Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Please, Help Me To Remove a Sturbon Installed Program

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Please, Help Me To Remove a Sturbon Installed Program

Unread postby chrisobioma » February 8th, 2015, 7:12 pm

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by user1 (administrator) on USER on 08-02-2015 23:35:07
Running from C:\Users\user1\Downloads
Loaded Profiles: user1 (Available profiles: user1)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
() C:\Users\user1\AppData\Local\Viber\Viber.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(PC Utilities Software Limited) C:\ProgramData\{89df1a11-d1d8-f4cc-89df-f1a11d1d6847}\OptimizerProInstaller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [gmsd_de_174] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [133760 2014-01-08] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\Run: [Facebook Update] => C:\Users\user1\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-10-28] (Facebook Inc.)
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\Run: [Viber] => C:\Users\user1\AppData\Local\Viber\Viber.exe [936656 2014-10-20] ()
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3289088 2007-11-21] (Google)
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\Run: [DellSystemDetect] => C:\Users\user1\AppData\Local\Apps\2.0\L7NJ2XQ3.CWX\1A3JKPWM.A1E\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-10-22] (Dell)
Startup: C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerProInstaller.lnk
ShortcutTarget: OptimizerProInstaller.lnk -> C:\ProgramData\{89df1a11-d1d8-f4cc-89df-f1a11d1d6847}\OptimizerProInstaller.exe (PC Utilities Software Limited)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpp ... 40A3442940
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... 3442940&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpp ... 40A3442940
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... 3442940&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... 3442940&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... 3442940&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... 3442940&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&c ... 78ACE9C&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_ ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_ ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... 3442940&q={searchTerms}
SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_ ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc ... 40A3442940

FireFox:
========
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-961901972-2914913119-3437931070-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\user1\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-24]
FF HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\Firefox\Extensions: [speedtest211@BestOffers] - C:\Users\user1\AppData\Roaming\Mozilla\Extensions\speedtest211\speedtest211.xpi
FF Extension: Speed Test - C:\Users\user1\AppData\Roaming\Mozilla\Extensions\speedtest211\speedtest211.xpi [2014-09-07]

Chrome:
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hpp ... 40A3442940
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Profile: C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-22]
CHR Extension: (YouTube) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-22]
CHR Extension: (Google Search) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-22]
CHR Extension: (Google Wallet) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-22]
CHR Extension: (Gmail) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [318592 2014-01-08] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-24] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-24] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-15] (Intel Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 serverjo; C:\Users\user1\AppData\Roaming\VOPackage\JOSrv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-24] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-01-08] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-24] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R1 {089299d4-0680-4375-a6a9-d9a7c9109a71}Gw64; C:\Windows\System32\drivers\{089299d4-0680-4375-a6a9-d9a7c9109a71}Gw64.sys [48792 2015-02-04] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 23:35 - 2015-02-08 23:35 - 00018116 _____ () C:\Users\user1\Downloads\FRST.txt
2015-02-08 23:33 - 2015-02-08 23:35 - 00000000 ____D () C:\FRST
2015-02-08 23:29 - 2015-02-08 23:30 - 02132992 _____ (Farbar) C:\Users\user1\Downloads\FRST64.exe
2015-02-08 16:33 - 2015-02-08 16:33 - 00000000 ___RD () C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-02-06 16:33 - 2015-02-06 16:34 - 00000197 _____ () C:\Windows\system32\2015-02-06-15-33-08.070-AvastVBoxSVC.exe-2240.log
2015-02-06 09:21 - 2015-02-06 09:21 - 00001181 _____ () C:\Users\user1\Desktop\Google Talk.lnk
2015-02-06 09:21 - 2015-02-06 09:21 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2015-02-06 09:20 - 2015-02-06 09:21 - 01342176 _____ () C:\Users\user1\Downloads\googletalk-setup-en-gb (1).exe
2015-02-06 09:09 - 2015-02-06 09:09 - 00503776 _____ ( ) C:\Users\user1\Downloads\setup (1).exe
2015-02-06 08:26 - 2015-02-06 08:27 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\user1\Downloads\SpyHunter-Installer (4).exe
2015-02-06 01:00 - 2015-02-06 01:00 - 00000197 _____ () C:\Windows\system32\2015-02-06-00-00-36.060-AvastVBoxSVC.exe-2372.log
2015-02-06 00:54 - 2015-02-06 00:56 - 00000197 _____ () C:\Windows\system32\2015-02-05-23-54-56.099-AvastVBoxSVC.exe-7124.log
2015-02-06 00:32 - 2015-02-06 00:32 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\user1\Downloads\SpyHunter-Installer (3).exe
2015-02-06 00:31 - 2015-02-06 00:31 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\user1\Downloads\SpyHunter-Installer (2).exe
2015-02-06 00:26 - 2015-02-06 00:26 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\user1\Downloads\SpyHunter-Installer (1).exe
2015-02-05 22:36 - 2015-02-05 22:36 - 00000000 _____ () C:\autoexec.bat
2015-02-05 22:34 - 2015-02-05 22:34 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\user1\Downloads\SpyHunter-Installer.exe
2015-02-05 13:21 - 2015-02-05 13:21 - 00000197 _____ () C:\Windows\system32\2015-02-05-12-21-08.016-AvastVBoxSVC.exe-2828.log
2015-02-05 10:22 - 2015-02-05 10:22 - 01342176 _____ () C:\Users\user1\Downloads\googletalk-setup-en-gb.exe
2015-02-05 07:19 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-02-05 07:19 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-02-05 07:08 - 2015-02-05 07:09 - 00000197 _____ () C:\Windows\system32\2015-02-05-06-08-02.056-AvastVBoxSVC.exe-2092.log
2015-02-05 00:59 - 2015-02-05 00:59 - 00003144 _____ () C:\Windows\System32\Tasks\{908AD6E3-7E56-4C5A-9CD9-CA611325C883}
2015-02-04 22:58 - 2015-02-04 22:58 - 00000247 _____ () C:\Windows\system32\2015-02-04-21-58-18.046-aswFe.exe-384.log
2015-02-04 22:58 - 2015-02-04 22:58 - 00000000 ____D () C:\ProgramData\6bb9509c0000640c
2015-02-04 22:48 - 2015-02-04 22:58 - 00000247 _____ () C:\Windows\system32\2015-02-04-21-48-44.052-aswFe.exe-4172.log
2015-02-04 22:48 - 2015-02-04 22:48 - 00000197 _____ () C:\Windows\system32\2015-02-04-21-48-41.015-AvastVBoxSVC.exe-4388.log
2015-02-04 22:39 - 2015-02-04 22:39 - 00000000 ____D () C:\Program Files (x86)\predm
2015-02-04 22:32 - 2015-02-04 22:34 - 00002212 _____ () C:\Users\user1\Desktop\chrome.lnk
2015-02-04 22:27 - 2015-02-04 22:27 - 00000000 ____D () C:\Users\user1\AppData\Roaming\K9AMW
2015-02-04 22:05 - 2015-02-04 22:05 - 00002267 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-04 21:58 - 2015-02-04 10:36 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{089299d4-0680-4375-a6a9-d9a7c9109a71}Gw64.sys
2015-02-04 19:37 - 2015-02-04 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
2015-02-04 18:47 - 2015-02-04 18:48 - 00000197 _____ () C:\Windows\system32\2015-02-04-17-47-41.032-AvastVBoxSVC.exe-2324.log
2015-02-04 18:31 - 2015-02-04 18:33 - 00000165 _____ () C:\Windows\Reimage.ini
2015-02-04 17:24 - 2015-02-04 17:24 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-04 17:24 - 2015-02-04 17:24 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-04 17:24 - 2015-02-04 17:24 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-04 17:24 - 2015-02-04 17:24 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-04 17:22 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-02-04 17:22 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-04 17:22 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-02-04 17:22 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-04 17:18 - 2015-02-06 00:28 - 00000000 ____D () C:\Users\user1\AppData\Roaming\omiga-plus
2015-02-04 17:18 - 2015-02-04 22:59 - 00000000 ____D () C:\Users\user1\AppData\Roaming\systweak
2015-02-04 17:18 - 2015-01-30 16:23 - 00017000 _____ () C:\Windows\system32\roboot64.exe
2015-02-04 17:01 - 2015-02-04 17:01 - 00000000 ____D () C:\Users\user1\Documents\Optimizer Pro
2015-02-04 16:58 - 2015-02-04 16:58 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-02-04 16:57 - 2015-02-04 17:19 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-02-04 16:57 - 2015-02-04 16:57 - 00003748 _____ () C:\Windows\System32\Tasks\PostPoneInstall
2015-02-04 16:57 - 2015-02-04 16:57 - 00003144 _____ () C:\Windows\System32\Tasks\Run_Bobby_Browser
2015-02-04 16:57 - 2015-02-04 16:57 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Opera Software
2015-02-04 16:57 - 2015-02-04 16:57 - 00000000 ____D () C:\Users\user1\AppData\Local\Opera Software
2015-02-04 16:56 - 2015-02-04 22:58 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.38
2015-02-04 16:56 - 2015-02-04 22:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-04 16:56 - 2015-02-04 22:32 - 00000000 ____D () C:\Users\user1\AppData\Local\BoBrowser
2015-02-04 16:56 - 2015-02-04 18:46 - 00000000 ____D () C:\ProgramData\{89df1a11-d1d8-f4cc-89df-f1a11d1d6847}
2015-02-04 16:56 - 2015-02-04 16:56 - 01343632 _____ () C:\Users\user1\Desktop\Google Talk.exe
2015-02-04 16:56 - 2015-02-04 16:56 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-31 23:51 - 2015-01-31 23:51 - 00000197 _____ () C:\Windows\system32\2015-01-31-22-51-19.037-AvastVBoxSVC.exe-2128.log
2015-01-31 22:06 - 2015-02-06 21:36 - 00003268 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-961901972-2914913119-3437931070-1001
2015-01-28 18:56 - 2015-01-28 18:56 - 00594992 _____ () C:\Users\user1\Downloads\setup.exe
2015-01-28 14:49 - 2015-01-28 14:50 - 00000197 _____ () C:\Windows\system32\2015-01-28-13-49-29.042-AvastVBoxSVC.exe-2508.log
2015-01-24 18:55 - 2015-01-24 18:55 - 00000197 _____ () C:\Windows\system32\2015-01-24-17-55-51.025-AvastVBoxSVC.exe-2512.log
2015-01-24 12:45 - 2015-01-24 12:46 - 00000197 _____ () C:\Windows\system32\2015-01-24-11-45-16.097-AvastVBoxSVC.exe-2368.log
2015-01-24 11:29 - 2015-01-24 11:29 - 00000247 _____ () C:\Windows\system32\2015-01-24-10-29-24.000-aswFe.exe-12708.log
2015-01-24 11:23 - 2015-01-24 11:29 - 00000247 _____ () C:\Windows\system32\2015-01-24-10-23-54.054-aswFe.exe-9468.log
2015-01-24 11:23 - 2015-01-24 11:23 - 00000197 _____ () C:\Windows\system32\2015-01-24-10-23-41.063-AvastVBoxSVC.exe-24404.log
2015-01-24 01:52 - 2015-01-24 17:58 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Dropbox
2015-01-24 01:44 - 2015-01-24 01:44 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-24 01:44 - 2015-01-24 01:44 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-24 01:42 - 2015-01-24 01:42 - 00000000 ____D () C:\Users\user1\AppData\Roaming\AVAST Software
2015-01-24 01:41 - 2015-01-24 18:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-24 01:41 - 2015-01-24 01:41 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-24 01:41 - 2015-01-24 01:41 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-24 01:41 - 2015-01-24 01:41 - 00001980 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-24 01:41 - 2015-01-24 01:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-24 01:41 - 2015-01-24 01:40 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-24 01:41 - 2015-01-24 01:40 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-24 01:41 - 2015-01-24 01:40 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-24 01:41 - 2015-01-24 01:40 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-24 01:41 - 2015-01-24 01:40 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-24 01:41 - 2015-01-24 01:40 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-24 01:41 - 2015-01-24 01:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-24 01:40 - 2015-01-24 01:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-24 01:39 - 2015-01-24 01:39 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-24 01:38 - 2015-01-24 01:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-24 01:38 - 2015-01-24 01:38 - 04864824 _____ (AVAST Software) C:\Users\user1\Downloads\avast_free_antivirus_setup_online.exe
2015-01-21 15:36 - 2015-01-30 22:36 - 00000000 ___RD () C:\Users\user1\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2015-01-15 10:08 - 2015-01-15 10:08 - 00000000 ____D () C:\Windows\SysWOW64\N360_BACKUP
2015-01-14 07:04 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 07:04 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 07:04 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 07:04 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 07:04 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 07:04 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 07:04 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 07:04 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 07:04 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 07:04 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 07:04 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 07:04 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 07:04 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 07:04 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 07:04 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 07:04 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 07:04 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-14 07:04 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 07:04 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-14 07:04 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-14 07:04 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 07:04 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-14 07:04 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-14 07:04 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-14 07:04 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-14 07:04 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-14 07:04 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-14 07:04 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-14 07:04 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 07:04 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-14 07:04 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-12 08:11 - 2015-01-12 08:11 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 23:34 - 2014-10-22 22:01 - 01646127 _____ () C:\Windows\WindowsUpdate.log
2015-02-08 23:23 - 2014-10-27 20:10 - 00000000 ____D () C:\Users\user1\AppData\Local\CrashDumps
2015-02-08 23:03 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-08 22:49 - 2014-10-28 09:44 - 00000938 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961901972-2914913119-3437931070-1001UA.job
2015-02-08 22:46 - 2014-10-22 15:36 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 22:44 - 2014-10-22 15:21 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DE857F89-DA74-450E-B349-171180D703A9}
2015-02-08 19:56 - 2014-12-14 22:14 - 00000000 ____D () C:\Users\user1\AppData\Roaming\ViberPC
2015-02-08 19:24 - 2013-08-22 15:46 - 00034024 _____ () C:\Windows\setupact.log
2015-02-08 16:33 - 2014-12-14 22:13 - 00000000 ____D () C:\Users\user1\AppData\Local\Viber
2015-02-08 16:33 - 2014-10-27 15:17 - 00000000 ___DO () C:\Users\user1\SkyDrive
2015-02-08 16:33 - 2014-10-22 15:36 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-08 10:49 - 2014-10-28 09:44 - 00000916 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961901972-2914913119-3437931070-1001Core.job
2015-02-07 20:12 - 2014-10-22 15:18 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-961901972-2914913119-3437931070-1001
2015-02-07 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-06 16:30 - 2014-10-22 21:54 - 01411314 _____ () C:\Windows\PFRO.log
2015-02-06 16:30 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-06 14:58 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-06 10:03 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-06 09:21 - 2014-10-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-06 08:33 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-06 00:57 - 2014-10-22 15:08 - 00000000 ____D () C:\Users\user1
2015-02-06 00:34 - 2014-10-22 15:12 - 00001442 _____ () C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-04 21:58 - 2013-08-22 14:25 - 00000257 _____ () C:\Windows\win.ini
2015-02-04 19:37 - 2014-10-22 15:36 - 00000000 ____D () C:\Users\user1\AppData\Local\Google
2015-02-03 20:31 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 18:53 - 2014-10-22 16:49 - 00000000 ____D () C:\ProgramData\Norton
2015-01-24 18:50 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-23 06:04 - 2014-10-22 15:05 - 00818732 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-23 05:57 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-21 22:13 - 2014-10-22 15:59 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-21 13:17 - 2014-10-22 15:59 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-09 21:52 - 2014-12-24 21:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-09 21:52 - 2014-12-24 20:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-09 21:52 - 2014-10-22 15:39 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Skype
2015-01-09 21:52 - 2014-10-22 15:39 - 00000000 ____D () C:\ProgramData\Skype

Some content of TEMP:
====================
C:\Users\user1\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe
C:\Users\user1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppl5vns.dll
C:\Users\user1\AppData\Local\Temp\ICReinstall_KeyPlayr_Setup[1].exe
C:\Users\user1\AppData\Local\Temp\optprosetup.exe
C:\Users\user1\AppData\Local\Temp\ReimagePackage.exe
C:\Users\user1\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-07 20:12

==================== End Of Log ============================














Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015
Ran by user1 at 2015-02-08 23:36:14
Running from C:\Users\user1\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Dell System Detect (HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\73f463568823ebbe) (Version: 5.12.0.3 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.20.815.2013 - Realtek)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Viber (HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\Viber) (Version: 4.4.0.134678 - Viber Media Inc)
Video Performer (HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\Video Performer) (Version: - PerformerSoft LLC) <==== ATTENTION
webssearches uninstall (HKLM-x32\...\webssearches uninstall) (Version: - webssearches) <==== ATTENTION
Windows Driver Package - Dell Inc (DellRbtn) HIDClass (06/26/2013 1.4.1) (HKLM\...\F83757BC3DFF5684ED21F4FD63A2BBB0B9F79953) (Version: 06/26/2013 1.4.1 - Dell Inc)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-961901972-2914913119-3437931070-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

24-01-2015 01:39:21 avast! antivirus system restore point
28-01-2015 11:25:13 Windows Update
04-02-2015 17:19:28 Windows Modules Installer

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F76B3B0-70E7-4139-8FDF-E69E0263E131} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-961901972-2914913119-3437931070-1001Core => C:\Users\user1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-28] (Facebook Inc.)
Task: {16CDDBF9-3C9C-4601-91CA-96D447C2D292} - System32\Tasks\PostPoneInstall => C:\Users\user1\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe [2015-02-04] (C.L.A.R.A) <==== ATTENTION
Task: {1BC93283-56D1-4897-A58C-84F8B92E8B70} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-24] (AVAST Software)
Task: {2CCA6C30-C862-4958-9661-5C3BC9EC5B57} - System32\Tasks\avastBCLRestartS-1-5-21-961901972-2914913119-3437931070-1001 => Chrome.exe
Task: {59D36D4A-3B6A-4AA2-B34B-34CD4C6308A8} - System32\Tasks\PC Performer Scheduled Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
Task: {5B6A575F-AF00-4B55-A99B-355F9DBD5A3D} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {79B4EAE7-97BD-4CBF-A9E0-DE456BF8F02F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-961901972-2914913119-3437931070-1001UA => C:\Users\user1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-28] (Facebook Inc.)
Task: {8B65A09F-E2F5-478D-A88D-3A08EEC928BD} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-961901972-2914913119-3437931070-1001
Task: {9CFCC867-6CE1-4B03-9B3C-F88489690D03} - System32\Tasks\Run_Bobby_Browser => C:\Users\user1\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {B76FE3D6-FD63-44AB-8D5E-1DDEE553D4D7} - System32\Tasks\PC Performer Logon Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
Task: {C63F3E81-E474-4040-BC0C-4905A3903671} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {E06F5835-CB10-4DB9-AAD1-21EC1BB02137} - System32\Tasks\{908AD6E3-7E56-4C5A-9CD9-CA611325C883} => pcalua.exe -a C:\Users\user1\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=key7 <==== ATTENTION
Task: {F24D81BD-2F07-4FDC-8E80-D54F50F73AF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961901972-2914913119-3437931070-1001Core.job => C:\Users\user1\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961901972-2914913119-3437931070-1001UA.job => C:\Users\user1\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-24 01:40 - 2015-01-24 01:40 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-24 01:40 - 2015-01-24 01:40 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-10-15 07:50 - 2014-10-15 07:50 - 00457616 _____ () C:\Windows\system32\igfxTray.exe
2014-01-08 09:00 - 2014-01-08 09:00 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-01-08 08:58 - 2014-01-08 08:58 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-12-14 22:14 - 2014-10-20 13:36 - 00936656 _____ () C:\Users\user1\AppData\Local\Viber\Viber.exe
2014-01-08 09:03 - 2014-01-08 09:03 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2015-02-06 00:51 - 2015-02-06 00:51 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020501\algo.dll
2015-01-24 01:40 - 2015-01-24 01:40 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-02-08 23:10 - 2015-02-08 23:10 - 02912768 _____ () C:\Program Files\AVAST Software\Avast\defs\15020801\algo.dll
2014-10-29 10:32 - 2012-05-25 03:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-10-29 10:32 - 2012-05-25 03:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 49463296 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\libViber.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00770048 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\libGLESv2.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00106496 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\qfacebook.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00172032 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\exif.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00049152 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\libEGL.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00876544 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\platforms\qwindows.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00024576 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\imageformats\qgif.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00024576 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\imageformats\qico.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00204800 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\imageformats\qjpeg.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00221184 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\imageformats\qmng.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00016384 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\imageformats\qsvg.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00016384 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\imageformats\qtga.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00311296 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\imageformats\qtiff.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00016384 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\imageformats\qwbmp.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00638976 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\sqldrivers\qsqlite.dll
2015-02-04 06:09 - 2015-02-04 06:09 - 00032768 _____ () C:\Users\user1\AppData\Local\Viber\5.0.0.2821\iconengines\qsvgicon.dll
2015-01-24 01:40 - 2015-01-24 01:40 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-04 06:49 - 2015-01-27 04:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libglesv2.dll
2015-02-04 06:49 - 2015-01-27 04:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libegl.dll
2015-02-04 06:49 - 2015-01-27 04:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\pdf.dll
2015-02-05 13:30 - 2015-02-03 12:22 - 14964912 _____ () C:\Users\user1\AppData\Local\Google\Chrome\User Data\PepperFlash\16.0.0.305\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\user1\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\user1\SkyDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-961901972-2914913119-3437931070-1001\Control Panel\Desktop\\Wallpaper ->

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-961901972-2914913119-3437931070-1001\...\StartupApproved\Run: => "Speech Recognition"

==================== Accounts: =============================

Administrator (S-1-5-21-961901972-2914913119-3437931070-500 - Administrator - Disabled)
Guest (S-1-5-21-961901972-2914913119-3437931070-501 - Limited - Disabled)
user1 (S-1-5-21-961901972-2914913119-3437931070-1001 - Administrator - Enabled) => C:\Users\user1

==================== Faulty Device Manager Devices =============

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2015 11:23:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0x1b40
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (02/08/2015 10:43:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0x1aa4
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (02/08/2015 10:33:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0x1f0c
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (02/08/2015 09:52:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0x1a40
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (02/08/2015 08:47:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0xfa4
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (02/08/2015 07:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0x1688
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (02/08/2015 07:19:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0xdb0
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (02/08/2015 06:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0x1038
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (02/08/2015 06:19:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0x1214
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (02/08/2015 05:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0xeb4
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5


System errors:
=============
Error: (02/08/2015 00:11:30 PM) (Source: DCOM) (EventID: 10010) (User: USER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (02/08/2015 00:11:30 PM) (Source: DCOM) (EventID: 10010) (User: USER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (02/08/2015 00:11:27 PM) (Source: DCOM) (EventID: 10010) (User: USER)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/06/2015 04:31:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).

Error: (02/06/2015 04:30:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The JO Service component service failed to start due to the following error:
%%2

Error: (02/06/2015 02:58:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%16389

Error: (02/06/2015 01:01:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).

Error: (02/06/2015 00:58:37 AM) (Source: DCOM) (EventID: 10016) (User: USER)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Useruser1S-1-5-21-961901972-2914913119-3437931070-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/06/2015 00:58:37 AM) (Source: DCOM) (EventID: 10016) (User: USER)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Useruser1S-1-5-21-961901972-2914913119-3437931070-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/06/2015 00:58:37 AM) (Source: DCOM) (EventID: 10016) (User: USER)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Useruser1S-1-5-21-961901972-2914913119-3437931070-1001LocalHost (Using LRPC)UnavailableUnavailable


Microsoft Office Sessions:
=========================
Error: (02/08/2015 11:23:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac1b4001d043eddec99ec2C:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll1ec8ac28-afe1-11e4-829d-645a045d7ee1588E6FFA.CNNAppforWindows_1.2.0.0_neutral__cs8eyncph15zyApp

Error: (02/08/2015 10:43:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac1aa401d043e854a8343eC:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll93910b2c-afdb-11e4-829d-645a045d7ee1588E6FFA.CNNAppforWindows_1.2.0.0_neutral__cs8eyncph15zyApp

Error: (02/08/2015 10:33:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac1f0c01d043e6dfaffe80C:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll24f4246c-afda-11e4-829d-645a045d7ee1588E6FFA.CNNAppforWindows_1.2.0.0_neutral__cs8eyncph15zyApp

Error: (02/08/2015 09:52:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac1a4001d043e10cef75adC:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll6139a0db-afd4-11e4-829d-645a045d7ee1588E6FFA.CNNAppforWindows_1.2.0.0_neutral__cs8eyncph15zyApp

Error: (02/08/2015 08:47:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547acfa401d043d80096e683C:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll43785b5d-afcb-11e4-829d-645a045d7ee1588E6FFA.CNNAppforWindows_1.2.0.0_neutral__cs8eyncph15zyApp

Error: (02/08/2015 07:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac168801d043cfe9573f1fC:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll27c0bcc8-afc3-11e4-829d-645a045d7ee1588E6FFA.CNNAppforWindows_1.2.0.0_neutral__cs8eyncph15zyApp

Error: (02/08/2015 07:19:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547acdb001d043cbb874a7ddC:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dllf76101db-afbe-11e4-829d-645a045d7ee1588E6FFA.CNNAppforWindows_1.2.0.0_neutral__cs8eyncph15zyApp

Error: (02/08/2015 06:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac103801d043c7878f1250C:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dllc612ac60-afba-11e4-829d-645a045d7ee1588E6FFA.CNNAppforWindows_1.2.0.0_neutral__cs8eyncph15zyApp

Error: (02/08/2015 06:19:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac121401d043c356ab59fcC:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll9523ce7e-afb6-11e4-829d-645a045d7ee1588E6FFA.CNNAppforWindows_1.2.0.0_neutral__cs8eyncph15zyApp

Error: (02/08/2015 05:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547aceb401d043bf25ca7316C:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll64368939-afb2-11e4-829d-645a045d7ee1588E6FFA.CNNAppforWindows_1.2.0.0_neutral__cs8eyncph15zyApp


CodeIntegrity Errors:
===================================
Date: 2015-02-04 22:33:14.862
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-04 22:33:14.620
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-04 22:33:11.036
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-04 22:33:10.847
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-04 22:31:31.116
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-04 22:31:30.815
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-04 22:29:04.547
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-04 22:29:04.276
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-04 22:29:00.893
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-04 22:29:00.397
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) 3558U @ 1.70GHz
Percentage of memory in use: 53%
Total physical RAM: 4000.19 MB
Available physical RAM: 1851.08 MB
Total Pagefile: 4704.19 MB
Available Pagefile: 2153.97 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:436.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 84E9A229)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================





DESCRIPTION OF MY PROBLEM

My computer incidentally started running slowly after I was opening a site, and that site redirected me to several other sites which were strange to me, and I tried to close them, but those strange and irrelevant sites and pages continued coming up and could not be controlled. At last I found out that two stubborn programs known as "omigaplus" and webssearches uninstall "" have been installed in the control panel of my computer. And if I type any words to search any pages or web, my search words will be added with the following unknown words: "Uptrackid=sp-006' . Then it will redirect me to a wrong page which I didn't search for. And up till now the program known as " webssearches uninstall" is still present as an installed program in my control panel and all efforts I have made to remove it has not succeeded, though I can not see the " omigaplus" program again in my control panel. My computer still runs slowly.
chrisobioma
Active Member
 
Posts: 1
Joined: February 8th, 2015, 5:36 am
Advertisement
Register to Remove

Re: Please, Help Me To Remove a Sturbon Installed Program

Unread postby Cypher » February 10th, 2015, 8:58 am

Hi and welcome back to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

I'm checking your logs now and will be back soon with further instructions.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Please, Help Me To Remove a Sturbon Installed Program

Unread postby Cypher » February 10th, 2015, 9:33 am

Hi,
Ok lets start to clean your computer.

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy and Paste the following script into Notepad, Do not include the words Code: select all
    • (Click the select all button next to code to select the entire script).
    Code: Select all
    (XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
    (PC Utilities Software Limited) C:\ProgramData\{89df1a11-d1d8-f4cc-89df-f1a11d1d6847}\OptimizerProInstaller.exe
    HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
    HKLM-x32\...\Run: [gmsd_de_174] => [X]
    Startup: C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerProInstaller.lnk
    ShortcutTarget: OptimizerProInstaller.lnk -> C:\ProgramData\{89df1a11-d1d8-f4cc-89df-f1a11d1d6847}\OptimizerProInstaller.exe (PC Utilities Software Limited)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpp ... 40A3442940
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... 3442940&q= {searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpp ... 40A3442940
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... 3442940&q= {searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... 3442940&q= {searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... 3442940&q= {searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... 006&q= {searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... 3442940&q= {searchTerms}
    SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&c ... 78ACE9C&q= {searchTerms}&SSPV=
    SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_ ... default&q= {searchTerms}
    SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_ ... default&q= {searchTerms}
    SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... 3442940&q= {searchTerms}
    SearchScopes: HKU\S-1-5-21-961901972-2914913119-3437931070-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_ ... default&q= {searchTerms}
    BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
    BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> No File
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc ... 40A3442940
    CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hpp ... 40A3442940
    CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
    R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
    S2 serverjo; C:\Users\user1\AppData\Roaming\VOPackage\JOSrv.exe [X]
    2015-02-04 17:18 - 2015-02-06 00:28 - 00000000 ____D () C:\Users\user1\AppData\Roaming\omiga-plus
    2015-02-04 17:18 - 2015-02-04 22:59 - 00000000 ____D () C:\Users\user1\AppData\Roaming\systweak
    2015-02-04 17:18 - 2015-01-30 16:23 - 00017000 _____ () C:\Windows\system32\roboot64.exe
    2015-02-04 17:01 - 2015-02-04 17:01 - 00000000 ____D () C:\Users\user1\Documents\Optimizer Pro
    2015-02-04 16:58 - 2015-02-04 16:58 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
    2015-02-04 16:57 - 2015-02-04 17:19 - 00000000 ____D () C:\Program Files (x86)\XTab
    2015-02-04 16:56 - 2015-02-04 22:58 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.38
    C:\Users\user1\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe
    C:\Users\user1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppl5vns.dll
    C:\Users\user1\AppData\Local\Temp\ICReinstall_KeyPlayr_Setup[1].exe
    C:\Users\user1\AppData\Local\Temp\optprosetup.exe
    C:\Users\user1\AppData\Local\Temp\ReimagePackage.exe
    C:\Users\user1\AppData\Local\Temp\Uninstall.exe
    Task: {16CDDBF9-3C9C-4601-91CA-96D447C2D292} - System32\Tasks\PostPoneInstall => C:\Users\user1\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe [2015-02-04] (C.L.A.R.A) <==== ATTENTION
    Task: {59D36D4A-3B6A-4AA2-B34B-34CD4C6308A8} - System32\Tasks\PC Performer Scheduled Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
    Task: {9CFCC867-6CE1-4B03-9B3C-F88489690D03} - System32\Tasks\Run_Bobby_Browser => C:\Users\user1\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
    Task: {B76FE3D6-FD63-44AB-8D5E-1DDEE553D4D7} - System32\Tasks\PC Performer Logon Scan => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
    Task: {E06F5835-CB10-4DB9-AAD1-21EC1BB02137} - System32\Tasks\{908AD6E3-7E56-4C5A-9CD9-CA611325C883} => pcalua.exe -a C:\Users\user1\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=key7 <==== ATTENTION
    AlternateDataStreams: C:\Users\user1\SkyDrive:ms-properties
    AlternateDataStreams: C:\Users\user1\SkyDrive.old:ms-properties
    
    EmptyTemp:
    CMD: ipconfig /flushdns
    
  • Save it next to FRST.exe to your Downloads folder as filename fixlist.txt
  • NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are saved in the same location or the fix will not work.
  • Right-click FRST.exe and select " Run as administrator " to run it.
  • Press the Fix button just once. Then wait.
  • When finished, it will create a Fixlog.txt log on your Desktop.
  • Please post the content of the Fixlog.txt in your next reply.

Next.


I need you to run further scans for me.
Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
Important: Save all tools i ask you to download to your Desktop, if you don't know how to do this just ask.



Please download Malwarebytes' Anti-Malware and save to your desktop.

  • Right-click mbam-setup.exe And select " Run as administrator " then follow the prompts to install the program.
  • At the end, Uncheck enable free trial of Malwarebytes' Anti-Malware, (You can activate this when we've finished, if you wish)
  • Then click Finish.
  • You'll see an alert that "Databases out of date" Click the "Update Now" button.
  • Press the Scan Settings icon on the top bar of the MBAM interface, make sure Threat Scan is checked.
  • Press the Scan Now >> button.
  • When the scan is finished:
  • If clean, a message will be displayed "The scan completed successfully! No malicious items were detected!"
  • If infections were found, click the Quarantine all button.
  • Press the View detailed log >> link to display the results log.
  • Press the Copy to Clipboard button.
  • Copy and paste the scan results in your next reply and exit MBAM.

Next.

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Right click on adwcleaner.exe and select " Run as administrator " to run it.
  • Click on Scan.
  • When the scan has finished, uncheck any entries you don't want to remove, then click on Clean.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Logs/Information to Post in your Next Reply

  • FRST Fixlog.txt
  • Malwarebytes log.
  • AdwCleaner log.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Please, Help Me To Remove a Sturbon Installed Program

Unread postby Cypher » February 13th, 2015, 7:10 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 28 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware