Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Jaamla search??

  • 11-02-2014 9:48pm
    #1
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭


    Hi guys hope this is in the right forum, bear with me as I am not tech savvy whatsoever!!

    Since last week, whenever I try to visit zara.ie (by typing directly into the search window) it takes me to a page which looks like google, except it says "jaamla" and in the address bar it says 16start.com.

    I downloaded anvi smart defender, ran a search and deleted whatever was found, then tried to visit zara again, again it brought me to the jaamla page, I ran another scan and it found 1 threat, which I again removed, tried to visit zara again and had the same problem.

    Anyone know what I should do?


Comments

  • #2
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    run adwcleaner

    www.bleepingcomputer.com/download/adwcleaner/


  • #3
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    Ran it and deleted whatever it detected, but still having the same problem. Am I missing something?


  • #4
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    you deleted what it found right ?

    if so do this


    Download OTL to your Desktop
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Quick Scan button. Do not change any settings. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files here


  • #5
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    Yes I deleted it, when it rebooted I got this message - your preference file is corrupt or invalid. Google chrome is unable to recover your settings.

    I will do that now, thanks a mill


  • #6
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    OTL logfile created on: 2/11/2014 11:37:55 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aileen\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16428)
    Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

    3.80 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 54.30% Memory free
    7.60 Gb Paging File | 5.79 Gb Available in Paging File | 76.12% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 296.09 Gb Total Space | 207.28 Gb Free Space | 70.00% Space Free | Partition Type: NTFS

    Computer Name: AILEEN-PC | User Name: Aileen | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/02/11 23:37:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aileen\Downloads\OTL (3).exe
    PRC - [2014/02/01 23:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    PRC - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
    PRC - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
    PRC - [2013/10/21 06:56:16 | 001,636,536 | ---- | M] (Anvisoft) -- C:\Users\Aileen\Desktop\New folder\Anvi Smart Defender\ASDTray.exe
    PRC - [2013/10/21 06:56:16 | 000,742,584 | ---- | M] (Anvisoft) -- C:\Users\Aileen\Desktop\New folder\Anvi Smart Defender\ASDSrv.exe
    PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    PRC - [2013/06/14 07:00:12 | 000,314,064 | ---- | M] () -- C:\Users\Aileen\Desktop\New folder\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe
    PRC - [2013/06/14 07:00:06 | 001,256,144 | ---- | M] (Anvisoft) -- C:\Users\Aileen\Desktop\New folder\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe
    PRC - [2011/04/17 00:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
    PRC - [2010/10/13 12:04:22 | 000,097,560 | ---- | M] (Fujitsu Technology Solutions) -- C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
    PRC - [2009/11/01 16:04:48 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2009/11/01 16:04:42 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2009/10/09 20:06:50 | 000,047,976 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
    PRC - [2009/10/08 19:44:54 | 000,036,712 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
    PRC - [2009/07/08 20:58:26 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe


    ========== Modules (No Company Name) ==========

    MOD - [2014/02/01 23:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
    MOD - [2014/02/01 23:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
    MOD - [2014/02/01 23:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
    MOD - [2014/02/01 23:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
    MOD - [2014/02/01 23:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
    MOD - [2014/02/01 23:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
    MOD - [2013/10/15 03:06:26 | 000,785,128 | ---- | M] () -- C:\Users\Aileen\Desktop\New folder\Anvi Smart Defender\sqlite3.dll
    MOD - [2013/10/12 19:55:18 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
    MOD - [2013/10/12 19:54:40 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
    MOD - [2013/09/26 14:47:24 | 000,696,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\log4net\bdcb5bcc0b64c582b54f8a78ff876721\log4net.ni.dll
    MOD - [2013/08/19 15:37:19 | 000,113,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DeskUpdateNotifier\0d9140f068c5ae156ff2f907e8641c7f\DeskUpdateNotifier.ni.exe
    MOD - [2013/08/15 18:04:53 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
    MOD - [2013/08/15 18:04:29 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
    MOD - [2013/08/15 18:04:23 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
    MOD - [2013/07/14 15:58:26 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
    MOD - [2013/06/14 07:00:12 | 000,785,104 | ---- | M] () -- C:\Users\Aileen\Desktop\New folder\Anvi Smart Defender\toolbox\adblocker\sqlite3.dll
    MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014/01/15 09:43:50 | 005,100,392 | ---- | M] (Reimage®) [Auto | Running] -- C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe -- (ReimageRealTimeProtection)
    SRV:64bit: - [2013/11/26 09:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/06/24 00:14:38 | 000,330,240 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
    SRV:64bit: - [2009/07/30 09:43:00 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
    SRV - [2014/02/05 00:12:18 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE -- (BBUpdate)
    SRV - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE -- (BBSvc)
    SRV - [2013/10/21 06:56:16 | 000,742,584 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Users\Aileen\Desktop\New folder\Anvi Smart Defender\ASDSrv.exe -- (asdsrv)
    SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
    SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
    SRV - [2013/06/14 07:00:12 | 000,314,064 | ---- | M] () [Auto | Running] -- C:\Users\Aileen\Desktop\New folder\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe -- (AdblockerSrv)
    SRV - [2013/04/10 06:58:17 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2011/04/17 00:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
    SRV - [2010/03/18 20:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/11/01 16:04:48 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2009/11/01 16:04:42 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2014/02/11 22:40:04 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
    DRV:64bit: - [2013/10/15 03:05:58 | 000,023,376 | ---- | M] (Anvisoft) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\asdrs.sys -- (asdrs)
    DRV:64bit: - [2013/10/15 03:05:58 | 000,018,768 | ---- | M] (Anvisoft) [File_System | System | Running] -- C:\Windows\SysNative\drivers\asdrm.sys -- (asdrm)
    DRV:64bit: - [2013/10/15 03:05:58 | 000,017,232 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\asdws.sys -- (asdws)
    DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
    DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
    DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
    DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
    DRV:64bit: - [2013/06/09 02:40:32 | 000,019,280 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\asdnet.sys -- (asdnet)
    DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/05/01 14:50:58 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
    DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/04/21 01:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys -- (SymNetS)
    DRV:64bit: - [2011/03/31 03:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys -- (SRTSP)
    DRV:64bit: - [2011/03/31 03:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys -- (SRTSPX)
    DRV:64bit: - [2011/03/15 02:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA)
    DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2011/01/27 06:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys -- (SymDS)
    DRV:64bit: - [2011/01/27 05:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys -- (SymIRON)
    DRV:64bit: - [2010/11/21 03:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/21 03:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2010/06/08 08:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2010/03/04 20:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2009/12/18 10:38:56 | 008,038,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/11/27 04:15:00 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2009/11/06 11:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009/11/01 16:04:42 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
    DRV:64bit: - [2009/10/26 11:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
    DRV:64bit: - [2009/10/09 19:16:28 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 23:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
    DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2006/11/01 16:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
    DRV:64bit: - [2006/11/01 16:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
    DRV - [2012/06/19 00:01:13 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120619.001\BHDrvx64.sys -- (BHDrvx64)
    DRV - [2012/06/18 18:26:25 | 000,509,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120627.001\IDSviA64.sys -- (IDSVia64)
    DRV - [2012/05/31 21:06:06 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
    DRV - [2012/05/31 21:06:06 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - [2012/05/16 18:57:06 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120628.004\ex64.sys -- (NAVEX15)
    DRV - [2012/05/16 18:57:05 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120628.004\eng64.sys -- (NAVENG)
    DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E71DD945-3CE7-48B3-B31E-4D67223FCE0D}
    IE:64bit: - HKLM\..\SearchScopes\{E71DD945-3CE7-48B3-B31E-4D67223FCE0D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{E71DD945-3CE7-48B3-B31E-4D67223FCE0D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ts.fujitsu.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKCU\..\SearchScopes,DefaultScope =
    IE - HKCU\..\SearchScopes\{E71DD945-3CE7-48B3-B31E-4D67223FCE0D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG_enIE482
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com?cid={F7A5972E-E6C2-40A4-95C6-E1280663361F}&mid=b846ea1c857447d2a9973183d2700e34-f7db1ddeba60caa2d54b607ff51929399139b80c&lang=en&ds=re011&coid=avgtbdisre&cmpid=&pr=sa&d=&v=17.3.1.91&pid=safeguard&sg=&sap=hp"
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
    FF - prefs.js..keyword.URL: ""
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2012/05/07 13:40:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_13_2 [2014/02/11 23:17:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/21 15:49:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2013/04/21 15:49:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aileen\AppData\Roaming\Mozilla\Extensions
    [2013/04/21 15:49:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2013/04/10 06:58:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2013/04/10 06:57:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2014/02/11 22:41:18 | 000,003,747 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
    [2013/04/10 06:57:54 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - default_search_provider: AVG Secure Search (Enabled)
    CHR - default_search_provider: search_url = http://mysearch.avg.com/search?cid={F7A5972E-E6C2-40A4-95C6-E1280663361F}&mid=b846ea1c857447d2a9973183d2700e34-f7db1ddeba60caa2d54b607ff51929399139b80c&lang=en&ds=re011&coid=avgtbdisre&cmpid=&pr=sa&d=2014-02-11 22:40:45&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
    CHR - default_search_provider: suggest_url = http://toolbar.avg.com/acp?q={searchTerms}&o=1,
    CHR - Extension: Movies Toolbar = C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\21.56092_0\
    CHR - Extension: Movies Toolbar = C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\
    CHR - Extension: Google Wallet = C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\

    O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll File not found
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
    O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Anvi AD Blocker] C:\Users\Aileen\Desktop\New folder\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe (Anvisoft)
    O4 - HKLM..\Run: [Anvi Smart Defender] C:\Users\Aileen\Desktop\New folder\Anvi Smart Defender\ASDTray.exe (Anvisoft)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [DeskUpdateNotifier] c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
    O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
    O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
    O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
    O4 - HKCU..\Run: [iLivid] File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45C9019D-ED80-4F9E-ABFB-573FB4CCD888}: DhcpNameServer = 8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E50BDF7-FCA3-4D04-A8E7-1D0B32F456DA}: DhcpNameServer = 192.168.1.254
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O27:64bit: - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27:64bit: - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27:64bit: - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27:64bit: - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27:64bit: - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27:64bit: - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27:64bit: - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27:64bit: - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27:64bit: - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27:64bit: - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27:64bit: - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/02/11 22:55:27 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/02/11 22:50:46 | 000,000,000 | ---D | C] -- C:\Users\Aileen\AppData\Local\Programs
    [2014/02/11 22:42:03 | 000,000,000 | ---D | C] -- C:\ProgramData\CDB
    [2014/02/11 22:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
    [2014/02/11 22:41:23 | 000,000,000 | ---D | C] -- C:\Users\Aileen\AppData\Local\AVG SafeGuard toolbar
    [2014/02/11 22:41:22 | 000,000,000 | ---D | C] -- C:\rei
    [2014/02/11 22:40:44 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2014/02/11 22:40:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
    [2014/02/11 22:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
    [2014/02/11 22:39:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2014/02/11 22:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
    [2014/02/11 21:18:18 | 000,000,000 | ---D | C] -- C:\Users\Aileen\AppData\Roaming\Anvisoft
    [2014/02/11 21:17:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
    [2014/02/11 21:17:51 | 000,023,376 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\asdrs.sys
    [2014/02/11 21:17:51 | 000,018,768 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\asdrm.sys
    [2014/02/11 21:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
    [2014/02/11 21:17:46 | 000,000,000 | ---D | C] -- C:\Users\Aileen\Desktop\New folder
    [2014/02/11 21:17:27 | 000,000,000 | ---D | C] -- C:\Users\Aileen\Desktop\anvi smart defender
    [2014/01/27 21:46:14 | 000,000,000 | ---D | C] -- C:\Users\Aileen\AppData\Local\{8471DA9D-ED8B-448C-BDCE-07E6948EAE24}
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Users\Aileen\Desktop\*.tmp files -> C:\Users\Aileen\Desktop\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/02/11 23:26:35 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/02/11 23:26:35 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/02/11 23:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/02/11 23:22:00 | 000,779,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014/02/11 23:22:00 | 000,665,232 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014/02/11 23:22:00 | 000,125,678 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014/02/11 23:17:21 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/02/11 23:16:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/02/11 23:16:47 | 3061,227,520 | -HS- | M] () -- C:\hiberfil.sys
    [2014/02/11 23:16:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/02/11 22:52:43 | 000,001,975 | ---- | M] () -- C:\Users\Aileen\Desktop\Sync Folder.lnk
    [2014/02/11 22:42:44 | 000,000,163 | ---- | M] () -- C:\Windows\Reimage.ini
    [2014/02/11 22:41:31 | 000,001,907 | ---- | M] () -- C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
    [2014/02/11 22:40:04 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2014/02/11 21:18:10 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
    [2014/02/11 21:17:53 | 000,000,845 | ---- | M] () -- C:\Users\Public\Desktop\Anvi Smart Defender.lnk
    [2014/02/05 00:15:03 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2014/01/18 21:53:48 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Users\Aileen\Desktop\*.tmp files -> C:\Users\Aileen\Desktop\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/02/11 22:52:43 | 000,001,975 | ---- | C] () -- C:\Users\Aileen\Desktop\Sync Folder.lnk
    [2014/02/11 22:51:20 | 000,016,896 | ---- | C] () -- C:\Windows\SysNative\sasnative64.exe
    [2014/02/11 22:41:31 | 000,001,907 | ---- | C] () -- C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
    [2014/02/11 22:39:03 | 000,000,163 | ---- | C] () -- C:\Windows\Reimage.ini
    [2014/02/11 21:18:10 | 000,019,280 | ---- | C] () -- C:\Windows\SysNative\drivers\asdnet.sys
    [2014/02/11 21:18:10 | 000,001,161 | ---- | C] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
    [2014/02/11 21:17:52 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\Anvi Smart Defender.lnk
    [2014/02/11 21:17:51 | 000,017,232 | ---- | C] () -- C:\Windows\SysNative\drivers\asdws.sys

    ========== ZeroAccess Check ==========

    [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2014/02/11 21:18:18 | 000,000,000 | ---D | M] -- C:\Users\Aileen\AppData\Roaming\Anvisoft
    [2012/04/30 17:01:19 | 000,000,000 | ---D | M] -- C:\Users\Aileen\AppData\Roaming\Fujitsu
    [2014/01/14 17:56:33 | 000,000,000 | ---D | M] -- C:\Users\Aileen\AppData\Roaming\SoftGrid Client
    [2013/01/03 22:46:39 | 000,000,000 | ---D | M] -- C:\Users\Aileen\AppData\Roaming\Spotify
    [2012/05/08 17:18:18 | 000,000,000 | ---D | M] -- C:\Users\Aileen\AppData\Roaming\TP
    [2012/05/21 18:39:14 | 000,000,000 | ---D | M] -- C:\Users\Aileen\AppData\Roaming\Windows Live Writer
    [2012/05/16 18:39:04 | 000,000,000 | ---D | M] -- C:\Users\Aileen\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE}

    ========== Purity Check ==========



    < End of report >


  • Advertisement
  • #7
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    OTL Extras logfile created on: 2/11/2014 11:29:31 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aileen\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16428)
    Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

    3.80 Gb Total Physical Memory | 2.24 Gb Available Physical Memory | 58.88% Memory free
    7.60 Gb Paging File | 5.90 Gb Available in Paging File | 77.58% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 296.09 Gb Total Space | 207.28 Gb Free Space | 70.01% Space Free | Partition Type: NTFS

    Computer Name: AILEEN-PC | User Name: Aileen | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe -scanunknown "%1"
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe -scanunknown "%1"
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{3CE9AF5C-3184-49E1-A3EB-A4379CFCA824}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
    "{603AEBC6-26A1-45D6-A180-306EC6CB80BC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{987D4E6F-7ECB-4BE1-AD5F-59AF15B31B67}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{17D9C216-9F1F-4AE4-8532-5C3104D55953}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{35B7FF61-71DF-4542-99B0-C81724F76E80}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
    "{3BB58DE0-3A0B-4DF6-823B-DF47BC84388A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{4034F904-9EA4-44D5-9585-5719B3EDB188}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{428A9CB8-11E9-4A83-9743-DB6FA56D01E7}" = protocol=17 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe |
    "{45B036B2-7BE1-4533-828B-862DA078342C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{52C22B75-60B1-4218-AA85-03860C301536}" = protocol=6 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe |
    "{72375C9F-B248-4F2F-B1BF-6DA4731A394E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{789C7B92-7197-4580-B101-320D56E2C8DB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{B7C4AE1A-D5A8-4D0C-AAE8-9A5D6139A328}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{CFC5754C-8218-415A-A140-88C3F57EF8AB}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
    "{EABC6EB4-FF1E-42EB-941E-053B4987C4C3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{ED3FD8FF-8E79-484F-859A-E8A023AE5003}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
    "{1AB4DB8C-4123-45DC-B896-C67990F76DA4}" = HP Deskjet 1050 J410 series Product Improvement Study
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
    "{4268BF51-DFDF-4178-8B8D-5D5752FCAA58}" = HP Deskjet 1050 J410 series Basic Device Software
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
    "{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
    "{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{B7C6A943-83E0-4E7F-A79A-C5CBAA60B0F5}" = Plugfree NETWORK
    "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
    "{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Reimage Repair" = Reimage Repair
    "SynTPDeinstKey" = Synaptics Pointing Device Driver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Help
    "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{9983CD31-473F-4808-8317-5346119F0187}" = eBay
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
    "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
    "{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}" = Bing Bar
    "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
    "Anvi AD Blocker" = Anvi AD Blocker 2.2
    "Anvi Smart Defender" = Anvi Smart Defender 1.9.3
    "AVG SafeGuard toolbar" = AVG SafeGuard toolbar
    "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
    "DeskUpdate_is1" = DeskUpdate 4.11
    "Google Chrome" = Google Chrome
    "HP Photo Creations" = HP Photo Creations
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
    "InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
    "InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
    "InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
    "InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
    "InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
    "Kobo" = Kobo
    "Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "NIS" = Norton Internet Security
    "Office14.Click2Run" = Microsoft Office Click-to-Run 2010
    "WinLiveSuite" = Windows Live Essentials

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Spotify" = Spotify

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 1/17/2014 8:43:34 AM | Computer Name = Aileen-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 17847

    Error - 1/17/2014 8:43:35 AM | Computer Name = Aileen-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 1/17/2014 8:43:35 AM | Computer Name = Aileen-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 18845

    Error - 1/17/2014 8:43:35 AM | Computer Name = Aileen-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 18845

    Error - 1/17/2014 8:44:53 AM | Computer Name = Aileen-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 1/17/2014 8:44:53 AM | Computer Name = Aileen-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 1170

    Error - 1/17/2014 8:44:53 AM | Computer Name = Aileen-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 1170

    Error - 1/17/2014 8:50:40 AM | Computer Name = Aileen-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 1/17/2014 8:50:40 AM | Computer Name = Aileen-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 348085

    Error - 1/17/2014 8:50:40 AM | Computer Name = Aileen-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 348085

    [ System Events ]
    Error - 4/21/2013 11:24:58 AM | Computer Name = Aileen-PC | Source = Service Control Manager | ID = 7001
    Description = The Client Virtualization Handler service depends on the Application
    Virtualization Client service which failed to start because of the following error:
    %%1053

    Error - 4/23/2013 9:51:24 AM | Computer Name = Aileen-PC | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 14:45:52 on ?23/?04/?2013 was unexpected.

    Error - 4/27/2013 5:50:50 PM | Computer Name = Aileen-PC | Source = ACPI | ID = 327693
    Description = : The embedded controller (EC) did not respond within the specified
    timeout period. This may indicate that there is an error in the EC hardware or
    firmware or that the BIOS is accessing the EC incorrectly. You should check with
    your computer manufacturer for an upgraded BIOS. In some situations, this error
    may cause the computer to function incorrectly.

    Error - 4/27/2013 6:29:38 PM | Computer Name = Aileen-PC | Source = ACPI | ID = 327693
    Description = : The embedded controller (EC) did not respond within the specified
    timeout period. This may indicate that there is an error in the EC hardware or
    firmware or that the BIOS is accessing the EC incorrectly. You should check with
    your computer manufacturer for an upgraded BIOS. In some situations, this error
    may cause the computer to function incorrectly.

    Error - 5/5/2013 1:36:45 PM | Computer Name = Aileen-PC | Source = DCOM | ID = 10005
    Description =

    Error - 5/5/2013 1:36:45 PM | Computer Name = Aileen-PC | Source = Service Control Manager | ID = 7000
    Description = The Google Update Service (gupdate) service failed to start due to
    the following error: %%109

    Error - 5/27/2013 7:45:14 AM | Computer Name = Aileen-PC | Source = DCOM | ID = 10010
    Description =

    Error - 5/28/2013 12:40:53 PM | Computer Name = Aileen-PC | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 01:47:48 on ?28/?05/?2013 was unexpected.

    Error - 6/8/2013 8:45:49 PM | Computer Name = Aileen-PC | Source = DCOM | ID = 10005
    Description =

    Error - 6/8/2013 8:45:48 PM | Computer Name = Aileen-PC | Source = Service Control Manager | ID = 7000
    Description = The Google Update Service (gupdate) service failed to start due to
    the following error: %%109


    < End of report >


  • #8
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    not seeing much

    open OTL copy th is into the box


    :OTL
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E71DD945-3CE7-48B3-B31E-4D67223FCE0D}
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll File not found
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKCU..\Run: [iLivid] File not found

    :Commands
    [PURITY]
    [EMPTYTEMP]
    [EMPTYFLASH]
    [RESETHOSTS]
    [EMPTYJAVA]
    [CREATERESTOREPOINT]
    [Reboot]
    :Files
    ipconfig /flushdns /c
    C:\PROGRA~2\MOVIES~1

    click run fix post the log it gives


    then download, update malwarebyres anti-malware

    http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

    run a quick scan and post it slog


  • #9
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    Sorry just back to the laptop now, here is the log I got -

    All processes killed
    ========== OTL ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\iLivid not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Aileen
    ->Temp folder emptied: 973 bytes
    ->Temporary Internet Files folder emptied: 128 bytes
    ->FireFox cache emptied: 0 bytes
    ->Google Chrome cache emptied: 20624192 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Journal

    User: Public

    User: RegBack

    User: systemprofile

    User: TxR

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 3426 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 20.00 mb


    [EMPTYFLASH]

    User: Aileen
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default

    User: Default User

    User: Journal

    User: Public

    User: RegBack

    User: systemprofile

    User: TxR

    Total Flash Files Cleaned = 0.00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYJAVA]

    User: Aileen

    User: All Users

    User: Default

    User: Default User

    User: Journal

    User: Public

    User: RegBack

    User: systemprofile

    User: TxR

    Total Java Files Cleaned = 0.00 mb

    Restore point Set: OTL Restore Point
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\Aileen\Downloads\cmd.bat deleted successfully.
    C:\Users\Aileen\Downloads\cmd.txt deleted successfully.
    File\Folder C:\PROGRA~2\MOVIES~1 not found.

    OTL by OldTimer - Version 3.2.69.0 log created on 02122014_125954

    Files\Folders moved on Reboot...
    C:\Users\Aileen\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...


  • #10
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    jsa112 wrote: »


    then download, update malwarebyres anti-malware

    http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

    run a quick scan and post it slog

    Post edited because i'm a dip****!! Quick scan running atm


  • #11
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2014.02.12.05

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16476
    Aileen :: AILEEN-PC [administrator]

    Protection: Enabled

    12/02/2014 13:20:57
    MBAM-log-2014-02-12 (13-26-51).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 232912
    Time elapsed: 4 minute(s), 32 second(s)

    Memory Processes Detected: 1
    C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (PUP.Optional.AdvancedSystemProtector.A) -> 1184 -> No action taken.

    Memory Modules Detected: 9
    C:\Program Files (x86)\Advanced System Protector\aspsys.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Interop.IWshRuntimeLibrary.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\scandll.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\unrar.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.

    Registry Keys Detected: 5
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 (PUP.Optional.RegCleanPro.A) -> No action taken.
    HKCU\Software\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> No action taken.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 15
    C:\Program Files (x86)\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\clamunpack (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\ProgramData\Datamngr (PUP.Optional.Datamngr.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\2.1.1000.12580 (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\updates (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector\2.1.1000.12580 (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector\Backup (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector\Logs (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> No action taken.

    Files Detected: 169
    C:\Users\Aileen\Downloads\rcpafterdownloadcp_ntb_ad_7894_cpntb1.exe (PUP.Optional.RegCleanPro) -> No action taken.
    C:\Users\Aileen\Downloads\rcp_dcomnew_sec_300.exe (PUP.Optional.RegCleanPro) -> No action taken.
    C:\Users\Aileen\Downloads\rcp_dcomnew_sec_728.exe (PUP.Optional.RegCleanPro) -> No action taken.
    C:\Users\Aileen\Downloads\TVSetup (1).exe (PUP.Optional.Inbox) -> No action taken.
    C:\Users\Aileen\Downloads\TVSetup (2).exe (PUP.Optional.Inbox) -> No action taken.
    C:\Users\Aileen\Downloads\TVSetup.exe (PUP.Optional.Inbox) -> No action taken.
    C:\Windows\Tasks\RegClean Pro_UPDATES.job (PUP.Optional.RegCleanerPro.J) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\loading_withWhiteBG.avi (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.config (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\AppResource.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\asp.ico (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\AspManager.exe (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\aspsys.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\ASPUninstall.exe (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\categories.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Chinese_asp_ZH-CN.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Chinese_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Communication.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\danish_asp_DA.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Danish_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\dutch_asp_NL.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Dutch_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\eng_asp_en.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\eng_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Finnish_asp_FI.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Finnish_uninst_fi.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\french_asp_FR.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\French_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\german_asp_DE.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\German_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\greek_uninst_el.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Interop.IWshRuntimeLibrary.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\italian_asp_IT.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Italian_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\japanese_asp_JA.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Japanese_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\korean_uninst_ko.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\norwegian_asp_NO.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Norwegian_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\polish_uninst_pl.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\portugese_uninst_pt.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\portuguese_asp_PT-BR.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Portuguese_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\russian_asp_ru.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\russian_uninst_ru.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\scandll.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\spanish_asp_ES.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\spanish_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\SSDPTstub.exe (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\swedish_asp_SV.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\swedish_uninst.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\System.Core.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\traditionalcn_uninst_zh-tw.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Turkish_uninst_tr.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\unins000.dat (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\unins000.exe (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\unins000.msg (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\unrar.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.Formats.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\clamunpack\clamscan.exe (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\clamunpack\libclamav.dll (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\clamunpack\readme.txt (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.com (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.exe (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.pif (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.scr (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\ASP-Troubleshooter.chm (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\firefox.com (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.exe (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.lnk (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\TraditionalCn_rcp_zh-tw.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Chinese_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Chinese_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\CleanSchedule.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Cloud_Backup_Setup.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Cloud_Backup_Setup_Intl.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Danish_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Danish_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Dutch_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Dutch_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\eng_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\eng_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Finnish_rcp_fi.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Finnish_uninst_fi.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\French_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\French_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\German_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\German_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\greek_rcp_el.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\greek_uninst_el.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\install_left_image.bmp (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\isxdl.dll (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Italian_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Italian_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Japanese_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Japanese_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\korean_rcp_ko.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\korean_uninst_ko.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Norwegian_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Norwegian_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\polish_rcp_pl.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\polish_uninst_pl.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\portugese_rcp_pt.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\portugese_uninst_pt.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Portuguese_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Portuguese_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\RCPUninstall.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\RegCleanPro.dll (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\russian_rcp_ru.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\russian_uninst_ru.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Spanish_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\spanish_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\SSDPTstub.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Swedish_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\swedish_uninst.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\systweakasp.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\TPS.ico (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\traditionalcn_uninst_zh-tw.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\turkish_rcp_tr.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\Turkish_uninst_tr.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\unins000.dat (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\unins000.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\unins000.msg (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Program Files (x86)\RegClean Pro\xmllite.dll (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\Windows\Tasks\RegClean Pro_DEFAULT.job (PUP.Optional.RegCleanPro.A) -> No action taken.
    C:\ProgramData\Wincert\win32cert.dll (PUP.Optional.Datamngr.A) -> No action taken.
    C:\ProgramData\Wincert\win64cert.dll (PUP.Optional.Datamngr.A) -> No action taken.
    C:\ProgramData\Wincert\win32prop.dll (PUP.Optional.Datamngr.A) -> No action taken.
    C:\ProgramData\Wincert\win64prop.dll (PUP.Optional.Datamngr.A) -> No action taken.
    C:\ProgramData\Datamngr\coordinator.cfg (PUP.Optional.Datamngr.A) -> No action taken.
    C:\ProgramData\Datamngr\general.cfg (PUP.Optional.Datamngr.A) -> No action taken.
    C:\ProgramData\Datamngr\S-1-5-21-1782185508-4266902339-836669794-1000.cfg (PUP.Optional.Datamngr.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\AddonSafelist (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\log.xslt (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\completedatabase.db (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\Cookies.bin (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\DigSign.bin (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\FilePaths.bin (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\FileSignature.bin (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\Folders.bin (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\Md5.bin (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\Registry.bin (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\SetupSign.bin (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\StrSetupSign.bin (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1545completedatabase.zip (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1671mupdate.zip (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1672update.zip (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1673update.zip (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1674update.zip (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector\ASPStartupManagerErrorLog.txt (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector\QDetail.db (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector\Settings.db (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector\Update.ini (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector\2.1.1000.12580\ASPLog.txt (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector\Logs\log_12-02-14_01-20-39.xml (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\Advanced System Protector\Logs\SMLog.xml (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\RegClean Pro\Version 6.1\eng_rcp.dat (PUP.Optional.RegCleanerPro.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\RegClean Pro\Version 6.1\log_02-12-2014.log (PUP.Optional.RegCleanerPro.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> No action taken.
    C:\Users\Aileen\AppData\Roaming\systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> No action taken.

    (end)


  • Advertisement
  • #12
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    let mbam fix those, reboot and tell me how its running


  • #13
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    mbam??


  • #14
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    malwarebytes anti malware


  • #15
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    jsa112 wrote: »
    malwarebytes anti malware

    still having the same problem when I try to visit zara.com. doesn't happen with any other site:mad:


  • #16
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    this is happening in chrome right ? go into incognito mode and try visit the site, happen then ?


  • #17
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    Yes - happening in both chrome and incognito


  • #18
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    do you recognise this extension, did you install it yourself ?

    CHR - Extension: Movies Toolbar


  • #19
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    Nope definitely not.


  • #20
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    copy this into the otl box


    :OTL
    CHR - Extension: Movies Toolbar = C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\21.56092_0\
    CHR - Extension: Movies Toolbar = C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\
    O3 - HKLM\..\Toolbar: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll File not found

    :Commands
    [PURITY]
    [EMPTYTEMP]
    [EMPTYFLASH]
    [RESETHOSTS]
    [EMPTYJAVA]
    [CREATERESTOREPOINT]
    [Reboot]
    :Files
    ipconfig /flushdns /c
    c:\program files (x86)\movies toolbar

    :reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{428A9CB8-11E9-4A83-9743-DB6FA56D01E7}"=-
    "{52C22B75-60B1-4218-AA85-03860C301536}"=-


    click run fix post the log it gives


  • #21
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    All processes killed
    ========== OTL ==========
    File C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\21.56092_0 not found.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\js folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\css\images folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\css folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\search-suggestion folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\rebuttal\images folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\rebuttal folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options\images folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\shims folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\hack folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\lib folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\css folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\search-box-imesh\images folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\search-box-imesh folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-video-tools folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-trailers folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-reviews folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-movies folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-born-star folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\search folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\newtab folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\logo folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\v5parity folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\taskbar folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\plain folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\mindspark folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\imesh folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\avira folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background folder moved successfully.
    C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0 folder moved successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}\ not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Aileen
    ->Temp folder emptied: 11154699 bytes
    ->Temporary Internet Files folder emptied: 2807953 bytes
    ->FireFox cache emptied: 0 bytes
    ->Google Chrome cache emptied: 284040785 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Journal

    User: Public

    User: RegBack

    User: systemprofile

    User: TxR

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 1804876 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 286.00 mb


    [EMPTYFLASH]

    User: Aileen
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default

    User: Default User

    User: Journal

    User: Public

    User: RegBack

    User: systemprofile

    User: TxR

    Total Flash Files Cleaned = 0.00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYJAVA]

    User: Aileen

    User: All Users

    User: Default

    User: Default User

    User: Journal

    User: Public

    User: RegBack

    User: systemprofile

    User: TxR

    Total Java Files Cleaned = 0.00 mb

    Restore point Set: OTL Restore Point
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\Aileen\Downloads\cmd.bat deleted successfully.
    C:\Users\Aileen\Downloads\cmd.txt deleted successfully.
    File\Folder c:\program files (x86)\movies toolbar not found.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{428A9CB8-11E9-4A83-9743-DB6FA56D01E7} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{428A9CB8-11E9-4A83-9743-DB6FA56D01E7}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52C22B75-60B1-4218-AA85-03860C301536} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52C22B75-60B1-4218-AA85-03860C301536}\ not found.

    OTL by OldTimer - Version 3.2.69.0 log created on 02122014_191104

    Files\Folders moved on Reboot...
    C:\Users\Aileen\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Aileen\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...


  • Advertisement
  • #22
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    still there on that site ?


  • #23
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    jsa112 wrote: »
    still there on that site ?

    yep:(


  • #24
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    download combofix, run it and post the log it gives


    http://www.bleepingcomputer.com/combofix/how-to-use-combofix


  • #25
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    jsa112 wrote: »
    download combofix, run it and post the log it gives


    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    Downloaded and ran it, it hasn't prompted me to reboot, should I just do it anyway to obtain the log?


  • #26
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    the log should be at c:\combofix.txt

    if not reboot


  • #27
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    Just tried it twice, no log is coming up and I can't locate the file.
    "Start up guard" is still running and the "allow" figure keeps flutuating - should I wait for this to stop??


  • #28
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    it shouldn't take long, re-run it if you need to


  • #29
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    So I do have to allow start up guard to finish also?


  • #30
    gg2
    Registered Users, Registered Users 2 Posts: 1,082 ✭✭✭gg2


    Ok ran it again, but I'm not getting through all the stages that is stated on the download page, getting the disclaimer and back up window and thats it


  • Advertisement
  • #31
    jsa112
    Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    can you run it in safe mode instead then


Advertisement