Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

HELP! IoBit System Explorer / Malware Report


LozinIt

Recommended Posts

Posted

I have many things going on.

 

1. :twisted: Mouse Misbehavior

  • Right Clicking - Flashes the menu but immediately disappears not allowing me to see whats available or make any selections.
     
  • Left Clicking gives No menu - Can't select choices or change anything.
     
  • Scrolling IMPOSSIBLE info flashes on the screen but cannot read it & immediately back at the top & cannot go anywhere else.
    I've been able to overcome some of these issues by using the arrow keys or keyboard shortcuts (ex.Ctrl c) but doesn't always work.
    In the browser there is no history and unable to use any setting controls

2. :evil: Software Installation - Malwarebytes Anti-Malware was installed on the machine & I would use periodically but it's now gone. Tried to re-install - mbam-setup-1.70.0.1100.exe but am unable to change the language keeps defaulting to Bosanski - try to pick English by scrolling with arrowq keys but defaults & can't read the language{Bosanski}

 

3. :idea: Computer Freeze Up - at times nothing will work not even ctrl+alt+del - says I don't have permission to use ctrl+alt+del so I have to use the power button.

 

4. :roll: Screen Trailing - Parts of the program/file stay on the screen after closing & the bar at the bottom looks as if 5 are stacked on top of each other.

 

 

I need help badly as I have nothing more I know to do.

  • I have ran ASCU - Report attached
     
  • I have run IO Malware -Report attached
     
  • I have run SUPERspy ware free version - Report attached
     
  • I have run UnThreat - Report attached

 

Browser Chrome.

 

:-| I will be patiently awaiting for someone to tell me what to do next....

Thank you in advance for any help you can give me.

Posted

Advanced SystemCare Diagnose Report v1.0

Date: 2013/11/07 21:36:52

 

----------------------------------

01 - Operating System

----------------------------------

 

0101 - Operating System : Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.130828-1532)

0102 - Language : English (Regional Setting: English)

0103 - BIOS : InsydeH2O Version 03.61.01F.0B

0104 - Processor : Intel® Core i5-2450M CPU @ 2.50GHz (4 CPUs), ~2.5GHz

0105 - Memory : 6144MB RAM

0106 - Available OS Memory : 6092MB RAM

0107 - Page File : 3456MB used, 8724MB available

0108 - Windows Dir : C:\Windows

0109 - DirectX Version : DirectX 11�

0110 - DX Setup Parameters : Not found

0111 - User DPI Setting : 120 DPI (125 percent)

0112 - System DPI Setting : 96 DPI (100 percent)

0113 - DWM DPI Scaling : Disabled

0114 - DxDiag Version : 6.01.7601.17514

 

----------------------------------

02 - Processor

----------------------------------

 

0201 - Caption : Intel® Core i5-2450M CPU @ 2.50GHz x4 ~2501MHz

0202 - Current Clock Speed : 2501MHz

0203 - L1 Cache : 32.00 KB

0204 - L2 Cache : 256.00 KB

0205 - L3 Cache : 3.00 MB

 

----------------------------------

03 - Video Adapter

----------------------------------

 

0301 - Card Name : Intel® HD Graphics 3000

0302 - Manufacturer : Intel Corporation

0303 - Chip Type : Intel® HD Graphics Family

0304 - DAC Type : Internal

0305 - Device Key : Enum\PCI\VEN_8086&DEV_0126&SUBSYS_1793103C&REV_09

0306 - Display Memory : 1696 MB

0307 - RAM Adapter : N/A

0308 - Current Mode : 1280 x 1024 (32 bit) (60Hz)

0309 - Monitor Name : Acer LCD Monitor AL1916

0310 - Driver Name : igdumd64.dll,igd10umd64.dll,igd10umd64.dll,igdumd32,igd10umd32,igd10umd32

0311 - Driver Version : 9.17.0010.3223

0312 - Driver Language : English

0313 - DDI Version : 10.1

0314 - Driver Model : WDDM 1.1

0315 - Driver Beta : False

0316 - Driver Debug : False

0317 - Driver Date : 9/18/2013 03:33:47

0318 - Driver Size : 12615680

0319 - VDD : n/a

0320 - Mini VDD : n/a

0321 - Mini VDD Date : n/a

0322 - Mini VDD Size : 0

0323 - Device Identifier : {D7B78E66-4266-11CF-1B7F-9937B7C2C435}

0324 - Vendor ID : 0x8086

0325 - Device ID : 0x0126

0326 - SubSys ID : 0x1793103C

0327 - Revision ID : 0x0009

0328 - Driver Strong Name : oem81.inf:Intel.Mfg.NTamd64:iSNBM0:9.17.10.3223:pci\ven_8086&dev_0126

0329 - Rank Of Driver : 00E02001

0330 - Video Accel : ModeMPEG2_A ModeMPEG2_C ModeWMV9_C ModeVC1_C

0331 - Deinterlace Caps : {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

0332 - D3D9 Overlay : Supported

0333 - DXVA-HD : Supported

0334 - DDraw Status : Enabled

0335 - D3D Status : Enabled

0336 - AGP Status : Enabled

0337 - Notes : No problems found.

 

0338 - OpenGL : 6.1.7600.16385 (win7_rtm.090713-1255)

 

----------------------------------

04 - Memory

----------------------------------

 

0401 - Total Memory : 5.95 GB

0402 - Free Memory : 2.92 GB

0403 - Total Pagefile : 11.90 GB

0404 - Free Pagefile : 8.51 GB

 

0405 - Bank Label : BANK 0

0406 - Speed : 1333 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 2.00 GB

 

0405 - Bank Label : BANK 2

0406 - Speed : 1333 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 4.00 GB

 

----------------------------------

05 - Network

----------------------------------

 

0501 - Description : Intel® Centrino® Wireless-N 1030

0502 - Driver Date : 2-20-2012

0503 - Driver Version : 15.1.0.18

 

----------------------------------

06 - Motherboard

----------------------------------

 

0601 - Product : 1793

0602 - Manufacturer : Hewlett-Packard

 

----------------------------------

07 - Sound Device

----------------------------------

 

0701 - Description : Speakers and Headphones (IDT High Definition Audio CODEC)

0702 - Default Sound Playback : True

0703 - Default Voice Playback : False

0704 - Hardware ID : HDAUDIO\FUNC_01&VEN_111D&DEV_76E0&SUBSYS_103C1793&REV_1001

0705 - Manufacturer ID : 1

0706 - Product ID : 100

0707 - Type : WDM

0708 - Driver Name : stwrt64.sys

0709 - Driver Version : 6.10.6418.0000

0710 - Driver attributes : Final Retail

0711 - Date and Size : 10/31/2012 06:15:05

0713 - Driver Provider : IDT

0714 - Min/Max Sample Rate : 4316782, 4316782

0715 - Static/Strm HW Mix Bufs : 4316782, 4316782

0716 - Static/Strm HW 3D Bufs : 4316782, 4316782

0717 - HW Memory : 4316790

0718 - Voice Management : False

0719 - EAX 2.0 Listen/Src : False, False

0720 - I3DL2 Listen/Src : False, False

0721 - Notes : No problems found.

 

0701 - Description : Communications Headphones (IDT High Definition Audio CODEC)

0702 - Default Sound Playback : False

0703 - Default Voice Playback : True

0704 - Hardware ID : HDAUDIO\FUNC_01&VEN_111D&DEV_76E0&SUBSYS_103C1793&REV_1001

0705 - Manufacturer ID : 1

0706 - Product ID : 100

0707 - Type : WDM

0708 - Driver Name : stwrt64.sys

0709 - Driver Version : 6.10.6418.0000

0710 - Driver attributes : Final Retail

0711 - Date and Size : 10/31/2012 06:15:05

0713 - Driver Provider : IDT

0714 - Min/Max Sample Rate : 4316782, 4316782

0715 - Static/Strm HW Mix Bufs : 4316782, 4316782

0716 - Static/Strm HW 3D Bufs : 4316782, 4316782

0717 - HW Memory : 4316790

0718 - Voice Management : False

0719 - EAX 2.0 Listen/Src : False, False

0720 - I3DL2 Listen/Src : False, False

0721 - Notes : No problems found.

 

 

----------------------------------

08 - Hard Disk

----------------------------------

 

0801 - Model : ATA Hitachi HTS54757 SCSI Disk Device

0802 - Media Type : Fixed hard disk media

0803 - Size : 698.64 GB

0805 - Driver Date : 6-21-2006

0806 - Driver Version : 6.1.7600.16385

 

0807 - Caption : C:\

0808 - Capacity : 678.63 GB

0809 - Free Space : 457.54 GB

0810 - Drive Type : 3-Fixed

0811 - File System : NTFS

 

0807 - Caption : D:\

0808 - Capacity : 15.85 GB

0809 - Free Space : 1.72 GB

0810 - Drive Type : 3-Fixed

0811 - File System : NTFS

 

0807 - Caption : E:\

0808 - Capacity : 3.96 GB

0809 - Free Space : 1.09 GB

0810 - Drive Type : 3-Fixed

0811 - File System : FAT32

 

0807 - Caption : Q:\

 

----------------------------------

09 - Process

----------------------------------

 

0901 - 0000 Idle 0 0 0

0901 - 0004 System 0 0 0

0901 - 0124 smss.exe 0 0 0 normal

0901 - 01f4 csrss.exe 0 0 0 normal

0901 - 0230 wininit.exe 0 0 0 high

0901 - 024c csrss.exe 1 174 83 normal

0901 - 0274 services.exe 0 0 0 normal

0901 - 0284 lsass.exe 0 0 0 normal

0901 - 028c lsm.exe 0 0 0 normal

0901 - 02f0 svchost.exe 0 0 0 normal

0901 - 0328 ascsvc.exe 0 0 0 high C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate

0901 - 034c ascavsvc.exe 0 0 0 normal C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate

0901 - 01d4 agent_x64.exe 0 0 0 normal

0901 - 01fc TrueSuiteService.exe 0 0 0 normal C:\Program Files (x86)\HP SimplePass 2012

0901 - 0288 svchost.exe 0 0 0 normal

0901 - 0434 MsMpEng.exe 0 0 0 normal

0901 - 0464 winlogon.exe 1 7 0 high

0901 - 050c svchost.exe 0 0 0 normal

0901 - 0534 svchost.exe 0 0 0 normal

0901 - 0550 svchost.exe 0 0 0 normal

0901 - 0570 stacsv64.exe 0 0 0 normal

0901 - 0634 svchost.exe 0 0 0 normal

0901 - 0658 svchost.exe 0 0 0 normal

0901 - 0698 hpservice.exe 0 0 0 normal

0901 - 0764 svchost.exe 0 0 0 normal

0901 - 07bc wlanext.exe 0 0 0 normal

0901 - 07c4 conhost.exe 0 0 0 normal

0901 - 0558 spoolsv.exe 0 0 0 normal

0901 - 06a0 svchost.exe 0 0 0 normal

0901 - 06ec svchost.exe 0 0 0 normal

0901 - 0788 IMFsrv.exe 0 0 0 normal C:\Program Files (x86)\IObit\IObit Malware Fighter

0901 - 0844 SASCore64.exe 0 0 0 normal

0901 - 085c armsvc.exe 0 0 0 normal C:\Program Files (x86)\Common Files\Adobe\ARM\1.0

0901 - 0890 EvtEng.exe 0 0 0 normal

0901 - 08b8 HPDrvMntSvc.exe 0 0 0 normal C:\Program Files (x86)\Hewlett-Packard\Shared

0901 - 08dc HPWMISVC.exe 0 0 0 normal C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch

0901 - 0904 RIconMan.exe 0 0 0 normal

0901 - 0920 iSCTAgent.exe 0 0 0 realtime C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent

0901 - 093c jhi_service.exe 0 0 0 normal C:\Program Files (x86)\Intel\Services\IPT

0901 - 0958 NielsenUpdate.exe 0 0 0 normal C:\Program Files (x86)\NetRatingsNetSight\NetSight

0901 - 09a8 pcCMService.exe 0 0 0 normal C:\Program Files (x86)\Common Files\Motive

0901 - 09dc pcCMService.exe 0 0 0 normal

0901 - 0a10 PDFProFiltSrv.exe 0 0 0 normal C:\Program Files (x86)\Nuance\PDF Professional 6

0901 - 0a34 RegSrvc.exe 0 0 0 normal

0901 - 0a6c ISCTHidMonitor.exe 0 0 0 normal C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent

0901 - 0a8c conhost.exe 0 0 0 normal

0901 - 0bd8 sftvsa.exe 0 0 0 normal C:\Program Files (x86)\Microsoft Application Virtualization Client

0901 - 0bf4 utsvc.exe 0 0 0 normal C:\Program Files\UnThreat AntiVirus

0901 - 0960 WLIDSVC.EXE 0 0 0 normal

0901 - 0994 ZeroConfigService.exe 0 0 0 normal

0901 - 0c08 sftlist.exe 0 0 0 normal C:\Program Files (x86)\Microsoft Application Virtualization Client

0901 - 0c28 unsecapp.exe 0 0 0 normal

0901 - 0c3c WLIDSVCM.EXE 0 0 0 normal

0901 - 0ce8 WmiPrvSE.exe 0 0 0 normal

0901 - 0ed0 CVHSVC.EXE 0 0 0 normal C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler

0901 - 1128 NisSrv.exe 0 0 0 normal

0901 - 1180 svchost.exe 0 0 0 normal

0901 - 128c svchost.exe 0 0 0 normal

0901 - 136c taskhost.exe 1 34 30 normal

0901 - 13dc TouchControl.exe 1 17 18 normal C:\Program Files (x86)\HP SimplePass 2012

0901 - 13fc ISCTHidMonitor.exe 1 9 5 normal C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent

0901 - 10bc BioMonitor.exe 1 9 4 normal C:\Program Files (x86)\HP SimplePass 2012

0901 - 1098 conhost.exe 1 14 8 normal

0901 - 1200 explorer.exe 1 536 279 normal

0901 - 12b0 GoogleCrashHandler.exe 0 0 0 idle C:\Program Files (x86)\Google\Update\1.3.21.165

0901 - 0b7c GoogleCrashHandler64.exe 0 0 0 idle

0901 - 123c unsecapp.exe 1 9 3 normal

0901 - 15d0 SearchIndexer.exe 0 0 0 normal

0901 - 163c taskeng.exe 1 9 3 normal

0901 - 1694 YCMMirage.exe 1 18 11 below normal C:\Program Files (x86)\CyberLink\YouCam

0901 - 1708 msseces.exe 1 290 185 normal

0901 - 1484 UnThreat.exe 1 340 195 normal C:\Program Files\UnThreat AntiVirus

0901 - 1540 chrome.exe 1 9 6 normal C:\Program Files (x86)\Google\Chrome\Application

0901 - 1558 ASCTray.exe 1 72 38 normal C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate

0901 - 087c nielsenonline.exe 1 9 7 normal C:\Program Files (x86)\NetRatingsNetSight\NetSight

0901 - 02f8 jusched.exe 1 9 2 normal C:\Program Files (x86)\Common Files\Java\Java Update

0901 - 0dc4 nielsenonline.exe 1 50 51 normal C:\Program Files (x86)\NetRatingsNetSight\NetSight

0901 - 1600 svchost.exe 0 0 0 normal

0901 - 00ac BTHSAmpPalService.exe 0 0 0 normal

0901 - 08f8 BTHSSecurityMgr.exe 0 0 0 normal

0901 - 07f4 IAStorDataMgrSvc.exe 0 0 0 normal C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology

0901 - 1aa0 LMS.exe 0 0 0 normal C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS

0901 - 18c0 NielsenOnline64.exe 1 39 29 normal

0901 - 18c4 UNS.exe 0 0 0 normal C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS

0901 - 14a8 IELowutil.exe 1 9 3 below normal C:\Program Files (x86)\Internet Explorer

0901 - 1bec HPSA_Service.exe 0 0 0 normal

0901 - 1920 PDFPRO6HOOK.EXE 1 10 11 normal C:\PROGRAM FILES (X86)\NUANCE\PDF PROFESSIONAL 6

0901 - 11ac HPMSGSVC.EXE 1 35 9 normal C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP QUICK LAUNCH

0901 - 17d4 HPOSD.EXE 1 19 11 normal C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP ON SCREEN DISPLAY

0901 - 0e90 HPQWUTILS.EXE 1 13 5 normal C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP QUICKWEB

0901 - 1a80 hpqWmiEx.exe 0 0 0 normal C:\Program Files (x86)\Hewlett-Packard\Shared

0901 - 1bf0 NUSB3MON.EXE 1 18 8 normal C:\PROGRAM FILES (X86)\NEC ELECTRONICS\USB 3.0 HOST CONTROLLER DRIVER\APPLICATION

0901 - 0850 sttray64.exe 1 22 20 normal

0901 - 1170 igfxpers.exe 1 9 4 normal

0901 - 14dc hkcmd.exe 1 9 18 normal

0901 - 1940 igfxtray.exe 1 19 12 normal

0901 - 1c20 ICCProxy.exe 0 0 0 normal C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service

0901 - 1c54 SynTPEnh.exe 1 82 40 above normal

0901 - 1d80 COOLSENSE.EXE 1 43 17 normal C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP COOLSENSE

0901 - 1dc0 Ereg.exe 1 0 0 normal

0901 - 1edc SynTPHelper.exe 1 9 3 above normal

0901 - 3a20 devmonsrv.exe 0 0 0 normal C:\Program Files (x86)\Intel\Bluetooth

0901 - 4e1c ASC.exe 1 3013 141 normal C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate

0901 - 4ea8 igfxsrvc.exe 1 9 2 normal

0901 - 597c dllhost.exe 1 9 4 normal

0901 - 752c PresentationFontCache.exe 0 0 0 normal

0901 - 1df8 svchost.exe 0 0 0 normal

0901 - db58 SUPERANTISPYWARE.EXE 1 43 29 normal

0901 - d8ac MpCmdRun.exe 0 0 0 normal

0901 - d160 MpCmdRun.exe 0 0 0 normal

0901 - dbc8 conhost.exe 0 0 0 normal

0901 - d0bc Sus10_SysExplorer.exe 1 105 47 normal C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate

0901 - d044 MpCmdRun.exe 0 0 0 normal

0901 - d5d8 WmiPrvSE.exe 0 0 0 normal

0901 - da14 taskeng.exe 1 9 3 normal

0901 - d868 audiodg.exe 0 0 0

 

 

----------------------------------

10 - Service

----------------------------------

 

1001 - SAS Core Service - ["C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"]

1001 - Adobe Acrobat Update Service - ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"]

1001 - Advanced SystemCare Service 6 - [C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe]

1001 - Application Experience - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Agent - [C:\Windows\agent_x64.exe]

1001 - Intel® Centrino® Wireless Bluetooth® + High Speed Service - [C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe]

1001 - Application Information - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - AdvancedSystemCareAntivirus - [C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe]

1001 - Windows Audio Endpoint Builder - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Windows Audio - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - Base Filtering Engine - [C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork]

1001 - Background Intelligent Transfer Service - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Bluetooth Device Monitor - ["C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"]

1001 - Computer Browser - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Bluetooth Support Service - [C:\Windows\system32\svchost.exe -k bthsvcs]

1001 - Intel® Centrino® Wireless Bluetooth® + High Speed Security Service - ["C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"]

1001 - Cryptographic Services - [C:\Windows\system32\svchost.exe -k NetworkService]

1001 - Client Virtualization Handler - ["C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"]

1001 - DHCP Client - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - DNS Client - [C:\Windows\system32\svchost.exe -k NetworkService]

1001 - Extensible Authentication Protocol - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Windows Event Log - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - COM+ Event System - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Intel® PROSet/Wireless Event Log - [C:\Program Files\Intel\WiFi\bin\EvtEng.exe]

1001 - Windows Font Cache Service - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Windows Presentation Foundation Font Cache 3.0.0.0 - [C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe]

1001 - TrueSuiteService - ["C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe"]

1001 - Human Interface Device Access - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - HP Support Assistant Service - ["C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"]

1001 - HP Quick Synchronization Service - ["C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"]

1001 - HP Software Framework Service - ["C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"]

1001 - HP Service - [C:\Windows\system32\Hpservice.exe]

1001 - HPWMISVC - [C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe]

1001 - Intel® Rapid Storage Technology - ["C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"]

1001 - Intel® Integrated Clock Controller Service - Intel® ICCS - ["C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe"]

1001 - IconMan_R - ["C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"]

1001 - IKE and AuthIP IPsec Keying Modules - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - IMF Service - [C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe]

1001 - ISCT Always Updated Agent - [C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe]

1001 - Intel® Identity Protection Technology Host Interface Service - [C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe]

1001 - CNG Key Isolation - [C:\Windows\system32\lsass.exe]

1001 - Server - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Workstation - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - TCP/IP NetBIOS Helper - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - Intel® Management and Security Application Local Management Service - [C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe]

1001 - Windows Firewall - [C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork]

1001 - Network Connections - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Network List Service - [C:\Windows\System32\svchost.exe -k LocalService]

1001 - Nielsen Update - [C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe]

1001 - Network Location Awareness - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - Network Store Interface Service - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Program Compatibility Assistant Service - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - pcCMService - ["C:\Program Files (x86)\Common Files\Motive\pcCMService.exe"]

1001 - pcCMService64 - ["C:\Program Files\Common Files\Motive\pcCMService.exe"]

1001 - PDFProFiltSrv - [C:\Program Files (x86)\Nuance\PDF Professional 6\PDFProFiltSrv.exe]

1001 - Plug and Play - [C:\Windows\system32\svchost.exe -k DcomLaunch]

1001 - IPsec Policy Agent - [C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted]

1001 - Power - [C:\Windows\system32\svchost.exe -k DcomLaunch]

1001 - User Profile Service - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Remote Access Connection Manager - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Intel® PROSet/Wireless Registry Service - [C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe]

1001 - Security Accounts Manager - [C:\Windows\system32\lsass.exe]

1001 - System Event Notification Service - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Application Virtualization Client - ["C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"]

1001 - Application Virtualization Service Agent - ["C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"]

1001 - Shell Hardware Detection - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Print Spooler - [C:\Windows\System32\spoolsv.exe]

1001 - SSDP Discovery - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]

1001 - Secure Socket Tunneling Protocol Service - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Audio Service - [C:\Program Files\IDT\WDM\STacSV64.exe]

1001 - Windows Image Acquisition (WIA) - [C:\Windows\system32\svchost.exe -k imgsvc]

1001 - Superfetch - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Telephony - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - Themes - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Intel® Management and Security Application User Notification Service - ["C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"]

1001 - UnThreat Service Manager - [C:\Program Files\UnThreat AntiVirus\utsvc.exe]

1001 - Credential Manager - [C:\Windows\system32\lsass.exe]

1001 - Windows Biometric Service - [C:\Windows\system32\svchost.exe -k WbioSvcGroup]

1001 - Windows Management Instrumentation - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - WLAN AutoConfig - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Windows Live ID Sign-in Assistant - ["C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"]

1001 - Security Center - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - Windows Search - [C:\Windows\system32\SearchIndexer.exe /Embedding]

1001 - Windows Update - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Windows Driver Foundation - User-mode Driver Framework - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Intel® PROSet/Wireless Zero Configuration Service - ["C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"]

 

----------------------------------

11 - Windows Experience Index

----------------------------------

 

1101 - System Score : 4.1

1102 - Memory Score : 7.5

1103 - CPU Score : 6.2

1104 - Graphics Score : 4.1

1105 - Gaming Score : 5.7

1106 - Disk Score : 5.9

 

----------------------------------

12 - Event Log

----------------------------------

 

1201 - Time : 11/7/2013 10:00:27 PM

1202 - Source : Chrome

1203 - Description : N/A

 

1201 - Time : 11/6/2013 10:26:58 AM

1202 - Source : Windows Search Service

1203 - Description : The index cannot be initialized. Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 11/6/2013 10:26:58 AM

1202 - Source : Windows Search Service

1203 - Description : The application cannot be initialized. Context: Windows Application Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 11/6/2013 10:26:58 AM

1202 - Source : Windows Search Service

1203 - Description : The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 11/6/2013 10:26:53 AM

1202 - Source : Windows Search Service

1203 - Description : The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

 

1201 - Time : 11/6/2013 10:26:53 AM

1202 - Source : Windows Search Service

1203 - Description : The search service has detected corrupted data files in the index {id=431}. The service will attempt to automatically correct this problem by rebuilding the index. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

 

1201 - Time : 11/6/2013 10:26:53 AM

1202 - Source : Windows Search Service

1203 - Description : The gatherer is unable to read the registry Path. Context: Application, SystemIndex Catalog Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 11/6/2013 10:26:37 AM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 11/6/2013 10:26:36 AM

1202 - Source : ISCT Agent

1203 - Description : N/A

 

1201 - Time : 11/6/2013 10:26:36 AM

1202 - Source : ISCT Agent

1203 - Description : N/A

 

1201 - Time : 11/8/2013 10:29:01 AM

1202 - Source : DCOM

1203 - Description : The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

 

1201 - Time : 11/8/2013 10:27:52 AM

1202 - Source : DCOM

1203 - Description : The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

 

1201 - Time : 11/8/2013 10:19:01 AM

1202 - Source : DCOM

1203 - Description : The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

 

1201 - Time : 11/8/2013 10:17:52 AM

1202 - Source : DCOM

1203 - Description : The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

 

1201 - Time : 11/8/2013 10:09:01 AM

1202 - Source : DCOM

1203 - Description : The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

 

1201 - Time : 11/8/2013 10:07:52 AM

1202 - Source : DCOM

1203 - Description : The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

 

1201 - Time : 11/8/2013 9:59:01 AM

1202 - Source : DCOM

1203 - Description : The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

 

1201 - Time : 11/8/2013 9:57:52 AM

1202 - Source : DCOM

1203 - Description : The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

 

1201 - Time : 11/8/2013 9:49:01 AM

1202 - Source : DCOM

1203 - Description : The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

 

1201 - Time : 11/8/2013 9:47:52 AM

1202 - Source : DCOM

1203 - Description : The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

 

----------------------------------

End of file - 40736 Bytes

Posted

DDS Report 2012_11 09

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2

Run by Cindy at 4:06:26 on 2013-11-09

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.2708 [GMT -5:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

AV: UnThreat AntiVirus *Enabled/Updated* {F8368DCB-A421-E485-9F63-76DC70EAD126}

AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}

SP: UnThreat AntiSpyware *Enabled/Updated* {43576C2F-821B-EB0B-A5D3-4DAE0B6D9B9B}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe

C:\Windows\agent_x64.exe

C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe

C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe

C:\Program Files (x86)\Common Files\Motive\pcCMService.exe

C:\Program Files\Common Files\Motive\pcCMService.exe

C:\Program Files (x86)\Nuance\PDF Professional 6\PDFProFiltSrv.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files\UnThreat AntiVirus\utsvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\NielsenOnline64.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\PROGRAM FILES\IDT\WDM\STTRAY64.EXE

C:\WINDOWS\SYSTEM32\IGFXPERS.EXE

C:\WINDOWS\SYSTEM32\HKCMD.EXE

C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE

C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

C:\Program Files\SYNAPTICS\SYNTP\SYNTPENH.EXE

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe

C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe

C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe

C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://www.google.com/

uWindow Title = Internet Explorer, enhanced for Bing and MSN

uSearch Page = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=US&userid=d2eed93a-cbb6-4cf0-8613-c75572a847a7&searchtype=ds&q={searchTerms}&installDate={installDate}

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=US&userid=d2eed93a-cbb6-4cf0-8613-c75572a847a7&searchtype=ds&q={searchTerms}&installDate={installDate}

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uURLSearchHooks: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - <orphaned>

uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.3\iobitappsToolbarIE.dll

uURLSearchHooks: {00000000-6E41-4FD3-8538-502F5495E5FC} - <orphaned>

mURLSearchHooks: {7f7f82f1-7c95-47cd-814f-950b56d58fc3} - <orphaned>

mWinlogon: Userinit = userinit.exe

BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.3\iobitappsToolbarIE.dll

BHO: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - <orphaned>

BHO: <No Name>: {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files (x86)\SiteRanker\SiteRank.dll

BHO: Snap.DoEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: AccelerateTab: {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll

BHO: SmartSignin: {595B017C-02FD-54A2-9EEB-995F5E73B85B} - C:\Program Files\SmartSignin\bho32.dll

BHO: {61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd} - <orphaned>

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>

BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll

BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASCPlugin_Protection.dll

BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - <orphaned>

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

BHO: PriceBlink.Plugin: {f904f51b-52dd-42ec-9dc8-d0856a0d1d67} -

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: Snap.Do: {ae07101b-46d4-4a98-af68-0333ea26e113} -

TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.3\iobitappsToolbarIE.dll

uRun: [Google Update] "C:\Users\CindyLeger\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

uRun: [0DA8D6AE20E46C43084786FFCD608EDD0FA8E160._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

uRun: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart

uRun: [smartRAM] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Suo10_SmartRAM.exe" /m

uRun: [googletalk] "C:\Users\Cindy\AppData\Roaming\Google\Google Talk\googletalk.exe" /autostart

uRun: [skitch] C:\Program Files (x86)\Evernote\Skitch\Skitch.exe -start-on-hide

uRunOnce: [Application Restart #2] C:\Users\Cindy\AppData\Local\Torch\Application\torch.exe --flag-switches-begin --sync-keystore-encryption --flag-switches-end --restore-last-session -- mailto:tzm9t-3960005188@hous.craigslist.org?subject=-%20%241200%20%2F%202br%20-%201170ft%26sup2%3B%20-%20Venice-3%20bedroom%2F%202%20bathroom%20single%20family%20house%20%28Venice%20Gardens%29&body=%0A%0Ahttp%3A%2F%2Fsarasota.craigslist.org%2Fapa%2F3960005188.html%0A

uRunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --force-compositing-mode --flag-switches-end --restore-last-session -- "http://www.superantispyware.com/whatsnew.html?version=5, 6, 0, 1040&trial=no&activated=no&appid={CC195A74-F186-4125-8490-E5B492407471}"

mRun: [NielsenOnline] C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe

mRun: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{5E4BD137-720D-4F2A-B5C0-A729A64F7931} : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{5E4BD137-720D-4F2A-B5C0-A729A64F7931}\143737F63696164796F6E6 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{5E4BD137-720D-4F2A-B5C0-A729A64F7931}\2656C6B696E6E2135326E2765756374737 : DHCPNameServer = 192.168.169.1

TCP: Interfaces\{5E4BD137-720D-4F2A-B5C0-A729A64F7931}\7457563747E65647 : DHCPNameServer = 8.8.8.8 8.8.4.4 4.2.2.2 4.2.2.1

TCP: Interfaces\{5E4BD137-720D-4F2A-B5C0-A729A64F7931}\C696E6B6379737 : DHCPNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{5E4BD137-720D-4F2A-B5C0-A729A64F7931}\E4544574541425 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{B7384859-FDC1-4570-B1FF-E8A6E1A2C78C} : DHCPNameServer = 192.168.42.129

TCP: Interfaces\{C615D081-5A8D-4104-98AD-6AFFB596B439} : NameServer = 208.67.222.222,208.67.220.220

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs=

SSODL: WebCheck - <orphaned>

mASetup: Neat ADF Scanner 2008 - reg copy "HKLM\Software\Wow6432Node\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Snap.DoEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -

x64-BHO: SmartSignin: {595B017C-02FD-54A2-9EEB-995F5E73B85B} - C:\Program Files\SmartSignin\bho64.dll

x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll

x64-TB: Snap.Do: {ae07101b-46d4-4a98-af68-0333ea26e113} -

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

x64-Run: [sBRegRebootCleaner] "C:\Program Files\UnThreat AntiVirus\SBRC.exe"

x64-Run: [unThreat] "C:\Program Files\UnThreat AntiVirus\UnThreat.exe" -silent

x64-RunOnce: [NCPluginUpdater] "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

x64-SSODL: WebCheck - <orphaned>

x64-mASetup: Send To Neat - reg copy "HKLM\Software\The Neat Company\Send To Neat" "HKCU\Software\The Neat Company\Send To Neat" /s /f

x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn

.

============= SERVICES / DRIVERS ===============

.

R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-9-18 652344]

R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-9-18 28216]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-12-1 45856]

R1 nnfwdk;Nielsen WFP Driver;C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\nnfwdk64.sys [2013-10-22 26664]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe [2013-8-23 1050496]

R2 Agent;Agent;C:\Windows\agent_x64.exe [2012-6-23 102912]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]

R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe [2013-8-23 625536]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]

R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-8-10 197536]

R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-12-26 13592]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-26 2375168]

R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-8-23 335168]

R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2011-9-6 93696]

R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-9-28 212944]

R2 NielsenUpdate;Nielsen Update;C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2012-9-22 2837032]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 139616]

R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2012-3-24 361472]

R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2012-3-24 441344]

R2 PDFProFiltSrv;PDFProFiltSrv;C:\Program Files (x86)\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-11-2 134944]

R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2013-4-13 82872]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-26 2656280]

R2 UTSvcManager3;UnThreat Service Manager;C:\Program Files\UnThreat AntiVirus\utsvc.exe [2013-4-13 2852016]

R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-2-26 2669840]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\amppal.sys [2012-1-9 195584]

R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2012-10-18 1111856]

R3 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]

R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-8-29 53760]

R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-10-10 288768]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]

R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-8-23 23048]

R3 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]

R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-9-18 169752]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]

R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-18 46568]

R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-8-5 25496]

R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2013-1-3 79240]

R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2013-1-3 15752]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-10 91648]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-10 208896]

R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-8-23 34336]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-12-26 338536]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-9-18 872152]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]

R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-8-23 23016]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SecureUpdateSvc;SecureUpdate;C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [2013-8-23 2298704]

S2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1; [x]

S2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0; [x]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\amppal.sys [2012-1-9 195584]

S3 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2013-7-5 807800]

S3 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-4-8 32808]

S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]

S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]

S3 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]

S3 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-8-5 34200]

S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]

S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2012-1-25 22016]

S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2012-1-25 9728]

S3 MotDev;Motorola Inc. USB Device;C:\Windows\System32\drivers\motodrv.sys [2009-5-8 53632]

S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2012-1-25 27136]

S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 11776]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-2-26 273168]

S3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2012-5-4 15360]

S3 qrkis;Tether Miniport;C:\Windows\System32\drivers\qrkis.sys [2012-3-20 50856]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-28 19456]

S3 sbhips;sbhips;C:\Windows\System32\drivers\sbhips.sys [2013-4-13 61216]

S3 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 Tether;Tether;C:\Program Files (x86)\Tether\TBService.exe [2012-5-19 52664]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-28 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-28 30208]

S3 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-6-30 1598128]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-17 1255736]

S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]

S4 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]

S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S4 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-3-16 389120]

S4 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2010-4-22 25824]

S4 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2012-2-1 214896]

S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-11-09 02:37:33 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B677A960-7B60-43F4-A096-068C2069D2CC}\mpengine.dll

2013-11-08 02:37:52 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-11-06 08:19:02 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E5E0EFCE-9A6E-4549-9F59-AD22674D90B4}\gapaengine.dll

2013-11-03 14:37:45 -------- d-----w- C:\Users\Cindy\AppData\Local\Skitch

2013-11-01 19:33:55 796072 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-11-01 19:33:54 873384 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-11-01 00:57:08 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-11-01 00:52:32 -------- d-----w- C:\ProgramData\Oracle

2013-10-19 04:36:20 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F43DD5DD-052F-43F0-97EE-9EC59F2087FC}\gapaengine.dll

.

==================== Find3M ====================

.

2013-10-08 23:22:42 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-08 23:22:42 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-10-08 23:22:13 17813896 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll

2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-09-18 08:34:00 524800 ----a-w- C:\Windows\System32\iglhsip64.dll

2013-09-18 08:34:00 279024 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe

2013-09-18 08:34:00 272928 ----a-w- C:\Windows\SysWow64\igvpkrng600.bin

2013-09-18 08:34:00 272928 ----a-w- C:\Windows\System32\igvpkrng600.bin

2013-09-18 08:34:00 116224 ----a-w- C:\Windows\System32\igfxCoIn_v3223.dll

2013-09-18 08:32:33 872152 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys

2013-09-18 08:32:33 74456 ----a-w- C:\Windows\System32\RtNicProp64.dll

2013-09-18 08:32:33 108760 ----a-w- C:\Windows\System32\RTNUninst64.dll

2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll

2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll

2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll

2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll

2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll

2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll

2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll

2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll

2013-08-15 21:31:14 268968 ----a-w- C:\Windows\SysWow64\sqlite3.dll

2012-11-28 08:16:21 4096000 ----a-w- C:\Program Files (x86)\GUT9853.tmp

.

============= FINISH: 4:07:16.52 ===============

Posted

attach

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 3/14/2012 10:52:55 PM

System Uptime: 11/5/2013 9:25:52 PM (79 hours ago)

.

Motherboard: Hewlett-Packard | | 1793

Processor: Intel® Core i5-2450M CPU @ 2.50GHz | CPU1 | 2501/1333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 679 GiB total, 459.213 GiB free.

D: is FIXED (NTFS) - 16 GiB total, 1.718 GiB free.

E: is FIXED (FAT32) - 4 GiB total, 1.092 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Tether Ethernet Adapter

Device ID: ROOT\ROOT&QRKIS\0000

Manufacturer: Tether

Name: Tether Ethernet Adapter

PNP Device ID: ROOT\ROOT&QRKIS\0000

Service: qrkis

.

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}

Description: USB Mass Storage Device

Device ID: USB\VID_03F0&PID_2A07\7233BB73B2036D

Manufacturer: Compatible USB storage device

Name: USB Mass Storage Device

PNP Device ID: USB\VID_03F0&PID_2A07\7233BB73B2036D

Service: USBSTOR

.

==== System Restore Points ===================

.

RP240: 6/5/2013 1:22:53 PM - Removed AVG 2013

RP241: 6/7/2013 11:11:11 PM - Windows Update

RP242: 6/11/2013 11:10:45 PM - Windows Update

RP243: 6/12/2013 3:00:17 AM - Windows Update

RP244: 6/15/2013 11:23:09 AM - Windows Update

RP245: 6/19/2013 2:31:50 PM - Windows Update

RP246: 6/21/2013 5:06:14 AM - IObit Uninstaller restore point

RP247: 6/21/2013 6:35:58 PM - IObit Uninstaller restore point

RP248: 6/21/2013 6:37:28 PM - IObit Uninstaller restore point

RP249: 6/21/2013 6:38:36 PM - Removed AVG 2013

RP250: 6/21/2013 6:43:58 PM - Removed AVG 2013

RP251: 6/23/2013 3:36:34 AM - Windows Update

RP252: 6/24/2013 3:23:54 AM - Windows Update

RP253: 6/25/2013 7:56:37 PM - Installed Java 7 Update 25

RP254: 6/28/2013 1:10:06 AM - Windows Update

RP255: 7/1/2013 7:33:25 AM - Windows Update

RP256: 7/4/2013 10:52:55 PM - Windows Update

RP257: 7/8/2013 7:50:47 PM - Windows Update

RP258: 7/9/2013 10:29:46 PM - Windows Modules Installer

RP259: 7/11/2013 3:00:10 AM - Windows Update

RP260: 7/14/2013 5:12:27 AM - Windows Update

RP261: 7/17/2013 5:40:13 AM - Windows Update

RP262: 7/20/2013 10:25:12 PM - Windows Update

RP263: 7/24/2013 5:51:21 PM - Windows Update

RP264: 7/28/2013 11:53:51 AM - Windows Update

RP265: 8/1/2013 11:54:05 AM - Windows Update

RP266: 8/5/2013 2:21:44 AM - Windows Update

RP267: 8/9/2013 2:20:36 AM - Windows Update

RP268: 8/12/2013 6:38:04 PM - Windows Update

RP269: 8/14/2013 3:01:03 AM - Windows Update

RP270: 8/15/2013 3:00:33 AM - Windows Update

RP271: 8/16/2013 2:15:21 PM - Windows Update

RP272: 8/19/2013 2:30:12 PM - Windows Update

RP273: 8/23/2013 2:30:28 PM - Windows Update

RP274: 8/27/2013 1:29:42 AM - Windows Update

RP275: 8/31/2013 1:28:55 AM - Windows Update

RP276: 9/1/2013 11:30:56 PM - Windows Update

RP277: 9/5/2013 3:38:38 AM - Windows Update

RP278: 9/8/2013 8:35:48 PM - IObit Uninstaller restore point

RP279: 9/9/2013 9:39:32 PM - Windows Update

RP280: 9/12/2013 3:00:29 AM - Windows Update

RP281: 9/13/2013 3:00:44 AM - Windows Update

RP282: 9/16/2013 2:24:25 PM - Windows Update

RP283: 9/18/2013 4:31:29 AM - Driver Booster : Intel® HD Graphics Family

RP284: 9/20/2013 10:48:25 AM - Windows Update

RP285: 9/24/2013 4:59:21 AM - Windows Update

RP286: 9/28/2013 3:50:43 PM - Windows Update

RP287: 10/7/2013 4:49:26 PM - Windows Update

RP288: 10/9/2013 3:01:04 AM - Windows Update

RP289: 10/12/2013 4:37:39 AM - Windows Update

RP290: 10/16/2013 3:00:19 AM - Windows Update

RP291: 10/20/2013 12:36:05 AM - Windows Update

RP292: 10/23/2013 6:09:12 PM - Windows Update

RP293: 10/27/2013 6:08:33 PM - Windows Update

RP294: 10/27/2013 7:10:41 PM - Removed Microsoft Silverlight

RP295: 10/27/2013 8:31:37 PM - Removed Microsoft Silverlight

RP296: 10/29/2013 3:00:27 AM - Windows Update

RP297: 10/31/2013 8:48:33 PM - Installed Java 7 Update 45

RP299: 10/31/2013 8:49:52 PM - Microsoft Antimalware Checkpoint

RP300: 10/31/2013 8:53:58 PM - Removed Java 7 Update 45

RP301: 10/31/2013 8:55:20 PM - Installed Java 7 Update 45

RP302: 11/1/2013 3:32:12 PM - Installed Java 7 Update 21

RP303: 11/2/2013 12:14:09 PM - Windows Update

RP304: 11/5/2013 9:37:51 PM - Windows Update

.

==== Installed Programs ======================

.

AccelerateTab

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.8) MUI

Adobe Shockwave Player 12.0

Advanced SystemCare Ultimate 6

aioscnnr

Anti-phishing Domain Advisor

AuthenTec TrueAPI

AuthenTec WinBio FingerPrint Software

Bejeweled 3

Blio

Bounce Symphony

center

Chuzzle Deluxe

Codec-V

Complitly

CyberLink YouCam

D3DX10

Dictionary.com CleverKeys

DivX Setup

Driver Booster

Easy Solve

eReg

essentials

ESU for Microsoft Windows 7 SP1

Evernote v. 4.2.3

Facebook Video Calling 1.2.0.287

FATE

Gamers Unite! Snag Bar

Google Chrome

Google Drive

Google Earth Plug-in

Google Talk (remove only)

Google Talk Plugin

Google Update Helper

Hewlett-Packard ACLM.NET v1.2.1.1

HP 3D DriveGuard

HP Application Assistant

HP Auto

HP Client Services

HP CoolSense

HP Customer Experience Enhancements

HP Documentation

HP Games

HP Launch Box

HP MovieStore

HP On Screen Display

HP Power Manager

HP Product Detection

HP Quick Launch

HP QuickWeb

HP Recovery Manager

HP Security Assistant

HP Setup

HP Setup Manager

HP SimplePass 2012

HP Software Framework

HP Support Assistant

IDT Audio

iLivid

Intel PROSet Wireless

Intel® Identity Protection Technology 1.2.22.0

Intel® Management Engine Components

Intel® Processor Graphics

Intel® PROSet/Wireless for Bluetooth® + High Speed

Intel® PROSet/Wireless Software for Bluetooth® Technology

Intel® Rapid Storage Technology

Intel® Smart Connect Technology 1.0

Intel® WiDi

Intel® Wireless Display

Intel® PROSet/Wireless WiFi Software

IObit Apps Toolbar v7.3

IObit Malware Fighter

IObit Toolbar v7.3

Java 7 Update 21

Java 7 Update 45

Java Auto Updater

Jewel Quest: The Sleepless Star - Collector's Edition

Junk Mail filter update

JustCloud

Kodak AIO Printer

KODAK AiO Software

Logitech SetPoint 6.52

Memeo AutoSync

Memeo Instant Backup

Memeo Send

Memeo Share

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Click-to-Run 2010

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office Labs Ribbon Hero 2, Clippy's Second Chance

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Compact 3.5 SP2 x64 ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WSE 3.0 Runtime

MotoHelper 2.1.40 Driver 5.5.0

MotoHelper MergeModules

Motorola Mobile Drivers Installation 5.5.0

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyPC Backup

Neat

Neat ADF Scanner 2008 Driver

Neat ADF Scanner Driver

Neat Core Files

Neat Mobile Scanner (Silver) Driver

Neat Mobile Scanner 2008 Driver

Neat Mobile Scanner Driver

NEC Electronics USB 3.0 Host Controller Driver

Nielsen

Nuance PDF Professional 6

ocr

Picasa 3

PlayReady PC Runtime x86

PreReq

PriceBlink

RabbitTV

Razer Game Booster

Realtek Ethernet Controller Driver

Realtek PCIE Card Reader

Renesas Electronics USB 3.0 Host Controller Driver

Scansoft PDF Professional

Seagate Dashboard

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition

Send To Neat

SiteRanker

Skitch

Skype™ 5.10

Smart Defrag 2

SmartSignin (remove only)

SUPERAntiSpyware

swMSM

Synaptics TouchPad Driver

Tether

Tether 1.4.5.0

Torch

TuneUp Utilities Language Pack (en-US)

Uncompressor

Unity Web Player

UnThreat Free AntiVirus 2013

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update Installer for WildTangent Games App

VC80CRTRedist - 8.0.50727.6195

VIP Access SDK (1.1.0.4)

Virtual Villagers 5 - New Believers

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinZip 17.0

Xvid MPEG-4 Video Codec

.

==== Event Viewer Messages From Past Week ========

.

11/9/2013 3:59:01 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

11/9/2013 3:57:52 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

11/8/2013 10:15:38 PM, Error: Service Control Manager [7034] - The Advanced SystemCare Service 6 service terminated unexpectedly. It has done this 1 time(s).

11/5/2013 9:29:05 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/5/2013 9:28:27 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/5/2013 9:28:09 PM, Error: Service Control Manager [7034] - The SecureUpdate service terminated unexpectedly. It has done this 1 time(s).

11/5/2013 9:26:59 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

11/5/2013 9:26:59 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.

11/5/2013 9:26:36 PM, Error: Service Control Manager [7000] - The vToolbarUpdater15.0.0 service failed to start due to the following error: The system cannot find the path specified.

11/5/2013 9:26:36 PM, Error: Service Control Manager [7000] - The vToolbarUpdater14.0.1 service failed to start due to the following error: The system cannot find the path specified.

11/5/2013 9:26:02 PM, Error: volmgr [46] - Crash dump initialization failed!

11/5/2013 11:12:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.161.1389.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10003.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

11/2/2013 12:02:33 PM, Error: Service Control Manager [7034] - The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Posted

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

 

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*************************************************************

The log shows that you have three AV's on your computer;Microsoft Security Essentials , Advanced SystemCare Ultimate and UnThreat AntiVirus . Only one AV should be active on your computer. Two will have to be de-activated/removed. This probably what's causing some of your problems.

 

Please download AdwCleaner by Xplode onto your Desktop.

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

*********************************************

 

 

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

*************************************************

Please download Junkware Removal Tool to your desktop.

 

Warning! Once the scan is complete JRT will shut down your browser with NO warning.

 

Shut down your protection software now to avoid potential conflicts.

 

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

 

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

 

•The tool will open and start scanning your system.

 

•Please be patient as this can take a while to complete depending on your system's specifications.

 

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

 

•Copy and Paste the JRT.txt log into your next message.

*****************************************

Download Security Check by screen317 from one of the following links and save it to your desktop.

 

Link 1

Link 2

 

* Double-click Security Check.bat

* Follow the on-screen instructions inside of the black box.

* A Notepad document should open automatically called checkup.txt

* Post the contents of that document in your next reply.

 

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

Posted

IObit Malware Fighter11/9/2013 12:03:49 AM

 

IObit Malware Fighter

 

OS: Windows 7

Version: 2.1.0.18

Define Version: 1285

Time Elapsed: 00:12:57

Objects Scanned: 58689

Threats Found: 1

Save Time: 11/9/2013 12:03:49 AM

 

|Name|Type|Description|ID|

Misleading.FakeAV, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki, 2014360

Posted

Removing

 

*********************************************

*************************************************

I can not Install Mawarebytes b/c cannot change language.

*************************************************

 

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

 

Please download Junkware Removal Tool to your desktop.

 

Warning! Once the scan is complete JRT will shut down your browser with NO warning.

 

Shut down your protection software now to avoid potential conflicts.

 

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

 

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

 

•The tool will open and start scanning your system.

 

•Please be patient as this can take a while to complete depending on your system's specifications.

 

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

 

•Copy and Paste the JRT.txt log into your next message.

*****************************************

Download Security Check by screen317 from one of the following links and save it to your desktop.

 

Link 1

Link 2

 

* Double-click Security Check.bat

* Follow the on-screen instructions inside of the black box.

* A Notepad document should open automatically called checkup.txt

* Post the contents of that document in your next reply.

 

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

 

 

I have already done most of the stuff and posted the results for you.

I have Un-Installed Microsoft & UnThreat.

Will post checkup file soon

Posted

AdwCleaner[s0]2013-11-09

 

I can not get in mbam-setup.exe to install in ENGLISH. It only wants to install in B----(see 1st original report)

 

# AdwCleaner v3.011 - Report created 10/11/2013 at 06:00:05

# Updated 03/11/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Cindy - CINDY-HPI5

# Running from : C:\Users\Cindy\Desktop\New folder\adwcleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

[#] Service Deleted : Application Updater

[#] Service Deleted : BackupStack

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\ProgramData\Ask

Folder Deleted : C:\ProgramData\AVG Secure Search

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\boost_interprocess

[#] Folder Deleted : C:\ProgramData\Browser Manager

Folder Deleted : C:\ProgramData\Premium

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\ProgramData\torchcrashhandler

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker

Folder Deleted : C:\Program Files (x86)\Application Updater

Folder Deleted : C:\Program Files (x86)\AVG Secure Search

Folder Deleted : C:\Program Files (x86)\Complitly

Folder Deleted : C:\Program Files (x86)\file scout

Folder Deleted : C:\Program Files (x86)\IObit Apps Toolbar

[!] Folder Deleted : C:\Program Files (x86)\MyPC Backup

Folder Deleted : C:\Program Files (x86)\Playbryte

Folder Deleted : C:\Program Files (x86)\Red Sky

Folder Deleted : C:\Program Files (x86)\SiteRanker

Folder Deleted : C:\Program Files (x86)\Uncompressor

Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Deleted : C:\Program Files (x86)\Common Files\spigot

Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

Folder Deleted : C:\Users\Cindy\AppData\Local\apn

Folder Deleted : C:\Users\Cindy\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Cindy\AppData\Local\DownTango

Folder Deleted : C:\Users\Cindy\AppData\Local\Ilivid

Folder Deleted : C:\Users\Cindy\AppData\Local\Shopping Sidekick Plugin

Folder Deleted : C:\Users\Cindy\AppData\Local\Smartbar

Folder Deleted : C:\Users\Cindy\AppData\Local\torch

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\AVG Secure Search

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\BabylonToolbar

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\boost_interprocess

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\Funmoods

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\Playbryte

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\Search Settings

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\searchresultstb

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\SiteRanker

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\Smartbar

Folder Deleted : C:\Users\Cindy\AppData\LocalLow\Vgrabber_v1

Folder Deleted : C:\Users\Cindy\AppData\Roaming\Babylon

Folder Deleted : C:\Users\Cindy\AppData\Roaming\Complitly

Folder Deleted : C:\Users\Cindy\AppData\Roaming\file scout

Folder Deleted : C:\Users\Cindy\AppData\Roaming\OpenCandy

Folder Deleted : C:\Users\Cindy\AppData\Roaming\PerformerSoft

Folder Deleted : C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

Folder Deleted : C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uncompressor

Folder Deleted : C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\my18q5o1.default\Extensions\playbryte@playbryte.com

Folder Deleted : C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo

Folder Deleted : C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda

Folder Deleted : C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho

File Deleted : C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\my18q5o1.default\Extensions\plugin@yontoo.com.xpi

File Deleted : C:\END

File Deleted : C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\my18q5o1.default\searchplugins\Askcom.xml

File Deleted : C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\my18q5o1.default\user.js

File Deleted : C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage

File Deleted : C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal

File Deleted : C:\Windows\System32\Tasks\LaunchApp

File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

 

***** [ Shortcuts ] *****

 

Shortcut Disinfected : C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo

Key Deleted : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe

Key Deleted : HKLM\SOFTWARE\Classes\AxSHDocVw.AxWebBrowser

Key Deleted : HKLM\SOFTWARE\Classes\driverscanner

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6823F25B-4D75-38A1-A163-7C696B45701F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6796BAC9-B959-4190-BC55-ECCCEFB9481D}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59874A90-9993-4B08-9B24-02F711CA6C80}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7F7F82F1-7C95-47CD-814F-950B56D58FC3}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\APN

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\Complitly

Key Deleted : HKCU\Software\Cr_Installer

Key Deleted : HKCU\Software\DataMngr

Key Deleted : HKCU\Software\filescout

Key Deleted : HKCU\Software\Funmoods

Key Deleted : HKCU\Software\IGearSettings

Key Deleted : HKCU\Software\ilivid

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\Search Settings

Key Deleted : HKCU\Software\SiteRanker

Key Deleted : HKCU\Software\smartbar

Key Deleted : HKCU\Software\smartbarbackup

Key Deleted : HKCU\Software\smartbarlog

Key Deleted : HKCU\Software\torch

Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings

Key Deleted : HKCU\Software\AppDataLow\Software\Vgrabber_v1

Key Deleted : HKLM\Software\APN

Key Deleted : HKLM\Software\Application Updater

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\InstallIQ

Key Deleted : HKLM\Software\PIP

Key Deleted : HKLM\Software\Search Settings

Key Deleted : HKLM\Software\SimplyGen

Key Deleted : HKLM\Software\torch

Key Deleted : HKLM\Software\Uniblue\DriverScanner

Key Deleted : HKLM\Software\Vgrabber_v1

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Uncompressor

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16720

 

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Page]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [searchAssistant]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

 

-\\ Mozilla Firefox v

 

[ File : C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\my18q5o1.default\prefs.js ]

 

Line Deleted : user_pref("CT3268935.UserID", "UN31006814066214179");

Line Deleted : user_pref("CT3268935.addressUrlXPETakeover", "true");

Line Deleted : user_pref("CT3268935.autoDisableScopes", 14);

Line Deleted : user_pref("CT3268935.browser.search.defaultthis.engineName", "true");

Line Deleted : user_pref("CT3268935.defaultSearchXPETakeover", "true");

Line Deleted : user_pref("CT3268935.installDate", "18/2/2013 14:23:46");

Line Deleted : user_pref("CT3268935.keyword", "true");

Line Deleted : user_pref("CT3268935.smartbar.homepage", "true");

Line Deleted : user_pref("CT3268935.startPageXPETakeover", "true");

Line Deleted : user_pref("CT3281675.FF19Solved", "true");

Line Deleted : user_pref("CT3281675.UserID", "UN18418408402782763");

Line Deleted : user_pref("CT3281675.addressUrlXPETakeover", "true");

Line Deleted : user_pref("CT3281675.autoDisableScopes", 10);

Line Deleted : user_pref("CT3281675.browser.search.defaultthis.engineName", "true");

Line Deleted : user_pref("CT3281675.defaultSearchXPETakeover", "true");

Line Deleted : user_pref("CT3281675.installDate", "26/3/2013 20:12:13");

Line Deleted : user_pref("CT3281675.installerVersion", "1.3.7.3");

Line Deleted : user_pref("CT3281675.keyword", "true");

Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=US&userid=d2eed93a-cbb6-4cf0-8613-c75572a847a7&searchtype=ds&installDate={installDate}&q=[...]

Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.0.2.14");

Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");

Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");

Line Deleted : user_pref("browser.search.defaultthis.engineName", "entrusted Customized Web Search");

Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&CUI=UN18418408402782763&UM=2&SearchSource=3&q={searchTerms}");

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");

Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=US&userid=d2eed93a-cbb6-4cf0-8613-c75572a847a7&searchtype=hp&installDate={installDate}");

Line Deleted : user_pref("ct3268935.UserID", "UN31006814066214179");

Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");

Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109866");

Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "fea2eba3000000000000002637bd3942");

Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "fea2eba3000000000000002637bd3942");

Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15488");

Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);

Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109866&babsrc=NT_ss&mntrId=fea2eba3000000000000002637bd3942");

Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.176:49:17");

Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

Line Deleted : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");

Line Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);

Line Deleted : user_pref("extensions.asktb.cbid", "^TV");

Line Deleted : user_pref("extensions.asktb.config-updated", true);

Line Deleted : user_pref("extensions.asktb.crumb", "2013.07.31+18.36.32-dfprdapntlfe13-US-U2FyYXNvdGEsRkwsVW5pdGVkIFN0YXRlcw%3D%3D");

Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}&gct=bar");

Line Deleted : user_pref("extensions.asktb.displaybehavior", "");

Line Deleted : user_pref("extensions.asktb.displaytext", "");

Line Deleted : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^US");

Line Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);

Line Deleted : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "USFL0446");

Line Deleted : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "F");

Line Deleted : user_pref("extensions.asktb.ff19-config-first-run", "true");

Line Deleted : user_pref("extensions.asktb.first-restart-after-config-update", true);

Line Deleted : user_pref("extensions.asktb.fresh-install", false);

Line Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]

Line Deleted : user_pref("extensions.asktb.keyword-toggled-in-session", false);

Line Deleted : user_pref("extensions.asktb.l", "dis");

Line Deleted : user_pref("extensions.asktb.last-config-req", "1377680156343");

Line Deleted : user_pref("extensions.asktb.locale", "en_US");

Line Deleted : user_pref("extensions.asktb.location", "Sarasota,FL,United States");

Line Deleted : user_pref("extensions.asktb.lstation", "");

Line Deleted : user_pref("extensions.asktb.new-tab-opt-out", true);

Line Deleted : user_pref("extensions.asktb.news-native-on", true);

Line Deleted : user_pref("extensions.asktb.o", "100000031");

Line Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);

Line Deleted : user_pref("extensions.asktb.pstate", "");

Line Deleted : user_pref("extensions.asktb.qsrc", "2871");

Line Deleted : user_pref("extensions.asktb.r", "21");

Line Deleted : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}");

Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);

Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);

Line Deleted : user_pref("extensions.asktb.socialmini-first", true);

Line Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");

Line Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");

Line Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");

Line Deleted : user_pref("extensions.asktb.socialmini-native-on", true);

Line Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");

Line Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);

Line Deleted : user_pref("extensions.asktb.to", "");

Line Deleted : user_pref("extensions.asktb.v", "3.15.23.100013");

Line Deleted : user_pref("extensions.asktb.volume", "");

Line Deleted : user_pref("extensions.crossrider.bic", "138a6a5d4793ee24f6e7cfab5d7dfc52");

Line Deleted : user_pref("extensions.crossriderapp435.435.InstallationThankYouPage", true);

Line Deleted : user_pref("extensions.crossriderapp435.435.InstallationTime", 1338211558);

Line Deleted : user_pref("extensions.crossriderapp435.435.InstallationUserSettings.searchUserConifrmation", false);

Line Deleted : user_pref("extensions.crossriderapp435.435.InstallationUserSettings.setHomepage", false);

Line Deleted : user_pref("extensions.crossriderapp435.435.InstallationUserSettings.setNewTab", false);

Line Deleted : user_pref("extensions.crossriderapp435.435.InstallationUserSettings.setSearch", false);

Line Deleted : user_pref("extensions.crossriderapp435.435.active", true);

Line Deleted : user_pref("extensions.crossriderapp435.435.addressbar", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.addressbarenhanced", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.affid", "0");

Line Deleted : user_pref("extensions.crossriderapp435.435.backgroundjs", "\n\nfunction buttonClick() { \n \n if (appAPI.platform == \"FF\") window.open(\"file:///C:/codec-info/codec_info.html\");\n if (app[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.backgroundver", 8);

Line Deleted : user_pref("extensions.crossriderapp435.435.can_run_bg_code", true);

Line Deleted : user_pref("extensions.crossriderapp435.435.certdomaininstaller", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.changeprevious", false);

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.InstallationTime.value", "1338211558");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.value", "%221342825762%22");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.value", "%2214974%22");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.value", "%2258613%22");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.value", "435");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.value", "14969");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.value", "%222993%22");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.load_balancer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.load_balancer.value", "%22%7B%20%5C%22Status%5C%22%3A%201%2C%5C%22Endpoint%5C%22%3A%20%5C%22hxxp%3A//api32.thetrafficstat.net%5C%22%20%7D%22");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.previous_page.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.previous_page.value", "%22hxxp%3A//www.amazon.com/Creamright-Ultra-Purewhip-50-Pack-Whipped-Chargers/dp/B009OVU93E/ref%3Dpd_sim_k_4/176-5883130-643106[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.session_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.session_id.value", "%22EwuIiScDmN%22");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.user_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.user_id.value", "%22138a6a5d4793ee24f6e7cfab5d7dfc52%22");

Line Deleted : user_pref("extensions.crossriderapp435.435.description", "Premiumplay Codec check");

Line Deleted : user_pref("extensions.crossriderapp435.435.domain", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.emailsig", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.enablesearch", false);

Line Deleted : user_pref("extensions.crossriderapp435.435.exposesites", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.fbremoteurl", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.group", 0);

Line Deleted : user_pref("extensions.crossriderapp435.435.homepage", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.iframe", false);

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%2205E134AE87A545B39D4ADA168B877A76%22%2C%22installer_verifier%22%3A%225296ab51f8c525510b31[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.Resources_appVer.value", "70");

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.Resources_lastVersion.value", "0");

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.Resources_meta.value", "%7B%7D");

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.Resources_nextCheck.expiration", "Tue Sep 17 2013 18:19:37 GMT-0400 (Eastern Standard Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.Resources_nextCheck.value", "true");

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");

Line Deleted : user_pref("extensions.crossriderapp435.435.internaldb.Resources_queue.value", "%7B%7D");

Line Deleted : user_pref("extensions.crossriderapp435.435.js", "\n\n$jquery(document).ready(function() {\n \n $jquery('#cblocker').remove();\n if(window.self==window.top && 'mystart.incredibar.com,search.baby[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.manifesturl", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.name", "Codec-V");

Line Deleted : user_pref("extensions.crossriderapp435.435.newtab", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.opensearch", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_10.code", "if(!appAPI.matchPages(\"search.babylon.com\",\"search.sweetim.com\",\"mystart.incredimail.com\",\"mystart.incredibar.com\",\"search[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_10.name", "app_435_specific");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_10.ver", 4);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection()}else{if(document.getSel[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_13.name", "CrossriderAppUtils");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_13.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={}}appAPI.JSON={};(function(){function f(n){return n<10?\"0\"+n:n}if(typeof Date.prototyp[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_14.name", "CrossriderUtils");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_14.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!=true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&typeof [...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_16.name", "FFAppAPIWrapper");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_16.ver", 4);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, John Re[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_17.name", "jQuery");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_17.ver", 3);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a)}}());var CrossRiderResourcesManager=(function(){var A={appId:(func[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_47.name", "resources_background");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_47.ver", 1);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_49.code", "if (!appAPI.monetize || appAPI.monetize.isNeedToRun(\"monitzation_100\")) {\n \n(function($,e,b){var c=\"hashchange\",h=document,f,[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_49.name", "similar_web");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_49.ver", 3);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_50.code", "function create_id(string_size) {\n var text = \"\";\n var possible = \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_50.name", "similar_web_bg");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_50.ver", 1);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_60.code", "var MonitizationPluginsBase=function(){var a=appAPI.internal&&appAPI.internal.db?appAPI.internal.db:appAPI.db;this.turnOff=function[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_60.name", "base_monetization");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_60.ver", 1);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};var b=function(j){return(!!j[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_64.name", "appApiMessage");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_64.ver", 1);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=function(r,q,s){var p=\"[\"+n[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_72.name", "appApiValidation");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_72.ver", 1);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAgent!==\"undefined\"){(function[...]

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_78.name", "CrossriderInfo");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_78.ver", 2);

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins_lists.plugins_0", "14,78,16,64,47,72,50");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins_lists.plugins_1", "17,14,78,13,16,64,72,60,49,10");

Line Deleted : user_pref("extensions.crossriderapp435.435.plugins_lists.plugins_5", "14,78,13,16,64,47,72");

Line Deleted : user_pref("extensions.crossriderapp435.435.pluginsurl", "hxxp://app-static.crossrider.com/plugin/apps/435/plugins/087/ff/plugins.json");

Line Deleted : user_pref("extensions.crossriderapp435.435.pluginsversion", 19);

Line Deleted : user_pref("extensions.crossriderapp435.435.premium", true);

Line Deleted : user_pref("extensions.crossriderapp435.435.publisher", "Premiumplay");

Line Deleted : user_pref("extensions.crossriderapp435.435.searchstatus", 0);

Line Deleted : user_pref("extensions.crossriderapp435.435.setnewtab", false);

Line Deleted : user_pref("extensions.crossriderapp435.435.settingsurl", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.thankyou", "");

Line Deleted : user_pref("extensions.crossriderapp435.435.updateinterval", 360);

Line Deleted : user_pref("extensions.crossriderapp435.435.ver", 70);

Line Deleted : user_pref("extensions.crossriderapp435.adsOldValue", -1);

Line Deleted : user_pref("extensions.crossriderapp435.apps", "435");

Line Deleted : user_pref("extensions.crossriderapp435.bic", "138a6a5d4793ee24f6e7cfab5d7dfc52");

Line Deleted : user_pref("extensions.crossriderapp435.cid", 435);

Line Deleted : user_pref("extensions.crossriderapp435.firstrun", false);

Line Deleted : user_pref("extensions.crossriderapp435.hadappinstalled", true);

Line Deleted : user_pref("extensions.crossriderapp435.installationdate", 1342825682);

Line Deleted : user_pref("extensions.crossriderapp435.lastcheck", 22991405);

Line Deleted : user_pref("extensions.crossriderapp435.lastcheckitem", 22991405);

Line Deleted : user_pref("extensions.crossriderapp435.misc.lastBgWorkerTimer", "1342827364737");

Line Deleted : user_pref("extensions.crossriderapp435.misc.lastDomWorkerTimer", "1342827364731");

Line Deleted : user_pref("extensions.crossriderapp435.modetype", "production");

Line Deleted : user_pref("extensions.crossriderapp435.updating", true);

Line Deleted : user_pref("extensions.crossriderapp435@crossrider.com.install-event-fired", true);

Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);

Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);

Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);

Line Deleted : user_pref("extensions.helperbar.Visibility", false);

Line Deleted : user_pref("extensions.inboxcomtoolbar@inbox.com.install-event-fired", true);

Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");

Line Deleted : user_pref("extentions.y2layers.installId", "ba5212f9-6929-4bfe-81a2-cf8b2ee1c582");

Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3268935&SearchSource=13&CUI=UN31006814066214179,hxxp://search.conduit.com/?ctid=CT3281675&octid=CT3281675&SearchSource=61&C[...]

Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3268935&SearchSource=2&CUI=UN31006814066214179&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3[...]

Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=US&userid=d2eed93a-cbb6-4cf0-8613-c75572a847a7&searchtype=hp");

Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=US&userid=d2eed93a-cbb6-4cf0-8613-c75572a847a7&searchtype=ds&installDate={installDate}&q=");

Line Deleted : user_pref("smartbar.originalSearchEngine", "Web Search");

 

-\\ Google Chrome v30.0.1599.101

 

[ File : C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [47995 octets] - [10/11/2013 05:43:19]

AdwCleaner[s0].txt - [46697 octets] - [10/11/2013 06:00:05]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [46758 octets] ##########

Posted

MBAM Log 2013-11-11

 

Please run MBAM again and post the log. I need to see it.

 

 

You will have to figure out what it says I installed it the ONLY way I could in the B-- language bc I could not choose any other. My computer keeps taking it back to the top-no matter what I do. It won't even allow me to use the arrow keys as sometime will work but not with this one.

 

 

Malwarebytes Anti-Malware (Probna verzija) 1.75.0.1300

http://www.malwarebytes.org

 

Verzija baze podataka: v2013.11.11.01

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16721

Cindy :: CINDY-HPI5 [administrator]

 

Zaštita: Omogućena

 

11/11/2013 1:33:36 AM

MBAM-log-2013-11-11 (07-24-13).txt

 

Vrsta skeniranja: Kompletno skeniranje (C:\|D:\|E:\|)

Omogućene opcije skeniranja: Memorija | Startup | Registracijska baza | Sistem podataka | Heuristika/Dodatno | Heuristika/Shuriken | PUP | PUM

Onemogućene opcije skeniranja: P2P

Skenirani objekti: 431193

Proteklo vrijeme: 1 sat(i), 23 minuta, 5 sekundi

 

Detektovani memorijski procesi: 0

(Nisu pronađene zlonamjerne stavke)

 

Detektovani memorijski moduli: 0

(Nisu pronađene zlonamjerne stavke)

 

Detektovani registracijski ključevi: 0

(Nisu pronađene zlonamjerne stavke)

 

Detektovane registracijske vrijednosti: 2

HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow|playbryte.com (PUP.PlayBryte) -> Podaci: -> Nije poduzeta niti jedna akcija.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|playbrytetoolbar_Playbryte (PUP.PlayBryte) -> Podaci: -> Nije poduzeta niti jedna akcija.

 

Detektovani registracijski podaci: 0

(Nisu pronađene zlonamjerne stavke)

 

Detektovani folderi: 0

(Nisu pronađene zlonamjerne stavke)

 

Zaražene datoteke: 9

C:\AdwCleaner\Quarantine\C\Program Files (x86)\file scout\filescout.exe.vir (PUP.Optional.FileScout.A) -> Nije poduzeta niti jedna akcija.

C:\AdwCleaner\Quarantine\C\Users\Cindy\AppData\Roaming\file scout\filescout.exe.vir (PUP.Optional.FileScout.A) -> Nije poduzeta niti jedna akcija.

C:\Users\Cindy\Downloads\DL Applications\iLividSetup-r1135-n-bc.exe (PUP.Optional.Bandoo) -> Nije poduzeta niti jedna akcija.

C:\Users\Cindy\Downloads\DL Applications\iLividSetup.exe (PUP.Optional.Bandoo) -> Nije poduzeta niti jedna akcija.

C:\Users\Cindy\Downloads\DL Applications\MusicSetup.exe (PUP.Optional.Inbox) -> Nije poduzeta niti jedna akcija.

C:\Windows\Installer\3929c.msi (PUP.Optional.SmartBar.A) -> Nije poduzeta niti jedna akcija.

C:\Windows\Installer\393c3.msi (PUP.Optional.SmartBar.A) -> Nije poduzeta niti jedna akcija.

C:\Windows\Installer\a7be6fb.msi (PUP.Optional.Spigot.A) -> Nije poduzeta niti jedna akcija.

C:\Windows\Installer\fa1c359.msi (PUP.Optional.Spigot.A) -> Nije poduzeta niti jedna akcija.

 

(kraj)

Posted

JRT Report

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.8 (11.05.2013:1)

OS: Windows 7 Home Premium x64

Ran by Cindy on Sun 11/10/2013 at 16:40:21.50

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\torch.exe

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181102}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPIP_X-SD_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPIP_X-SD_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\taskschedule_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\taskschedule_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ToolbarConduit_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ToolbarConduit_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (1)_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (1)_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (2)_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (2)_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181102}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPIP_X-SD_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPIP_X-SD_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\taskschedule_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\taskschedule_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ToolbarConduit_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ToolbarConduit_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (1)_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (1)_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (2)_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (2)_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F904F51B-52DD-42EC-9DC8-D0856A0D1D67}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f904f51b-52dd-42ec-9dc8-d0856a0d1d67}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{f904f51b-52dd-42ec-9dc8-d0856a0d1d67}

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Users\Cindy\appdata\local\codec-v"

Successfully deleted: [Folder] "C:\Users\Cindy\appdata\locallow\datamngr"

Successfully deleted: [Folder] "C:\Program Files (x86)\codec-v"

Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"

Successfully deleted: [Folder] "C:\Program Files (x86)\secure speed dial"

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{003F720C-2A25-4B12-BA0C-16B5372DB3F3}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{0FFAEFA6-09A2-4277-A506-38E4938EE66E}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{143644F6-AFF4-4744-AC8C-C10392E4C569}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{175AC8E3-1C9E-435B-B789-6BA27C2AADC4}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{1D90E9EF-F500-4609-857C-B0B326BBDBA7}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{227B181A-B1A9-46B2-A13D-2887F2568C05}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{35CE5734-BD40-445C-AC89-79A52C394275}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{37C96D44-DD7B-4D83-AB17-6C7F0463C019}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{38F142CA-D996-4DAC-A730-3747788B8CC1}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{3A15A485-51CB-4315-B689-5AB4B3898926}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{4F2467D7-A484-4819-939B-74B3B73AFE72}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{5F370C36-EC14-4591-89AC-D6457161BF6A}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{61432A28-0C82-482E-AD59-491721136E14}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{64BC5F33-7FA5-4B6A-8247-1EB890391609}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{710AB513-97A9-446F-A16A-174BD527C31B}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{7477A66C-6887-4681-8B08-0077D165AD24}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{7863CBAE-0531-4D76-8CE5-FA3E1E2995C4}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{78C57952-62CF-4344-8DA8-4BBC2A0A6A13}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{7E414A5D-2097-4341-8E66-F5334F610F90}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{81ACA7E8-8AB2-4CA9-B9E7-8DF9A8813B5C}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{8B112044-3947-4283-A75B-E6C0E0B2FA4F}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{8D34A1DB-E48F-4CA3-9346-EA211EBBDEC2}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{91FAFAD8-FE6B-44BA-9EAC-589A5BB6F80C}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{97AE8FE8-9762-4E30-AA93-BEC8468C0D59}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{9B630CA2-F273-45A8-B11D-24AD9D4B47C2}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{9F2350DF-EB9B-4A9B-84FC-B25CF0B2AEEF}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{9F546A94-30C3-44CB-9E1C-A04E7338CED6}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{AEEE8A17-023F-47B2-891E-269B774F0406}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{B302A091-517F-4F66-80F3-B815F2BAFBEF}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{B4806E74-457F-40F0-9983-712F59DA5EBA}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{B4F6EC7F-517F-49B3-9092-6234420E3613}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{B69AC0E6-B0C0-4011-9A3C-B2C0CA5B18A3}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{BCF2DEAF-88D4-4561-9895-814E879DD083}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{BE71455A-1DEF-45B9-97E8-8320C8EFA6F8}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{BEFA44EE-477E-4E37-AE76-1201BADDE7C2}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{BF6DB370-E18C-47D1-A48F-D8F56709F97F}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{BFF95585-C6AB-45F2-A335-63A61A54EDE9}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{D67CFF0A-250F-4509-B003-54D0A131375C}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{D777603A-1890-44FA-9272-24F7335FB14A}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{E89B21F2-4AD7-4E9F-BEAF-80D46803D51A}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{EC46B48D-CFF0-4A2C-81FC-E4EE55278B8C}

Successfully deleted: [Empty Folder] C:\Users\Cindy\appdata\local\{FCD83E7D-3C81-4B94-A62A-363E589818A4}

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 11/10/2013 at 17:30:48.26

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Posted

Jrt 11-11

 

Delete Reply#14

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.8 (11.05.2013:1)

OS: Windows 7 Home Premium x64

Ran by Cindy on Mon 11/11/2013 at 14:39:44.14

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 11/11/2013 at 14:54:35.90

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Posted

Okay I have done all that you ask - Sorry for Malwarebytes being in a foreign language...it occurred to me that you look at these things all the time so language probably doesn't matter as you know what it says any way.

Once all the scans were run I found a place inside Malwarebytes that allowed me to change over to English-so now I can tell what is what just the buttons are still in another language so no biggy.

I hope I did everything you asked correctly.

Please let me know what I should do next and Thank you so much for all your help in advance

Posted
I could in the B-- language bc I could not choose any other.

Is this the language of your computer? MBAM always chooses the language setting of the computer.

You will have to run MBAM, make sure all infections are checked and click on "Remove Selected."

 

I'd like to scan your machine with ESET OnlineScan

 

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.

ESET OnlineScan

 

•Click the http://i424.photobucket.com/albums/pp322/digistar/esetOnline.png button.

•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstallDesktopIcon-1.png icon on your desktop.

•Check http://i424.photobucket.com/albums/pp322/digistar/esetAcceptTerms.png

•Click the http://i424.photobucket.com/albums/pp322/digistar/esetStart.png button.

•Accept any security warnings from your browser.

  • Leave the check mark next to Remove found threats.

•Check http://i424.photobucket.com/albums/pp322/digistar/esetScanArchives.png

•Push the Start button.

•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

•When the scan completes, push http://i424.photobucket.com/albums/pp322/digistar/esetListThreats.png

•Push http://i424.photobucket.com/albums/pp322/digistar/esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

•Push the http://i424.photobucket.com/albums/pp322/digistar/esetBack.png button.

•Push http://i424.photobucket.com/albums/pp322/digistar/esetFinish.png

A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Posted

C:\AdwCleaner\Quarantine\C\Users\CindyLeger\AppData\Roaming\Mozilla\Firefox\Profiles\my18q5o1.default\Extensions\plugin@yontoo.com.xpi.vir Win32/Adware.Yontoo application

Posted

Foreign Language

 

No my machine and I are both English and English is our only language.:wink:

 

 

Is this the language of your computer? MBAM always chooses the language setting of the computer.

You will have to run MBAM, make sure all infections are checked and click on "Remove Selected."

Posted

Next Step?

 

What would you like me to do now?

 

Can I uninstall Chrome and re-install it?

 

Isn't ASCU all I need to have active on my machine? and use SUPERAnti-Spyware and Malwarebytes as a monthly maintenance scans?

Posted

mbam-log-2013-11-13 (23-40-23)

 

1. Did you re-run MBAM again to run those infections? 2. How's your computer running now?

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

http://www.malwarebytes.org

 

Database version: v2013.11.13.13

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16721

Cindy :: CINDY-HPI5 [administrator]

 

Protection: Enabled

 

11/13/2013 11:40:23 PM

mbam-log-2013-11-13 (23-40-23).txt

 

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|Q:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 433463

Time elapsed: 1 hour(s), 16 minute(s),

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

 

2. Still having some problems with mouse (Have replaced mouse with new one) works sometimes but not all the time.

 

Tells me HP needs to install patch and window explorer needs to re-install - files are corrupt.

 

I will start using it and let you know what if any issues are still around. Haven't been using machine so as not to ***** anything up that we did and you said not to run or install anything other than what you said.

Posted
Can I uninstall Chrome and re-install it?

 

Isn't ASCU all I need to have active on my machine? and use SUPERAnti-Spyware and Malwarebytes as a monthly maintenance scans?

Yes, you can uninstall and re-install Chrome. You can keep ASCU but you should have a good AV also. You can run MBAM as often as you wish but SAS is not a very good scanner. It will only remove tracking cookies.

Still having some problems with mouse (Have replaced mouse with new one) works sometimes but not all the time.

Is this a USB mouse or is it wireless?

Tells me HP needs to install patch and window explorer needs to re-install - files are corrupt.

This doesn't sound good. Don't install them. Please do this:

 

Please download and run MS Fix-it from here.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...