HELP! "Navigation to the webpage was cancelled"

T

themysticpotato

New Member
Hi! I've lurked for a while, and now I've got a problem, so I'll seek assistance. There's a little HTML box that CONSTANTLY pops up on my lower right hand side. I have windows 8. The box says "Navigation to the webpage was cancelled". Any thoughts? I thought at first it was the proprietary antivirus malfunctioning, but I had uninstalled that and got AVG free a while ago... I looked in scheduled tasks, hoping to find an answer, nothing was yielded. I did a full-computer scan with AVG Free. Nothing. I'm at my wits end. Please help!
 
Sounds like Adware to me. Let's do some scans.

1.

Please download AdwCleaner by Xplode onto your Desktop.



•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Scan.
•After the scan you will need to click on clean for it to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

2.

Please download Junkware Removal Tool to your desktop.

•Shutdown your antivirus to avoid any conflicts.
•Very important that you run the tool in this manner:
Right-mouse click JRT.exe and select Run as administrator
Do NOT just double-click it.
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Post the contents of JRT.txt in your next message.

3.

Please download Malwarebytes' Anti-Malware and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.

Please post the log that Malwarebytes displays on your screen.
 
I followed the instructions. Here is the log from Adwcleaner:
# AdwCleaner v3.305 - Report created 13/08/2014 at 22:54:21
# Updated 14/08/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Ben - HAL
# Running from : C:\Users\Ben\Downloads\AdwCleaner (1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Ben\Favorites\StumbleUpon
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[!] Folder Deleted : C:\Users\Ben\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Ben\AppData\Local\Pokki
Folder Deleted : C:\Users\Ben\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Ben\AppData\Roaming\UpdaterEX
Folder Deleted : C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\END
File Deleted : C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\invalidprefs.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\searchplugins\search.xml.old
File Deleted : C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage

***** [ Scheduled Tasks ] *****

Task Deleted : MySearchDial
Task Deleted : UpdaterEX

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]

-\\ Mozilla Firefox v

[ File : C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\prefs.js ]

Line Deleted : user_pref("avg.install.Revert_DSP", "Web Search");
Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");

-\\ Google Chrome v36.0.1985.125

*************************

AdwCleaner[R0].txt - [10676 octets] - [01/02/2014 23:14:03]
AdwCleaner[R1].txt - [10267 octets] - [13/08/2014 22:50:29]
AdwCleaner[S0].txt - [9773 octets] - [01/02/2014 23:18:45]
AdwCleaner[S1].txt - [9832 octets] - [13/08/2014 22:54:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [9892 octets] ##########

Then, I did the Removal Tool:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Ben on Wed 08/13/2014 at 23:03:54.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4F86479E-3B8D-497F-9838-22656ADB6735}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 08/13/2014 at 23:12:39.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I tried Malwarebytes, and it was going well until the Heuristic Analysis, which was taking FOREVER. (a really really really long time.)
I cancelled the scan and decided to ask about it before installing the alternatives.

The problem still persists. It's driving me crazy. I can't even see what time it is on the toolbar.
Halp!
 
Please run the following so we can get an idea of what is running at bootup.

Download OTL to your Desktop


•Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
•Click on Minimal Output at the top
•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file in your reply.
 
Okie Dokie: I ran the program. I spat the following out:
OTL logfile created on: 8/14/2014 6:25:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ben\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.88 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 48.96% Memory free
5.26 Gb Paging File | 3.36 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.22 Gb Total Space | 245.28 Gb Free Space | 54.12% Space Free | Partition Type: NTFS
Drive E: | 1.88 Gb Total Space | 0.55 Gb Free Space | 29.26% Space Free | Partition Type: FAT32

Computer Name: HAL | User Name: Ben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Ben\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Ben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Ellora Assets Corp.)
PRC - C:\Users\Ben\AppData\Local\Guard\Guard.exe ()
PRC - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Users\Ben\AppData\Local\Guard\Guard.exe ()
MOD - C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (THAccelSvc) -- C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe (TOSHIBA CORPORATION)
SRV:64bit: - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (OfficeSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (BRSptSvc) -- C:\ProgramData\BitRaider\BRSptSvc.exe (BitRaider, LLC)
SRV - (FreemakeVideoCapture) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Ellora Assets Corp.)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (NAT) -- C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (Symantec Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (dts_apo_service) -- C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe ()
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (hitmanpro37) -- C:\Windows\SysNative\drivers\hitmanpro37.sys ()
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (Avgwfpa) -- C:\Windows\SysNative\drivers\avgwfpa.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (Avgboota) -- C:\Windows\SysNative\drivers\avgboota.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\drivers\rtwlane.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (ccSet_NAT) -- C:\Windows\SysNative\drivers\NATx64\010A000.009\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (THAccel) -- C:\Windows\SysNative\drivers\THAccel.sys (TOSHIBA Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\drivers\Thotkey.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (TDCMDPST) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (FwLnk) -- C:\Windows\SysNative\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV - (BRDriver64) -- C:\ProgramData\BitRaider\BRDriver64.sys (BitRaider)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4F86479E-3B8D-497F-9838-22656ADB6735}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchinfinitas.com/?affilt=4&id={46D5B673-7288-40C8-9052-380E2C50983F}
IE - HKCU\..\SearchScopes,DefaultScope = {4FAE0197-5BF0-11E3-BE7E-008CFA62DD22}
IE - HKCU\..\SearchScopes\{4FAE0197-5BF0-11E3-BE7E-008CFA62DD22}: "URL" = http://searchinfinitas.com/?affilt=4&q={searchTerms}&id={46D5B673-7288-40C8-9052-380E2C50983F}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://searchinfinitas.com/?affilt=4&id={46D5B673-7288-40C8-9052-380E2C50983F}"
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:18.1.9.786
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..keyword.URL: ""
FF - prefs.js..browser.startup.homepage: "http://searchinfinitas.com/?affilt=4&id={46D5B673-7288-40C8-9052-380E2C50983F}"
FF - prefs.js..searchreset.backup.keyword.URL: ""
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ben\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)


[2013/11/21 18:34:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ben\AppData\Roaming\mozilla\Extensions
[2014/07/18 09:15:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ben\AppData\Roaming\mozilla\Firefox\Profiles\5896ia69.default\extensions
[2013/12/03 02:55:48 | 000,000,000 | ---D | M] (Notificatoin) -- C:\Users\Ben\AppData\Roaming\mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}
File not found (No name found) -- C:\PROGRAMDATA\AVG SAFEGUARD TOOLBAR\FIREFOXEXT\18.1.9.786

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_1\
CHR - Extension: Google Drive = C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_1\
CHR - Extension: YouTube = C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Google Wallet = C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\Toshiba\System Setting\TODDMain.exe ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_8B4B86C2A5661DC92D9A84E265233F91] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [Guard] C:\Users\Ben\AppData\Local\Guard\Guard.exe ()
O4 - HKCU..\Run: [Spotify] C:\Users\Ben\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Ben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DE6CBF9-E932-4B10-AA32-0C856F89D3DD}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92274BE2-4DD1-4D7D-A477-DB5971627711}: DhcpNameServer = 192.168.1.31 192.168.1.28 192.168.1.29
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/08/14 19:10:23 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/08/14 19:10:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/08/14 19:08:59 | 000,000,000 | ---D | C] -- C:\Windows.old
[2014/08/14 18:43:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/08/14 18:43:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/08/14 18:43:58 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/08/14 18:43:58 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/08/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/08/14 18:02:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2014/08/14 17:57:19 | 000,000,000 | R--D | C] -- C:\Users\Ben\OneDrive
[2014/08/14 17:51:27 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Identities
[2014/08/14 16:24:28 | 000,000,000 | --SD | C] -- C:\Users\Ben\AppData\Roaming\Microsoft
[2014/08/14 16:24:28 | 000,000,000 | R--D | C] -- C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/08/14 16:24:28 | 000,000,000 | R--D | C] -- C:\Users\Ben\Favorites
[2014/08/14 16:24:28 | 000,000,000 | R--D | C] -- C:\Users\Ben\Documents
[2014/08/14 16:24:28 | 000,000,000 | R--D | C] -- C:\Users\Ben\Desktop
[2014/08/14 16:24:28 | 000,000,000 | R--D | C] -- C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/08/14 16:24:28 | 000,000,000 | R--D | C] -- C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\AppData\Local\Temporary Internet Files
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\Templates
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\Start Menu
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\SendTo
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\Recent
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\PrintHood
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\NetHood
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\Documents\My Videos
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\Documents\My Pictures
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\Documents\My Music
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\My Documents
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\Local Settings
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\AppData\Local\History
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\Cookies
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\Application Data
[2014/08/14 16:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Ben\AppData\Local\Application Data
[2014/08/14 16:24:28 | 000,000,000 | -H-D | C] -- C:\Users\Ben\AppData
[2014/08/14 16:24:28 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\Temp
[2014/08/14 16:24:28 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\Microsoft
[2014/08/14 16:24:28 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/08/14 16:14:23 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/08/14 16:14:22 | 000,064,000 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2014/08/14 16:14:22 | 000,060,416 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2014/08/14 16:13:29 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/08/14 16:13:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2014/08/14 16:11:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/08/14 13:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2014/08/14 13:23:45 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/08/14 13:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/08/13 23:02:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/08/13 22:51:25 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/08/13 22:02:03 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/13 22:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/13 22:01:36 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/08/13 22:01:36 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/08/13 22:01:36 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/08/13 22:01:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/08/13 22:01:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/11 21:55:06 | 000,000,000 | ---D | C] -- C:\Users\Ben\Desktop\Fair photos
[2014/07/25 23:05:39 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Equalify
[9 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/08/14 19:02:16 | 000,387,210 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/08/14 18:29:17 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/14 18:07:41 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/08/14 18:07:41 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/08/14 18:07:41 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/08/14 17:52:35 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/14 17:45:25 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/08/14 16:46:25 | 000,022,863 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/08/14 16:46:25 | 000,022,863 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/08/14 16:45:31 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/08/14 16:38:19 | 000,502,064 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/08/14 16:38:02 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/08/14 16:37:56 | 3334,701,056 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/14 16:14:41 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2014/08/14 16:14:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01011.Wdf
[2014/08/14 16:14:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2014/08/14 16:13:51 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/08/14 13:41:27 | 000,032,512 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\hitmanpro37.sys
[2014/08/14 13:34:56 | 000,001,344 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2014/08/14 13:23:47 | 000,001,908 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/08/14 13:21:28 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/13 22:01:42 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/12 16:50:53 | 663,989,747 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014/08/12 15:36:01 | 003,166,558 | ---- | M] () -- C:\Users\Ben\Desktop\the problem.png
[2014/08/11 22:10:59 | 000,050,976 | ---- | M] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2014/08/10 23:33:30 | 000,017,503 | ---- | M] () -- C:\Users\Ben\AppData\Local\recently-used.xbel
[2014/08/08 11:03:22 | 000,169,499 | ---- | M] () -- C:\Users\Ben\Desktop\veeger.png
[2014/07/31 13:32:29 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\lvuvc.hs
[2014/07/27 18:58:49 | 000,059,349 | ---- | M] () -- C:\Users\Ben\Desktop\rootbeer voice 01.mp3
[2014/07/17 22:30:08 | 000,000,222 | ---- | M] () -- C:\Users\Ben\Desktop\Terraria.url
[9 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/08/14 19:02:16 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/08/14 16:45:31 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/08/14 16:32:19 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/08/14 16:24:28 | 000,000,369 | ---- | C] () -- C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/08/14 16:24:28 | 000,000,369 | ---- | C] () -- C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/08/14 16:24:28 | 000,000,352 | ---- | C] () -- C:\Users\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/08/14 16:24:28 | 000,000,334 | ---- | C] () -- C:\Users\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/08/14 16:24:18 | 000,022,863 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/08/14 16:24:18 | 000,022,863 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/08/14 16:14:41 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2014/08/14 16:14:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01011.Wdf
[2014/08/14 16:14:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2014/08/14 16:13:51 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/08/14 13:41:27 | 000,032,512 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\hitmanpro37.sys
[2014/08/14 13:34:56 | 000,001,344 | ---- | C] () -- C:\WINDOWS\SysNative\.crusader
[2014/08/14 13:23:47 | 000,001,908 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/08/13 22:01:42 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/12 16:50:53 | 663,989,747 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2014/08/12 15:36:00 | 003,166,558 | ---- | C] () -- C:\Users\Ben\Desktop\the problem.png
[2014/08/10 23:33:30 | 000,017,503 | ---- | C] () -- C:\Users\Ben\AppData\Local\recently-used.xbel
[2014/08/08 11:03:22 | 000,169,499 | ---- | C] () -- C:\Users\Ben\Desktop\veeger.png
[2014/07/27 18:58:48 | 000,059,349 | ---- | C] () -- C:\Users\Ben\Desktop\rootbeer voice 01.mp3
[2014/07/17 22:30:08 | 000,000,222 | ---- | C] () -- C:\Users\Ben\Desktop\Terraria.url
[2014/03/18 05:13:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 05:13:03 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/17 14:29:10 | 000,003,584 | ---- | C] () -- C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/26 02:33:31 | 000,003,743 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013/12/18 14:33:02 | 000,000,156 | ---- | C] () -- C:\Users\Ben\AppData\Roaming\WB.CFG
[2013/12/05 13:50:18 | 000,268,952 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2013/12/05 13:50:14 | 000,682,280 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe
[2013/12/05 13:50:14 | 000,075,136 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2013/12/01 14:11:30 | 000,000,042 | ---- | C] () -- C:\Users\Ben\jagex_cl_runescape_LIVE.dat
[2013/12/01 14:11:30 | 000,000,024 | ---- | C] () -- C:\Users\Ben\random.dat
[2013/11/22 03:06:00 | 000,000,530 | ---- | C] () -- C:\WINDOWS\SysWow64\tx14_ic.ini
[2013/11/04 19:22:32 | 000,317,440 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/11/04 19:22:28 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/11/04 19:22:28 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/06/26 08:11:59 | 000,451,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ISSRemoveSP.exe
[2013/02/22 16:43:09 | 000,598,384 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2013/02/22 16:43:08 | 000,754,652 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
[2012/12/10 16:12:50 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/14 18:48:08 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/14 18:48:09 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/08/07 18:32:06 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\.minecraft
[2014/07/27 19:47:25 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Audacity
[2013/12/23 18:23:09 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\AVG2014
[2013/12/02 17:52:04 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\BioniX Wallpaper
[2014/07/25 23:06:54 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Equalify
[2014/06/06 17:18:16 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\iSpy
[2013/11/26 01:41:54 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\LolClient
[2013/11/25 16:17:06 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\OpenOffice
[2013/11/24 00:03:14 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\openvr
[2014/06/01 20:55:31 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Rainmeter
[2013/11/25 14:56:25 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Riot Games
[2014/01/05 18:27:24 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\sMedio
[2014/08/14 17:57:59 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Spotify
[2013/12/21 17:15:48 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Synthesia
[2013/12/23 18:22:31 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\TuneUp Software
[2013/11/22 03:03:16 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Unity
[2013/11/21 16:01:42 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\WinBatch
[2014/06/28 21:38:33 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\ZJMedia

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\Ben\OneDrive:ms-properties

< End of report >

All the while the little window thingy that is the main problem mocked me from the corner of my monitor. I wish it would just die already. Please please kill it.
 
Can you post a screen shot of it the next time it happens? Let me ask, do you have the free or paid version of AVG? I would like for you to download and run the following programs.

1.

http://www.bleepingcomputer.com/download/tfc/dl/92/


Download TFC from the download link above and save the file on your desktop.
Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
Double-click on the TFC icon.
When the program starts, click on the Start button. TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
When done, press OK to reboot your computer and finish the cleanup.

2. Please note that the following directions are wrong. Just open the program and let it update first. And then press the scan now button. When its done it will show you what its found. Make sure you quarantine all. It should show you a log. If not, let me know and I'll show you to get the log to copy and paste back here. Again, just download the program and follow the directions I just gave you.

Please download Malwarebytes' Anti-Malware and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.

Please post the log that Malwarebytes displays on your screen.
 
Ok, so I ran TFC, and it APPEARS to have killed it, but this HAS happened before, (earlier today) and I don't want to get my hopes up.
I ran Malwarebytes the yesterday, and the scan took about 30 minutes, and then the Heuristic Analysis was taking HOURS to complete, so I killed it.

Here's the screenshot you asked for. This was about 15 minutes ago:
2ev88qf.jpg

(sorry if it's too big, I don't know how to resize it for the forum)
There it is, hanging out in the lower right corner, lookin' all smug like.
 
themysticpotato said:
I ran Malwarebytes the yesterday, and the scan took about 30 minutes, and then the Heuristic Analysis was taking HOURS to complete, so I killed it.
Click to expand...

Please rerun malwarebytes and let it finish, the heuristic scan will take some time but now that you have ran a temp file cleaner, it shouldn't take as long. So rerun malwarebytes and post the results.
 
It's back.
I reran Malwarebytes. It found some stuff. Here's the log:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/15/2014
Scan Time: 12:13:37 AM
Logfile: logg.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.14.02
Rootkit Database: v2014.08.04.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Ben

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 303837
Time Elapsed: 18 min, 5 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 7
PUP.Optional.Notificatoin.A, C:\Program Files (x86)\Notificatoin, Quarantined, [b6c48d3989f20b2b9457e6d8639f34cc],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\icons, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],

Files: 69
PUP.Optional.OptimumInstaller.A, C:\Users\Ben\Downloads\The.Elder.Scrolls.IV.Oblivion.Game.of.the.Year_Edition-.Bethesda.exe, Quarantined, [ceac8f37b1cab185ab12a8b038c928d8],
PUP.Optional.Softonic.A, C:\Users\Ben\Downloads\SoftonicDownloader_for_the-elder-scrolls-iv-oblivion.exe, Quarantined, [a7d353732b502c0a23fec467808134cc],
PUP.Optional.InstallCore.A, C:\Users\Ben\Downloads\Firefox_Setup.exe, Quarantined, [2951d7ef9fdce4523c0f69c3827e936d],
PUP.Optional.Ellora, C:\Users\Ben\Downloads\FreemakeVideoDownloaderSetup.exe, Quarantined, [df9b81453e3d72c48be23418d0318e72],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\.DS_Store, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\b.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\background.html, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\bootstrap.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\chrome.manifest, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\extension_info.json, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\f.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\id.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\install.rdf, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\jquery.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\p.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\readme.txt, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\icons\button.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\icons\icon100.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\icons\icon128.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\icons\icon16.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\icons\icon32.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\icons\icon48.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\backgroundscript_engine.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\base.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\browser.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\chrome_windows.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\console.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\content_proxy.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\i18n.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\invoke_async.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\io.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\kango.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\lang.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\legacy.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\message_target.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\message_target_module.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\messaging.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\storage.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\timer.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\uninstall.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\userscript_client.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\userscript_engine.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\utils.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango\xhr.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\browser_button.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\contentNotification.tmpl, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\contentNotificationStyle.tmpl, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\content_notifications.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\context_menu.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\kango_api.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\notifications.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\options.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\popup.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\popup_window.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\popup_window.xul, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\ui_base.js, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\bottom-left.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\bottom-middle.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\bottom-right.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\middle-left.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\middle-right.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\style.css, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\tail-bottom.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\tail-left.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\tail-right.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\tail-top.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\top-left.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\top-middle.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],
PUP.Optional.Notificatoin.A, C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\5896ia69.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1}\kango-ui\theme\bubble\top-right.png, Quarantined, [ef8b07bf7efdaf8708e45a64a55d23dd],

Physical Sectors: 0
(No malicious items detected)


(end)

It then told me to reboot.
I rebooted.
Mr. Navigation was cancelled is back upon reboot.
Halp please.
 
Update: I've found that I can run TFC immediately after startup and I think it kills the process of the problem, and it doesn't show up until the next time I restart.
 
Ok, it sounds like there is a program running at bootup that may be causing this. Use the msconfig utility to disable all startup items and see if there is any difference.
 
You must log in or register to reply here.
Back
Top