Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Lisa O at 2014-09-15 19:24:01 Run:1
Running from C:\Users\Lisa O\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2070533570-1416338616-2031116776-1000\...\MountPoints2: {684ac34a-afde-11e1-be4a-dc0ea1387f83} - E:\windows\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A10B02 PID_0083
AppInit_DLLs-x32: c:\progra~3\browse~1\261070~1.41\{c16c1~1\browse~1.dll => "c:\progra~3\browse~1\261070~1.41\{c16c1~1\browse~1.dll" File Not Found
SearchScopes: HKLM - {0FA204D4-5326-43C7-A4D2-EDFB78E6EA59} URL =
www.ask.com/web?q={searchterms}&l=dis&o=ushplSearchScopes: HKLM - {c545daf1-0ba8-4467-8a9a-e98331664926} URL = search.freecause.com/search?ourmark=4&fr=freecause&ei=utf-8&type=60459&p={searchTerms}
CHR Extension: (AmazonSmile 1Button for Chrome) - C:\Users\Lisa O\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba [2014-05-07]
CHR Extension: (iGive Button) - C:\Users\Lisa O\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcjdamjhkmdccbmbilbpabpofenchge [2014-05-23]
2014-09-14 18:12 - 2014-09-14 18:12 - 01389936 _____ () C:\ProgramData\PMEdyJUo\dat\EpTBLdY.dll
2014-09-14 18:11 - 2014-09-14 18:12 - 01186160 _____ () C:\ProgramData\PMEdyJUo\dat\XvlCqzCAh.dll
2014-09-12 14:49 - 2014-09-14 12:00 - 00000000 ____D () C:\Users\Lisa O\AppData\Local\AstroArcade
2014-09-12 13:43 - 2014-09-14 20:24 - 00000000 ____D () C:\ProgramData\PMEdyJUo
2014-09-12 13:43 - 2014-09-12 13:43 - 00000000 ____D () C:\ProgramData\AstroArcade
2014-09-12 13:41 - 2014-09-12 15:17 - 00000000 ____D () C:\ProgramData\BoostSoftware
C:\Users\Lisa O\AppData\Local\Temp\APNStub.exe
C:\Users\Lisa O\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Lisa O\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Lisa O\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Lisa O\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Lisa O\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Lisa O\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Lisa O\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Lisa O\AppData\Local\Temp\Quarantine.exe
C:\Users\Lisa O\AppData\Local\Temp\swt-win32-3452.dll
C:\Users\Lisa O\AppData\Local\Temp\SymCCIS.dll
C:\Users\Lisa O\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Lisa O\AppData\Local\Temp\System.Data.SQLite81261.dll
C:\Users\Lisa O\AppData\Local\Temp\System.Data.SQLite98895.dll
C:\Users\Lisa O\AppData\Local\Temp\uninst1.exe
C:\Users\Lisa O\AppData\Local\Temp\_is90BA.exe
end
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-2070533570-1416338616-2031116776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{684ac34a-afde-11e1-be4a-dc0ea1387f83} - E:\windows\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000}" => Key not found.
"HKCR\CLSID\{684ac34a-afde-11e1-be4a-dc0ea1387f83} - E:\windows\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000}" => Key not found.
"c:\progra~3\browse~1\261070~1.41\{c16c1~1\browse~1.dll" => Value Data removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0FA204D4-5326-43C7-A4D2-EDFB78E6EA59}" => Key deleted successfully.
"HKCR\CLSID\{0FA204D4-5326-43C7-A4D2-EDFB78E6EA59}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{c545daf1-0ba8-4467-8a9a-e98331664926}" => Key deleted successfully.
"HKCR\CLSID\{c545daf1-0ba8-4467-8a9a-e98331664926}" => Key not found.
C:\Users\Lisa O\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba => Moved successfully.
C:\Users\Lisa O\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcjdamjhkmdccbmbilbpabpofenchge => Moved successfully.
"C:\ProgramData\PMEdyJUo\dat\EpTBLdY.dll" => File/Directory not found.
"C:\ProgramData\PMEdyJUo\dat\XvlCqzCAh.dll" => File/Directory not found.
C:\Users\Lisa O\AppData\Local\AstroArcade => Moved successfully.
"C:\ProgramData\PMEdyJUo" directory move:
Could not move "C:\ProgramData\PMEdyJUo\info.dat" => Scheduled to move on reboot.
Could not move "C:\ProgramData\PMEdyJUo\mCNILVl.dat" => Scheduled to move on reboot.
C:\ProgramData\PMEdyJUo\mCNILVl.exe => Moved successfully.
C:\ProgramData\PMEdyJUo\mCNILVl.exe.config => Moved successfully.
Could not move "C:\ProgramData\PMEdyJUo\dat\aympJrBrKUZ.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\PMEdyJUo\dat\aympJrBrKUZ.exe.config" => Scheduled to move on reboot.
Could not move "C:\ProgramData\PMEdyJUo\dat\GyGXEz.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\PMEdyJUo\dat\ZgDARTVU.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\PMEdyJUo\dat\ZgDARTVU.exe.config" => Scheduled to move on reboot.
Could not move "C:\ProgramData\PMEdyJUo\dat\zLntybZCsK.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\PMEdyJUo" directory. => Scheduled to move on reboot.
C:\ProgramData\AstroArcade => Moved successfully.
C:\ProgramData\BoostSoftware => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\APNStub.exe => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\swt-win32-3452.dll => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\SymCCIS.dll => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\System.Data.SQLite.dll => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\System.Data.SQLite81261.dll => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\System.Data.SQLite98895.dll => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\uninst1.exe => Moved successfully.
C:\Users\Lisa O\AppData\Local\Temp\_is90BA.exe => Moved successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-15 19:27:07)<=
C:\ProgramData\PMEdyJUo\info.dat => Is moved successfully.
C:\ProgramData\PMEdyJUo\mCNILVl.dat => Is moved successfully.
C:\ProgramData\PMEdyJUo\dat\aympJrBrKUZ.exe => Is moved successfully.
C:\ProgramData\PMEdyJUo\dat\aympJrBrKUZ.exe.config => Is moved successfully.
C:\ProgramData\PMEdyJUo\dat\GyGXEz.dll => Is moved successfully.
C:\ProgramData\PMEdyJUo\dat\ZgDARTVU.exe => Is moved successfully.
C:\ProgramData\PMEdyJUo\dat\ZgDARTVU.exe.config => Is moved successfully.
C:\ProgramData\PMEdyJUo\dat\zLntybZCsK.dll => Is moved successfully.
C:\ProgramData\PMEdyJUo => Is moved successfully.
==== End of Fixlog ====