start
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - {3643E908-98E6-4AB7-A81E-FA03A71BEB00} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=119351&tt=gc_&babsrc=SP_ss_din2g&mntrId=6A99001D92EF1EC8
SearchScopes: HKCU - {1B6569FA-16BF-4323-A212-C1DD31E61A1D} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=EAE88415-6BBE-41D8-9418-6E9CBAC1F6E4&apn_sauid=7B33C468-E8B5-46CC-8CF6-14484DDB7A63
SearchScopes: HKCU - {3643E908-98E6-4AB7-A81E-FA03A71BEB00} URL =
SearchScopes: HKCU - {F2C64193-CCE1-4CF1-ACFC-E80150AA87F4} URL = http://isearch.avg.com/search?cid={987EF8E2-48AF-4F80-B79B-5CA91678C042}&mid=cf78d5c81f0b47d6b5a0d154d40bf73b-ee1c65297195f0ac65fc3a4a2b045f8f9b35a58f&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-13
15:42:04&v=17.3.1.91&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\PROGRA~1\Funmoods\1.5.23.22\bh\escort.dll No File
BHO: AddThis Toolbar BHO -> {9EBF8AAF-0A31-4786-909A-97A0EF101743} -> C:\Program Files\AddThis Toolbar\Toolbar.dll ()
BHO: RewardsArcadeSuite -> {B6EF6C45-5E8D-4c3b-B580-A5073261A381} -> C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - AddThis Toolbar - {B43176CC-4D9E-493B-A636-D9CBFE39C6DA} - C:\Program Files\AddThis Toolbar\Toolbar.dll ()
Toolbar: HKLM - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~1\Funmoods\1.5.23.22\escorTlbr.dll No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Toolbar: HKCU - AddThis Toolbar - {B43176CC-4D9E-493B-A636-D9CBFE39C6DA} - C:\Program Files\AddThis Toolbar\Toolbar.dll ()
FF user.js: detected! => C:\Users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\g81znd2y.default\user.js
FF SearchPlugin: C:\Users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\g81znd2y.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\g81znd2y.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\g81znd2y.default\searchplugins\delta.xml
FF HKLM\...\Firefox\Extensions: [crossriderapp1950@crossrider.com] - C:\Users\doug\AppData\Local\RewardsArcadeSuite\1950\Firefox
FF Extension: RewardsArcade Suite - C:\Users\doug\AppData\Local\RewardsArcadeSuite\1950\Firefox [2012-01-23]
FF HKLM\...\Firefox\Extensions: [searchpredict@speedbit.com] - C:\Program Files\SearchPredict\PRFireFox
FF HKCU\...\Firefox\Extensions: [{A10ECFC7-BBE8-4E84-8043-9D35FBF75515}] - C:\Users\doug\AppData\Local\{A10ECFC7-BBE8-4E84-8043-9D35FBF75515}
CHR HKLM\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\doug\AppData\Local\funmoods.crx [2012-05-28]
CHR HKLM\...\Chrome\Extension: [ielefkgbofdpglioecfjcbikholflklb] - C:\Users\doug\AppData\Local\RewardsArcadeSuite\1950\Chrome\rewardsarcade-suite.crx [2011-12-22]
CHR HKLM\...\Chrome\Extension: [knlnhgoppkofgoieelflgbbicoganofl] - C:\Users\doug\AppData\Local\CRE\knlnhgoppkofgoieelflgbbicoganofl.crx [2012-11-30]
CHR HKCU\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\doug\AppData\Local\funmoods.crx [2012-05-28]
C:\Users\doug\jobq.dat
C:\Users\doug\AppData\Local\Temp\APNSetup.exe
C:\Users\doug\AppData\Local\Temp\contentDATs.exe
C:\Users\doug\AppData\Local\Temp\GUR5CBF.exe
C:\Users\doug\AppData\Local\Temp\GURE8D7.exe
C:\Users\doug\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\doug\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\doug\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\doug\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\doug\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\doug\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\doug\AppData\Local\Temp\lowproc.exe
C:\Users\doug\AppData\Local\Temp\mssinstaller.exe
C:\Users\doug\AppData\Local\Temp\oi_{EAF27ACA-F617-4D40-BE17-1DF9A971F973}.exe
C:\Users\doug\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
C:\Users\doug\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\doug\AppData\Local\Temp\stubhelper.dll
C:\Users\doug\AppData\Local\Temp\uninst1.exe
C:\Users\doug\AppData\Local\Temp\{0468C3B4-DF77-4425-AE64-78D734C27188}-31.0.1650.63_31.0.1650.57_chrome_updater.exe
C:\Users\doug\AppData\Local\Temp\{C84CBE4F-B862-4E43-AD5D-9F4DF40A2C35}-GoogleEarth-Win-Bundle-7.1.2.2041.exe
Task: {DC871D0D-56D1-41DF-8D9A-5AB6443CFBE7} - System32\Tasks\DSite
C:\Users\doug\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:43AAB821
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8
EmptyTemp:
End