Results 1 to 7 of 7
  1. #1
    Member JaysonKrause's Avatar
    Join Date
    Sep 2004
    Location
    Vancouver,WA
    Posts
    119
    Points
    4

    Default Browser Pops and very slow, Malware wont go away

    far bar scan log:

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
    Ran by jaysonkrause (administrator) on JAYSONKRAUSE-PC on 27-01-2015 16:42:17
    Running from C:\Users\jaysonkrause\Desktop
    Loaded Profiles: jaysonkrause (Available profiles: jaysonkrause)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
    (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    () C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
    (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe
    (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
    (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
    (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (PM Marketing) C:\Program Files (x86)\PMnotify\pmnotify.exe
    (Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
    (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    () C:\Program Files (x86)\Roxio Creator NXT\Roxio Burn\RoxioBurnLauncher.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-2323704279-3969684159-1826230288-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
    HKU\S-1-5-21-2323704279-3969684159-1826230288-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-27] (SUPERAntiSpyware)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-05-01] (Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PM Notify.LNK
    ShortcutTarget: PM Notify.LNK -> C:\Program Files (x86)\PMnotify\pmnotify.exe (PM Marketing)
    Startup: C:\Users\jaysonkrause\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
    ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jaysonkrause\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jaysonkrause\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jaysonkrause\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jaysonkrause\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
    HKU\S-1-5-21-2323704279-3969684159-1826230288-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Official Site - The Power To Do More | Dell
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites04_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0E0D0ByD0AyD0EtGyB0F0BtAtG0CtBtCtAtGyB0B0ByBtGyBtCyEtC0F0EtA0CtB0EzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=414653532&ir=
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites04_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0E0D0ByD0AyD0EtGyB0F0BtAtG0CtBtCtAtGyB0B0ByBtGyBtCyEtC0F0EtA0CtB0EzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=414653532&ir=
    SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyCyCtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0B0AyByD0F0BtG0Bzz0BtAtGyDtBtBzytG0DyDzy0EtGtBtAtDtD0FzzzzzyzzyC0FyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=492197109&ir=
    SearchScopes: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites04_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0E0D0ByD0AyD0EtGyB0F0BtAtG0CtBtCtAtGyB0B0ByBtGyBtCyEtC0F0EtA0CtB0EzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=414653532&ir=
    SearchScopes: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites04_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0E0D0ByD0AyD0EtGyB0F0BtAtG0CtBtCtAtGyB0B0ByBtGyBtCyEtC0F0EtA0CtB0EzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=414653532&ir=
    SearchScopes: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyCyCtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0B0AyByD0F0BtG0Bzz0BtAtGyDtBtBzytG0DyDzy0EtGtBtAtDtD0FzzzzzyzzyC0FyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=492197109&ir=
    BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 8\DLLx64\SnagItBHO64.dll (TechSmith Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - No File
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 64.134.255.2 64.134.255.10

    FireFox:
    ========
    FF ProfilePath: C:\Users\jaysonkrause\AppData\Roaming\Mozilla\Firefox\Profiles\w1omgo9k.default
    FF DefaultSearchEngine: Mysearchdial
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2323704279-3969684159-1826230288-1000: @tools.google.com/Google Update;version=9 -> C:\Users\jaysonkrause\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
    FF user.js: detected! => C:\Users\jaysonkrause\AppData\Roaming\Mozilla\Firefox\Profiles\w1omgo9k.default\user.js
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safesearch.xml
    FF Extension: No Name - C:\Users\jaysonkrause\AppData\Roaming\Mozilla\Firefox\Profiles\w1omgo9k.default\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-24]
    FF Extension: DownloadHelper - C:\Users\jaysonkrause\AppData\Roaming\Mozilla\Firefox\Profiles\w1omgo9k.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-23]
    FF Extension: Adblock Plus Pop-up Addon - C:\Users\jaysonkrause\AppData\Roaming\Mozilla\Firefox\Profiles\w1omgo9k.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-08-06]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
    FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-05-17]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.com/
    CHR StartupUrls: Default -> "hxxp://xfinity.comcast.net/?cid=insDate09052012", "hxxp://search.conduit.com/?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPE9CDD73B-00B0-480B-9DA8-5AE702FE434F&SSPV=", "hxxp://speedial.com/?f=1&a=spd_dsites04_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0E0D0ByD0AyD0EtGyB0F0BtAtG0CtBtCtAtGyB0B0ByBtGyBtCyEtC0F0EtA0CtB0EzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=414653532&ir=", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyCyCtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0B0AyByD0F0BtG0Bzz0BtAtGyDtBtBzytG0DyDzy0EtGtBtAtDtD0FzzzzzyzzyC0FyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=492197109&ir=", "hxxp://websearch.wonderfulsearches.info/?pid=2623&r=2014/08/11&hid=4252504591329730131&lg=EN&cc=US&unqvl=60", "hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=M5F65CFB6-47E2-430C-81AB-DC1E5F3AAE2F&SearchSource=55&CUI=&UM=6&UP=SP9A8D411F-B753-4D6F-AF63-BBE9DE9E4370&SSPV="
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{googleageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01]
    CHR Extension: (Google Drive) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
    CHR Extension: (Speedial) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2014-05-08]
    CHR Extension: (YouTube) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
    CHR Extension: (Touchcast Import for Youtube™ Annotations) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbeacfbbaaklbmealnkhhpnodbkigdj [2015-01-24]
    CHR Extension: (Adblock Plus) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-24]
    CHR Extension: (Alexa Traffic Rank) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel [2014-05-01]
    CHR Extension: (Video download helper) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbkchnicaiglcjpgbmpfmoafckkomdcm [2014-05-01]
    CHR Extension: (Video Downloader professional) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-05-01]
    CHR Extension: (MP3 Downloader Extension) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifnkdpmkepgeknagpkiggmmlhapecog [2014-05-01]
    CHR Extension: (ArcadeYum) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmbmildjdmppofnohldicmnkojfhggmb [2014-12-23]
    CHR Extension: (Speed Dial 2) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2014-05-01]
    CHR Extension: (Hangouts) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-05-13]
    CHR Extension: (Google Wallet) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01]
    CHR Extension: (Gmail) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
    CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
    CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - No Path
    CHR HKU\S-1-5-21-2323704279-3969684159-1826230288-1000\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457360 2012-06-20] ()
    R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
    R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22160 2012-07-11] ()
    R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2010-01-11] (Stardock Corporation) [File not signed]
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
    R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Creator NXT\Roxio Burn\RoxioBurnLauncher.exe [535184 2012-07-05] ()
    S3 RoxMediaDB14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe [1096848 2012-07-18] (Corel Corporation)
    S2 RoxWatch14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe [341136 2012-07-18] (Corel Corporation)
    R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.)
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
    R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [126568 2015-01-26] (RaMMicHaeL)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
    S3 Roxio UPnP Renderer 11; "C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe" [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
    S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) [File not signed]
    R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
    R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2012-06-20] (Corel Corporation)
    R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2012-06-20] (Corel Corporation)
    R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2012-06-20] (Corel Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-05-02] ()
    R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [1455648 2014-05-05] (Acronis)
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
    S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
    S3 UsbGps; system32\DRIVERS\lgx64gps.sys [X]
    S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-27 16:42 - 2015-01-27 16:43 - 00022850 _____ () C:\Users\jaysonkrause\Desktop\FRST.txt
    2015-01-27 16:42 - 2015-01-27 16:42 - 00000000 ____D () C:\FRST
    2015-01-27 16:41 - 2015-01-27 16:42 - 02129920 _____ (Farbar) C:\Users\jaysonkrause\Desktop\FRST64.exe
    2015-01-27 16:15 - 2015-01-27 16:33 - 00000000 ____D () C:\HijackThis
    2015-01-27 16:03 - 2015-01-27 16:35 - 00000112 _____ () C:\Windows\setupact.log
    2015-01-27 16:03 - 2015-01-27 16:03 - 00000000 _____ () C:\Windows\setuperr.log
    2015-01-24 12:05 - 2015-01-24 12:05 - 18126512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2015-01-24 11:56 - 2014-12-18 19:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-24 11:56 - 2014-12-18 17:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-24 11:56 - 2014-12-11 21:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-01-24 11:56 - 2014-12-11 21:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-01-24 11:56 - 2014-12-11 21:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-01-24 11:56 - 2014-12-11 21:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-01-24 11:56 - 2014-12-11 21:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-01-24 11:56 - 2014-12-11 21:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-01-24 11:56 - 2014-12-11 21:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-01-24 11:55 - 2014-12-11 09:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2015-01-24 11:55 - 2014-12-05 20:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-24 11:55 - 2014-12-05 19:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
    2015-01-24 11:55 - 2014-12-05 19:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2015-01-23 13:10 - 2015-01-23 14:35 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.33
    2015-01-23 11:11 - 2015-01-23 13:02 - 00001749 _____ () C:\ProgramData\tempimage.bmp
    2015-01-23 10:45 - 2015-01-23 14:32 - 00000000 ____D () C:\Program Files (x86)\ver8SpeedChecker
    2015-01-23 10:40 - 2015-01-23 12:40 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Local\ZombieInvasion
    2015-01-23 10:34 - 2015-01-23 14:35 - 00000000 ____D () C:\ProgramData\VmyVvOkFV
    2015-01-23 10:34 - 2015-01-23 14:32 - 00000000 ____D () C:\ProgramData\ZombieInvasion
    2015-01-23 10:28 - 2015-01-23 14:15 - 00000000 ___HD () C:\Users\Public\Temp
    2015-01-23 10:27 - 2015-01-23 14:32 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Local\gmsd_us_136
    2015-01-23 10:27 - 2015-01-23 14:32 - 00000000 ____D () C:\Program Files (x86)\gmsd_us_136
    2015-01-23 10:26 - 2015-01-23 14:32 - 00000000 ____D () C:\Program Files (x86)\Consumer Input
    2015-01-23 10:26 - 2015-01-23 10:27 - 190855522 _____ () C:\Users\jaysonkrause\AppData\Roaming\CrashDump__20150123_182631.dmp
    2015-01-23 10:25 - 2015-01-23 14:35 - 00000000 ____D () C:\Program Files\Playzy
    2015-01-23 10:25 - 2015-01-23 14:35 - 00000000 ____D () C:\Program Files (x86)\Super Optimizer
    2015-01-23 10:25 - 2015-01-23 11:06 - 00000000 ____D () C:\Program Files (x86)\PepperZip
    2015-01-22 14:37 - 2015-01-22 14:37 - 00000607 _____ () C:\Users\jaysonkrause\Documents\Clayton Richardson Leads.csv
    2015-01-22 12:57 - 2015-01-23 15:21 - 00000000 ____D () C:\LS BIZ
    2015-01-22 10:50 - 2015-01-22 10:50 - 00020864 _____ () C:\Users\jaysonkrause\Downloads\[kickass.so]sexy.midget.redhead.mpeg.torrent
    2015-01-22 10:50 - 2015-01-22 10:50 - 00014524 _____ () C:\Users\jaysonkrause\Downloads\[kickass.so]midget.teen.girl.fuck.machine.sex.zip.torrent
    2015-01-22 10:50 - 2015-01-22 10:50 - 00006510 _____ () C:\Users\jaysonkrause\Downloads\[kickass.so]hot.sex.with.a.midget.on.bed.torrent
    2015-01-22 10:49 - 2015-01-22 10:49 - 00020226 _____ () C:\Users\jaysonkrause\Downloads\[kickass.so]incredible.latina.luscious.lopez.shows.off.her.sexy.booty.spreading.it.to.accept.a.thick.black.boner.between.them.redhead.bubblebutt.interracial.torrent
    2015-01-22 10:49 - 2015-01-22 10:49 - 00011473 _____ () C:\Users\jaysonkrause\Downloads\[kickass.so]amazing.bitch.pason.wanted.a.big.thick.black.dick.entering.her.back.door.making.her.sweat.and.bring.out.the.sexual.demons.in.her.interracial.cumshot.anal.torrent
    2015-01-21 15:21 - 2015-01-21 15:23 - 187010218 _____ () C:\Users\jaysonkrause\Downloads\FREE VIDEO Discover My Shortcut To Over 50000 Per Month.flv
    2015-01-20 13:11 - 2015-01-20 13:11 - 00126368 _____ () C:\Users\jaysonkrause\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-01-05 17:10 - 2015-01-06 07:29 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-01-05 17:10 - 2015-01-05 17:10 - 00135384 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-01-05 15:50 - 2015-01-05 15:50 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-01-03 10:30 - 2015-01-03 10:30 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Local\{C023CEAD-509A-45F7-A020-2D509261282C}
    2014-12-31 10:29 - 2014-12-31 10:29 - 00002608 _____ () C:\Users\jaysonkrause\Downloads\jkrause12312014132748 teleprofiled .xml
    2014-12-30 18:51 - 2014-12-30 21:57 - 00000000 ____D () C:\Users\jaysonkrause\Documents\LS NEW SHEETS
    2014-12-30 18:50 - 2014-12-30 18:50 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Network Leads
    2014-12-30 18:50 - 2014-12-30 18:50 - 00000000 ____D () C:\Program Files (x86)\PMnotify
    2014-12-30 18:49 - 2014-12-30 18:49 - 00286720 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
    2014-12-30 18:49 - 2014-12-30 18:49 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
    2014-12-30 18:29 - 2014-12-30 18:29 - 00000000 __SHD () C:\Users\jaysonkrause\AppData\Local\EmieBrowserModeList
    2014-12-28 14:07 - 2014-12-28 14:07 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Local\TeamViewer
    2014-12-28 13:42 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-28 13:42 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-27 16:40 - 2014-05-01 07:35 - 01680543 _____ () C:\Windows\WindowsUpdate.log
    2015-01-27 16:36 - 2014-12-27 10:25 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-01-27 16:35 - 2014-09-24 05:11 - 00000900 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
    2015-01-27 16:35 - 2014-05-01 07:41 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-01-27 16:35 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-27 16:14 - 2014-05-01 07:35 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Local\VirtualStore
    2015-01-27 16:11 - 2009-07-13 20:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-01-27 16:11 - 2009-07-13 20:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-01-27 16:09 - 2014-05-08 16:09 - 00000312 _____ () C:\Windows\Tasks\Speedial.job
    2015-01-27 16:05 - 2014-08-11 17:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-01-27 14:28 - 2014-05-01 07:41 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-01-27 12:42 - 2014-05-01 07:41 - 00002241 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2015-01-27 12:16 - 2014-09-24 05:11 - 00000904 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
    2015-01-27 11:52 - 2014-05-01 07:45 - 00002042 _____ () C:\Users\Public\Desktop\Google Slides.lnk
    2015-01-27 11:52 - 2014-05-01 07:45 - 00002040 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
    2015-01-27 11:52 - 2014-05-01 07:45 - 00002030 _____ () C:\Users\Public\Desktop\Google Docs.lnk
    2015-01-27 11:52 - 2014-05-01 07:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2015-01-26 09:49 - 2014-06-08 08:50 - 00000000 ____D () C:\Program Files (x86)\Garmin
    2015-01-26 09:49 - 2014-05-05 15:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-01-26 09:48 - 2014-05-02 13:33 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Roaming\Mozilla
    2015-01-26 09:48 - 2014-05-01 07:41 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Local\Google
    2015-01-26 09:40 - 2014-06-08 09:04 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Local\Garmin
    2015-01-26 09:40 - 2014-06-08 09:02 - 00000000 ____D () C:\ProgramData\Garmin
    2015-01-26 09:40 - 2014-06-08 08:50 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Roaming\Garmin
    2015-01-26 09:38 - 2014-09-23 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
    2015-01-26 09:35 - 2014-09-23 14:43 - 00000000 ____D () C:\Program Files (x86)\Kingo ROOT
    2015-01-26 09:35 - 2014-08-10 17:45 - 00000000 ____D () C:\Program Files (x86)\PdaNet for Android
    2015-01-26 07:52 - 2014-05-02 09:55 - 01656954 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2015-01-26 07:52 - 2014-05-01 13:19 - 00745430 _____ () C:\Windows\system32\perfh00A.dat
    2015-01-26 07:52 - 2014-05-01 13:19 - 00158476 _____ () C:\Windows\system32\perfc00A.dat
    2015-01-26 07:51 - 2009-07-13 21:13 - 01656954 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-26 05:16 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
    2015-01-24 12:56 - 2014-08-23 18:13 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Local\Deployment
    2015-01-24 12:47 - 2014-12-27 10:44 - 00000000 ____D () C:\SUPERDelete
    2015-01-24 12:17 - 2014-05-01 10:25 - 00000000 ____D () C:\Windows\system32\MRT
    2015-01-24 12:15 - 2014-08-28 11:55 - 00000000 ____D () C:\Users\jaysonkrause\Documents\Criminal Legacy
    2015-01-24 12:06 - 2014-08-11 17:39 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-01-24 12:06 - 2014-08-11 17:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-01-24 12:06 - 2014-08-11 17:39 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-01-24 12:00 - 2014-06-13 03:51 - 00000000 ____D () C:\Program Files (x86)\MBryo CD+G Creator
    2015-01-24 11:58 - 2014-05-01 10:25 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-01-23 14:35 - 2014-09-24 05:10 - 00000000 ____D () C:\Program Files (x86)\TheTorntv V10
    2015-01-23 14:35 - 2014-05-01 15:54 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Roaming\qBittorrent
    2015-01-23 14:35 - 2014-05-01 07:35 - 00000000 ____D () C:\Users\jaysonkrause
    2015-01-23 14:33 - 2014-10-01 15:02 - 00000000 ____D () C:\Windows\SysWOW64\Garmin
    2015-01-23 14:33 - 2014-08-11 17:39 - 00000000 ____D () C:\Windows\system32\Macromed
    2015-01-23 14:33 - 2014-05-15 06:48 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Roaming\Winamp
    2015-01-23 14:33 - 2014-05-02 12:06 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Roaming\vlc
    2015-01-23 14:33 - 2014-05-01 16:04 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Roaming\TeraCopy
    2015-01-23 14:32 - 2014-09-24 05:10 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
    2015-01-23 14:32 - 2014-09-01 07:47 - 00000000 ____D () C:\Program Files (x86)\RocketTab
    2015-01-23 14:32 - 2014-08-07 17:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-01-23 14:32 - 2014-05-01 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-01-23 14:32 - 2012-09-30 13:34 - 00000000 ____D () C:\Program Files (x86)\CDG Ripper 2.0
    2015-01-23 14:31 - 2014-05-20 18:15 - 00000000 ____D () C:\Windows\Minidump
    2015-01-23 14:30 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
    2015-01-23 14:25 - 2014-12-27 16:02 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Roaming\TeamViewer
    2015-01-23 14:25 - 2014-05-05 16:59 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Roaming\Malwarebytes
    2015-01-23 14:25 - 2014-05-04 14:13 - 00000000 __RHD () C:\MSOCache
    2015-01-23 14:25 - 2014-05-02 16:08 - 00000000 ____D () C:\Program Files (x86)\Winamp
    2015-01-22 15:03 - 2008-09-29 14:23 - 00389686 _____ () C:\Users\jaysonkrause\Documents\jkrause-Leads_082608_order.csv
    2015-01-19 15:37 - 2014-09-24 01:46 - 00000000 ____D () C:\Program Files (x86)\Fast Browser
    2015-01-19 15:37 - 2014-05-08 16:08 - 00000000 ____D () C:\Users\jaysonkrause\AppData\Roaming\Systweak
    2015-01-07 15:26 - 2012-10-22 12:54 - 00000000 ____D () C:\Users\jaysonkrause\Documents\- LegalShield
    2015-01-05 18:05 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\IME
    2015-01-03 12:44 - 2014-12-27 16:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
    2014-12-31 03:14 - 2014-05-01 07:51 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-12-31 00:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache

    ==================== Files in the root of some directories =======

    2015-01-23 10:26 - 2015-01-23 10:27 - 190855522 _____ () C:\Users\jaysonkrause\AppData\Roaming\CrashDump__20150123_182631.dmp
    2014-11-07 21:46 - 2014-11-07 21:46 - 0000061 _____ () C:\Users\jaysonkrause\AppData\Roaming\mbam.context.scan
    2014-09-24 05:01 - 2014-09-24 05:02 - 0006656 _____ () C:\Users\jaysonkrause\AppData\Roaming\SuperOneClick1.exe
    2014-05-09 09:09 - 2014-05-09 09:09 - 0000041 _____ () C:\Users\jaysonkrause\AppData\Roaming\WB.CFG
    2014-09-24 05:01 - 2014-09-24 05:01 - 0000033 _____ () C:\Users\jaysonkrause\AppData\Roaming\winupd
    2014-09-01 00:18 - 2014-09-01 00:18 - 0001248 _____ () C:\Users\jaysonkrause\AppData\Roaming\WUGSIR
    2014-09-24 05:11 - 2014-09-24 05:11 - 1989016 _____ () C:\Users\jaysonkrause\AppData\Roaming\WUGSIR.exe
    2014-05-31 12:53 - 2014-05-31 12:53 - 0002112 _____ () C:\Users\jaysonkrause\AppData\Local\rx_audio.Cache
    2014-05-31 12:53 - 2014-05-31 12:53 - 0000072 _____ () C:\Users\jaysonkrause\AppData\Local\rx_image32.Cache
    2012-07-30 21:10 - 2012-07-30 21:10 - 0002462 _____ () C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag
    2015-01-23 11:11 - 2015-01-23 13:02 - 0001749 _____ () C:\ProgramData\tempimage.bmp

    Files to move or delete:
    ====================
    C:\Users\jaysonkrause\Hack.vbs


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-01-19 15:06

    ==================== End Of Log ============================

  2. #2
    Member JaysonKrause's Avatar
    Join Date
    Sep 2004
    Location
    Vancouver,WA
    Posts
    119
    Points
    4

    Default

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 01/27/2015 at 04:48 PM

    Application Version : 6.0.1170
    Database Version : 11722

    Scan type : Quick Scan
    Total Scan Time : 00:04:55

    Operating System Information
    Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 591
    Memory threats detected : 0
    Registry items scanned : 44196
    Registry threats detected : 0
    File items scanned : 10064
    File threats detected : 15

    Adware.Tracking Cookie
    .atdmt.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .fastclick.net [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .fastclick.net [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adaptv.advertising.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .eyeviewads.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adaptv.advertising.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ad.mlnadvertising.com [ C:\USERS\JAYSONKRAUSE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

    ============
    End of Log
    ============

  3. #3
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Hello,

    There should be another log file called Additions.txt on your desktop. Please post that log too


    Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the Report button and the report will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.[/*]
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner


    Next

    Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.


    In your next reply post;

    • The AdwCleaner [S1].txt Log
    • The JRT.txt Log


    Thanks
    Joe

  4. #4
    Member JaysonKrause's Avatar
    Join Date
    Sep 2004
    Location
    Vancouver,WA
    Posts
    119
    Points
    4

    Default

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
    Ran by jaysonkrause at 2015-01-27 16:46:00
    Running from C:\Users\jaysonkrause\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
    AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Acronis*True*Image*Home (HKLM-x32\...\{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}) (Version: 13.0.5055 - Acronis)
    Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.10 - Adobe Systems)
    Adobe Audition 1.5 (HKLM-x32\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
    Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
    CDGFix 1.3 (HKLM-x32\...\CDGFix 1.3) (Version: - )
    Corel WinDVD (x32 Version: 10.8.0.201 - Corel Inc.) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Debs Karaoke Renamer (HKLM-x32\...\{41E3122F-3DA9-4870-9F22-C29A50B7C851}) (Version: 3.0 - Deborah L Redley)
    Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
    Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
    DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
    Dropbox (HKU\S-1-5-21-2323704279-3969684159-1826230288-1000\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
    Easy GIF Animator 4.1 (HKLM-x32\...\Easy GIF Animator_is1) (Version: Easy GIF Animator 4.0 - Karlis Blumentals)
    EMC 11 Content (HKLM-x32\...\{21ABEA96-CCAB-4C40-8699-6BDFEC5FD63C}) (Version: 1.1.019 - Roxo, Inc.)
    Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
    Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
    Epson Download Navigator (HKLM-x32\...\{10F63395-157F-4B93-AB4D-702A2FF11942}) (Version: 1.0.1 - SEIKO EPSON CORPORATION)
    Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
    Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
    EPSON WorkForce 845 Series Printer Uninstall (HKLM\...\EPSON WorkForce 845 Series) (Version: - SEIKO EPSON Corporation)
    EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
    Google Chrome (HKLM-x32\...\{A7A76FD6-91B5-3C7F-B37D-DFDA03F5FBAE}) (Version: 65.205.49283 - Google, Inc.)
    Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6217.0 - IDT)
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    iPhone Explorer 0.992 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - myPod Apps, LLC)
    iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
    iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
    Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
    Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Karaoke CD+G Creator Pro (HKLM-x32\...\{AA77219C-0A77-4FF3-8CC5-2DC08469E6FF}_is1) (Version: - Doblon)
    Karaoke Home Producer (HKLM-x32\...\Karaoke Home Producer) (Version: - )
    Karaoke Song List Creator Professional KJ Edition (HKLM-x32\...\Karaoke Song List Creator Professional KJ Edition) (Version: 2010 - Airwer Limited)
    Karaoke Sound Tools (HKLM-x32\...\{250A72DB-E96E-4697-A1BA-16E7C6BD0EE8}_is1) (Version: - Doblon)
    Karaoke Zip Scanner (HKLM-x32\...\Karaoke Zip Scanner) (Version: - ActiveAsp Software)
    Karaoke Zip Scanner (x32 Version: 1.0.0.0 - ActiveAsp Software) Hidden
    Kies mini (HKLM-x32\...\InstallShield_{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
    Kies mini (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
    KJ File Manager (HKLM-x32\...\{5D891EA7-3DE0-48CA-A1AD-0D866BF6A2BD}) (Version: 3.3.3 - Latshaw Systems)
    LogonStudio (HKLM-x32\...\LogonStudio) (Version: 1.7 - Stardock Corporation)
    Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
    MBryo CD+G Creator 1.03 (HKLM-x32\...\MBryo_CD+G_Creator_1.03) (Version: - )
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
    MP3+G Toolz (HKLM-x32\...\{F50A4470-7A45-4A5A-97F8-806990B736C2}) (Version: 4.0 - ActiveASP Software)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Network Leads - PMNotify (HKLM-x32\...\ST6UNST #1) (Version: - )
    Nexus Ultimate 11.6 (HKLM-x32\...\Nexus Ultimate_is1) (Version: - )
    PCDJ DEX 2 2.2.4.0 (HKLM-x32\...\PCDJdex_is1) (Version: 2.2.4.0 - PCDJ)
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    qBittorrent 3.1.9.2 (HKLM-x32\...\qbittorrent) (Version: 3.1.9.2 - The qBittorrent project)
    QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
    Remo Recover 4.0 (HKLM\...\{A573D759-F894-448D-A420-3A9C31879F88}_is1) (Version: 4.0.0.34 - Remo Software)
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    RICOH Media Driver ver.2.07.01.04 (HKLM-x32\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.04 - RICOH)
    RMPrepUSB (HKLM-x32\...\RMPrepUSB) (Version: - )
    Roxio Creator NXT Pro (HKLM-x32\...\{CC915001-1639-4D1B-B0A1-A7AC70C99179}) (Version: 14.0.36.0 - Roxio)
    Roxio High-Def/Blu-ray Disc Plug-In (HKLM-x32\...\{0C6FFD51-E507-4A29-8B25-4C1AF2796BA0}) (Version: 1.0.0 - Roxio)
    Roxio Virtual Drive x64 (Version: 1.00.0000 - Roxio, Inc.) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Show Presenter (HKLM-x32\...\{2E510276-F614-4AC5-9ACC-465735484A4F}) (Version: 3.0 - Digital Entertainer Ltd)
    SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
    SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
    SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.)
    SmartSound Quicktracks 5 (x32 Version: 5.1.7 - SmartSound Software Inc.) Hidden
    SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.8.0 - SmartSound Software Inc)
    SmartSound Quicktracks Plugin (x32 Version: 3.0.8.0 - SmartSound Software Inc) Hidden
    SnagIt 8 (HKLM-x32\...\{DA0BF7AB-88EB-4675-8FA1-531EAD938821}) (Version: 8.2.3 - TechSmith Corporation)
    Song List Generator (HKLM-x32\...\{257FF256-8840-4FDD-8334-E610B03A347E}) (Version: 4.1.2 - Latshaw Systems)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
    TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
    TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
    Triple Scoop Music (x32 Version: 1.0.019 - Roxio) Hidden
    Unchecky v0.3.6 (HKLM-x32\...\Unchecky) (Version: 0.3.6 - RaMMicHaeL)
    VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
    VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    Winamp (HKLM-x32\...\Winamp) (Version: 5.552 - Nullsoft, Inc)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\jaysonkrause\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000_Classes\CLSID\{A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF}\InprocServer32 -> C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
    CustomCLSID: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\jaysonkrause\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jaysonkrause\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jaysonkrause\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jaysonkrause\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jaysonkrause\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\jaysonkrause\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll (Google Inc.)

    ==================== Restore Points =========================

    19-01-2015 11:59:00 Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 1.75.0.1300
    19-01-2015 12:07:52 Windows Update
    20-01-2015 09:13:33 Windows Update
    23-01-2015 10:42:13 Windows Update
    23-01-2015 11:09:38 Revo Uninstaller's restore point - BBQLeads
    23-01-2015 13:01:25 Revo Uninstaller's restore point - BBQLeads
    23-01-2015 14:17:35 Restore Operation
    23-01-2015 15:12:57 Windows Update
    24-01-2015 11:56:27 Windows Update
    26-01-2015 07:43:16 Windows Update
    26-01-2015 09:35:30 Removed Garmin WebUpdater
    26-01-2015 09:38:06 Removed Garmin Communicator Plugin
    26-01-2015 09:38:09 Removed Kies mini
    26-01-2015 09:38:30 Garmin Express
    26-01-2015 09:47:33 Removed Garmin Communicator Plugin x64
    26-01-2015 09:48:03 Removed Google Talk Plugin
    26-01-2015 09:48:53 Removed LG USB Modem driver
    26-01-2015 09:49:28 Removed Garmin USB Drivers

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:34 - 2015-01-27 16:36 - 00002027 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 activate.adobe.com
    0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
    0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
    0.0.0.0 media.opencandy.com
    0.0.0.0 cdn.opencandy.com
    0.0.0.0 tracking.opencandy.com
    0.0.0.0 api.opencandy.com
    0.0.0.0 installer.betterinstaller.com
    0.0.0.0 installer.filebulldog.com
    0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
    0.0.0.0 inno.bisrv.com
    0.0.0.0 nsis.bisrv.com
    0.0.0.0 cdn.file2desktop.com
    0.0.0.0 cdn.goateastcach.us
    0.0.0.0 cdn.guttastatdk.us
    0.0.0.0 cdn.inskinmedia.com
    0.0.0.0 cdn.insta.oibundles2.com
    0.0.0.0 cdn.insta.playbryte.com
    0.0.0.0 cdn.llogetfastcach.us
    0.0.0.0 cdn.montiera.com
    0.0.0.0 cdn.msdwnld.com
    0.0.0.0 cdn.mypcbackup.com
    0.0.0.0 cdn.ppdownload.com
    0.0.0.0 cdn.riceateastcach.us
    0.0.0.0 cdn.shyapotato.us
    0.0.0.0 cdn.solimba.com
    0.0.0.0 cdn.tuto4pc.com
    0.0.0.0 cdn.appround.biz
    0.0.0.0 cdn.bigspeedpro.com

    There are 5 more lines.


    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {1CE420D3-B424-4AAF-A192-1C3A03ABAF40} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
    Task: {37C7CF7E-FDE8-4A85-98E7-06954D41FDAD} - System32\Tasks\{0367A1AF-968D-49CE-87C4-CCB177F119B8} => pcalua.exe -a C:\Users\jaysonkrause\Downloads\iCloudSetup.exe -d C:\Users\jaysonkrause\Downloads
    Task: {39D2807C-B692-4365-B7FE-6294FBB9297B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {4BA78A3D-B36F-4BDB-BC68-06D027566B78} - System32\Tasks\Speedial => C:\Users\JAYSON~1\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {70770BB8-7BD0-430C-AE1A-FCFBD0FBD0A0} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    Task: {7577F71A-608E-4A92-A104-6CB109847FEC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2323704279-3969684159-1826230288-1000UA => C:\Users\jaysonkrause\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-13] (Google Inc.)
    Task: {758DBAEF-24FE-429B-A369-CDE828E2561F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01] (Google Inc.)
    Task: {7909E66B-8128-4608-885F-4438E2E2D724} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {9ED1C88F-8402-4688-AD64-C9093F16DBA5} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    Task: {A0241509-59C8-41DC-8B01-2E8245F34100} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
    Task: {DF3C6AB5-FCE9-47CE-B98F-907B20CCF9D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01] (Google Inc.)
    Task: {EFDE96C3-CBC0-4FB2-A364-B1B3BA118C06} - System32\Tasks\{49BCBCA1-92CC-4519-91F0-00F7570F4DC5} => pcalua.exe -a "C:\Program Files (x86)\PdaNet for Android\drvins.exe" -d "C:\Program Files (x86)\PdaNet for Android" -c /dd 1
    Task: {F7EFEC05-27F1-4FBD-972D-90A0D2F3970A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2323704279-3969684159-1826230288-1000Core => C:\Users\jaysonkrause\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-13] (Google Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2323704279-3969684159-1826230288-1000Core.job => C:\Users\jaysonkrause\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2323704279-3969684159-1826230288-1000UA.job => C:\Users\jaysonkrause\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\Speedial.job => C:\Users\JAYSON~1\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

    ==================== Loaded Modules (whitelisted) =============

    2014-12-27 16:03 - 2014-12-15 02:45 - 00020240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
    2012-06-20 14:48 - 2012-06-20 14:48 - 00457360 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
    2012-07-11 00:04 - 2012-07-11 00:04 - 00022160 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
    2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2012-07-05 18:47 - 2012-07-05 18:47 - 00535184 _____ () C:\Program Files (x86)\Roxio Creator NXT\Roxio Burn\RoxioBurnLauncher.exe
    2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2012-07-11 00:04 - 2012-07-11 00:04 - 03306128 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll
    2012-07-11 00:04 - 2012-07-11 00:04 - 00523920 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll
    2012-07-11 00:04 - 2012-07-11 00:04 - 00108176 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll
    2015-01-26 05:25 - 2015-01-26 05:25 - 00058880 _____ () C:\Program Files (x86)\Unchecky\bin\collector.dll
    2014-04-29 05:24 - 2014-04-29 05:24 - 15377920 _____ () C:\Program Files (x86)\qBittorrent\qbittorrent.exe

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SnagIt 8.lnk => C:\Windows\pss\SnagIt 8.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^jaysonkrause^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^jaysonkrause^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup
    MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
    MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    MSCONFIG\startupreg: EPLTarget =>
    MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
    MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
    MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    MSCONFIG\startupreg: Google Update => "C:\Users\jaysonkrause\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    MSCONFIG\startupreg: GoogleChromeAutoLaunch_5F565DE7892237BC8F33A4F461A4D95F => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    MSCONFIG\startupreg: Nexus =>
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: SpUninstallCleanUp => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
    MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-2323704279-3969684159-1826230288-500 - Administrator - Disabled)
    Guest (S-1-5-21-2323704279-3969684159-1826230288-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2323704279-3969684159-1826230288-1002 - Limited - Enabled)
    jaysonkrause (S-1-5-21-2323704279-3969684159-1826230288-1000 - Administrator - Enabled) => C:\Users\jaysonkrause

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/26/2015 05:19:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program qbittorrent.exe version 3.1.9.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1300

    Start Time: 01d0396a05045638

    Termination Time: 16

    Application Path: C:\Program Files (x86)\qBittorrent\qbittorrent.exe

    Report Id: d9295cda-a55d-11e4-b77d-0021708f5cc1

    Error: (01/24/2015 00:52:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
    Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
    Exception code: 0x80000003
    Fault offset: 0x004fd39c
    Faulting process id: 0xe8
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (01/24/2015 00:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
    Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
    Exception code: 0x80000003
    Fault offset: 0x004fd39c
    Faulting process id: 0x165c
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (01/24/2015 11:55:36 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
    Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
    Exception code: 0x80000003
    Fault offset: 0x004fd39c
    Faulting process id: 0xadc
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (01/24/2015 11:50:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
    Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
    Exception code: 0x80000003
    Fault offset: 0x004fd39c
    Faulting process id: 0x910
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (01/24/2015 11:47:47 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
    Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
    Exception code: 0x80000003
    Fault offset: 0x004fd39c
    Faulting process id: 0xfd0
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (01/24/2015 11:47:10 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
    Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
    Exception code: 0x80000003
    Fault offset: 0x004fd39c
    Faulting process id: 0x1308
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (01/24/2015 11:42:30 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
    Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
    Exception code: 0x80000003
    Fault offset: 0x004fd39c
    Faulting process id: 0x13e4
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (01/24/2015 11:42:30 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
    Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
    Exception code: 0x80000003
    Fault offset: 0x004fd39c
    Faulting process id: 0xa0
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (01/24/2015 11:40:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
    .


    System errors:
    =============
    Error: (01/27/2015 04:35:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Roxio Hard Drive Watcher 14 service terminated with the following error:
    %%-2147467243

    Error: (01/27/2015 04:35:39 PM) (Source: atikmdag) (EventID: 10261) (User: )
    Description: Display is not active

    Error: (01/27/2015 04:35:39 PM) (Source: atikmdag) (EventID: 19468) (User: )
    Description: CPLIB :: General - Invalid Parameter

    Error: (01/27/2015 04:29:24 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

    Error: (01/27/2015 04:29:24 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

    Error: (01/27/2015 04:29:15 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error: (01/27/2015 04:29:09 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

    Error: (01/27/2015 04:29:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    discache
    MpFilter
    SaibVdAd64
    SASDIFSV
    SASKUTIL
    spldr
    Wanarpv6

    Error: (01/27/2015 04:28:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error:
    %%31

    Error: (01/27/2015 04:28:55 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
    Description: %%860 Real-Time Protection feature has encountered an error and failed.

    Feature: %%834

    Error Code: 0x8007043c

    Error description: This service cannot be started in Safe Mode

    Reason: %%858


    Microsoft Office Sessions:
    =========================
    Error: (01/26/2015 05:19:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: qbittorrent.exe3.1.9.2130001d0396a0504563816C:\Program Files (x86)\qBittorrent\qbittorrent.exed9295cda-a55d-11e4-b77d-0021708f5cc1

    Error: (01/24/2015 00:52:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: chrome.exe39.0.2171.95548243f3chrome.dll39.0.2171.9554823ff480000003004fd39ce801d03817ad643fdaC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dllec43dc3e-a40a-11e4-b744-0021708f5cc1

    Error: (01/24/2015 00:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: chrome.exe39.0.2171.95548243f3chrome.dll39.0.2171.9554823ff480000003004fd39c165c01d03816adb00c5fC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dllec9b8fa4-a409-11e4-819d-0021708f5cc1

    Error: (01/24/2015 11:55:36 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: chrome.exe39.0.2171.95548243f3chrome.dll39.0.2171.9554823ff480000003004fd39cadc01d0380fb7ee5137C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dllf6274d47-a402-11e4-819d-0021708f5cc1

    Error: (01/24/2015 11:50:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: chrome.exe39.0.2171.95548243f3chrome.dll39.0.2171.9554823ff480000003004fd39c91001d0380ef08640ffC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dll2e815949-a402-11e4-819d-0021708f5cc1

    Error: (01/24/2015 11:47:47 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: chrome.exe39.0.2171.95548243f3chrome.dll39.0.2171.9554823ff480000003004fd39cfd001d0380ea0cefd4fC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dlldee6a61c-a401-11e4-819d-0021708f5cc1

    Error: (01/24/2015 11:47:10 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: chrome.exe39.0.2171.95548243f3chrome.dll39.0.2171.9554823ff480000003004fd39c130801d0380e88806222C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dllc86a98a4-a401-11e4-819d-0021708f5cc1

    Error: (01/24/2015 11:42:30 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: chrome.exe39.0.2171.95548243f3chrome.dll39.0.2171.9554823ff480000003004fd39c13e401d0380de34aa196C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dll21ae9d7b-a401-11e4-819d-0021708f5cc1

    Error: (01/24/2015 11:42:30 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: chrome.exe39.0.2171.95548243f3chrome.dll39.0.2171.9554823ff480000003004fd39ca001d0380de31b0610C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dll21ae766b-a401-11e4-819d-0021708f5cc1

    Error: (01/24/2015 11:40:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: http://ctldl.windowsupdate.com/msdow...rootstl.cabThe data is invalid.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM)2 Duo CPU T5900 @ 2.20GHz
    Percentage of memory in use: 50%
    Total physical RAM: 3066.89 MB
    Available physical RAM: 1526.08 MB
    Total Pagefile: 6131.96 MB
    Available Pagefile: 4579.69 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:465.66 GB) (Free:104.77 GB) NTFS
    Drive e: (WII) (Removable) (Total:3.73 GB) (Free:0.73 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1B278852)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 3.7 GB) (Disk ID: 14442550)
    Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)

    ==================== End Of Log ============================

  5. #5
    Member JaysonKrause's Avatar
    Join Date
    Sep 2004
    Location
    Vancouver,WA
    Posts
    119
    Points
    4

    Default

    # AdwCleaner v4.109 - Report created 29/01/2015 at 11:16:07
    # Updated 24/01/2015 by Xplode
    # Database : 2015-01-26.1 [Live]
    # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Username : jaysonkrause - JAYSONKRAUSE-PC
    # Running from : C:\Users\jaysonkrause\Pictures\adwcleaner_4.109.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Trusted Publisher
    Folder Deleted : C:\ProgramData\Reimage Protector
    Folder Deleted : C:\ProgramData\ZombieInvasion
    Folder Deleted : C:\ProgramData\pricoechopp
    Folder Deleted : C:\ProgramData\PriicceChOp
    Folder Deleted : C:\ProgramData\443eb10f0b812f92
    Folder Deleted : C:\Program Files (x86)\globalUpdate
    Folder Deleted : C:\Program Files (x86)\PepperZip
    Folder Deleted : C:\Program Files (x86)\RocketTab
    Folder Deleted : C:\Program Files (x86)\Super Optimizer
    Folder Deleted : C:\Program Files (x86)\TheTorntv V10
    Folder Deleted : C:\Program Files (x86)\Consumer Input
    Folder Deleted : C:\Program Files (x86)\pricoechopp
    Folder Deleted : C:\Program Files (x86)\PriicceChOp
    Folder Deleted : C:\Program Files (x86)\ver8SpeedChecker
    Folder Deleted : C:\Program Files (x86)\gmsd_us_136
    Folder Deleted : C:\Program Files\Playzy
    Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Administrator\AppData\Local\torch
    Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Guest\AppData\Local\torch
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\globalUpdate
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\PackageAware
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\torch
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\ZombieInvasion
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\gmsd_us_136
    Folder Deleted : C:\Users\jaysonkrause\AppData\Roaming\DigitalSites
    Folder Deleted : C:\Users\jaysonkrause\AppData\Roaming\Systweak
    Folder Deleted : C:\Users\jaysonkrause\AppData\Roaming\Mozilla\Firefox\Profiles\w1omgo9k.default\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbkchnicaiglcjpgbmpfmoafckkomdcm
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik
    Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\djickjojieoajkajalodpdeleaocmjjn
    Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\knogimmpeiflhipholdfjobmcjbiinda
    Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    Folder Deleted : C:\Users\jaysonkrause\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lmladcmmmddfndepcenkhinnpmegemfg
    File Deleted : C:\Windows\System32\roboot64.exe
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safesearch.xml
    File Deleted : C:\Users\jaysonkrause\AppData\Roaming\Mozilla\Firefox\Profiles\w1omgo9k.default\user.js

    ***** [ Scheduled Tasks ] *****

    Task Deleted : globalUpdateUpdateTaskMachineCore
    Task Deleted : globalUpdateUpdateTaskMachineUA
    Task Deleted : Speedial

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
    Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
    Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05FDF47C-E0BD-434E-8740-4B77961252C6}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{103F0905-ECCB-4605-81F0-CCF2A91D94B4}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2130307D-A080-4301-884E-C94C34736DBC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{257625CC-AD7D-4C65-AC90-00987B0305E4}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BC48320-AF28-4A5A-96E4-0C440D05814D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{405703AA-28EA-4244-B968-482FDD6C56F6}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57D9A59D-FC7D-48B9-A1A1-EB9D8F289E83}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6007991A-A5C7-41D4-B403-03A4359AC36A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE04D16-F4A9-41A9-A4C0-B19CA0C8CBDC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B88ED7-39FA-4B89-BB0D-0A2C3A5BC8CD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3B32220-EB4C-4601-B258-E9AE4BED5EDF}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
    Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Deleted : HKCU\Software\1ClickDownload
    Key Deleted : HKCU\Software\dsiteproducts
    Key Deleted : HKCU\Software\GlobalUpdate
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKCU\Software\TornTv Downloader
    Key Deleted : HKLM\SOFTWARE\Conduit
    Key Deleted : HKLM\SOFTWARE\GlobalUpdate
    Key Deleted : HKLM\SOFTWARE\InstallIQ
    Key Deleted : HKLM\SOFTWARE\systweak
    Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17496

    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

    -\\ Mozilla Firefox v29.0.1 (en-US)

    [w1omgo9k.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
    [w1omgo9k.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.aflt", "ir_14_20_ch");
    [w1omgo9k.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyCyCtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0B0AyByD0F0BtG0Bzz0Bt[...]
    [w1omgo9k.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cr", "492197109");
    [w1omgo9k.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.instlRef", "140305_b");

    -\\ Google Chrome v40.0.2214.93

    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={758EA10C-B2AB-11E1-8A30-0021708F5CC1}
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE9CDD73B-00B0-480B-9DA8-5AE702FE434F&q={searchTerms}&SSPV=
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyCyCtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0B0AyByD0F0BtG0Bzz0BtAtGyDtBtBzytG0DyDzy0EtGtBtAtDtD0FzzzzzyzzyC0FyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=492197109&ir=
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.wonderfulsearches.info/?l=1&q={searchTerms}&pid=2623&r=2014/08/11&hid=4252504591329730131&lg=EN&cc=US&unqvl=60
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.safesear.ch/web/?type=ss-ch-ds&q={searchTerms}

    -\\ Comodo Dragon v

    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={758EA10C-B2AB-11E1-8A30-0021708F5CC1}
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE9CDD73B-00B0-480B-9DA8-5AE702FE434F&q={searchTerms}&SSPV=
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyCyCtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0B0AyByD0F0BtG0Bzz0BtAtGyDtBtBzytG0DyDzy0EtGtBtAtDtD0FzzzzzyzzyC0FyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=492197109&ir=
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.wonderfulsearches.info/?l=1&q={searchTerms}&pid=2623&r=2014/08/11&hid=4252504591329730131&lg=EN&cc=US&unqvl=60
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.safesear.ch/web/?type=ss-ch-ds&q={searchTerms}

    -\\ Chrome Canary v

    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={758EA10C-B2AB-11E1-8A30-0021708F5CC1}
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE9CDD73B-00B0-480B-9DA8-5AE702FE434F&q={searchTerms}&SSPV=
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyCyCtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0B0AyByD0F0BtG0Bzz0BtAtGyDtBtBzytG0DyDzy0EtGtBtAtDtD0FzzzzzyzzyC0FyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=492197109&ir=
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.wonderfulsearches.info/?l=1&q={searchTerms}&pid=2623&r=2014/08/11&hid=4252504591329730131&lg=EN&cc=US&unqvl=60
    [C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.safesear.ch/web/?type=ss-ch-ds&q={searchTerms}

    *************************

    AdwCleaner[R0].txt - [17840 octets] - [29/01/2015 11:10:53]
    AdwCleaner[S0].txt - [20423 octets] - [29/01/2015 11:16:07]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20484 octets] ##########

  6. #6
    Member JaysonKrause's Avatar
    Join Date
    Sep 2004
    Location
    Vancouver,WA
    Posts
    119
    Points
    4

    Default

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.1 (12.28.2014:1)
    OS: Windows 7 Ultimate x64
    Ran by jaysonkrause on Thu 01/29/2015 at 11:51:51.22
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files

    Successfully deleted: [File] "C:\Windows\wininit.ini"



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\jaysonkrause\AppData\Roaming\getrighttogo"
    Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
    Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
    Successfully deleted: [Empty Folder] C:\Users\jaysonkrause\appdata\local\{0215064C-FCF7-44E7-BF3E-0CB7FE72DBAA}
    Successfully deleted: [Empty Folder] C:\Users\jaysonkrause\appdata\local\{02A1530A-E8D2-433A-AA56-EFD29CF43D35}
    Successfully deleted: [Empty Folder] C:\Users\jaysonkrause\appdata\local\{109B231C-64C0-4C5D-8CF0-D8575C0F9152}
    Successfully deleted: [Empty Folder] C:\Users\jaysonkrause\appdata\local\{16AA5FB9-C64B-4A16-8AED-B120634FABC7}
    Successfully deleted: [Empty Folder] C:\Users\jaysonkrause\appdata\local\{6EC92C83-35B5-43A0-AD0A-53061B5E98AB}
    Successfully deleted: [Empty Folder] C:\Users\jaysonkrause\appdata\local\{BBEDD772-E1DF-4B04-A601-DA74178ECA24}
    Successfully deleted: [Empty Folder] C:\Users\jaysonkrause\appdata\local\{C023CEAD-509A-45F7-A020-2D509261282C}
    Successfully deleted: [Empty Folder] C:\Users\jaysonkrause\appdata\local\{CCDE364E-448C-4B9C-92B3-53D7C3F0420B}
    Successfully deleted: [Empty Folder] C:\Users\jaysonkrause\appdata\local\{D33E0231-1DF4-4E7B-A6E0-82FE3D042B7B}



    ~~~ FireFox

    Successfully deleted: [Folder] C:\Users\jaysonkrause\AppData\Roaming\mozilla\firefox\profiles\w1omgo9k.default\extensions\staged



    ~~~ Chrome

    Successfully deleted: [Folder] C:\Users\jaysonkrause\appdata\local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Thu 01/29/2015 at 11:56:34.70
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  7. #7
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Hello,

    A few items to fix

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Open notepad (Start =>All Programs => Accessories => Notepad).
    Copy/Paste the contents of the code box below into Notepad.

    start
    CloseProcesses:
    CreateRestorePoint:
    HKLM-x32\...\Run: [] => [X]
    ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites04_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0E0D0ByD0AyD0EtGyB0F0BtAtG0CtBtCtAtGyB0B0ByBtGyBtCyEtC0F0EtA0CtB0EzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=414653532&ir=
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites04_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0E0D0ByD0AyD0EtGyB0F0BtAtG0CtBtCtAtGyB0B0ByBtGyBtCyEtC0F0EtA0CtB0EzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=414653532&ir=
    SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyCyCtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0B0AyByD0F0BtG0Bzz0BtAtGyDtBtBzytG0DyDzy0EtGtBtAtDtD0FzzzzzyzzyC0FyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=492197109&ir=
    SearchScopes: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites04_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0E0D0ByD0AyD0EtGyB0F0BtAtG0CtBtCtAtGyB0B0ByBtGyBtCyEtC0F0EtA0CtB0EzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=414653532&ir=
    SearchScopes: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites04_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0E0D0ByD0AyD0EtGyB0F0BtAtG0CtBtCtAtGyB0B0ByBtGyBtCyEtC0F0EtA0CtB0EzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=414653532&ir=
    SearchScopes: HKU\S-1-5-21-2323704279-3969684159-1826230288-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyCyCtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0B0AyByD0F0BtG0Bzz0BtAtGyDtBtBzytG0DyDzy0EtGtBtAtDtD0FzzzzzyzzyC0FyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=492197109&ir=
    Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - No File
    FF Plugin HKU\S-1-5-21-2323704279-3969684159-1826230288-1000: @tools.google.com/Google Update;version=9 -> C:\Users\jaysonkrause\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
    CHR StartupUrls: Default -> "hxxp://xfinity.comcast.net/?cid=insDate09052012", "hxxp://search.conduit.com/?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPE9CDD73B-00B0-480B-9DA8-5AE702FE434F&SSPV=", "hxxp://speedial.com/?f=1&a=spd_dsites04_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0E0D0ByD0AyD0EtGyB0F0BtAtG0CtBtCtAtGyB0B0ByBtGyBtCyEtC0F0EtA0CtB0EzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=414653532&ir=", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_20_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EyD0CyDtBzz0C0CyB0C0EtN0D0Tzu0SzzyCyCtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0B0AyByD0F0BtG0Bzz0BtAtGyDtBtBzytG0DyDzy0EtGtBtAtDtD0FzzzzzyzzyC0FyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyEtDzy0D0FyBtGtCyC0E0DtGtDyD0ByEtGtDtB0E0DtGtB0BtDtCyDyC0CyD0D0B0Ezz2Q&cr=492197109&ir=", "hxxp://websearch.wonderfulsearches.info/?pid=2623&r=2014/08/11&hid=4252504591329730131&lg=EN&cc=US&unqvl=60", "hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=M5F65CFB6-47E2-430C-81AB-DC1E5F3AAE2F&SearchSource=55&CUI=&UM=6&UP=SP9A8D411F-B753-4D6F-AF63-BBE9DE9E4370&SSPV="
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{googleageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Extension: (Speedial) - C:\Users\jaysonkrause\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2014-05-08]
    CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
    CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - No Path
    CHR HKU\S-1-5-21-2323704279-3969684159-1826230288-1000\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
    S3 Roxio UPnP Renderer 11; "C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe" [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
    S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
    S3 UsbGps; system32\DRIVERS\lgx64gps.sys [X]
    S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2015-01-23 13:10 - 2015-01-23 14:35 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.33
    2015-01-23 10:34 - 2015-01-23 14:35 - 00000000 ____D () C:\ProgramData\VmyVvOkFV
    2015-01-23 10:26 - 2015-01-23 14:32 - 00000000 ____D () C:\Program Files (x86)\Consumer Input
    2015-01-23 10:25 - 2015-01-23 14:35 - 00000000 ____D () C:\Program Files (x86)\Super Optimizer
    2015-01-23 10:25 - 2015-01-23 11:06 - 00000000 ____D () C:\Program Files (x86)\PepperZip
    C:\Users\jaysonkrause\Hack.vbs
    Task: {4BA78A3D-B36F-4BDB-BC68-06D027566B78} - System32\Tasks\Speedial => C:\Users\JAYSON~1\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {70770BB8-7BD0-430C-AE1A-FCFBD0FBD0A0} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    Task: C:\Windows\Tasks\Speedial.job => C:\Users\JAYSON~1\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    CMD: ipconfig /flushdns
    hosts:
    Emptytemp:
    end
    Click Format and ensure Wordwrap is unchecked.
    Save as Fixlist.txt to your Desktop (Must be in this location)
    Run FRST/FRST64 and press the Fix button just once and wait.
    If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    In your next reply post:
    (Fixlog.txt)