,000,000 | ---D | C] -- C:\\Users\\Kaila\\Desktop\\Insanity Workout

[2013/12/31 22:07:34 | 000,000,000 | ---D | C] -- C:\\Program Files\\Mozilla Firefox

[2013/12/23 22:30:56 | 000,000,000 | ---D | C] -- C:\\Program Files\\ToniArts

[2013/12/23 22:30:54 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\EasyCleaner

[2013/12/23 21:59:23 | 000,000,000 | ---D | C] -- C:\\AdwCleaner

 

========== Files - Modified Within 30 Days ==========

 

[2014/01/20 11:09:02 | 000,000,908 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskUserS-1-5-21-2509488165-3742344647-2209741551-1000UA.job

[2014/01/20 11:03:03 | 000,000,928 | ---- | M] () -- C:\\Windows\\tasks\\FacebookUpdateTaskUserS-1-5-21-2509488165-3742344647-2209741551-1000UA.job

[2014/01/20 11:03:01 | 000,000,906 | ---- | M] () -- C:\\Windows\\tasks\\FacebookUpdateTaskUserS-1-5-21-2509488165-3742344647-2209741551-1000Core.job

[2014/01/20 10:28:01 | 000,000,830 | ---- | M] () -- C:\\Windows\\tasks\\Adobe Flash Player Updater.job

[2014/01/20 09:23:07 | 001,037,068 | ---- | M] (Thisisu) -- C:\\Users\\Kaila\\Desktop\\JRT.exe

[2014/01/20 09:14:36 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat

[2014/01/19 15:09:01 | 000,000,856 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskUserS-1-5-21-2509488165-3742344647-2209741551-1000Core.job

[2014/01/19 11:05:57 | 000,001,176 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Virtual CloneDrive.lnk

[2014/01/19 11:04:01 | 2561,570,792 | ---- | M] () -- C:\\Users\\Kaila\\Desktop\\X17-58996.iso

[2014/01/19 10:46:22 | 001,640,984 | ---- | M] () -- C:\\Users\\Kaila\\Desktop\\SetupVirtualCloneDrive5470.exe

[2014/01/19 10:29:53 | 000,009,696 | -H-- | M] () -- C:\\Windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/01/19 10:29:53 | 000,009,696 | -H-- | M] () -- C:\\Windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/01/19 10:21:20 | 000,000,350 | ---- | M] () -- C:\\Windows\\tasks\\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

[2014/01/19 10:21:03 | 000,039,784 | ---- | M] () -- C:\\Windows\\System32\\drivers\\etc\\hosts

[2014/01/19 10:20:39 | 796,729,344 | -HS- | M] () -- C:\\hiberfil.sys

[2014/01/18 12:03:16 | 001,236,282 | ---- | M] () -- C:\\Users\\Kaila\\Desktop\\adwcleaner.exe

[2014/01/17 20:38:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Kaila\\Desktop\\OTL.exe

[2014/01/17 20:27:10 | 000,002,326 | ---- | M] () -- C:\\Users\\Kaila\\Desktop\\Chrome App Launcher.lnk

[2014/01/17 16:02:03 | 000,259,112 | ---- | M] () -- C:\\Windows\\System32\\FNTCACHE.DAT

 

========== Files Created - No Company Name ==========

 

[2014/01/19 11:05:57 | 000,001,176 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Virtual CloneDrive.lnk

[2014/01/19 10:51:18 | 2561,570,792 | ---- | C] () -- C:\\Users\\Kaila\\Desktop\\X17-58996.iso

[2014/01/19 10:46:07 | 001,640,984 | ---- | C] () -- C:\\Users\\Kaila\\Desktop\\SetupVirtualCloneDrive5470.exe

[2014/01/18 12:02:22 | 001,236,282 | ---- | C] () -- C:\\Users\\Kaila\\Desktop\\adwcleaner.exe

[2014/01/17 20:27:10 | 000,002,326 | ---- | C] () -- C:\\Users\\Kaila\\Desktop\\Chrome App Launcher.lnk

[2013/12/20 19:14:29 | 000,180,248 | ---- | C] () -- C:\\Windows\\System32\\drivers\\aswVmm.sys

[2013/12/20 19:14:28 | 000,049,944 | ---- | C] () -- C:\\Windows\\System32\\drivers\\aswRvrt.sys

[2013/12/11 20:20:46 | 000,000,218 | ---- | C] () -- C:\\Users\\Kaila\\AppData\\Local\\recently-used.xbel

[2013/09/09 10:22:27 | 000,000,258 | RHS- | C] () -- C:\\Users\\Kaila\\ntuser.pol

[2013/01/18 19:54:27 | 000,001,415 | ---- | C] () -- C:\\Windows\\wininit.ini

[2012/06/12 18:47:43 | 000,007,598 | ---- | C] () -- C:\\Users\\Kaila\\AppData\\Local\\Resmon.ResmonCfg

 

========== ZeroAccess Check ==========

 

[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\\Windows\\assembly\\Desktop.ini

 

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

 

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32]

 

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

\"\" = %SystemRoot%\\system32\\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Apartment

 

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32]

\"\" = %systemroot%\\system32\\wbem\\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Free

 

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32]

\"\" = %systemroot%\\system32\\wbem\\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Both

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 119 bytes -> C:\\ProgramData\\TEMP:5C321E34

 

< End of report >
Logged

Offline x_breath_x

  • Jr. Member
  • **
  • Posts: 80
  • Karma: +0/-0
    • View Profile
nativemessaging on chrome
« Reply #5 on: January 20, 2014, 12:37:45 PM »

oh i didnt see the part about posting the adw log here whats the log going to be called? i closed it out earlier.


Logged

Offline x_breath_x

  • Jr. Member
  • **
  • Posts: 80
  • Karma: +0/-0
    • View Profile
nativemessaging on chrome
« Reply #6 on: January 20, 2014, 12:40:34 PM »
# AdwCleaner v3.016 - Report created 23/12/2013 at 21:59:59

# Updated 23/12/2013 by Xplode

# Operating System : Windows 7 Starter Service Pack 1 (32 bits)

# Username : Kaila - JOHN

# Running from : C:\\Users\\Kaila\\Downloads\\adwcleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

File Found : C:\\Users\\Kaila\\AppData\\Local\\funmoods-speeddial.crx

File Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Local Storage\\hxxp_app.mam.conduit.com_0.localstorage

File Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Local Storage\\hxxp_app.mam.conduit.com_0.localstorage-journal

File Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Local Storage\\hxxp_facebook.conduitapps.com_0.localstorage

File Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Local Storage\\hxxp_facebook.conduitapps.com_0.localstorage-journal

File Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\user data\\default\\local storage\\hxxp_pricegong.conduitapps.com_0.localstorage

File Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\user data\\default\\local storage\\hxxp_pricegong.conduitapps.com_0.localstorage-journal

File Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Local Storage\\hxxp_search.conduit.com_0.localstorage

File Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Local Storage\\hxxp_search.conduit.com_0.localstorage-journal

File Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Local Storage\\hxxp_storage.conduit.com_0.localstorage

File Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Local Storage\\hxxp_storage.conduit.com_0.localstorage-journal

File Found : C:\\Users\\Kaila\\AppData\\Local\\Temp\\Uninstall.exe

File Found : C:\\Windows\\System32\\Tasks\\BackgroundContainer Startup Task

Folder Found : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\cflheckfmhopnialghigdlggahiomebp

Folder Found C:\\Program Files\\AVG Secure Search

Folder Found C:\\Program Files\\Common Files\\AVG Secure Search

Folder Found C:\\Program Files\\Conduit

Folder Found C:\\Program Files\\Free Offers from Freeze.com

Folder Found C:\\Program Files\\Search Results Toolbar

Folder Found C:\\Program Files\\sweetpacks bundle uninstaller

Folder Found C:\\Program Files\\TidyNetwork

Folder Found C:\\Program Files\\uTorrentControl_v6

Folder Found C:\\Program Files\\Wajam

Folder Found C:\\Program Files\\Zoomex

Folder Found C:\\ProgramData\\apn

Folder Found C:\\ProgramData\\Ask

Folder Found C:\\ProgramData\\boost_interprocess

Folder Found C:\\ProgramData\\clsoft ltd

Folder Found C:\\ProgramData\\Conduit

Folder Found C:\\ProgramData\\Premium

Folder Found C:\\Users\\Kaila\\AppData\\Local\\Conduit

Folder Found C:\\Users\\Kaila\\AppData\\Local\\NativeMessaging

Folder Found C:\\Users\\Kaila\\AppData\\Local\\Searchprotect

Folder Found C:\\Users\\Kaila\\AppData\\Local\\strongvault

Folder Found C:\\Users\\Kaila\\AppData\\Local\\SwvUpdater

Folder Found C:\\Users\\Kaila\\AppData\\Local\\TidyNetwork

Folder Found C:\\Users\\Kaila\\AppData\\Local\\Wajam

Folder Found C:\\Users\\Kaila\\AppData\\Local\\WhiteListing

Folder Found C:\\Users\\Kaila\\AppData\\LocalLow\\Conduit

Folder Found C:\\Users\\Kaila\\AppData\\LocalLow\\ilividtoolbarguid

Folder Found C:\\Users\\Kaila\\AppData\\LocalLow\\searchresultstb

Folder Found C:\\Users\\Kaila\\AppData\\LocalLow\\uTorrentControl_v6

Folder Found C:\\Users\\Kaila\\AppData\\Roaming\\DefaultTab

Folder Found C:\\Users\\Kaila\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Wajam

Folder Found C:\\Users\\Kaila\\AppData\\Roaming\\OpenCandy

Folder Found C:\\Users\\Kaila\\Documents\\optimizer pro

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\\Software\\APN DTX

Key Found : HKCU\\Software\\APN PIP

Key Found : HKCU\\Software\\AppDataLow\\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Found : HKCU\\Software\\AppDataLow\\Software\\BackgroundContainer

Key Found : HKCU\\Software\\AppDataLow\\Software\\Conduit

Key Found : HKCU\\Software\\AppDataLow\\Software\\ConduitSearchScopes

Key Found : HKCU\\Software\\AppDataLow\\Software\\ilividtoolbarguid

Key Found : HKCU\\Software\\AppDataLow\\Software\\SmartBar

Key Found : HKCU\\Software\\AppDataLow\\Software\\uTorrentControl_v6

Key Found : HKCU\\Software\\AppDataLow\\SProtector

Key Found : HKCU\\Software\\AppDataLow\\Toolbar

Key Found : HKCU\\Software\\Google\\Chrome\\Extensions\\cflheckfmhopnialghigdlggahiomebp

Key Found : HKCU\\Software\\ilivid

Key Found : HKCU\\Software\\ilividtoolbarguid

Key Found : HKCU\\Software\\IM

Key Found : HKCU\\Software\\Imesh

Key Found : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Found : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}

Key Found : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{474597C5-AB09-49D6-A4D5-2E8D7341384E}

Key Found : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{96F454EA-9D38-474F-B504-56193E00C1A5}

Key Found : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{96F454EA-9D38-474F-B504-56193E00C1A5}

Key Found : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{DEDAF650-12B8-48F5-A843-BBA100716106}

Key Found : HKCU\\Software\\PrivitizeVPNInstallDates

Key Found : HKCU\\Software\\StartSearch

Key Found : HKCU\\Software\\visualbee

Key Found : HKCU\\Software\\Wajam

Key Found : HKLM\\Software\\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Found : HKLM\\Software\\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Found : HKLM\\Software\\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{72D89EBF-0C5D-4190-91FD-398E45F1D007}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\escort.DLL

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\escortApp.DLL

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\escortEng.DLL

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\escorTlbr.DLL

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\esrv.EXE

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\priam_bho.DLL

Key Found : HKLM\\SOFTWARE\\Classes\\AppID\\ScriptHelper.EXE

Key Found : HKLM\\SOFTWARE\\Classes\\Applications\\ilividsetup.exe

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{058F0E48-61CA-4964-9FBA-1978A1BB060D}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{18F33C35-8EF2-40D7-8BA4-932B0121B472}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{3BF72F68-72D8-461D-A884-329D936C5581}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{96F454EA-9D38-474F-B504-56193E00C1A5}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{CD90659F-D5B2-4104-9504-7CA36E6532DF}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Found : HKLM\\SOFTWARE\\Classes\\CLSID\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Found : HKLM\\SOFTWARE\\Classes\\Interface\\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Found : HKLM\\SOFTWARE\\Classes\\Toolbar.CT3289075

Key Found : HKLM\\SOFTWARE\\Classes\\TypeLib\\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Found : HKLM\\SOFTWARE\\Classes\\TypeLib\\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}

Key Found : HKLM\\SOFTWARE\\Classes\\TypeLib\\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Found : HKLM\\SOFTWARE\\Classes\\TypeLib\\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\\SOFTWARE\\Classes\\TypeLib\\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}

Key Found : HKLM\\SOFTWARE\\Classes\\wajam.WajamBHO

Key Found : HKLM\\SOFTWARE\\Classes\\wajam.WajamBHO.1

Key Found : HKLM\\SOFTWARE\\Classes\\wajam.WajamDownloader

Key Found : HKLM\\SOFTWARE\\Classes\\wajam.WajamDownloader.1

Key Found : HKLM\\Software\\Conduit

Key Found : HKLM\\Software\\DataMngr

Key Found : HKLM\\Software\\Default Tab

Key Found : HKLM\\Software\\DefaultTab

Key Found : HKLM\\Software\\Freeze.com

Key Found : HKLM\\SOFTWARE\\Google\\Chrome\\Extensions\\cflheckfmhopnialghigdlggahiomebp

Key Found : HKLM\\SOFTWARE\\Google\\Chrome\\Extensions\\jpmbfleldcgkldadpdinhjjopdfpjfjp

Key Found : HKLM\\SOFTWARE\\Google\\Chrome\\Extensions\\mkndcbhcgphcfkkddanakjiepeknbgle

Key Found : HKLM\\SOFTWARE\\Google\\Chrome\\Extensions\\ogccgbmabaphcakpiclgcnmcnimhokcj

Key Found : HKLM\\Software\\iLividSRTB

Key Found : HKLM\\Software\\InstallIQ

Key Found : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{40C4727E-CA10-431C-997A-7E5F3583984C}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{D4214893-FDA6-4492-B57C-F79ED236F3B9}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\SearchScopes\\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\SearchScopes\\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\SearchScopes\\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\adawarebp_rasapi32

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\adawarebp_rasmancs

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\ApnSetup_RASAPI32

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\ApnSetup_RASMANCS

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\au__rasapi32

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\au__rasmancs

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\BingBar_RASMANCS

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\iLivid_RASAPI32

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\iLivid_RASMANCS

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\iLividMediaBar_RASAPI32

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\iLividMediaBar_RASMANCS

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\iLividSetup_RASAPI32

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\iLividSetup_RASMANCS

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\privitizevpn_1_rasapi32

Key Found : HKLM\\SOFTWARE\\Microsoft\\Tracing\\privitizevpn_1_rasmancs

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\bitguard.exe

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\bprotect.exe

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\browserdefender.exe

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\browserprotect.exe

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Plain\\BackgroundContainer Startup Task

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{A47317B1-D902-43B8-BF89-D1F5ED2018BB}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{A47317B1-D902-43B8-BF89-D1F5ED2018BB}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{96F454EA-9D38-474F-B504-56193E00C1A5}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\PreApproved\\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\PreApproved\\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\PreApproved\\{CD90659F-D5B2-4104-9504-7CA36E6532DF}

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\PreApproved\\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Components\\08121C32A9C319F4CB0C11FF059552A4

Key Found : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Search Results Toolbar

Key Found : HKLM\\Software\\SearchProtect

Key Found : HKLM\\Software\\SP Global

Key Found : HKLM\\Software\\SProtector

Key Found : HKLM\\Software\\uTorrentControl_v6

Key Found : HKLM\\Software\\visualbee

Key Found : HKLM\\Software\\Wajam

Key Found : HKLM\\SYSTEM\\CurrentControlSet\\Services\\Eventlog\\Application\\WajamUpdater

Value Found : HKCU\\Software\\Microsoft\\Internet Explorer\\Main [Backup.old.Start Page]

Value Found : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{96F454EA-9D38-474F-B504-56193E00C1A5}]

Value Found : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

Value Found : HKCU\\Software\\Microsoft\\Internet Explorer\\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]

Value Found : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar [{96F454EA-9D38-474F-B504-56193E00C1A5}]

Value Found : HKLM\\SOFTWARE\\Mozilla\\Firefox\\Extensions [{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}]

Value Found : HKLM\\SYSTEM\\ControlSet001\\Control\\Session Manager\\AppCertDlls [x64]

Value Found : HKLM\\SYSTEM\\ControlSet002\\Control\\Session Manager\\AppCertDlls [x64]

Value Found : HKLM\\SYSTEM\\CurrentControlSet\\Control\\Session Manager\\AppCertDlls [x64]

 

***** [ Browsers ] *****

 

-\\\\ Internet Explorer v10.0.9200.16750

 



 

-\\\\ Google Chrome v

 

[ File : C:\\Users\\Kaila\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\preferences ]

 

Found : homepage

Found : search_url

Found : suggest_url

Found : keyword

Found : urls_to_restore_on_startup

Found : homepage

Found : search_url

Found : urls_to_restore_on_startup

Found : homepage

Found : search_url

Found : suggest_url

Found : urls_to_restore_on_startup

 

*************************

 

AdwCleaner[R0].txt - [17028 octets] - [23/12/2013 21:59:59]

 

########## EOF - C:\\AdwCleaner\\AdwCleaner[R0].txt - [17089 octets] ##########
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
nativemessaging on chrome
« Reply #7 on: January 24, 2014, 11:24:04 PM »

sorry for the delay


I noticed you may have installed a custom host file since we started, correct?


 


Also, I see remnants of AVG search plugin for browsers and McAfee


Do you need or have you installed them since we started?

Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline x_breath_x

  • Jr. Member
  • **
  • Posts: 80
  • Karma: +0/-0
    • View Profile
nativemessaging on chrome
« Reply #8 on: January 27, 2014, 06:20:50 PM »

the only thing ive installed was the things you told me to. i downloaded the avg one i didnt realise mcafee wasnt deleted yet.


Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
nativemessaging on chrome
« Reply #9 on: January 28, 2014, 09:22:22 PM »

I see a problem with the above logs, can you please do the following and follow the instructions exactly


Your AdwCleaner log shows you just did a scan and no Clean


 


Let\'s try the following:


Download and run the McAfee removal tool from here:


http://www.majorgeeks.com/files/details/mcafee_consumer_product_removal_tool.html\'>http://www.majorgeeks.com/files/details/mcafee_consumer_product_removal_tool.html


Follow all the prompts, ensure to reboot the computer afterwards


 


download http://www.majorgeeks.com/files/details/adwcleaner.html\'>AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.

  • Double click on AdwCleaner.exe to run the tool.

  • Click the Scan button and wait for the process to complete.

  • Click on the Clean button follow the prompts.

  • A log file will automatically open after the scan has finished and the PC has rebooted.

  • Please post the content of that log file with your next answer.

  • You can also find the log file at C:\\AdwCleaner

In addition:


Reopen OTL.exe and choose to Run a Scan, when done, post the log that opens>> OTL.txt

« Last Edit: January 28, 2014, 09:23:05 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: [1]
« previous next »