Inactive-A Virus and Malware removal

Status
Not open for further replies.
K

KenE06

Posts: 21   +0
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.9.2
Run by Ken at 0:26:39 on 2013-09-10
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.992 [GMT -7:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\ProgramData\Internet Helper Anti-phishing\internetHelper_antiphishing.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Wajam\Updater\WajamUpdater.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\SpeedItup Free\speeditupfree.exe
C:\Program Files\PC Optimizer Pro\StartApps.exe
C:\Program Files\MyPC Backup\MyPC Backup.exe
C:\Users\Ken\AppData\Local\Smartbar\Application\QuickShare.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60475
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: Dealio Toolbar: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\dealio toolbar\ie\7.4\dealioToolbarIE.dll
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: <No Name>: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - c:\program files\crawler\ctbr.dll
uURLSearchHooks: Vafmusic9 Toolbar: {845cab51-d8d2-472f-8bd9-2b44642d97c2} - c:\program files\vafmusic9\prxtbVafm.dll
mURLSearchHooks: Vafmusic9 Toolbar: {845cab51-d8d2-472f-8bd9-2b44642d97c2} - c:\program files\vafmusic9\prxtbVafm.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Dealio Toolbar: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\dealio toolbar\ie\7.4\dealioToolbarIE.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: <No Name>: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - c:\program files\crawler\ctbr.dll
BHO: DownloadTerms: {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - c:\users\ken\appdata\local\downloadterms\temp.dat
BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
BHO: Fast Search: {5AB7104A-B71F-49AD-9154-F7F8806AE848} - c:\program files\surf canyon\surfcanyon.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Vafmusic9 Toolbar: {845cab51-d8d2-472f-8bd9-2b44642d97c2} - c:\program files\vafmusic9\prxtbVafm.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.3.0.11\AVG Secure Search_toolbar.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - c:\program files\wajam\ie\priam_bho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\crawler\ctbr.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\crawler\ctbr.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.3.0.11\AVG Secure Search_toolbar.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Dealio Toolbar: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\dealio toolbar\ie\7.4\dealioToolbarIE.dll
TB: Vafmusic9 Toolbar: {845cab51-d8d2-472f-8bd9-2b44642d97c2} - c:\program files\vafmusic9\prxtbVafm.dll
TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
uRun: [TOSCDSPD] TOSCDSPD.EXE
uRun: [EPSON Stylus NX400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiega.exe /fu "c:\windows\temp\E_SD317.tmp" /EF "HKCU"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [EPSON Stylus NX200 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiefa.exe /fu "c:\windows\temp\E_S203D.tmp" /EF "HKCU"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Browser Infrastructure Helper] c:\users\ken\appdata\local\smartbar\application\QuickShare.exe startup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Skytel] Skytel.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Internet Helper Anti-phishing] "c:\programdata\internet helper anti-phishing\internetHelper_antiphishing.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [SpeetItUpFree] "c:\program files\speeditup free\speeditupfree.exe"
StartupFolder: c:\users\ken\appdata\roaming\micros~1\windows\startm~1\programs\startup\mypcba~1.lnk - c:\program files\mypc backup\MyPC Backup.exe
StartupFolder: c:\users\ken\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://acefitness.webex.com/client/T27LD/webex/ieatgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{1CDE79FD-158F-4725-BAB1-03BC596D9951} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\program files\crawler\ctbr.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.3.0\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~2\browse~1\261562~1.220\{c16c1~1\browse~1.dll c:\progra~1\google\google~1\goec62~1.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.66\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-7-10 39224]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2011-5-23 50296]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-11-25 37664]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2013-8-8 807800]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2013-7-25 1432080]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-9-9 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-9-9 701512]
R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-12-6 214896]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup 3.0\SymcPCCULaunchSvc.exe [2013-4-6 132504]
R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\norton pc checkup\engine\2.0.12.27\ccSvcHst.exe [2011-8-15 126392]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.3.0\ToolbarUpdater.exe [2013-6-26 1598128]
R2 WajamUpdater;WajamUpdater;c:\program files\wajam\updater\WajamUpdater.exe [2012-7-26 109064]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-18 7168]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-9-9 22856]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728]
R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2008-8-18 54136]
S2 BackupStack;Computer Backup (MyPC Backup);c:\program files\mypc backup\BackupStack.exe [2013-7-1 32808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca1150f16d6a40;Google Update Service (gupdate1ca1150f16d6a40);c:\program files\google\update\GoogleUpdate.exe [2009-7-30 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\enigma~1\spyhun~1\sh4ser~1.exe --> c:\progra~1\enigma~1\spyhun~1\SH4SER~1.EXE [?]
S3 EsgScanner;EsgScanner;c:\windows\system32\drivers\EsgScanner.sys [2012-6-22 19984]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-8-21 30192]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2010-7-8 20480]
S3 NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN);c:\windows\system32\drivers\nwusbmdm_000.sys [2010-7-8 176384]
S3 NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN);c:\windows\system32\drivers\nwusbser_000.sys [2010-7-8 176384]
S3 NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN);c:\windows\system32\drivers\nwusbser2_000.sys [2010-7-8 176384]
S3 SVRPEDRV;SVRPEDRV;c:\windows\system32\sysprep\PEDRV.SYS [2008-8-21 9216]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
.
=============== Created Last 30 ================
.
2013-09-10 07:23:02--------d-----w-c:\program files\FileOpenerPro
2013-09-10 07:21:23--------d-----w-c:\users\ken\appdata\local\Smartbar
2013-09-10 07:21:12--------d-----w-c:\program files\MyPC Backup
2013-09-10 07:20:41--------d-----w-c:\program files\PC Optimizer Pro
2013-09-10 07:19:25--------d-----w-c:\windows\SpeedItup Free
2013-09-10 07:19:24--------d-----w-c:\program files\SpeedItup Free
2013-09-10 07:17:47--------d-----w-c:\users\ken\appdata\local\Wajam
2013-09-10 07:17:45--------d-----w-c:\program files\Wajam
2013-09-09 07:08:14--------d-----w-c:\users\ken\appdata\roaming\Malwarebytes
2013-09-09 07:08:03--------d-----w-c:\programdata\Malwarebytes
2013-09-09 07:08:0122856----a-w-c:\windows\system32\drivers\mbam.sys
2013-09-09 07:08:01--------d-----w-c:\program files\Malwarebytes' Anti-Malware
2013-09-09 06:25:47110080----a-r-c:\users\ken\appdata\roaming\microsoft\installer\{865537e1-6490-4193-a4b6-669c62711852}\IconF7A21AF7.exe
2013-09-09 06:25:47110080----a-r-c:\users\ken\appdata\roaming\microsoft\installer\{865537e1-6490-4193-a4b6-669c62711852}\IconD7F16134.exe
2013-09-09 06:25:47110080----a-r-c:\users\ken\appdata\roaming\microsoft\installer\{865537e1-6490-4193-a4b6-669c62711852}\IconCF33A0CE.exe
2013-09-09 06:25:44--------d-----w-C:\sh4ldr
2013-09-09 06:25:18--------d-----w-c:\windows\865537E164904193A4B6669C62711852.TMP
2013-09-09 06:25:15--------d-----w-c:\program files\common files\Wise Installation Wizard
2013-09-09 01:06:34--------d-sh--w-C:\found.001
2013-08-29 14:03:04--------d-----w-c:\program files\Uninstaller
2013-08-29 03:42:33--------d-----w-c:\users\ken\appdata\local\Conduit
2013-08-29 03:42:33--------d-----w-c:\program files\Vafmusic9
2013-08-29 01:22:13--------d-----w-c:\users\ken\appdata\roaming\Optimizer Pro
2013-08-29 01:21:47--------d-----w-c:\program files\DefaultTab
2013-08-29 01:21:19--------d-----w-c:\program files\Optimizer Pro
2013-08-29 01:21:06--------d-----w-c:\users\ken\appdata\roaming\DefaultTab
2013-08-29 01:20:49--------d-----w-c:\users\ken\appdata\local\DownloadTerms
2013-08-29 01:10:321548288----a-w-c:\windows\system32\WMVDECOD.DLL
2013-08-29 00:59:00--------d-----w-c:\programdata\?????????????????????????????
2013-08-29 00:50:14--------d-----w-c:\program files\SearchProtect
2013-08-29 00:50:04--------d-----w-c:\users\ken\appdata\roaming\SearchProtect
2013-08-29 00:49:59--------d-----w-c:\program files\Conduit
2013-08-29 00:47:48--------d-----w-c:\users\ken\appdata\local\avgchrome
2013-08-29 00:47:48--------d-----w-c:\program files\LyriXeeker
2013-08-24 15:39:01--------d-----w-c:\windows\system32\Extensions
2013-08-24 15:39:00--------d-----w-c:\windows\system32\searchplugins
2013-08-24 15:38:43--------d-----w-c:\programdata\BrowserDefender
2013-08-24 15:38:05--------d-----w-c:\users\ken\appdata\roaming\PCFixSpeed
2013-08-24 15:38:05--------d-----w-c:\programdata\PCFixSpeed
2013-08-24 15:38:02--------d-----w-c:\program files\PCFixSpeed
2013-08-22 10:01:43--------d-----w-c:\windows\CheckSur
2013-08-21 14:59:09992768----a-w-c:\windows\system32\crypt32.dll
2013-08-21 14:59:0998304----a-w-c:\windows\system32\cryptnet.dll
2013-08-21 14:59:09172544----a-w-c:\windows\system32\wintrust.dll
2013-08-21 14:59:09133120----a-w-c:\windows\system32\cryptsvc.dll
2013-08-16 10:05:31--------d-----w-c:\windows\system32\MRT
2013-08-16 08:17:5624064----a-w-c:\windows\system32\drivers\tssecsrv.sys
2013-08-16 08:17:5615872----a-w-c:\windows\system32\icaapi.dll
2013-08-16 08:16:48905664----a-w-c:\windows\system32\drivers\tcpip.sys
2013-08-16 08:15:522048----a-w-c:\windows\system32\tzres.dll
2013-08-16 08:15:42783360----a-w-c:\windows\system32\rpcrt4.dll
2013-08-16 08:15:323603904----a-w-c:\windows\system32\ntkrnlpa.exe
2013-08-16 08:15:323551680----a-w-c:\windows\system32\ntoskrnl.exe
2013-08-16 08:15:321205168----a-w-c:\windows\system32\ntdll.dll
2013-08-16 08:06:24--------d-----w-c:\program files\Dealio Toolbar
2013-08-16 08:06:24--------d-----w-c:\program files\common files\Spigot
2013-08-16 08:06:24--------d-----w-c:\program files\Application Updater
2013-08-16 07:11:591427968----a-w-c:\windows\system32\inetcpl.cpl
2013-08-16 07:09:262049024----a-w-c:\windows\system32\win32k.sys
2013-08-16 07:09:08798208----a-w-c:\windows\system32\FntCache.dll
2013-08-16 07:09:08486400----a-w-c:\windows\system32\d3d10level9.dll
2013-08-16 07:09:08219648----a-w-c:\windows\system32\d3d10_1core.dll
2013-08-16 07:09:08189952----a-w-c:\windows\system32\d3d10core.dll
2013-08-16 07:09:081069056----a-w-c:\windows\system32\DWrite.dll
2013-08-16 07:09:07683008----a-w-c:\windows\system32\d2d1.dll
2013-08-16 07:09:07160768----a-w-c:\windows\system32\d3d10_1.dll
2013-08-16 07:09:071172480----a-w-c:\windows\system32\d3d10warp.dll
2013-08-16 07:09:071029120----a-w-c:\windows\system32\d3d10.dll
2013-08-16 07:09:05505344----a-w-c:\windows\system32\qedit.dll
2013-08-16 07:07:20936960----a-w-c:\program files\common files\microsoft shared\ink\journal.dll
2013-08-16 07:07:19983552----a-w-c:\program files\windows journal\JNTFiltr.dll
2013-08-16 07:07:19964608----a-w-c:\program files\windows journal\JNWDRV.dll
2013-08-16 07:07:191218048----a-w-c:\program files\windows journal\NBDoc.DLL
.
==================== Find3M ====================
.
2013-08-21 14:55:1471048----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-21 14:55:14692104----a-w-c:\windows\system32\FlashPlayerApp.exe
2013-07-25 02:32:351800704----a-w-c:\windows\system32\jscript9.dll
2013-07-25 02:26:101129472----a-w-c:\windows\system32\wininet.dll
2013-07-25 02:23:59142848----a-w-c:\windows\system32\ieUnatt.exe
2013-07-25 02:23:58420864----a-w-c:\windows\system32\vbscript.dll
2013-07-25 02:22:352382848----a-w-c:\windows\system32\mshtml.tlb
2013-07-20 08:51:00246072----a-w-c:\windows\system32\drivers\avglogx.sys
2013-07-20 08:50:5660216----a-w-c:\windows\system32\drivers\avgidshx.sys
2013-07-20 08:50:56208184----a-w-c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 08:50:50171320----a-w-c:\windows\system32\drivers\avgldx86.sys
2013-07-10 08:32:4039224----a-w-c:\windows\system32\drivers\avgrkx86.sys
2013-06-26 14:52:3037664----a-w-c:\windows\system32\drivers\avgtpx86.sys
.
============= FINISH: 0:28:44.16 ===============
 
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.09.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Ken :: KEN-PC [administrator]

Protection: Enabled

9/9/2013 12:11:00 AM
MBAM-log-2013-09-09 (00-38-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227998
Time elapsed: 19 minute(s), 27 second(s)

Memory Processes Detected: 10
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab.A) -> 2324 -> No action taken.
C:\Program Files\Optimizer Pro\OptProReminder.exe (PUP.Optional.OptimizerPro) -> 3156 -> No action taken.
C:\Program Files\Optimizer Pro\OptProSmartScan.exe (PUP.Optional.OptimizerPro) -> 3136 -> No action taken.
C:\Program Files\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> 2176 -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> 4656 -> No action taken.
C:\Program Files\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab) -> 2292 -> No action taken.
C:\Program Files\24x7Help\App24x7Help.exe (PUP.Optional.24x7) -> 6100 -> No action taken.
C:\Program Files\24x7Help\App24x7Hook.exe (PUP.Optional.24x7) -> 4468 -> No action taken.
C:\Program Files\24x7Help\App24x7Svc.exe (PUP.Optional.24x7) -> 1544 -> No action taken.
C:\Program Files\PCFixSpeed\PCFixTray.exe (PUP.Optional.PCFixSpeed) -> 6060 -> No action taken.

Memory Modules Detected: 9
C:\Program Files\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\24x7Help\App24x7Hook.dll (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.BabSolution.A) -> No action taken.

Registry Keys Detected: 86
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\CLSID\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} (PUP.PrivacySafeGuard) -> No action taken.
HKCR\TypeLib\{145310E3-18FA-41A9-BEE4-F830B08C6014} (PUP.PrivacySafeGuard) -> No action taken.
HKCR\Interface\{76348131-7ADF-4FE7-9047-529719D86186} (PUP.PrivacySafeGuard) -> No action taken.
HKCR\PrivacySafeGuard.BHO.1 (PUP.PrivacySafeGuard) -> No action taken.
HKCR\PrivacySafeGuard.BHO (PUP.PrivacySafeGuard) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} (PUP.PrivacySafeGuard) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} (PUP.PrivacySafeGuard) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} (PUP.PrivacySafeGuard) -> No action taken.
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> No action taken.
HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> No action taken.
HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> No action taken.
HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> No action taken.
HKCR\TypeLib\{EF96EDE0-E1F8-4EB2-956B-D54DF35335E4} (PUP.InfoAtoms) -> No action taken.
HKCR\Interface\{44C0ECF5-4AC6-4E39-8091-E57070F8945A} (PUP.InfoAtoms) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> No action taken.
HKCR\CLSID\{865D7100-82C7-42F4-9C06-860DEC0871B2} (PUP.Optional.24x7) -> No action taken.
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457} (PUP.Optional.SearchToolbar) -> No action taken.
HKCR\SearchToolbarLib.CSearchToolbarImpl.1 (PUP.Optional.SearchToolbar) -> No action taken.
HKCR\SearchToolbarLib.CSearchToolbarImpl (PUP.Optional.SearchToolbar) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457} (PUP.Optional.SearchToolbar) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D425283-D487-4337-BAB6-AB8354A81457} (PUP.Optional.SearchToolbar) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457} (PUP.Optional.SearchToolbar) -> No action taken.
HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX.1 (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\CLSID\{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF} (PUP.Optional.SavepathDeals) -> No action taken.
HKCR\TypeLib\{91E6F004-F9BB-4E4C-A023-94BA5E56DF8F} (PUP.Optional.SavepathDeals) -> No action taken.
HKCR\Interface\{95E0F85F-EFF1-49CC-A2BF-BBF6DAA7992C} (PUP.Optional.SavepathDeals) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF} (PUP.Optional.SavepathDeals) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF} (PUP.Optional.SavepathDeals) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF} (PUP.Optional.SavepathDeals) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 (PUP.Optional.OptimizerPro) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.SearchProtect.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabSearch (PUP.Optional.DefaultTab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome (PUP.Optional.DefaultTab) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\24x7HelpSvc (PUP.Optional.24x7) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1 (PUP.Optional.24x7) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F7B34B38-02A6-44D5-B8CC-06EB3B8ACFC9}_is1 (PUP.Optional.PCFixSpeed) -> No action taken.
HKCR\CrossriderApp0033254.BHO (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0033254.BHO.1 (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0033254.Sandbox (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0033254.Sandbox.1 (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\SavepathDeals.MyObjectWithSite (PUP.Optional.SavepathDeals) -> No action taken.
HKCR\SavepathDeals.MyObjectWithSite.1 (PUP.Optional.SavepathDeals) -> No action taken.
HKCR\AppID\DefaultTabBHO.DLL (PUP.Optional.DefaultTab.A) -> No action taken.
HKCU\SOFTWARE\24x7HELP (PUP.Optional.24x7) -> No action taken.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> No action taken.
HKCU\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> No action taken.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> No action taken.
HKCU\Software\PCFixSpeed (PUP.Optional.PCFixSpeed) -> No action taken.
HKCU\Software\AppDataLow\Software\DefaultTab (PUP.Optional.DefaultTab.A) -> No action taken.
HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> No action taken.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector) -> No action taken.
HKLM\SOFTWARE\24x7HELP (PUP.Optional.24x7) -> No action taken.
HKLM\SOFTWARE\PCFixSpeed (PUP.Optional.PCFixSpeed) -> No action taken.
HKLM\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311321154} (PUP.Optional.CrossRider) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110311321154} (PUP.Optional.CrossRider) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440344324454} (PUP.Optional.CrossRider) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550355325554} (PUP.Optional.CrossRider) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311321154} (PUP.Optional.CrossRider) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311321154} (PUP.Optional.CrossRider) -> No action taken.

Registry Values Detected: 14
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Optimizer Pro (PUP.Optional.OptimizePro.A) -> Data: C:\Program Files\Optimizer Pro\OptProLauncher.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{9D425283-D487-4337-BAB6-AB8354A81457} (PUP.Optional.SearchToolbar) -> Data: ƒRB‡Ô7Cº¶«ƒT¨W -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{9D425283-D487-4337-BAB6-AB8354A81457} (PUP.Optional.SearchToolbar) -> Data: Search Toolbar -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{9D425283-D487-4337-BAB6-AB8354A81457} (PUP.Optional.SearchToolbar) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9D425283-D487-4337-BAB6-AB8354A81457} (PUP.Optional.SearchToolbar) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtectAll (PUP.Optional.SearchProtect.A) -> Data: C:\Program Files\SearchProtect\bin\cltmng.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.SearchProtect.A) -> Data: C:\Users\Ken\AppData\Roaming\SearchProtect\bin\cltmng.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|24x7HELP (PUP.Optional.24x7) -> Data: "C:\Program Files\24x7Help\App24x7Help.exe" /STARTUP -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|PCFixSpeed (PUP.Optional.PCFixSpeed) -> Data: "C:\Program Files\PCFixSpeed\PCFixTray.exe" /startup -> No action taken.
HKCU\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.2.16.0 -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://www1.delta-search.com/?babsr...E6513A5E0&affID=119351&tt=050412_30b&tsp=4984 -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> No action taken.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0L1N1H2O1S -> No action taken.
HKLM\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.2.16.0 -> No action taken.

Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.OptimizerPro) -> Bad: (c:\progra~1\optimi~1\optpro~1.dll) Good: () -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Bad: (http://search.conduit.com?SearchSource=10&CUI=UN25385727462057252&UM=2&ctid=CT3303002) Good: (http://www.google.com) -> No action taken.

Folders Detected: 51
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken.
C:\Program Files\Optimizer Pro (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\LyriXeeker (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\DefaultTab (PUP.Optional.DefaultTab) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin (PUP.Optional.24x7) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help (PUP.Optional.24x7) -> No action taken.
C:\Program Files\24x7Help (PUP.Optional.24x7) -> No action taken.
C:\Program Files\24x7Help\Update (PUP.Optional.24x7) -> No action taken.
C:\ProgramData\PCFixSpeed (PUP.Optional.PCFixSpeed) -> No action taken.
C:\ProgramData\PCFixSpeed\Backup (PUP.Optional.PCFixSpeed) -> No action taken.
C:\ProgramData\PCFixSpeed\Startup (PUP.Optional.PCFixSpeed) -> No action taken.
C:\ProgramData\PCFixSpeed\Translate (PUP.Optional.PCFixSpeed) -> No action taken.
C:\Program Files\PCFixSpeed (PUP.Optional.PCFixSpeed) -> No action taken.
C:\Program Files\PCFixSpeed\Update (PUP.Optional.PCFixSpeed) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed (PUP.Optional.PCFixSpeed) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D} (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\Cache (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> No action taken.

Files Detected: 256
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Program Files\Optimizer Pro\OptProLauncher.exe (PUP.Optional.OptimizePro.A) -> No action taken.
C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll (PUP.PrivacySafeGuard) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> No action taken.
C:\Program Files\InfoAtoms\IE32\InfoAtomsClientIE.dll (PUP.InfoAtoms) -> No action taken.
C:\Program Files\24x7Help\24x7desk.dll (PUP.Optional.24x7) -> No action taken.
C:\Program Files\Search Toolbar\SearchToolbar.dll (PUP.Optional.SearchToolbar) -> No action taken.
C:\Program Files\Savepath Deals\SavepathDeals.dll (PUP.Optional.SavepathDeals) -> No action taken.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe (PUP.Optional.DefaultTab) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe (PUP.Optional.DefaultTab) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll (PUP.Optional.DefaultTab) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll (PUP.Optional.DefaultTab) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\LyricsMonkey_1060-1053_v120.exe (PUP.Optional.LyricsAd) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\MixiCND_CID2_20130716.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\checktbexist.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\ct3298566\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\ct3298566\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\ct3298566\spch.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\ct3298566\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\ct3303002\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\ct3303002\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\ct3303002\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\ct3303002\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\ct3303002\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2013.exe\b218576a20e0496e8f41097e3623a785\eAVG-Anti-Virus-Free-Edition-2013.exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2013.exe\b218576a20e0496e8f41097e3623a785\installer.exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2013.exe\b218576a20e0496e8f41097e3623a785\setup__120.exe (PUP.Optional.Amonetize.AS) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2013.exe\b218576a20e0496e8f41097e3623a785\software\Addlyrics.exe (PUP.AddLyrics) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2013.exe\b218576a20e0496e8f41097e3623a785\software\DefaultTabSetup.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Ken\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2013.exe\b218576a20e0496e8f41097e3623a785\software\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> No action taken.
C:\Windows\Temp\Optimizer_Pro.exe (PUP.Optional.PCOptimizerPro) -> No action taken.
C:\Users\Ken\Downloads\finalmediaplayer.exe (Trojan.InstallIQ) -> No action taken.
C:\Users\Ken\Downloads\FlashPlayerSetup__3143_i61239069_il430345.exe (PUP.Optional.Amonetize) -> No action taken.
C:\Users\Ken\Downloads\AVG-Anti-Virus-Free-Edition-2013.exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Ken\Local Settings\Temporary Internet Files\Content.IE5\1JGPYGFN\stublogic[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\Local Settings\Temporary Internet Files\Content.IE5\1JGPYGFN\Vafmusic9_wpf[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\Local Settings\Temporary Internet Files\Content.IE5\POZKBQ8F\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\Local Settings\Temporary Internet Files\Content.IE5\POZKBQ8F\Vafmusic9[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\Local Settings\Temporary Internet Files\Content.IE5\X1OFU12I\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.cfg (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\addon.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabUninstaller.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\DT.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\searchhere.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
C:\Program Files\Optimizer Pro\OptimizerPro.chm (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\English.ini (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\file_id.diz (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\HomePage.url (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\OptimizerPro.exe (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\OptProCrash.dll (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\OptProGuard.exe (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\OptProReminder.exe (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\OptProSchedule.exe (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\OptProSmartScan.exe (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\OptProStart.exe (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\OptProUninstaller.exe (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\scan.gif (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\sqlite3.dll (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\unins000.dat (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\Optimizer Pro\unins000.exe (PUP.Optional.OptimizerPro) -> No action taken.
C:\Program Files\LyriXeeker\chrome.manifest (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\00.crx (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\00.xpi (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\01.crx (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\01.xpi (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\02.crx (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\02.xpi (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\130.crx (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\130.dat (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\130.xpi (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\crx.dat (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\crx.db (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\xpi.dat (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\LyriXeeker\xpi.db (PUP.Optional.Lyrixeeker) -> No action taken.
C:\Program Files\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\popupTransparent.xul (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\EN (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\SearchProtect\Res\SPSetup.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\DefaultTab\DefaultTab.crx (PUP.Optional.DefaultTab) -> No action taken.
C:\Program Files\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab) -> No action taken.
C:\Program Files\DefaultTab\uid (PUP.Optional.DefaultTab) -> No action taken.
C:\Program Files\DefaultTab\uninstaller.exe (PUP.Optional.DefaultTab) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Optimizer Pro on the Web.lnk (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Help.lnk (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Optimizer Pro.lnk (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Uninstall Optimizer Pro.lnk (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\bubble.xml (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\HotInactiveTabRight.bmp (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7bubble_Left.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7bubble_Right.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7bubble_X00.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7bubble_X01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7bubble_X02.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7Dark001_SettingsActive.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7Dark001_SettingsBack.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7Dark001_SettingsHover.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7Dark_NoTabs_Back00.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7Dark_NoTabs_PhoneIcon.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7logoNew_dark01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7man_dark01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\24x7_UploaderDark01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\ArrowSmall.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\ArrowSmallHot.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Hardware_Icon.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\HotInactiveTabLeft.bmp (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\MainImg_SettingsDark01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Navigation_HomeIcon00_Dark01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Navigation_HomeIcon01_Dark01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Navigation_SettingsIcon00_Dark01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Navigation_SettingsIcon01_Dark01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\OK_IconGreen01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\PeriodicSystemCheckBubble.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Phones_Icon.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\PushedInactiveTabLeft.bmp (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\PushedInactiveTabRight.bmp (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Security_Icon.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\skin.xml (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Software_Icon.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\SupportCheck01_arrow00.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\SupportCheck01_arrow01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Warning_Icon01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Warning_IconOrange01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\Warning_IconRed01.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\WhiteTabLeft.png (PUP.Optional.24x7) -> No action taken.
C:\Users\Ken\AppData\Roaming\24x7 Help\skin\WhiteTabRight.png (PUP.Optional.24x7) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help\24x7 Help.lnk (PUP.Optional.24x7) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help\24x7Help.org.url (PUP.Optional.24x7) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help\Uninstall 24x7 Help.lnk (PUP.Optional.24x7) -> No action taken.
C:\Program Files\24x7Help\unins000.dat (PUP.Optional.24x7) -> No action taken.
C:\Program Files\24x7Help\24x7desk.64.dll (PUP.Optional.24x7) -> No action taken.
C:\Program Files\24x7Help\App24x7Help.exe (PUP.Optional.24x7) -> No action taken.
C:\Program Files\24x7Help\App24x7Hook.dll (PUP.Optional.24x7) -> No action taken.
C:\Program Files\24x7Help\App24x7Hook.exe (PUP.Optional.24x7) -> No action taken.
C:\Program Files\24x7Help\App24x7Svc.exe (PUP.Optional.24x7) -> No action taken.
C:\Program Files\24x7Help\unins000.exe (PUP.Optional.24x7) -> No action taken.
C:\Program Files\24x7Help\unins000.msg (PUP.Optional.24x7) -> No action taken.
C:\Users\Public\Desktop\24x7 Help.lnk (PUP.Optional.24x7) -> No action taken.
C:\ProgramData\PCFixSpeed\addons.xml (PUP.Optional.PCFixSpeed) -> No action taken.
C:\ProgramData\PCFixSpeed\Translate\lng.ini (PUP.Optional.PCFixSpeed) -> No action taken.
C:\Program Files\PCFixSpeed\PCFixSpeed.exe (PUP.Optional.PCFixSpeed) -> No action taken.
C:\Program Files\PCFixSpeed\PCFixTray.exe (PUP.Optional.PCFixSpeed) -> No action taken.
C:\Program Files\PCFixSpeed\unins000.dat (PUP.Optional.PCFixSpeed) -> No action taken.
C:\Program Files\PCFixSpeed\unins000.exe (PUP.Optional.PCFixSpeed) -> No action taken.
C:\Program Files\PCFixSpeed\unins000.msg (PUP.Optional.PCFixSpeed) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed\PC Fix Speed.lnk (PUP.Optional.PCFixSpeed) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed\PCFixSpeed.com.url (PUP.Optional.PCFixSpeed) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed\Uninstall PC Fix Speed.lnk (PUP.Optional.PCFixSpeed) -> No action taken.
C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data (PUP.Optional.BProtector) -> No action taken.
C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences (PUP.Optional.BProtector) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\Setup.dat (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\Setup.ico (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\_Setup.dll (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\_Setupx.dll (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\Ken\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.BabSolution.A) -> No action taken.
C:\Program Files\Safe Saver\Safe Saver-bho.dll (PUP.Optional.CrossRider) -> No action taken.

(end)
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

redtarget.gif
Your MBAM log says "No action taken".
Re-run MBAM, fix all issues and post new log.

redtarget.gif
Attach.txt log from DDS is missing.
 
Now it says Microsoft visual c ++ runtime library

"This application has requested the runtime to terminate it in an unusual way. Please contact the applications support team for more info"
 
Turn the computer off.
Wait 1 minute.
Restart.
If normal mode doesn't work try safe mode.
 
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-09-2013
Ran by Ken (administrator) on KEN-PC on 12-09-2013 21:07:08
Running from C:\Users\Ken\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6037504 2008-04-08] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [Camera Assistant Software] - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [417792 2008-04-29] (Chicony)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-02-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [505720 2008-06-02] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [716800 2008-05-09] (TOSHIBA Corporation)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [cfFncEnabler.exe] - cfFncEnabler.exe
HKLM\...\Run: [ToshibaServiceStation] - C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-10] (Google)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2314416 2013-08-15] ()
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [887976 2011-08-23] (Ask)
HKLM\...\Run: [Internet Helper Anti-phishing] - C:\ProgramData\Internet Helper Anti-phishing\internetHelper_antiphishing.exe [235072 2013-05-14] (Internet Helper)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1303360 2013-08-08] (Spigot, Inc.)
HKLM\...\Run: [SpeetItUpFree] - "C:\Program Files\SpeedItup Free\speeditupfree.exe"
HKLM\...\Runonce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
HKCU\...\Run: [TOSCDSPD] - TOSCDSPD.EXE
HKCU\...\Run: [EPSON Stylus NX400 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGA.EXE /FU "C:\Windows\TEMP\E_SD317.tmp" /EF "HKCU"
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKCU\...\Run: [EPSON Stylus NX200 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEFA.EXE /FU "C:\Windows\TEMP\E_S203D.tmp" /EF "HKCU"
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-06-14] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
MountPoints2: {19ab0905-3e9b-11e2-84b1-001e33cac5c2} - G:\setup.exe -a
MountPoints2: {5db376ad-5977-11de-841e-806e6f6e6963} - D:\setup.exe
MountPoints2: {e8443791-7d36-11de-b693-001e6513a5e0} - E:\setupSNK.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2008-04-24] (TOSHIBA)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2008-04-24] (TOSHIBA)
Startup: C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60475
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.facebook.com/
http://www.weather.com/weather/today/USCO0166
https://login.yahoo.com/config/login_verify2?&.src=ym
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.mesastate.edu/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
URLSearchHook: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\7.4\dealioToolbarIE.dll (Spigot, Inc.)
URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: (No Name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll (Crawler.com)
URLSearchHook: Vafmusic9 Toolbar - {845cab51-d8d2-472f-8bd9-2b44642d97c2} - C:\Program Files\Vafmusic9\prxtbVafm.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {43C8D9B3-5EA0-4FC3-955E-E0B1EACCD510} URL =
SearchScopes: HKCU - DefaultScope B817D64D75A344939D0EC2376F752866 URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=616163&p={searchTerms}
SearchScopes: HKCU - B817D64D75A344939D0EC2376F752866 URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=616163&p={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={se...E6513A5E0&affID=119351&tt=050412_30b&tsp=4984
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60475
SearchScopes: HKCU - {43C8D9B3-5EA0-4FC3-955E-E0B1EACCD510} URL = http://search.conduit.com/ResultsEx...4&ctid=CT3303002&CUI=UN25385727462057252&UM=2
SearchScopes: HKCU - {5CDFBFB5-3310-4E24-A0EF-88EE5F41D126} URL = http://websearch.ask.com/redirect?c...n_sauid=7F57D346-7DB5-46B4-8397-7FF46A1F2944&
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=RJf7psB3XksFDQruy8TSMM4gSmU?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={...c77cc739caf&lang=en&ds=AVG&pr=pr&d=2012-01-15 11:04:49&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {EBCA0730-8DD4-4A4D-B413-42C5DA9A6674} URL = http://www.bing.com/search?FORM=U002DF&PC=U002&dt=070413&q={searchTerms}&src=IE-SearchBox
BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\7.4\dealioToolbarIE.dll (Spigot, Inc.)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll (Crawler.com)
BHO: DownloadTerms - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Ken\AppData\Local\DownloadTerms\temp.dat ()
BHO: Fast Search - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Vafmusic9 Toolbar - {845cab51-d8d2-472f-8bd9-2b44642d97c2} - C:\Program Files\Vafmusic9\prxtbVafm.dll (Conduit Ltd.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll (Crawler.com)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\7.4\dealioToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM - Vafmusic9 Toolbar - {845cab51-d8d2-472f-8bd9-2b44642d97c2} - C:\Program Files\Vafmusic9\prxtbVafm.dll (Conduit Ltd.)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU -&Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll (Crawler.com)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://acefitness.webex.com/client/T27LD/webex/ieatgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll (Crawler.com)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3303002&SearchSource=48&CUI=UN29056762622737770&UM=2
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3303002&SearchSource=48&CUI=UN29056762622737770&UM=2"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Wajam) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.23_0\plugins/PriamNPAPI.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Ken\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Ken\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (QuickShare Widget) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0
CHR Extension: (Savepath Deals) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedjehmkhkgidfpdcninflgnnbcglmkd\1.0_0
CHR Extension: (MixiDJ V30) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.19.2.505_0
CHR Extension: (InfoAtoms) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk\1.5.0.0_0
CHR Extension: (Wajam) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0
CHR Extension: (Safe Saver) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehnejgknjfgfdmijlaloodhdgnbgdgn\1.24.64_1
CHR Extension: (AVG Security Toolbar) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.3.0.11_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_1
CHR Extension: (InternetHelper3) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjnnnhampgflieglcelomcofocioegp\10.19.2.505_0
CHR HKLM\...\Chrome\Extension: [epojlgbehpaeekopencdagbdamnkppci] - C:\Program Files\LyriXeeker\130.crx
CHR HKLM\...\Chrome\Extension: [fdkednngfjmpnljkolbapdednncafhen] - C:\Users\Ken\AppData\Local\CRE\fdkednngfjmpnljkolbapdednncafhen.crx
CHR HKLM\...\Chrome\Extension: [geggofhlfbcmanadhknllmlajiafopoh] - C:\Program Files\PrivacySafeGuard\pschrome_adk-c1_1_0.crx
CHR HKLM\...\Chrome\Extension: [hhbgpoakplhahbklhkcfbpicgjcaoglk] - C:\Program Files\InfoAtoms\Chrome\InfoAtoms.crx
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Ken\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx
CHR HKLM\...\Chrome\Extension: [loegdibholggdjoefldpbnblblaligim] - C:\Program Files\Consumer Input\Chrome\cicr-3.1.0-2123.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.3.0.11\avg.crx
CHR HKLM\...\Chrome\Extension: [pnjnnnhampgflieglcelomcofocioegp] - C:\Users\Ken\AppData\Local\CRE\pnjnnnhampgflieglcelomcofocioegp.crx

========================== Services (Whitelisted) =================

S2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-08-08] (Spigot, Inc.)
S2 avgfws; C:\Program Files\AVG\AVG2013\avgfws.exe [1432080 2013-07-25] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [32808 2013-07-01] (Just Develop It)
S2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2008-04-17] (TOSHIBA CORPORATION)
S3 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [164600 2008-05-28] (WildTangent, Inc.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-10] (Google)
S2 gupdate1ca1150f16d6a40; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-07-30] (Google Inc.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
S2 Norton PC Checkup Application Launcher; C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-26] (Symantec Corporation)
S2 PCCUJobMgr; C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\diMaster.dll [132984 2011-05-03] (Symantec Corporation)
S3 SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [73728 2008-04-24] (Toshiba)
S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [54136 2011-02-11] (TOSHIBA Corporation)
S2 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation)
S2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
S2 vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-06-26] (AVG Secure Search)
S2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]

==================== Drivers (Whitelisted) ====================

R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-03-01] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-07-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-06-26] (AVG Technologies)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-10] (Microsoft Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NWUSBCDFIL; C:\Windows\System32\DRIVERS\NwUsbCdFil.sys [20480 2010-07-08] (Novatel Wireless Inc.)
S3 NWUSBModem_000; C:\Windows\System32\DRIVERS\nwusbmdm_000.sys [176384 2010-07-08] (Novatel Wireless Inc.)
S3 NWUSBPort2_000; C:\Windows\System32\DRIVERS\nwusbser2_000.sys [176384 2010-07-08] (Novatel Wireless Inc.)
S3 NWUSBPort_000; C:\Windows\System32\DRIVERS\nwusbser_000.sys [176384 2010-07-08] (Novatel Wireless Inc.)
S3 SVRPEDRV; C:\Windows\System32\sysprep\PEDrv.sys [9216 2008-01-18] (Inventec Corporation)
S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x]
S3 IO_Memory; \??\C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 motmodem; system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-12 21:06 - 2013-09-12 21:06 - 01082459 _____ (Farbar) C:\Users\Ken\Downloads\FRST.exe
2013-09-12 21:06 - 2013-09-12 21:06 - 00000000 ____D C:\FRST
2013-09-12 21:03 - 2013-09-12 21:03 - 00000256 _____ C:\Windows\Tasks\TopArcadeHits.job
2013-09-12 21:03 - 2013-09-12 21:03 - 00000000 ____D C:\Users\Ken\AppData\Local\TopArcadeHits
2013-09-12 21:02 - 2013-09-12 21:02 - 01095320 _____ (AppEnabler) C:\Users\Ken\Downloads\Setup (3).exe
2013-09-12 21:01 - 2013-09-12 21:01 - 01095320 _____ (AppEnabler) C:\Users\Ken\Downloads\setup (2).exe
2013-09-11 23:27 - 2013-09-12 16:40 - 00006154 _____ C:\Users\Ken\Desktop\avgrep.txt
2013-09-10 01:04 - 2013-09-10 01:04 - 00000046 _____ C:\Users\Ken\AppData\Roaming\mbam.context.scan
2013-09-10 00:50 - 2013-09-11 07:51 - 00000434 _____ C:\Windows\Tasks\PC Optimizer Pro Updates.job
2013-09-10 00:50 - 2013-09-11 07:51 - 00000432 _____ C:\Windows\Tasks\PC Optimizer Pro Idle.job
2013-09-10 00:50 - 2013-09-10 21:31 - 00000406 _____ C:\Windows\Tasks\PC Optimizer Pro startups.job
2013-09-10 00:50 - 2013-09-10 21:29 - 00000402 _____ C:\Windows\Tasks\PC Optimizer Pro Scan.job
2013-09-10 00:25 - 2013-09-10 00:25 - 00688992 ____R (Swearware) C:\Users\Ken\Downloads\dds.com
2013-09-10 00:23 - 2013-09-10 00:23 - 00000000 ____D C:\Program Files\FileOpenerPro
2013-09-10 00:21 - 2013-09-10 21:32 - 00000000 ____D C:\Program Files\MyPC Backup
2013-09-10 00:21 - 2013-09-10 00:21 - 00000895 _____ C:\Users\Ken\Desktop\MyPC Backup.lnk
2013-09-10 00:21 - 2013-09-10 00:21 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-09-10 00:20 - 2013-09-10 00:20 - 00000901 _____ C:\Users\Public\Desktop\PC Optimizer Pro.lnk
2013-09-10 00:19 - 2013-09-11 21:43 - 00000000 ____D C:\Program Files\SpeedItup Free
2013-09-10 00:17 - 2013-09-10 00:17 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-09-10 00:17 - 2013-09-10 00:17 - 00000000 ____D C:\Users\Ken\AppData\Local\Wajam
2013-09-09 00:08 - 2013-09-09 01:13 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-09 00:08 - 2013-09-09 00:14 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-09 00:08 - 2013-09-09 00:08 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Malwarebytes
2013-09-09 00:08 - 2013-09-09 00:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-09 00:08 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-09 00:05 - 2013-09-09 00:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ken\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-08 23:25 - 2013-09-08 23:25 - 00000000 ____D C:\Windows\865537E164904193A4B6669C62711852.TMP
2013-09-08 23:25 - 2013-09-08 23:25 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-09-08 23:25 - 2013-09-08 23:25 - 00000000 ____D C:\sh4ldr
2013-09-08 23:25 - 2013-09-08 23:25 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-09-08 18:09 - 2013-09-12 20:41 - 00305120 _____ C:\Windows\PFRO.log
2013-09-08 18:06 - 2013-09-08 18:06 - 00000000 __SHD C:\found.001
2013-09-08 04:05 - 2013-09-08 04:05 - 00000000 _____ C:\Windows\system32\spsys.log
2013-08-28 20:42 - 2013-08-28 20:42 - 00000000 ____D C:\Users\Ken\AppData\Local\Conduit
2013-08-28 20:42 - 2013-08-28 20:42 - 00000000 ____D C:\Program Files\Vafmusic9
2013-08-28 18:22 - 2013-08-28 18:22 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Optimizer Pro
2013-08-28 18:21 - 2013-09-09 00:42 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-08-28 18:21 - 2013-09-09 00:42 - 00000000 ____D C:\Program Files\DefaultTab
2013-08-28 18:21 - 2013-08-28 18:21 - 00000870 _____ C:\Users\Ken\Desktop\Optimizer Pro.lnk
2013-08-28 18:21 - 2013-08-28 18:21 - 00000258 __RSH C:\Users\Ken\ntuser.pol
2013-08-28 18:21 - 2013-08-28 18:21 - 00000000 ____D C:\Users\Ken\AppData\Roaming\DefaultTab
2013-08-28 18:20 - 2013-08-28 18:21 - 00000000 ____D C:\Users\Ken\AppData\Local\DownloadTerms
2013-08-28 18:10 - 2013-08-01 21:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-28 17:59 - 2013-08-28 17:59 - 00000000 ____D C:\ProgramData\䒀ĕ䉀ĕ浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-08-28 17:50 - 2013-08-28 17:50 - 00000000 ____D C:\Users\Ken\AppData\Roaming\SearchProtect
2013-08-28 17:50 - 2013-08-28 17:50 - 00000000 ____D C:\Program Files\SearchProtect
2013-08-28 17:49 - 2013-08-28 20:42 - 00000000 ____D C:\Program Files\Conduit
2013-08-28 17:47 - 2013-09-09 00:42 - 00000000 ____D C:\Program Files\LyriXeeker
2013-08-28 17:47 - 2013-08-28 17:47 - 00000000 ____D C:\Users\Ken\AppData\Local\avgchrome
2013-08-24 08:39 - 2013-08-28 17:47 - 00000000 ____D C:\Windows\system32\Extensions
2013-08-24 08:39 - 2013-08-24 08:39 - 00000000 ____D C:\Windows\system32\searchplugins
2013-08-24 08:39 - 2013-08-24 08:39 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-24 08:38 - 2013-09-09 01:07 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-24 08:38 - 2013-09-09 00:42 - 00000000 ____D C:\ProgramData\PCFixSpeed
2013-08-24 08:38 - 2013-09-09 00:42 - 00000000 ____D C:\Program Files\PCFixSpeed
2013-08-24 08:38 - 2013-08-24 08:39 - 00000000 ____D C:\Users\Ken\AppData\Roaming\PCFixSpeed
2013-08-24 08:38 - 2013-08-24 08:38 - 00000783 _____ C:\Users\Public\Desktop\Optimize Your PC.lnk
2013-08-24 08:37 - 2013-08-24 08:37 - 04429440 _____ (Piriform Ltd) C:\Users\Ken\Downloads\CCleanerSetup.exe
2013-08-24 08:37 - 2013-08-24 08:37 - 00000947 _____ C:\Users\Ken\Desktop\Continue CCleaner Free Download Installation.lnk
2013-08-22 03:01 - 2013-08-22 03:01 - 00000000 ____D C:\Windows\CheckSur
2013-08-21 07:59 - 2013-07-07 21:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-21 07:59 - 2013-07-07 21:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-21 07:59 - 2013-07-07 21:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-21 07:59 - 2013-07-07 21:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-16 03:05 - 2013-08-16 03:09 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 01:53 - 2013-08-16 01:53 - 00002084 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-16 01:17 - 2013-06-15 06:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-16 01:17 - 2013-06-15 04:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-16 01:16 - 2013-07-04 21:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-16 01:15 - 2013-07-17 12:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-16 01:15 - 2013-07-10 02:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-16 01:15 - 2013-07-09 05:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-16 01:15 - 2013-07-07 21:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-16 01:15 - 2013-07-07 21:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-16 01:06 - 2013-08-16 01:06 - 00000000 ____D C:\Program Files\Dealio Toolbar
2013-08-16 01:06 - 2013-08-16 01:06 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-08-16 01:06 - 2013-08-16 01:06 - 00000000 ____D C:\Program Files\Application Updater
2013-08-16 00:12 - 2013-07-24 19:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 00:12 - 2013-07-24 19:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 00:12 - 2013-07-24 19:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 00:12 - 2013-07-24 19:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-16 00:12 - 2013-07-24 19:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 00:12 - 2013-07-24 19:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 00:12 - 2013-07-24 19:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 00:12 - 2013-07-24 19:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 00:12 - 2013-07-24 19:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-16 00:12 - 2013-07-24 19:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-16 00:12 - 2013-07-24 19:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 00:12 - 2013-07-24 19:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 00:12 - 2013-07-24 19:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-16 00:11 - 2013-07-24 19:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 00:11 - 2013-07-24 19:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 00:11 - 2013-07-24 19:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-16 00:09 - 2013-06-03 18:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-08-16 00:09 - 2013-05-31 21:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-08-16 00:09 - 2013-04-17 04:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-08-16 00:09 - 2013-04-17 04:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-08-16 00:09 - 2013-04-17 04:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-08-16 00:09 - 2013-04-17 04:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-08-16 00:09 - 2013-04-17 03:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-08-16 00:09 - 2013-04-17 03:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-08-16 00:09 - 2013-04-17 03:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-08-16 00:09 - 2013-04-17 03:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-08-16 00:09 - 2013-04-17 03:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

==================== One Month Modified Files and Folders =======

2013-09-12 21:06 - 2013-09-12 21:06 - 01082459 _____ (Farbar) C:\Users\Ken\Downloads\FRST.exe
2013-09-12 21:06 - 2013-09-12 21:06 - 00000000 ____D C:\FRST
2013-09-12 21:03 - 2013-09-12 21:03 - 00000256 _____ C:\Windows\Tasks\TopArcadeHits.job
2013-09-12 21:03 - 2013-09-12 21:03 - 00000000 ____D C:\Users\Ken\AppData\Local\TopArcadeHits
2013-09-12 21:02 - 2013-09-12 21:02 - 01095320 _____ (AppEnabler) C:\Users\Ken\Downloads\Setup (3).exe
2013-09-12 21:01 - 2013-09-12 21:01 - 01095320 _____ (AppEnabler) C:\Users\Ken\Downloads\setup (2).exe
2013-09-12 20:47 - 2013-02-18 09:56 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-12 20:46 - 2012-01-15 11:48 - 00000000 ____D C:\ProgramData\MFAData
2013-09-12 20:45 - 2009-06-14 23:48 - 02092892 _____ C:\Windows\WindowsUpdate.log
2013-09-12 20:43 - 2009-07-30 13:10 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-12 20:41 - 2013-09-08 18:09 - 00305120 _____ C:\Windows\PFRO.log
2013-09-12 20:41 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-12 20:41 - 2006-11-02 05:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-12 20:41 - 2006-11-02 05:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-12 20:34 - 2010-01-11 12:24 - 00000000 ____D C:\ProgramData\avg9
2013-09-12 16:40 - 2013-09-11 23:27 - 00006154 _____ C:\Users\Ken\Desktop\avgrep.txt
2013-09-11 23:27 - 2013-07-05 16:23 - 00000000 ____D C:\Users\Ken\AppData\Local\Avg2013
2013-09-11 21:43 - 2013-09-10 00:19 - 00000000 ____D C:\Program Files\SpeedItup Free
2013-09-11 21:17 - 2009-07-30 13:10 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-11 21:14 - 2013-07-04 10:47 - 00001172 _____ C:\Windows\Tasks\Safe Saver-updater.job
2013-09-11 21:14 - 2013-07-04 10:47 - 00001076 _____ C:\Windows\Tasks\Safe Saver-enabler.job
2013-09-11 21:14 - 2013-07-04 10:46 - 00001176 _____ C:\Windows\Tasks\Safe Saver-codedownloader.job
2013-09-11 21:14 - 2013-07-04 10:45 - 00001870 _____ C:\Windows\Tasks\Safe Saver-chromeinstaller.job
2013-09-11 21:14 - 2013-02-18 20:11 - 00000382 _____ C:\Windows\Tasks\Final Media Player Update Checker.job
2013-09-11 21:14 - 2013-02-18 20:11 - 00000000 ____D C:\Program Files\File Type Assistant
2013-09-11 07:52 - 2013-02-18 09:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-11 07:52 - 2011-10-04 11:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-11 07:51 - 2013-09-10 00:50 - 00000434 _____ C:\Windows\Tasks\PC Optimizer Pro Updates.job
2013-09-11 07:51 - 2013-09-10 00:50 - 00000432 _____ C:\Windows\Tasks\PC Optimizer Pro Idle.job
2013-09-10 21:32 - 2013-09-10 00:21 - 00000000 ____D C:\Program Files\MyPC Backup
2013-09-10 21:31 - 2013-09-10 00:50 - 00000406 _____ C:\Windows\Tasks\PC Optimizer Pro startups.job
2013-09-10 21:30 - 2006-11-02 06:01 - 00032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-10 21:29 - 2013-09-10 00:50 - 00000402 _____ C:\Windows\Tasks\PC Optimizer Pro Scan.job
2013-09-10 01:04 - 2013-09-10 01:04 - 00000046 _____ C:\Users\Ken\AppData\Roaming\mbam.context.scan
2013-09-10 00:25 - 2013-09-10 00:25 - 00688992 ____R (Swearware) C:\Users\Ken\Downloads\dds.com
2013-09-10 00:23 - 2013-09-10 00:23 - 00000000 ____D C:\Program Files\FileOpenerPro
2013-09-10 00:21 - 2013-09-10 00:21 - 00000895 _____ C:\Users\Ken\Desktop\MyPC Backup.lnk
2013-09-10 00:21 - 2013-09-10 00:21 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-09-10 00:20 - 2013-09-10 00:20 - 00000901 _____ C:\Users\Public\Desktop\PC Optimizer Pro.lnk
2013-09-10 00:17 - 2013-09-10 00:17 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-09-10 00:17 - 2013-09-10 00:17 - 00000000 ____D C:\Users\Ken\AppData\Local\Wajam
2013-09-10 00:11 - 2013-02-18 20:37 - 00000000 ____D C:\ProgramData\Internet Helper Anti-phishing
2013-09-09 23:34 - 2009-07-30 13:05 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Skype
2013-09-09 01:13 - 2013-09-09 00:08 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-09 01:07 - 2013-08-24 08:38 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-09-09 00:42 - 2013-08-28 18:21 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-09-09 00:42 - 2013-08-28 18:21 - 00000000 ____D C:\Program Files\DefaultTab
2013-09-09 00:42 - 2013-08-28 17:47 - 00000000 ____D C:\Program Files\LyriXeeker
2013-09-09 00:42 - 2013-08-24 08:38 - 00000000 ____D C:\ProgramData\PCFixSpeed
2013-09-09 00:42 - 2013-08-24 08:38 - 00000000 ____D C:\Program Files\PCFixSpeed
2013-09-09 00:42 - 2013-07-04 10:45 - 00000000 ____D C:\Program Files\Safe Saver
2013-09-09 00:42 - 2013-07-04 10:45 - 00000000 ____D C:\Program Files\24x7Help
2013-09-09 00:42 - 2013-02-18 20:11 - 00000000 ____D C:\Program Files\Savepath Deals
2013-09-09 00:42 - 2012-04-08 11:32 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Babylon
2013-09-09 00:42 - 2012-04-08 11:31 - 00000000 ____D C:\Program Files\PrivacySafeGuard
2013-09-09 00:42 - 2011-01-02 17:57 - 00000000 ____D C:\Program Files\Search Toolbar
2013-09-09 00:14 - 2013-09-09 00:08 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-09 00:08 - 2013-09-09 00:08 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Malwarebytes
2013-09-09 00:08 - 2013-09-09 00:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-09 00:05 - 2013-09-09 00:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ken\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-08 23:59 - 2013-02-18 20:37 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-08 23:25 - 2013-09-08 23:25 - 00000000 ____D C:\Windows\865537E164904193A4B6669C62711852.TMP
2013-09-08 23:25 - 2013-09-08 23:25 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-09-08 23:25 - 2013-09-08 23:25 - 00000000 ____D C:\sh4ldr
2013-09-08 23:25 - 2013-09-08 23:25 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-09-08 23:09 - 2006-11-02 03:33 - 00730148 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-08 18:06 - 2013-09-08 18:06 - 00000000 __SHD C:\found.001
2013-09-08 04:05 - 2013-09-08 04:05 - 00000000 _____ C:\Windows\system32\spsys.log
2013-09-04 12:30 - 2013-07-05 19:36 - 00000000 ____D C:\ProgramData\AVG2013
2013-08-28 20:51 - 2013-07-05 19:41 - 00000853 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-08-28 20:42 - 2013-08-28 20:42 - 00000000 ____D C:\Users\Ken\AppData\Local\Conduit
2013-08-28 20:42 - 2013-08-28 20:42 - 00000000 ____D C:\Program Files\Vafmusic9
2013-08-28 20:42 - 2013-08-28 17:49 - 00000000 ____D C:\Program Files\Conduit
2013-08-28 18:22 - 2013-08-28 18:22 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Optimizer Pro
2013-08-28 18:21 - 2013-08-28 18:21 - 00000870 _____ C:\Users\Ken\Desktop\Optimizer Pro.lnk
2013-08-28 18:21 - 2013-08-28 18:21 - 00000258 __RSH C:\Users\Ken\ntuser.pol
2013-08-28 18:21 - 2013-08-28 18:21 - 00000000 ____D C:\Users\Ken\AppData\Roaming\DefaultTab
2013-08-28 18:21 - 2013-08-28 18:20 - 00000000 ____D C:\Users\Ken\AppData\Local\DownloadTerms
2013-08-28 18:21 - 2006-11-02 04:18 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-08-28 17:59 - 2013-08-28 17:59 - 00000000 ____D C:\ProgramData\䒀ĕ䉀ĕ浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-08-28 17:50 - 2013-08-28 17:50 - 00000000 ____D C:\Users\Ken\AppData\Roaming\SearchProtect
2013-08-28 17:50 - 2013-08-28 17:50 - 00000000 ____D C:\Program Files\SearchProtect
2013-08-28 17:50 - 2013-02-18 20:36 - 00000000 ____D C:\Users\Ken\AppData\Local\CRE
2013-08-28 17:47 - 2013-08-28 17:47 - 00000000 ____D C:\Users\Ken\AppData\Local\avgchrome
2013-08-28 17:47 - 2013-08-24 08:39 - 00000000 ____D C:\Windows\system32\Extensions
2013-08-24 08:39 - 2013-08-24 08:39 - 00000000 ____D C:\Windows\system32\searchplugins
2013-08-24 08:39 - 2013-08-24 08:39 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-24 08:39 - 2013-08-24 08:38 - 00000000 ____D C:\Users\Ken\AppData\Roaming\PCFixSpeed
2013-08-24 08:38 - 2013-08-24 08:38 - 00000783 _____ C:\Users\Public\Desktop\Optimize Your PC.lnk
2013-08-24 08:38 - 2013-02-18 20:37 - 00000000 ____D C:\Program Files\Mozilla FireFox
2013-08-24 08:37 - 2013-08-24 08:37 - 04429440 _____ (Piriform Ltd) C:\Users\Ken\Downloads\CCleanerSetup.exe
2013-08-24 08:37 - 2013-08-24 08:37 - 00000947 _____ C:\Users\Ken\Desktop\Continue CCleaner Free Download Installation.lnk
2013-08-22 04:34 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache
2013-08-22 03:01 - 2013-08-22 03:01 - 00000000 ____D C:\Windows\CheckSur
2013-08-16 03:44 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-16 03:28 - 2006-11-02 05:47 - 00294816 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-16 03:27 - 2010-05-25 16:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-16 03:25 - 2006-11-02 05:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-08-16 03:09 - 2013-08-16 03:05 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 03:01 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-16 01:53 - 2013-08-16 01:53 - 00002084 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-16 01:52 - 2008-08-18 11:15 - 00000000 ____D C:\Program Files\Google
2013-08-16 01:06 - 2013-08-16 01:06 - 00000000 ____D C:\Program Files\Dealio Toolbar
2013-08-16 01:06 - 2013-08-16 01:06 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-08-16 01:06 - 2013-08-16 01:06 - 00000000 ____D C:\Program Files\Application Updater
2013-08-16 01:06 - 2013-07-03 03:35 - 00000359 _____ C:\prefs.js
2013-08-16 00:25 - 2009-06-14 22:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-15 23:42 - 2006-11-02 03:22 - 49020928 _____ C:\Windows\system32\config\software_previous
2013-08-15 23:42 - 2006-11-02 03:22 - 41156608 _____ C:\Windows\system32\config\components_previous
2013-08-15 23:42 - 2006-11-02 03:22 - 22544384 _____ C:\Windows\system32\config\system_previous
2013-08-15 23:42 - 2006-11-02 03:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2013-08-15 23:42 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2013-08-15 23:42 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2013-08-15 23:41 - 2013-02-27 14:51 - 00000000 ____D C:\Users\Ken\AppData\Roaming\FinalMediaPlayer
2013-08-15 23:41 - 2006-11-02 04:18 - 00000000 __RSD C:\Windows\Media
2013-08-15 23:41 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\spool
2013-08-15 23:41 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-08-15 23:40 - 2012-01-15 12:04 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2013-08-15 23:40 - 2012-01-15 12:04 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-08-15 23:40 - 2010-10-07 22:16 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-08-15 23:40 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\registration

Files to move or delete:
====================
C:\Users\Ken\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2013.exe
C:\Users\Ken\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ken\AppData\Local\Temp\checktbexist.exe
C:\Users\Ken\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\Ken\AppData\Local\Temp\nsd7633.exe
C:\Users\Ken\AppData\Local\Temp\nsyBAFD.exe
C:\Users\Ken\AppData\Local\Temp\oi_{C33B9162-F56B-4AD8-B80F-6C2AA6B211BD}.exe
C:\Users\Ken\AppData\Local\Temp\SHSetup.exe
C:\Users\Ken\AppData\Local\Temp\spuad0.exe
C:\Users\Ken\AppData\Local\Temp\spuad1.exe
C:\Users\Ken\AppData\Local\Temp\toparcadesetup.exe
C:\Users\Ken\AppData\Local\Temp\uninst1.exe
C:\Users\Ken\AppData\Local\Temp\vcredist_x86.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-12 10:03

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-09-2013
Ran by Ken at 2013-09-12 21:08:36
Running from C:\Users\Ken\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Installed Programs =======================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
Adobe AIR (Version: 3.4.0.2540)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.168)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Amazon Links (Version: 1.0)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft Print Creations (Version: 2.8.255.384)
Ask Toolbar (Version: 1.13.1.0)
AVG 2013 (Version: 13.0.3222)
AVG 2013 (Version: 13.0.3392)
AVG 2013 (Version: 2013.0.3392)
AVG PC TuneUp Free Download Packages
AVG PC TuneUp Language Pack (en-US) (Version: 12.0.4000.108)
Bonjour (Version: 3.0.0.10)
BrowserDefender
Camera Assistant Software for Toshiba (Version: 1.7.193.0508L)
CCleaner (Version: 4.03)
CCScore (Version: 7.00.0000.0001)
CD/DVD Drive Acoustic Silencer (Version: 2.02.03)
Consumer Input Chrome Extension (remove only) (HKCU Version: 3.1.0.84)
Crawler Toolbar with Web Security Guard
D3DX10 (Version: 15.4.2368.0902)
Dealio Toolbar v7.4 (Version: 7.4)
DivX Setup (Version: 2.6.0.34)
DownloadTerms (HKCU Version: 1.0)
Driver Detective (Version: 8.0.1)
DVD MovieFactory for TOSHIBA (Version: 5.51)
EasyBits GO
EPSON Easy Photo Print (Version: 1.5.1.0)
EPSON NX200 User's Guide
EPSON Scan
EPSON Stylus NX200 Series Printer Uninstall
EPSON Stylus NX400 Series Printer Uninstall
ESSBrwr (Version: 8.00.0000.0001)
ESSCDBK (Version: 8.00.0000.0001)
ESScore (Version: 8.00.0000.0001)
ESSgui (Version: 8.00.0000.0001)
ESSini (Version: 8.00.0000.0001)
ESSPCD (Version: 7.01.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
Fast Search (Version: 4.0.3)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
fflink (Version: 6.02.1001.0001)
File Opener Pro
File Type Assistant (Version: 2013.4.8.0)
Final Media Player 2012 (Version: 2012.10.9.0)
Google Chrome (Version: 29.0.1547.66)
Google Desktop (Version: 5.9.1005.12335)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.153)
InfoAtoms [Uninstall] (Version: 1.5.0.0)
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless WiFi Software (Version: 12.00.0004)
Intel® Matrix Storage Manager
Internet Helper Anti-phishing (Version: 1.2.0.0)
iTunes (Version: 11.0.4.4)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java(TM) 6 Update 30 (Version: 6.0.300)
Java(TM) 6 Update 6 (Version: 1.6.0.60)
Kodak EasyShare software
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Security Scan Plus (Version: 3.0.318.3)
Media Player Codec Pack 4.0.2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XML Parser (Version: 8.20.8730.4)
MobileMe Control Panel (Version: 3.1.6.0)
MotoHelper 2.1.32 Driver 5.4.0 (Version: 2.1.32)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyDefrag v4.3.1 (Version: 4.0.0.0)
MyPC Backup (Version: )
netbrdg (Version: 7.01.0000.0001)
NetZero Internet Access Installer (Version: 1.0.874)
Norton PC Checkup (Version: 2.0.12.27)
Norton PC Checkup (Version: 3.0.2.122.0)
OfotoXMI (Version: 7.02.0000.0001)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OverDrive Media Console (Version: 3.2.2)
Picasa 3 (Version: 3.8)
Privacy SafeGuard version 1.0 (Version: 1.0)
QuickBooks Financial Center (Version: 1.10.0000)
QuickShare (Version: 1.90.60.12091)
QuickTime (Version: 7.74.80.86)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5599)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20130)
Safari (Version: 5.34.57.2)
Safe Saver (Version: 1.27.153.5)
Savepath Deals
Search Toolbar (Version: 1.2)
Segoe UI (Version: 15.4.2271.0615)
SFR (Version: 7.01.0000.0003)
SHASTA (Version: 7.01.0000.0001)
skin0001 (Version: 8.00.0000.0001)
SKINXSDK (Version: 7.01.0000.0001)
Skype Toolbars (Version: 5.3.7280)
Skype™ 5.10 (Version: 5.10.116)
SmartPCFixer 4.2 (Version: 4.2)
staticcr (Version: 8.00.0000.0001)
Synaptics Pointing Device Driver (Version: 11.2.4.0)
TopArcadeHits
TOSHIBA Assist (Version: 2.01.08)
TOSHIBA ConfigFree (Version: 7.2.20)
TOSHIBA Desktop Links (Version: 1.7)
TOSHIBA Disc Creator (Version: 2.0.1.3)
TOSHIBA DVD PLAYER (Version: 1.31.14)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Face Recognition (Version: 2.0.2.32)
TOSHIBA Hardware Setup (Version: 2.00.08)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.2)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA Service Station (Version: 2.2.9)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD04))
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.04)
TOSHIBA Value Added Package (Version: 1.1.24)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 wcaiper (Version: 012.000.1430)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2114)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)
TurboTax 2012 wrapper (Version: 012.000.0127)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Vafmusic9 Toolbar (Version: 6.15.0.27)
Verizon Mobile Broadband Drivers (Version: 3.02.002.002)
VPRINTOL (Version: 7.01.0000.0001)
WildTangent Games (Version: 1.0.0.62)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WIRELESS (Version: 7.02.0000.0001)

==================== Restore Points =========================

17-07-2013 23:13:24 Windows Update
16-08-2013 03:44:24 Windows Update
16-08-2013 06:54:57 Windows Update
16-08-2013 10:00:28 Windows Update
17-08-2013 14:52:10 Scheduled Checkpoint
19-08-2013 22:25:36 Removed WeatherBug
19-08-2013 22:27:08 Removed WeatherBug
19-08-2013 22:49:06 Windows Update
20-08-2013 05:43:37 Installed TOSHIBA Service Station
22-08-2013 10:00:20 Windows Update
24-08-2013 03:46:38 Scheduled Checkpoint
29-08-2013 10:00:14 Windows Update
09-09-2013 09:07:53 Scheduled Checkpoint
10-09-2013 16:30:46 Scheduled Checkpoint

==================== Hosts content: ==========================

2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {033ACD47-C4BC-4885-9327-FD5BC78906B6} - System32\Tasks\Final Media Player Update Checker => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe [2012-09-02] (Bitberry Software)
Task: {06EA31CC-C4EA-42E4-AF75-FFFDD686E2BE} - System32\Tasks\Safe Saver-enabler => C:\Program Files\Safe Saver\Safe Saver-enabler.exe [2013-07-04] (Safe Saver)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2014B11C-A55D-4662-A111-57278060EA86} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe [2013-01-25] ()
Task: {2348EAD0-2033-4754-A5EA-C8CCC3436CF9} - System32\Tasks\ProgramUpdateCheck => C:\Program Files\File Type Assistant\TSAssist.exe [2013-04-08] (Trusted Software ApS)
Task: {2A9E4313-4908-44A1-9F99-A816B8A91338} - System32\Tasks\PC Optimizer Pro startups => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {2EFF7316-11AD-4B8A-82B4-F7F632436014} - System32\Tasks\{C5D7DF4E-2A71-498E-976B-119B5CE17F13} => C:\Program Files\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {30F66715-3092-4253-9F9E-41C52EBE1879} - System32\Tasks\MotoHelper Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {320F5AA2-1877-4FE2-8A68-314B73334B99} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2011-08-23] ()
Task: {39DF9E56-5676-4166-A84D-C100CBE55CEE} - System32\Tasks\Safe Saver-updater => C:\Program Files\Safe Saver\Safe Saver-updater.exe [2013-07-04] (Safe Saver)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {40632519-ED1B-4539-868E-FFC5FB79196C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {42DE3500-44F4-4C6D-B546-11767314956A} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Ken => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {50B7778F-816D-4E59-928F-7E8BDAA6E2A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {5A57B2C5-D3B2-4FA8-B66D-CEAAD05AB007} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {5C930D8F-1258-4684-891B-053BD72D9F95} - System32\Tasks\Safe Saver-codedownloader => C:\Program Files\Safe Saver\Safe Saver-codedownloader.exe [2013-07-04] (Safe Saver)
Task: {64966350-E7D7-440B-B0D3-8901B9354D28} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.)
Task: {64BF7A50-F901-4D35-BAF7-F902CE2B2DA8} - System32\Tasks\PC Optimizer Pro Scan => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {66ECBE71-CF04-43DA-B88E-2B8BC587F20A} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-03] (Adobe Systems Incorporated)
Task: {691105E6-C4D7-4AF1-A287-36482A11A640} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-21] ()
Task: {6C8C1023-9917-4636-BCD7-C24229F26B6E} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.)
Task: {6D5BA0B8-48B9-45CF-9F16-BA90CEB5B941} - System32\Tasks\MotoHelper Routing => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {75BE02C2-AA26-4FBB-9525-650F7EF1DE38} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)
Task: {83DD50D1-4B7D-4A62-8859-7A1FF4C7628F} - System32\Tasks\PC Optimizer Pro Idle => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {873B1C03-4129-4F60-B976-91F2003B5DB0} - System32\Tasks\{AC964662-62BE-4A38-8A32-6250875C1DE7} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {8C065083-B091-410C-A509-C28C4F73DB26} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {90006F4F-E705-432D-A9AC-8CB9EAB41B29} - System32\Tasks\PC Optimizer Pro Updates => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {A0A5C78D-0F1F-4132-AF67-410091C3585A} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-21] ()
Task: {A0B009C0-DB71-40C0-86EF-DF752DA79B4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-30] (Google Inc.)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation)
Task: {A74774F9-89A8-4F79-B474-CD9F790D311F} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files\Norton PC Checkup 3.0\NLAppLauncher.exe [2013-03-26] (Symantec Corporation)
Task: {AAD58D47-B4BF-4BFA-A892-707F2E6A7AE7} - System32\Tasks\Safe Saver-chromeinstaller => C:\Program Files\Safe Saver\Safe Saver-chromeinstaller.exe [2013-07-04] (Safe Saver)
Task: {D235CDA3-52EE-4B5D-A577-05AB09F3C487} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files\File Type Assistant\tsasetup.exe [2013-04-09] ( )
Task: {E1F6B682-C71C-41B9-8324-BA23C66E6CC3} - System32\Tasks\MotoHelper MUM => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {E82A45AD-3151-4231-88E7-B5FCBCE9F09B} - System32\Tasks\MotoHelper Initial Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {EBE4DC11-E9AD-4B8A-9373-8481A7A03D6D} - System32\Tasks\Divx online update program => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-28] ()
Task: {FB03315A-E071-42DD-9B93-E99B4C214C26} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-30] (Google Inc.)
Task: {FD370363-5CF1-4981-92ED-BA3D54DC4C63} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Final Media Player Update Checker.job => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Optimizer Pro Idle.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro Scan.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro Updates.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\Safe Saver-chromeinstaller.job => C:\Program Files\Safe Saver\Safe Saver-chromeinstaller.exe
Task: C:\Windows\Tasks\Safe Saver-codedownloader.job => C:\Program Files\Safe Saver\Safe Saver-codedownloader.exe
Task: C:\Windows\Tasks\Safe Saver-enabler.job => C:\Program Files\Safe Saver\Safe Saver-enabler.exe
Task: C:\Windows\Tasks\Safe Saver-updater.job => C:\Program Files\Safe Saver\Safe Saver-updater.exe
Task: C:\Windows\Tasks\TopArcadeHits.job => C:\Users\Ken\AppData\Local\TopArcadeHits\updater.exe

==================== Loaded Modules (whitelisted) =============

2013-09-04 15:18 - 2013-09-02 13:35 - 04053456 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 15:19 - 2013-09-02 13:35 - 00410576 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-04 15:17 - 2013-09-02 13:35 - 01604560 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-09-10 00:22 - 2013-08-26 17:47 - 00169240 _____ ( ) C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll
2013-09-10 00:18 - 2013-09-10 00:18 - 00056832 _____ (Wajam) C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins\PriamNPAPI.dll
2013-09-09 00:18 - 2013-09-09 00:18 - 00853792 _____ (Conduit) C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.19.2.505_0\plugins\ConduitChromeApiPlugin.dll
2013-09-09 00:18 - 2013-09-09 00:18 - 00117024 _____ (Conduit) C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.19.2.505_0\plugins\ChromeApproveTBPlugin.dll
2013-09-09 00:18 - 2013-09-09 00:18 - 00062240 _____ (Conduit Ltd.) C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.19.2.505_0\search\plugins\npConduitNewTabPlugin.dll
2013-09-04 15:19 - 2013-09-02 13:35 - 13599184 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
2013-09-09 00:18 - 2013-09-09 00:18 - 00068896 _____ (Conduit) C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.19.2.505_0\plugins\np-cwmp.dll
2013-09-09 00:18 - 2013-09-09 00:18 - 00163256 _____ (Microsoft Corporation) C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.19.2.505_0\plugins\np-mswmp.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Users\Ken\Downloads\baseball pitch.avi:TOC.WMV
AlternateDataStreams: C:\Users\Ken\Downloads\Lindsey.avi:TOC.WMV

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/12/2013 08:59:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2013 08:58:49 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/12/2013 08:41:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2013 08:41:56 PM) (Source: Application Error) (User: )
Description: Faulting application SmartFaceVWatchSrv.exe, version 2.0.2.0, time stamp 0x48105471, faulting module SmartFaceVWatchSrv.exe, version 2.0.2.0, time stamp 0x48105471, exception code 0xc0000005, fault offset 0x00001b93,
process id 0xf28, application start time 0xSmartFaceVWatchSrv.exe0.

Error: (09/11/2013 09:43:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 09:42:32 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/11/2013 09:21:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 09:20:32 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/10/2013 09:38:34 PM) (Source: Application Error) (User: )
Description: Faulting application SmartFaceVWatchSrv.exe, version 2.0.2.0, time stamp 0x48105471, faulting module SmartFaceVWatchSrv.exe, version 2.0.2.0, time stamp 0x48105471, exception code 0xc0000005, fault offset 0x00001b93,
process id 0x15b4, application start time 0xSmartFaceVWatchSrv.exe0.

Error: (09/10/2013 09:38:27 PM) (Source: Application Error) (User: )
Description: Faulting application LogonUI.exe, version 6.0.6001.18000, time stamp 0x47918daf, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8cc5a, exception code 0x40000015, fault offset 0x00052fd3,
process id 0x1764, application start time 0xLogonUI.exe0.


System errors:
=============
Error: (09/12/2013 09:00:40 PM) (Source: Service Control Manager) (User: )
Description: PnP-X IP Bus EnumeratorFunction Discovery Provider Host%%1068

Error: (09/12/2013 08:59:56 PM) (Source: Service Control Manager) (User: )
Description: AVGIDSDriver
AVGIDSShim
Avgldx86
spldr
Wanarpv6

Error: (09/12/2013 08:59:56 PM) (Source: Service Control Manager) (User: )
Description: AVGIDSAgentAVGIDSDriver%%31

Error: (09/12/2013 08:59:56 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (09/12/2013 08:58:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: C:\Windows\System32\IWMSSvc.dll21

Error: (09/12/2013 08:58:53 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/12/2013 08:58:53 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/12/2013 08:58:50 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (09/12/2013 08:58:49 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/12/2013 08:58:40 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}


Microsoft Office Sessions:
=========================
Error: (05/06/2012 02:21:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11402 seconds with 1860 seconds of active time. This session ended with a crash.

Error: (05/05/2012 04:20:17 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2078396 seconds with 14520 seconds of active time. This session ended with a crash.

Error: (02/15/2012 10:19:44 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20564 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/09/2011 04:19:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1704008 seconds with 2280 seconds of active time. This session ended with a crash.

Error: (01/29/2011 10:33:40 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 942631 seconds with 1200 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-09-12 21:07:55.322
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-12 21:07:55.080
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-12 21:07:54.771
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-12 21:07:54.519
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-12 21:07:54.227
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-12 21:07:53.986
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-12 21:07:53.744
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-12 21:07:53.465
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-11 23:24:19.379
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-11 23:24:19.145
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 2939.25 MB
Available physical RAM: 1863.23 MB
Total Pagefile: 6082.81 MB
Available Pagefile: 5092.01 MB
Total Virtual: 2047.88 MB
Available Virtual: 1923.3 MB

==================== Drives ================================

Drive c: (SQ004992V01) (Fixed) (Total:224.17 GB) (Free:125.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (TurboTax 2012) (CDROM) (Total:0.36 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: CA78462E)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=224 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=7 GB) - (Type=17)

==================== End Of Log ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
See if you can start normally.
 

Attachments

  • fixlist.txt
    4 KB · Views: 1
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [887976 2011-08-23] (Ask)
C:\Program Files\Ask.com
HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1303360 2013-08-08] (Spigot, Inc.)
HKLM\...\Run: [SpeetItUpFree] - "C:\Program Files\SpeedItup Free\speeditupfree.exe"
C:\Program Files\Common Files\Spigot
C:\Program Files\SpeedItup Free
MountPoints2: {19ab0905-3e9b-11e2-84b1-001e33cac5c2} - G:\setup.exe -a
MountPoints2: {5db376ad-5977-11de-841e-806e6f6e6963} - D:\setup.exe
MountPoints2: {e8443791-7d36-11de-b693-001e6513a5e0} - E:\setupSNK.exe
Startup: C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
C:\Program Files\MyPC Backup
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3303002&SearchSource=48&CUI=UN29056762622737770&UM=2
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3303002&SearchSource=48&CUI=UN29056762622737770&UM=2"
CHR Extension: (MixiDJ V30) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.19.2.505_0
S2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-08-08] (Spigot, Inc.)
C:\Program Files\Application Updater
2013-08-28 18:22 - 2013-08-28 18:22 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Optimizer Pro
2013-08-28 18:21 - 2013-08-28 18:21 - 00000870 _____ C:\Users\Ken\Desktop\Optimizer Pro.lnk
2013-08-28 17:50 - 2013-08-28 17:50 - 00000000 ____D C:\Users\Ken\AppData\Roaming\SearchProtect
2013-08-28 17:50 - 2013-08-28 17:50 - 00000000 ____D C:\Program Files\SearchProtect
2013-08-24 08:39 - 2013-08-24 08:38 - 00000000 ____D C:\Users\Ken\AppData\Roaming\PCFixSpeed
2013-08-24 08:38 - 2013-08-24 08:38 - 00000783 _____ C:\Users\Public\Desktop\Optimize Your PC.lnk
C:\Users\Ken\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2013.exe
C:\Users\Ken\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ken\AppData\Local\Temp\checktbexist.exe
C:\Users\Ken\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\Ken\AppData\Local\Temp\nsd7633.exe
C:\Users\Ken\AppData\Local\Temp\nsyBAFD.exe
C:\Users\Ken\AppData\Local\Temp\oi_{C33B9162-F56B-4AD8-B80F-6C2AA6B211BD}.exe
C:\Users\Ken\AppData\Local\Temp\SHSetup.exe
C:\Users\Ken\AppData\Local\Temp\spuad0.exe
C:\Users\Ken\AppData\Local\Temp\spuad1.exe
C:\Users\Ken\AppData\Local\Temp\toparcadesetup.exe
C:\Users\Ken\AppData\Local\Temp\uninst1.exe
C:\Users\Ken\AppData\Local\Temp\vcredist_x86.exe
Task: {2A9E4313-4908-44A1-9F99-A816B8A91338} - System32\Tasks\PC Optimizer Pro startups => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {64BF7A50-F901-4D35-BAF7-F902CE2B2DA8} - System32\Tasks\PC Optimizer Pro Scan => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {83DD50D1-4B7D-4A62-8859-7A1FF4C7628F} - System32\Tasks\PC Optimizer Pro Idle => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {90006F4F-E705-432D-A9AC-8CB9EAB41B29} - System32\Tasks\PC Optimizer Pro Updates => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro Idle.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro Scan.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro Updates.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
AlternateDataStreams: C:\Users\Ken\Downloads\baseball pitch.avi:TOC.WMV
AlternateDataStreams: C:\Users\Ken\Downloads\Lindsey.avi:TOC.WMV
 
You just posted a content of my "fixlist" file.
Re-read my previous reply and redo.
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-09-2013 04
Ran by Ken at 2013-09-13 18:59:27 Run:1
Running from C:\Users\Ken\Desktop\New Folder
Boot Mode: Safe Mode (with Networking)

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [887976 2011-08-23] (Ask)
C:\Program Files\Ask.com
HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1303360 2013-08-08] (Spigot, Inc.)
HKLM\...\Run: [SpeetItUpFree] - "C:\Program Files\SpeedItup Free\speeditupfree.exe"
C:\Program Files\Common Files\Spigot
C:\Program Files\SpeedItup Free
MountPoints2: {19ab0905-3e9b-11e2-84b1-001e33cac5c2} - G:\setup.exe -a
MountPoints2: {5db376ad-5977-11de-841e-806e6f6e6963} - D:\setup.exe
MountPoints2: {e8443791-7d36-11de-b693-001e6513a5e0} - E:\setupSNK.exe
Startup: C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
C:\Program Files\MyPC Backup
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3303002&SearchSource=48&CUI=UN29056762622737770&UM=2
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3303002&SearchSource=48&CUI=UN29056762622737770&UM=2"
CHR Extension: (MixiDJ V30) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.19.2.505_0
S2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-08-08] (Spigot, Inc.)
C:\Program Files\Application Updater
2013-08-28 18:22 - 2013-08-28 18:22 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Optimizer Pro
2013-08-28 18:21 - 2013-08-28 18:21 - 00000870 _____ C:\Users\Ken\Desktop\Optimizer Pro.lnk
2013-08-28 17:50 - 2013-08-28 17:50 - 00000000 ____D C:\Users\Ken\AppData\Roaming\SearchProtect
2013-08-28 17:50 - 2013-08-28 17:50 - 00000000 ____D C:\Program Files\SearchProtect
2013-08-24 08:39 - 2013-08-24 08:38 - 00000000 ____D C:\Users\Ken\AppData\Roaming\PCFixSpeed
2013-08-24 08:38 - 2013-08-24 08:38 - 00000783 _____ C:\Users\Public\Desktop\Optimize Your PC.lnk
C:\Users\Ken\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2013.exe
C:\Users\Ken\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ken\AppData\Local\Temp\checktbexist.exe
C:\Users\Ken\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\Ken\AppData\Local\Temp\nsd7633.exe
C:\Users\Ken\AppData\Local\Temp\nsyBAFD.exe
C:\Users\Ken\AppData\Local\Temp\oi_{C33B9162-F56B-4AD8-B80F-6C2AA6B211BD}.exe
C:\Users\Ken\AppData\Local\Temp\SHSetup.exe
C:\Users\Ken\AppData\Local\Temp\spuad0.exe
C:\Users\Ken\AppData\Local\Temp\spuad1.exe
C:\Users\Ken\AppData\Local\Temp\toparcadesetup.exe
C:\Users\Ken\AppData\Local\Temp\uninst1.exe
C:\Users\Ken\AppData\Local\Temp\vcredist_x86.exe
Task: {2A9E4313-4908-44A1-9F99-A816B8A91338} - System32\Tasks\PC Optimizer Pro startups => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {64BF7A50-F901-4D35-BAF7-F902CE2B2DA8} - System32\Tasks\PC Optimizer Pro Scan => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {83DD50D1-4B7D-4A62-8859-7A1FF4C7628F} - System32\Tasks\PC Optimizer Pro Idle => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {90006F4F-E705-432D-A9AC-8CB9EAB41B29} - System32\Tasks\PC Optimizer Pro Updates => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro Idle.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro Scan.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\PC Optimizer Pro Updates.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
AlternateDataStreams: C:\Users\Ken\Downloads\baseball pitch.avi:TOC.WMV
AlternateDataStreams: C:\Users\Ken\Downloads\Lindsey.avi:TOC.WMV

*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Value deleted successfully.
C:\Program Files\Ask.com => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpeetItUpFree => Value deleted successfully.
C:\Program Files\Common Files\Spigot => Moved successfully.
C:\Program Files\SpeedItup Free => Moved successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19ab0905-3e9b-11e2-84b1-001e33cac5c2} => Key deleted successfully.
HKCR\CLSID\{19ab0905-3e9b-11e2-84b1-001e33cac5c2} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5db376ad-5977-11de-841e-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{5db376ad-5977-11de-841e-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e8443791-7d36-11de-b693-001e6513a5e0} => Key deleted successfully.
HKCR\CLSID\{e8443791-7d36-11de-b693-001e6513a5e0} => Key not found.
C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk => Moved successfully.
C:\Program Files\MyPC Backup\MyPC Backup.exe => Moved successfully.
"C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk" => File/Directory not found.
C:\Program Files\MyPC Backup => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value deleted successfully.
HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value deleted successfully.
HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\linkscanner => Key deleted successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3303002&SearchSource=48&CUI=UN29056762622737770&UM=2 ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3303002&SearchSource=48&CUI=UN29056762622737770&UM=2" ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen => Moved successfully.
Application Updater => Service deleted successfully.
C:\Program Files\Application Updater => Moved successfully.
C:\Users\Ken\AppData\Roaming\Optimizer Pro => Moved successfully.
C:\Users\Ken\Desktop\Optimizer Pro.lnk => Moved successfully.
C:\Users\Ken\AppData\Roaming\SearchProtect => Moved successfully.
C:\Program Files\SearchProtect => Moved successfully.
C:\Users\Ken\AppData\Roaming\PCFixSpeed => Moved successfully.
C:\Users\Public\Desktop\Optimize Your PC.lnk => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2013.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\checktbexist.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\mconduitinstaller.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\nsd7633.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\nsyBAFD.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\oi_{C33B9162-F56B-4AD8-B80F-6C2AA6B211BD}.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\SHSetup.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\spuad0.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\spuad1.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\toparcadesetup.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\uninst1.exe => Moved successfully.
C:\Users\Ken\AppData\Local\Temp\vcredist_x86.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A9E4313-4908-44A1-9F99-A816B8A91338} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A9E4313-4908-44A1-9F99-A816B8A91338} => Key deleted successfully.
C:\Windows\System32\Tasks\PC Optimizer Pro startups => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Optimizer Pro startups => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64BF7A50-F901-4D35-BAF7-F902CE2B2DA8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64BF7A50-F901-4D35-BAF7-F902CE2B2DA8} => Key deleted successfully.
C:\Windows\System32\Tasks\PC Optimizer Pro Scan => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Optimizer Pro Scan => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83DD50D1-4B7D-4A62-8859-7A1FF4C7628F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83DD50D1-4B7D-4A62-8859-7A1FF4C7628F} => Key deleted successfully.
C:\Windows\System32\Tasks\PC Optimizer Pro Idle => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Optimizer Pro Idle => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90006F4F-E705-432D-A9AC-8CB9EAB41B29} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90006F4F-E705-432D-A9AC-8CB9EAB41B29} => Key deleted successfully.
C:\Windows\System32\Tasks\PC Optimizer Pro Updates => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Optimizer Pro Updates => Key deleted successfully.
C:\Windows\Tasks\PC Optimizer Pro Idle.job => Moved successfully.
C:\Windows\Tasks\PC Optimizer Pro Scan.job => Moved successfully.
C:\Windows\Tasks\PC Optimizer Pro startups.job => Moved successfully.
C:\Windows\Tasks\PC Optimizer Pro Updates.job => Moved successfully.
C:\Users\Ken\Downloads\baseball pitch.avi => ":TOC.WMV" ADS removed successfully.
C:\Users\Ken\Downloads\Lindsey.avi => ":TOC.WMV" ADS removed successfully.

==== End of Fixlog ====
 
Same thing happens when I reboot. It comes up with that same message

"Now it says Microsoft visual c ++ runtime library

"This application has requested the runtime to terminate it in an unusual way. Please contact the applications support team for more info"
 
The screen is blue and that message comes up. I can press close or press the "x" but the same message comes back in about 10 seconds
 
For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 
I've gotten to the last step and am typing in g:\frst and it is saying. G:frst is not recognized as an internal or external command, operable program or batch file.

What am I doing wrong?
 
Make sure FRST file is in a root directory of flash drive not in some subfolder.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-09-2013 02
Ran by SYSTEM on MINWINPC on 15-09-2013 11:24:44
Running from G:\
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6037504 2008-04-08] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [Camera Assistant Software] - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [417792 2008-04-29] (Chicony)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-02-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [505720 2008-06-02] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [716800 2008-05-09] (TOSHIBA Corporation)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [cfFncEnabler.exe] - cfFncEnabler.exe
HKLM\...\Run: [ToshibaServiceStation] - C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2314416 2013-08-15] ()
HKLM\...\Run: [Internet Helper Anti-phishing] - C:\ProgramData\Internet Helper Anti-phishing\internetHelper_antiphishing.exe [235072 2013-05-14] (Internet Helper)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Runonce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2008-04-24] (TOSHIBA)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2008-04-24] (TOSHIBA)
HKU\Ken\...\Run: [TOSCDSPD] - TOSCDSPD.EXE
HKU\Ken\...\Run: [EPSON Stylus NX400 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGA.EXE /FU "C:\Windows\TEMP\E_SD317.tmp" /EF "HKCU"
HKU\Ken\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-20] (Microsoft Corporation)
HKU\Ken\...\Run: [EPSON Stylus NX200 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEFA.EXE /FU "C:\Windows\TEMP\E_S203D.tmp" /EF "HKCU"
HKU\Ken\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2009-06-14] (Google Inc.)
HKU\Ken\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2012-07-13] (Skype Technologies S.A.)
HKU\Ken\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-20] (Microsoft Corporation)
HKU\Ken\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_168_ActiveX.exe [ 2013-09-11] (Adobe Systems Incorporated)
Startup: C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

========================== Services (Whitelisted) =================

S2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 avgfws; C:\Program Files\AVG\AVG2013\avgfws.exe [1432080 2013-07-25] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
S2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2008-04-16] (TOSHIBA CORPORATION)
S3 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [164600 2008-05-28] (WildTangent, Inc.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
S2 gupdate1ca1150f16d6a40; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-07-30] (Google Inc.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
S2 Norton PC Checkup Application Launcher; C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-25] (Symantec Corporation)
S2 PCCUJobMgr; C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\diMaster.dll [132984 2011-05-03] (Symantec Corporation)
S3 SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [73728 2008-04-24] (Toshiba)
S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [54136 2011-02-11] (TOSHIBA Corporation)
S2 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation)
S2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
S2 vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-06-26] (AVG Secure Search)
S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [x]
S2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]

==================== Drivers (Whitelisted) ====================

S1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-07-20] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-03-01] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-07-10] (AVG Technologies CZ, s.r.o.)
S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-06-26] (AVG Technologies)
S0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-10] (Microsoft Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NWUSBCDFIL; C:\Windows\System32\DRIVERS\NwUsbCdFil.sys [20480 2010-07-08] (Novatel Wireless Inc.)
S3 NWUSBModem_000; C:\Windows\System32\DRIVERS\nwusbmdm_000.sys [176384 2010-07-08] (Novatel Wireless Inc.)
S3 NWUSBPort2_000; C:\Windows\System32\DRIVERS\nwusbser2_000.sys [176384 2010-07-08] (Novatel Wireless Inc.)
S3 NWUSBPort_000; C:\Windows\System32\DRIVERS\nwusbser_000.sys [176384 2010-07-08] (Novatel Wireless Inc.)
S3 SVRPEDRV; C:\Windows\System32\sysprep\PEDrv.sys [9216 2008-01-18] (Inventec Corporation)
S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x]
S3 IO_Memory; \??\C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 motmodem; system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-14 20:14 - 2013-09-14 20:14 - 01083473 _____ (Farbar) C:\Users\Ken\Downloads\FRST (1).exe
2013-09-14 20:13 - 2013-09-14 20:13 - 01290904 _____ (ExpressInstaller) C:\Users\Ken\Downloads\setup (4).exe
2013-09-13 17:58 - 2013-09-13 17:58 - 01083285 _____ (Farbar) C:\Users\Ken\Downloads\FRST.exe
2013-09-12 21:02 - 2013-09-12 21:02 - 00004143 _____ C:\Users\Ken\Downloads\fixlist.txt
2013-09-12 21:01 - 2013-09-13 18:03 - 00000000 ____D C:\Users\Ken\Desktop\New Folder
2013-09-12 20:10 - 2013-09-12 20:10 - 00049993 _____ C:\Users\Ken\Downloads\FRST.txt
2013-09-12 20:08 - 2013-09-12 20:10 - 00030698 _____ C:\Users\Ken\Downloads\Addition.txt
2013-09-12 20:06 - 2013-09-12 20:06 - 00000000 ____D C:\FRST
2013-09-12 20:03 - 2013-09-12 20:03 - 00000000 ____D C:\Users\Ken\AppData\Local\TopArcadeHits
2013-09-12 20:02 - 2013-09-12 20:02 - 01095320 _____ (AppEnabler) C:\Users\Ken\Downloads\Setup (3).exe
2013-09-12 20:01 - 2013-09-12 20:01 - 01095320 _____ (AppEnabler) C:\Users\Ken\Downloads\setup (2).exe
2013-09-11 22:27 - 2013-09-12 15:40 - 00006154 _____ C:\Users\Ken\Desktop\avgrep.txt
2013-09-10 00:04 - 2013-09-10 00:04 - 00000046 _____ C:\Users\Ken\AppData\Roaming\mbam.context.scan
2013-09-09 23:25 - 2013-09-09 23:25 - 00688992 ____R (Swearware) C:\Users\Ken\Downloads\dds.com
2013-09-09 23:23 - 2013-09-09 23:23 - 00000000 ____D C:\Program Files\FileOpenerPro
2013-09-09 23:21 - 2013-09-09 23:21 - 00000895 _____ C:\Users\Ken\Desktop\MyPC Backup.lnk
2013-09-09 23:20 - 2013-09-09 23:20 - 00000901 _____ C:\Users\Public\Desktop\PC Optimizer Pro.lnk
2013-09-09 23:17 - 2013-09-09 23:17 - 00000000 ____D C:\Users\Ken\AppData\Local\Wajam
2013-09-08 23:08 - 2013-09-09 00:13 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-08 23:08 - 2013-09-08 23:14 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-08 23:08 - 2013-09-08 23:08 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Malwarebytes
2013-09-08 23:08 - 2013-09-08 23:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-08 23:08 - 2013-04-04 13:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-09-08 23:05 - 2013-09-08 23:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ken\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-08 22:25 - 2013-09-08 22:25 - 00000000 ____D C:\Windows\865537E164904193A4B6669C62711852.TMP
2013-09-08 22:25 - 2013-09-08 22:25 - 00000000 ____D C:\sh4ldr
2013-09-08 22:25 - 2013-09-08 22:25 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-09-08 17:09 - 2013-09-12 19:41 - 00305120 _____ C:\Windows\PFRO.log
2013-09-08 17:06 - 2013-09-08 17:06 - 00000000 __SHD C:\found.001
2013-09-08 03:05 - 2013-09-08 03:05 - 00000000 _____ C:\Windows\System32\spsys.log
2013-08-28 19:42 - 2013-08-28 19:42 - 00000000 ____D C:\Users\Ken\AppData\Local\Conduit
2013-08-28 19:42 - 2013-08-28 19:42 - 00000000 ____D C:\Program Files\Vafmusic9
2013-08-28 17:21 - 2013-09-08 23:42 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-08-28 17:21 - 2013-09-08 23:42 - 00000000 ____D C:\Program Files\DefaultTab
2013-08-28 17:21 - 2013-08-28 17:21 - 00000258 __RSH C:\Users\Ken\ntuser.pol
2013-08-28 17:21 - 2013-08-28 17:21 - 00000000 ____D C:\Users\Ken\AppData\Roaming\DefaultTab
2013-08-28 17:20 - 2013-08-28 17:21 - 00000000 ____D C:\Users\Ken\AppData\Local\DownloadTerms
2013-08-28 17:10 - 2013-08-01 20:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-28 16:59 - 2013-08-28 16:59 - 00000000 ____D C:\ProgramData\䒀ĕ䉀ĕ浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-08-28 16:49 - 2013-08-28 19:42 - 00000000 ____D C:\Program Files\Conduit
2013-08-28 16:47 - 2013-09-08 23:42 - 00000000 ____D C:\Program Files\LyriXeeker
2013-08-28 16:47 - 2013-08-28 16:47 - 00000000 ____D C:\Users\Ken\AppData\Local\avgchrome
2013-08-24 07:39 - 2013-08-28 16:47 - 00000000 ____D C:\Windows\System32\Extensions
2013-08-24 07:39 - 2013-08-24 07:39 - 00000000 ____D C:\Windows\System32\searchplugins
2013-08-24 07:38 - 2013-09-09 00:07 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-24 07:38 - 2013-09-08 23:42 - 00000000 ____D C:\ProgramData\PCFixSpeed
2013-08-24 07:38 - 2013-09-08 23:42 - 00000000 ____D C:\Program Files\PCFixSpeed
2013-08-24 07:37 - 2013-08-24 07:37 - 04429440 _____ (Piriform Ltd) C:\Users\Ken\Downloads\CCleanerSetup.exe
2013-08-24 07:37 - 2013-08-24 07:37 - 00000947 _____ C:\Users\Ken\Desktop\Continue CCleaner Free Download Installation.lnk
2013-08-22 02:01 - 2013-08-22 02:01 - 00000000 ____D C:\Windows\CheckSur
2013-08-21 06:59 - 2013-07-07 20:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-21 06:59 - 2013-07-07 20:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-21 06:59 - 2013-07-07 20:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-21 06:59 - 2013-07-07 20:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-08-16 02:05 - 2013-08-16 02:09 - 00000000 ____D C:\Windows\System32\MRT
2013-08-16 00:53 - 2013-08-16 00:53 - 00002084 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-16 00:17 - 2013-06-15 05:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\icaapi.dll
2013-08-16 00:17 - 2013-06-15 03:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-16 00:16 - 2013-07-04 20:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-16 00:15 - 2013-07-17 11:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-16 00:15 - 2013-07-10 01:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-16 00:15 - 2013-07-09 04:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-16 00:15 - 2013-07-07 20:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-08-16 00:15 - 2013-07-07 20:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-16 00:06 - 2013-08-16 00:06 - 00000000 ____D C:\Program Files\Dealio Toolbar

==================== One Month Modified Files and Folders =======

2013-09-15 09:58 - 2006-11-02 04:47 - 00003616 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-15 09:58 - 2006-11-02 04:47 - 00003616 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-14 20:14 - 2013-09-14 20:14 - 01083473 _____ (Farbar) C:\Users\Ken\Downloads\FRST (1).exe
2013-09-14 20:13 - 2013-09-14 20:13 - 01290904 _____ (ExpressInstaller) C:\Users\Ken\Downloads\setup (4).exe
2013-09-13 18:03 - 2013-09-12 21:01 - 00000000 ____D C:\Users\Ken\Desktop\New Folder
2013-09-13 17:58 - 2013-09-13 17:58 - 01083285 _____ (Farbar) C:\Users\Ken\Downloads\FRST.exe
2013-09-12 21:02 - 2013-09-12 21:02 - 00004143 _____ C:\Users\Ken\Downloads\fixlist.txt
2013-09-12 20:10 - 2013-09-12 20:10 - 00049993 _____ C:\Users\Ken\Downloads\FRST.txt
2013-09-12 20:10 - 2013-09-12 20:08 - 00030698 _____ C:\Users\Ken\Downloads\Addition.txt
2013-09-12 20:06 - 2013-09-12 20:06 - 00000000 ____D C:\FRST
2013-09-12 20:03 - 2013-09-12 20:03 - 00000000 ____D C:\Users\Ken\AppData\Local\TopArcadeHits
2013-09-12 20:02 - 2013-09-12 20:02 - 01095320 _____ (AppEnabler) C:\Users\Ken\Downloads\Setup (3).exe
2013-09-12 20:01 - 2013-09-12 20:01 - 01095320 _____ (AppEnabler) C:\Users\Ken\Downloads\setup (2).exe
2013-09-12 19:46 - 2012-01-15 10:48 - 00000000 ____D C:\ProgramData\MFAData
2013-09-12 19:45 - 2009-06-14 22:48 - 02092892 _____ C:\Windows\WindowsUpdate.log
2013-09-12 19:41 - 2013-09-08 17:09 - 00305120 _____ C:\Windows\PFRO.log
2013-09-12 19:34 - 2010-01-11 11:24 - 00000000 ____D C:\ProgramData\avg9
2013-09-12 15:40 - 2013-09-11 22:27 - 00006154 _____ C:\Users\Ken\Desktop\avgrep.txt
2013-09-11 22:27 - 2013-07-05 15:23 - 00000000 ____D C:\Users\Ken\AppData\Local\Avg2013
2013-09-11 20:14 - 2013-02-18 19:11 - 00000000 ____D C:\Program Files\File Type Assistant
2013-09-11 06:52 - 2013-02-18 08:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-09-11 06:52 - 2011-10-04 10:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-09-10 00:04 - 2013-09-10 00:04 - 00000046 _____ C:\Users\Ken\AppData\Roaming\mbam.context.scan
2013-09-09 23:25 - 2013-09-09 23:25 - 00688992 ____R (Swearware) C:\Users\Ken\Downloads\dds.com
2013-09-09 23:23 - 2013-09-09 23:23 - 00000000 ____D C:\Program Files\FileOpenerPro
2013-09-09 23:21 - 2013-09-09 23:21 - 00000895 _____ C:\Users\Ken\Desktop\MyPC Backup.lnk
2013-09-09 23:20 - 2013-09-09 23:20 - 00000901 _____ C:\Users\Public\Desktop\PC Optimizer Pro.lnk
2013-09-09 23:17 - 2013-09-09 23:17 - 00000000 ____D C:\Users\Ken\AppData\Local\Wajam
2013-09-09 23:11 - 2013-02-18 19:37 - 00000000 ____D C:\ProgramData\Internet Helper Anti-phishing
2013-09-09 22:34 - 2009-07-30 12:05 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Skype
2013-09-09 00:13 - 2013-09-08 23:08 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-09 00:07 - 2013-08-24 07:38 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-09-08 23:42 - 2013-08-28 17:21 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-09-08 23:42 - 2013-08-28 17:21 - 00000000 ____D C:\Program Files\DefaultTab
2013-09-08 23:42 - 2013-08-28 16:47 - 00000000 ____D C:\Program Files\LyriXeeker
2013-09-08 23:42 - 2013-08-24 07:38 - 00000000 ____D C:\ProgramData\PCFixSpeed
2013-09-08 23:42 - 2013-08-24 07:38 - 00000000 ____D C:\Program Files\PCFixSpeed
2013-09-08 23:42 - 2013-07-04 09:45 - 00000000 ____D C:\Program Files\Safe Saver
2013-09-08 23:42 - 2013-07-04 09:45 - 00000000 ____D C:\Program Files\24x7Help
2013-09-08 23:42 - 2013-02-18 19:11 - 00000000 ____D C:\Program Files\Savepath Deals
2013-09-08 23:42 - 2012-04-08 10:32 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Babylon
2013-09-08 23:42 - 2012-04-08 10:31 - 00000000 ____D C:\Program Files\PrivacySafeGuard
2013-09-08 23:42 - 2011-01-02 16:57 - 00000000 ____D C:\Program Files\Search Toolbar
2013-09-08 23:14 - 2013-09-08 23:08 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-08 23:08 - 2013-09-08 23:08 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Malwarebytes
2013-09-08 23:08 - 2013-09-08 23:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-08 23:05 - 2013-09-08 23:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ken\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-08 22:59 - 2013-02-18 19:37 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-08 22:25 - 2013-09-08 22:25 - 00000000 ____D C:\Windows\865537E164904193A4B6669C62711852.TMP
2013-09-08 22:25 - 2013-09-08 22:25 - 00000000 ____D C:\sh4ldr
2013-09-08 22:25 - 2013-09-08 22:25 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-09-08 22:09 - 2006-11-02 02:33 - 00730148 _____ C:\Windows\System32\PerfStringBackup.INI
2013-09-08 17:06 - 2013-09-08 17:06 - 00000000 __SHD C:\found.001
2013-09-08 03:05 - 2013-09-08 03:05 - 00000000 _____ C:\Windows\System32\spsys.log
2013-09-04 11:30 - 2013-07-05 18:36 - 00000000 ____D C:\ProgramData\AVG2013
2013-08-28 19:51 - 2013-07-05 18:41 - 00000853 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-08-28 19:42 - 2013-08-28 19:42 - 00000000 ____D C:\Users\Ken\AppData\Local\Conduit
2013-08-28 19:42 - 2013-08-28 19:42 - 00000000 ____D C:\Program Files\Vafmusic9
2013-08-28 19:42 - 2013-08-28 16:49 - 00000000 ____D C:\Program Files\Conduit
2013-08-28 17:21 - 2013-08-28 17:21 - 00000258 __RSH C:\Users\Ken\ntuser.pol
2013-08-28 17:21 - 2013-08-28 17:21 - 00000000 ____D C:\Users\Ken\AppData\Roaming\DefaultTab
2013-08-28 17:21 - 2013-08-28 17:20 - 00000000 ____D C:\Users\Ken\AppData\Local\DownloadTerms
2013-08-28 17:21 - 2006-11-02 03:18 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2013-08-28 16:59 - 2013-08-28 16:59 - 00000000 ____D C:\ProgramData\䒀ĕ䉀ĕ浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-08-28 16:50 - 2013-02-18 19:36 - 00000000 ____D C:\Users\Ken\AppData\Local\CRE
2013-08-28 16:47 - 2013-08-28 16:47 - 00000000 ____D C:\Users\Ken\AppData\Local\avgchrome
2013-08-28 16:47 - 2013-08-24 07:39 - 00000000 ____D C:\Windows\System32\Extensions
2013-08-24 07:39 - 2013-08-24 07:39 - 00000000 ____D C:\Windows\System32\searchplugins
2013-08-24 07:38 - 2013-02-18 19:37 - 00000000 ____D C:\Program Files\Mozilla FireFox
2013-08-24 07:37 - 2013-08-24 07:37 - 04429440 _____ (Piriform Ltd) C:\Users\Ken\Downloads\CCleanerSetup.exe
2013-08-24 07:37 - 2013-08-24 07:37 - 00000947 _____ C:\Users\Ken\Desktop\Continue CCleaner Free Download Installation.lnk
2013-08-22 03:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\rescache
2013-08-22 02:01 - 2013-08-22 02:01 - 00000000 ____D C:\Windows\CheckSur
2013-08-16 02:44 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-16 02:28 - 2006-11-02 04:47 - 00294816 _____ C:\Windows\System32\FNTCACHE.DAT
2013-08-16 02:27 - 2010-05-25 15:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-16 02:25 - 2006-11-02 04:37 - 00000000 ____D C:\Windows\System32\XPSViewer
2013-08-16 02:09 - 2013-08-16 02:05 - 00000000 ____D C:\Windows\System32\MRT
2013-08-16 02:01 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-16 00:53 - 2013-08-16 00:53 - 00002084 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-16 00:52 - 2008-08-18 10:15 - 00000000 ____D C:\Program Files\Google
2013-08-16 00:06 - 2013-08-16 00:06 - 00000000 ____D C:\Program Files\Dealio Toolbar
2013-08-16 00:06 - 2013-07-03 02:35 - 00000359 _____ C:\prefs.js

==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-07-17 15:17:36
Restore point made on: 2013-08-15 19:52:17
Restore point made on: 2013-08-15 22:55:32
Restore point made on: 2013-08-16 02:00:43
Restore point made on: 2013-08-17 06:52:44
Restore point made on: 2013-08-19 14:26:18
Restore point made on: 2013-08-19 14:27:53
Restore point made on: 2013-08-19 14:49:40
Restore point made on: 2013-08-19 21:44:25
Restore point made on: 2013-08-22 02:00:51
Restore point made on: 2013-08-23 19:46:50
Restore point made on: 2013-08-29 02:00:41
Restore point made on: 2013-09-09 01:08:42
Restore point made on: 2013-09-10 08:31:04

==================== Memory info ===========================

Percentage of memory in use: 13%
Total physical RAM: 2939.25 MB
Available physical RAM: 2529.73 MB
Total Pagefile: 2734.81 MB
Available Pagefile: 2589.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.95 MB

==================== Drives ================================

Drive c: (SQ004992V01) (Fixed) (Total:224.17 GB) (Free:126.14 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (TurboTax 2012) (CDROM) (Total:0.36 GB) (Free:0 GB) CDFS
Drive e: (TOSHIBA SYSTEM VOLUME) (Fixed) (Total:1.46 GB) (Free:1.31 GB) NTFS
Drive g: (HP v100w) (Removable) (Total:1.87 GB) (Free:1.73 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: CA78462E)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=224 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=7 GB) - (Type=17)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=2 GB) - (Type=06)


LastRegBack: 2013-09-14 06:30

==================== End Of Log ============================
 
Nothing malicious there.

You will need a USB flash drive.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Next download rst.sh to your USB flash drive
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see rst.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash rst.sh
  • Press Enter
  • After it has finished a report will be located on your USB drive named enum.log
  • Remove the USB drive and insert it back in your working computer and navigate to enum.log

    Please note - all text entries are case sensitive
Copy and paste the enum.log for my review
 
In the mnt folder there is 3 subfolders: sda1, sda2 and sda3. No sdb and none of the sda folders show the file rst.sh or any of the other files on the flash drive.
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
793
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back