historybuff77

Hi Gringo, I clicked on ‘safety’ and went to ‘delete browsing history.’ There were no boxes to check. ‘Internet Options’ is in grayscale and I can’t click on it. Any suggestions about what to do next or what I might be doing wrong? Thank you!

Hi Gringo, The Fixit button won't work with Windows 8. Can I do it manually? Thanks!

Hi Gringo, Here are the reports. Everything is working fine except Internet Explorer. My Internet connection works, just not with that browser. Malwarebytes Anti-Rootkit BETA 1.06.0.1003 www.malwarebytes.org Database version: v2013.06.03.07 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16540 User :: LAPTOP-PC [administrator] 2013-06-03 1:01:07 PM mbar-log-2013-06-03 (13-01-07).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P Scan options disabled: Deep Anti-Rootkit Scan | PUP Objects scanned: 244390 Time elapsed: 32 minute(s), 16 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-06-03 13:37:55 ----------------------------- 13:37:55.825 OS Version: Windows x64 6.2.9200 13:37:55.826 Number of processors: 4 586 0x1001 13:37:55.827 ComputerName: LAPTOP-PC UserName: User 13:37:55.829 Initialze error 1 13:39:13.120 AVAST engine defs: 13060301 13:43:52.247 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000039 13:43:52.250 Disk 0 Vendor: TOSHIBA_MQ01ABD075 AX001C Size: 715404MB BusType: 11 13:43:52.259 Disk 0 MBR read successfully 13:43:52.262 Disk 0 MBR scan 13:43:52.268 Disk 0 unknown MBR code 13:43:52.280 Disk 0 Partition 1 00 EE GPT 715404 MB offset 1 13:43:52.286 Disk 0 scanning C:\Windows\system32\drivers 13:43:52.289 Service scanning 13:43:53.053 Modules scanning 13:43:53.058 Disk 0 trace - called modules: 13:43:53.070 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 13:43:53.074 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ed6060] 13:43:53.078 3 CLASSPNP.SYS[fffff88000b31fea] -> nt!IofCallDriver -> [0xfffffa8008336b10] 13:43:53.084 5 hpdskflt.sys[fffff88001c78339] -> nt!IofCallDriver -> [0xfffffa8007d69a00] 13:43:53.090 7 amd_xata.sys[fffff8800134c634] -> nt!IofCallDriver -> \Device\00000039[0xfffffa8007db87f0] 13:43:53.095 AVAST engine scan C:\Windows 13:43:53.100 AVAST engine scan C:\Windows\system32 13:43:53.105 AVAST engine scan C:\Windows\system32\drivers 13:43:53.110 AVAST engine scan C:\Users\User 13:43:53.116 AVAST engine scan C:\ProgramData 13:43:53.121 Scan finished successfully 13:44:03.419 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat" 13:44:03.424 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"

I should add that it has a button to open up the support website but it uses Internet Explorer as the default browser and that program hasn't worked on my computer for months.

Hi Gringo, My computer froze while browsing. I had to do a hard shutdown. When I restarted it and started browsing again this message popped up in Norton (again - this happened a couple days ago. It hadn't happened before then). It checked for a fix and couldn't find one: Norton 360 20.3.1.22 Error: 8506, 421 Windows 8 9200.16551.amd64fre.win8_gdr.130306-1502 Norton Autofix Results: 0 item(s)

Hi Gringo, Here's the report. Things seem okay so far: ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\User\Desktop\cmd.bat deleted successfully. C:\Users\User\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Public User: User Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Public User: User ->Flash cache emptied: 506 bytes Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05312013_181941

Hi Gringo, I'm not sure, but the error showed up on Norton in a pop-up window. I'm assuming Norton? Here's my OTL scan: OTL logfile created on: 2013-05-30 10:07:07 PM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd 7.47 Gb Total Physical Memory | 5.76 Gb Available Physical Memory | 77.12% Memory free 8.60 Gb Paging File | 6.74 Gb Available in Paging File | 78.43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 672.80 Gb Total Space | 542.33 Gb Free Space | 80.61% Space Free | Partition Type: NTFS Drive D: | 25.07 Gb Total Space | 2.97 Gb Free Space | 11.84% Space Free | Partition Type: NTFS Computer Name: LAPTOP-PC | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\User\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\Speed Test Analysis\PropertySync.exe () PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccsvchst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo) PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe (Memeo) PRC - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation) PRC - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT Corporation) PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) PRC - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe (Axentra Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d9b1eab5c18e51eaf4acc4894df0f223\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\514763136e7ea4730f5fb8120b6bbb30\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65220f0f32ec84454f9a811fba883c2e\System.Windows.Forms.ni.dll () MOD - C:\Program Files (x86)\Speed Test Analysis\PropertySync.exe () MOD - C:\Program Files (x86)\Speed Test Analysis\ButtonSite.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e2f7dbe3bf08df200a4cdcf2e0eb82fa\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cf561d65486360afb324d26c80b9aac2\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8ba1dc2333b77df45f48b901493087a6\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ae31f7dc9817e359d05c9c8efdd5f359\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e6b074d3f3e3cc8e0270a3552c47aaa\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28c2c6e7f48ff80c680a97b08df66a72\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8d2929ad589e1092eb62a43424361465\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll () MOD - C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll () MOD - C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.VideoTutorialsPlugin.dll () MOD - C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.TroubleshootingPlugin.dll () MOD - C:\Windows\SysWOW64\BsExtendFunc.dll () MOD - C:\Windows\SysWOW64\BsProfileFunc.dll () MOD - C:\Windows\SysWOW64\BsTrace.dll () MOD - C:\Windows\SysWOW64\SCChangeMonitor.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll () MOD - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\wincfi39.dll () MOD - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\wincfi39.dll () MOD - C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll () MOD - C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll () ========== Services (SafeList) ========== SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (NCO) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe (Symantec Corporation) SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (SeagateDashboardService) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo) SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company) SRV - (BlueSoleilCS) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) SRV - (BsHelpCS) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (IVT Corporation) SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.) SRV - (MemeoBackgroundService) -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Memeo) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\symnets.sys (Symantec Corporation) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\SymEFA64.sys (Symantec Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\srtsp64.sys (Symantec Corporation) DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\srtspx64.sys (Symantec Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (SymDS) -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\SymDS64.sys (Symantec Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (SymELAM) -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\SymELAM.sys (Symantec Corporation) DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\Ironx64.sys (Symantec Corporation) DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\ccSetx64.sys (Symantec Corporation) DRV:64bit: - (ccSet_NST) -- C:\Windows\SysNative\Drivers\NSTx64\7DD03030.013\ccsetx64.sys (Symantec Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (Dot4Scan) -- C:\Windows\SysNative\Drivers\Dot4Scan.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated) DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys (Synaptics Incorporated) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\Drivers\Accelerometer.sys (Hewlett-Packard Company) DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\Drivers\hpdskflt.sys (Hewlett-Packard Company) DRV:64bit: - (rtbth) -- C:\Windows\SysNative\Drivers\rtbth.sys (Ralink Technology, Corp.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (netr28x) -- C:\Windows\SysNative\Drivers\netr28x.sys (Ralink Technology, Corp.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (btUrbFilterDrv) -- C:\Windows\SysNative\Drivers\IvtUrbBtFlt.sys (Ralink Corporation) DRV:64bit: - (WirelessButtonDriver) -- C:\Windows\SysNative\Drivers\WirelessButtonDriver64.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek ) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\Drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\Drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\Drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (BthL2caScoIfSrv) -- C:\Windows\SysNative\Drivers\BtL2caScoIf.sys (Ralink Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\Drivers\AtihdW86.sys (Advanced Micro Devices) DRV:64bit: - (RSP2STOR) -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys (CyberLink) DRV:64bit: - (APXACC) -- C:\Windows\SysNative\Drivers\appexDrv.sys (AppEx Networks Corporation) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\Drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (BtAudioBusSrv) -- C:\Windows\SysNative\Drivers\BtAudioBus.sys (IVT Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130530.017\ex64.sys (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130530.017\eng64.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130530.001\IDSviA64.sys (Symantec Corporation) DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130515.001\BHDrvx64.sys (Symantec Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{ECD5D19E-F577-4A6F-9DF0-BC36C80A769F}: "URL" = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3731889160-3860413392-410561627-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4 IE - HKU\S-1-5-21-3731889160-3860413392-410561627-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-3731889160-3860413392-410561627-1002\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3731889160-3860413392-410561627-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS IE - HKU\S-1-5-21-3731889160-3860413392-410561627-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGNI_en-GBCA516 IE - HKU\S-1-5-21-3731889160-3860413392-410561627-1002\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} IE - HKU\S-1-5-21-3731889160-3860413392-410561627-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.0.26\coFFPlgn\ [2013-04-01 13:47:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\ [2013-04-25 12:57:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\ [2013-04-25 12:56:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-04-21 12:21:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-03-12 15:21:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions [2013-03-12 15:21:02 | 000,000,000 | ---D | M] (Speed Test Analysis) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\speedtestanalysis@SpeedAnalysis.com [2013-04-22 22:07:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions [2013-04-02 11:25:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013-03-26 22:18:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013-03-26 22:17:52 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013-03-26 22:17:52 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - Extension: Google Docs = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google Search = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Speed Test Analysis = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_0\ CHR - Extension: Norton Identity Protection = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\ CHR - Extension: Gmail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013-04-01 11:53:59 | 000,000,841 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (Speed Test Analysis) - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files (x86)\Speed Test Analysis\ScriptHost.dll (SpeedAnalysis.com) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\IPS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\CoIEPlg.dll (Symantec Corporation) O3:64bit: - HKU\S-1-5-21-3731889160-3860413392-410561627-1002\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [btTray] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation) O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0327BF37-553C-4D09-8230-9F5D50667E24}: DhcpNameServer = 64.71.255.204 64.71.255.198 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53677ED1-0FBD-40FF-9C76-3CAB33DE80AE}: DhcpNameServer = 192.168.0.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013-05-30 09:00:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe [2013-05-29 22:44:19 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\RK_Quarantine [2013-05-29 22:20:01 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Clean UP [2013-05-29 22:17:30 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller.exe [2013-05-28 22:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013-05-26 21:26:52 | 000,000,000 | ---D | C] -- C:\FRST [2013-05-26 16:31:02 | 005,071,432 | ---- | C] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe [2013-05-26 11:42:19 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013-05-26 11:41:43 | 000,000,000 | ---D | C] -- C:\JRT [2013-05-26 11:32:01 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\User\Desktop\JRT.exe [2013-05-17 08:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013-05-17 08:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013-05-17 08:11:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013-05-17 08:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013-05-17 08:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013-05-17 08:09:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi ========== Files - Modified Within 30 Days ========== [2013-05-30 21:53:12 | 000,000,821 | ---- | M] () -- C:\Windows\SysWow64\bscs.ini [2013-05-30 21:49:59 | 000,004,524 | ---- | M] () -- C:\Windows\SysWow64\LOCALSERVICE.INI [2013-05-30 21:49:57 | 000,000,043 | ---- | M] () -- C:\Windows\SysWow64\LOCALDEVICE.INI [2013-05-30 21:49:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-05-30 14:23:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-05-30 09:00:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe [2013-05-29 23:10:44 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-05-29 23:09:53 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013-05-29 23:09:50 | 2122,530,815 | -HS- | M] () -- C:\hiberfil.sys [2013-05-29 22:19:21 | 000,791,040 | ---- | M] () -- C:\Users\User\Desktop\RogueKillerX64.exe [2013-05-29 22:17:46 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller.exe [2013-05-29 11:14:47 | 000,002,279 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013-05-28 22:22:59 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013-05-26 16:31:10 | 005,071,432 | ---- | M] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe [2013-05-26 11:37:20 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForUser.job [2013-05-26 11:32:02 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\User\Desktop\JRT.exe [2013-05-26 11:31:30 | 000,632,031 | ---- | M] () -- C:\Users\User\Desktop\AdwCleaner (1).exe [2013-05-20 20:45:14 | 001,994,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-05-20 20:45:14 | 000,877,348 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2013-05-20 20:45:14 | 000,788,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-05-20 20:45:14 | 000,191,806 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2013-05-20 20:45:14 | 000,162,458 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-05-17 08:12:11 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk ========== Files Created - No Company Name ========== [2013-05-29 22:19:19 | 000,791,040 | ---- | C] () -- C:\Users\User\Desktop\RogueKillerX64.exe [2013-05-28 22:22:59 | 000,002,279 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013-05-28 22:22:58 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013-05-26 11:31:28 | 000,632,031 | ---- | C] () -- C:\Users\User\Desktop\AdwCleaner (1).exe [2013-05-17 08:12:11 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013-03-13 22:32:31 | 000,000,017 | ---- | C] () -- C:\Users\User\AppData\Local\resmon.resmoncfg [2013-03-02 17:31:11 | 000,000,054 | ---- | C] () -- C:\Windows\Composer.INI [2013-01-03 21:37:38 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2012-11-21 00:34:40 | 000,004,524 | ---- | C] () -- C:\Windows\SysWow64\LOCALSERVICE.INI [2012-11-21 00:34:40 | 000,000,043 | ---- | C] () -- C:\Windows\SysWow64\LOCALDEVICE.INI [2012-08-25 14:51:07 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-08-10 21:45:30 | 000,000,821 | ---- | C] () -- C:\Windows\SysWow64\bscs.ini [2012-08-09 02:10:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-08-09 02:10:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-08-03 18:40:09 | 000,916,510 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-07-27 18:50:34 | 000,333,312 | ---- | C] () -- C:\Windows\SysWow64\BsExtendFunc.dll [2012-07-26 04:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012-07-26 04:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012-07-26 03:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012-07-25 21:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012-07-25 16:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012-07-25 16:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012-07-25 16:22:54 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2012-07-25 16:22:54 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2012-07-25 16:22:54 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2012-07-10 22:04:10 | 000,062,976 | ---- | C] () -- C:\Windows\SysWow64\BsProfileFunc.dll [2012-07-10 21:59:40 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\BsTrace.dll [2012-07-10 21:26:44 | 000,090,208 | ---- | C] () -- C:\Windows\SysWow64\BSSkypeAgent.dll [2012-07-10 21:26:44 | 000,086,108 | ---- | C] () -- C:\Windows\SysWow64\BSVoIPComm.dll [2012-07-10 21:26:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\BsVistaCommon.dll [2012-07-10 21:26:44 | 000,049,664 | ---- | C] () -- C:\Windows\SysWow64\BSWMPPlugin.dll [2012-07-10 21:26:44 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\SCChangeMonitor.dll [2012-06-13 12:45:02 | 000,008,704 | ---- | C] () -- C:\Windows\SysWow64\SROF.dll [2012-06-05 01:31:00 | 000,000,417 | ---- | C] () -- C:\Windows\SysWow64\RaoBLE.ini [2012-06-02 10:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012-05-10 20:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011-09-13 10:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2012-08-25 15:09:55 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013-03-01 22:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-03-02 04:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-25 23:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-25 23:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-25 23:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >

Hi Gringo, I'll run OTL asap. My anti-virus picked up something, but could not find an auto fix for the error. It asks me to connect to the web to get support, but it open an Internet Explorer window which doesn't work. I'm using Norton 360. It found Error: 8506, 421.

Hi Gringo, I tried running the script you sent, but my Operating System (Windows 8) doesn't allow the program to run in compatibility mode. Is there another option? Thanks so much for your help!

Here's the RK scan: RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 8 (6.2.9200 ) 64 bits version Started in : Normal mode User : User [Admin rights] Mode : Remove -- Date : 05/29/2013 22:50:16 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED [HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MQ01ABD075 SATA Disk Device +++++ --- User --- [MBR] 9c9b2669875350b52edfd94c450c6197 [bSP] 1f18f6bde0f1cc21fbbaaa1891dbc946 : Empty MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 715404 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_D_05292013_02d2250.txt >> RKreport[1]_S_05292013_02d2246.txt ; RKreport[2]_D_05292013_02d2250.txt

Hi Gringo, The log was too long to post. I'm attaching it. I'll send the results of the second scan soon. Thanks! TDSSKiller.2.8.16.0_29.05.2013_22.28.49_log.txt

Hi Gringo, I've reinstalled Chrome. It seems to be working fine. My computer has a fan that automatic runs to cool down the system. I've noticed that since having trouble with the dlink redirect virus it's been running more frequently. Even after the reinstall it seems to be running more often than usual. One other weird thing I've noticed is that my Internet Explorer, which has not been working for months despite reinstalling it, shows up as having files/cookies that are deleted when I run CCleaner. I don't think it's related to the dlink redirect, but I have noticed it. Thanks!

One other thing to note. I don't seem to be getting the redirect on Chrome anymore when I search Google on the address bar. I'm using a system with a Dlink wireless router and there are other computers on this system. I only starting getting the redirect within hours of logging on to this wireless network (my parents' Internet). Is there a possibility that I could be infected through the network itself or is this more likely from clicking on something while browsing? Thanks!

Whoops, never mind. I figured it out. Here are my logs: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-05-2013 04 Ran by User (administrator) on 26-05-2013 21:26:56 Running from C:\Users\User\Desktop Windows 8 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe (Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe (Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Axentra Corporation) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Farbar) C:\Users\User\Desktop\FRST64.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.) HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated) HKLM-x32\...\Run: [btTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [363520 2012-08-02] (IVT Corporation) HKLM-x32\...\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui [79776 2012-10-15] () HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-15] (Apple Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM - {ECD5D19E-F577-4A6F-9DF0-BC36C80A769F} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO-x32: Speed Test Analysis - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files (x86)\Speed Test Analysis\ScriptHost.dll (SpeedAnalysis.com) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [21504] (Microsoft Corporation) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ei4gauue.default FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () Chrome: ======= CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Speed Test Analysis) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0_0 CHR Extension: (Norton Identity Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0 CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1544192 2012-08-02] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-07-10] (IVT Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\diMaster.dll [554288 2013-03-29] (Symantec Corporation) R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\diMaster.dll [554288 2013-03-29] (Symantec Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-28] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices) R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130515.001\BHDrvx64.sys [1390680 2013-04-12] (Symantec Corporation) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) U4 BthAvrcpTg; U4 BthHFEnum; U4 bthhfhid; R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-09] (Ralink Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-04-25] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-04-25] (Symantec Corporation) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130524.001\IDSvia64.sys [513184 2013-04-24] (Symantec Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130525.006\ENG64.SYS [126040 2013-05-23] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130525.006\EX64.SYS [2098776 2013-05-23] (Symantec Corporation) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [695392 2012-08-09] (Ralink Technology, Corp.) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-04-25] (Symantec Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.) S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation) R1 ccSet_N360; \SystemRoot\system32\drivers\N360x64\1403010.016\ccSetx64.sys [x] R1 ccSet_NST; \SystemRoot\system32\drivers\NSTx64\7DD03030.013\ccSetx64.sys [x] R3 SRTSP; \SystemRoot\system32\drivers\N360x64\1403010.016\SRTSP64.SYS [x] R1 SRTSPX; \SystemRoot\system32\drivers\N360x64\1403010.016\SRTSPX64.SYS [x] R0 SymDS; system32\drivers\N360x64\1403010.016\SYMDS64.SYS [x] R0 SymEFA; system32\drivers\N360x64\1403010.016\SYMEFA64.SYS [x] S0 SymELAM; system32\drivers\N360x64\1403010.016\SymELAM.sys [x] R1 SymIRON; \SystemRoot\system32\drivers\N360x64\1403010.016\Ironx64.SYS [x] R1 SymNetS; \SystemRoot\system32\drivers\N360x64\1403010.016\SYMNETS.SYS [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-26 21:26 - 2013-05-26 21:26 - 00000000 ____D C:\FRST 2013-05-26 21:20 - 2013-05-26 21:20 - 01915390 ____A (Farbar) C:\Users\User\Desktop\FRST64.exe 2013-05-26 16:31 - 2013-05-26 16:31 - 05071432 ____A (Swearware) C:\Users\User\Desktop\ComboFix.exe 2013-05-26 11:47 - 2013-05-26 11:47 - 00011150 ____A C:\Users\User\Desktop\JRT.txt 2013-05-26 11:42 - 2013-05-26 11:42 - 00000000 ____D C:\Windows\ERUNT 2013-05-26 11:41 - 2013-05-26 11:41 - 00000000 ____D C:\JRT 2013-05-26 11:35 - 2013-05-26 11:35 - 00001872 ____A C:\AdwCleaner[s4].txt 2013-05-26 11:34 - 2013-05-26 11:34 - 00001788 ____A C:\Users\User\Desktop\AdwCleaner[R6].txt 2013-05-26 11:33 - 2013-05-26 11:33 - 00001788 ____A C:\AdwCleaner[R6].txt 2013-05-26 11:32 - 2013-05-26 11:32 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\User\Desktop\JRT.exe 2013-05-26 11:31 - 2013-05-26 11:31 - 00632031 ____A C:\Users\User\Desktop\AdwCleaner (1).exe 2013-05-25 22:45 - 2013-05-25 22:45 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-25 22:45 - 2013-05-25 22:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-25 22:45 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-05-25 22:42 - 2013-05-25 22:43 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\User\Desktop\mbam-setup-1.75.0.1300 (1).exe 2013-05-25 22:27 - 2013-05-25 22:27 - 00688992 ____R (Swearware) C:\Users\User\Desktop\dds (1).com 2013-05-25 22:27 - 2013-05-25 22:27 - 00688992 ____A (Swearware) C:\Users\User\Downloads\dds.com 2013-05-25 09:47 - 2013-05-25 09:47 - 00015591 ____A C:\Users\User\Downloads\Rachel Cere 0313354 Essay Proposal.odt 2013-05-19 21:07 - 2013-05-19 21:07 - 00015636 ____A C:\Users\User\Downloads\Editorial Board Meeting.zip 2013-05-17 08:12 - 2013-05-17 08:12 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk 2013-05-17 08:11 - 2013-05-17 08:12 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-05-17 08:11 - 2013-05-17 08:11 - 00000000 ____D C:\Program Files\iTunes 2013-05-17 08:11 - 2013-05-17 08:11 - 00000000 ____D C:\Program Files\iPod 2013-05-17 08:11 - 2013-05-17 08:11 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-05-09 15:30 - 2013-05-09 15:30 - 06128802 ____A C:\Users\User\Downloads\Annual Report.zip 2013-05-05 02:54 - 2013-05-05 02:54 - 00001230 ____A C:\Users\User\Desktop\RKreport[4]_S_05052013_02d0254.txt 2013-05-01 20:47 - 2013-05-01 20:47 - 00010756 ____A C:\Users\User\Downloads\Presenters and CCIH staff.xlsx 2013-05-01 13:44 - 2013-05-01 13:44 - 00001193 ____A C:\Users\User\Desktop\RKreport[3]_S_05012013_02d1344.txt 2013-04-28 22:44 - 2013-04-28 22:44 - 04829104 ____A (F-Secure Corporation) C:\Users\User\Downloads\F-SecureOnlineScanner(1).exe 2013-04-28 22:40 - 2013-04-28 22:40 - 00659968 ____A C:\Users\User\Downloads\MicrosoftFixit50195.msi ==================== One Month Modified Files and Folders ======= 2013-05-26 21:26 - 2013-05-26 21:26 - 00000000 ____D C:\FRST 2013-05-26 21:23 - 2012-12-30 11:08 - 00000914 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-26 21:22 - 2012-08-10 21:45 - 00000821 ____A C:\Windows\SysWOW64\bscs.ini 2013-05-26 21:21 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\System32\sru 2013-05-26 21:20 - 2013-05-26 21:20 - 01915390 ____A (Farbar) C:\Users\User\Desktop\FRST64.exe 2013-05-26 21:19 - 2012-11-21 00:34 - 00004524 ____A C:\Windows\SysWOW64\LOCALSERVICE.INI 2013-05-26 21:19 - 2012-11-21 00:34 - 00000043 ____A C:\Windows\SysWOW64\LOCALDEVICE.INI 2013-05-26 16:31 - 2013-05-26 16:31 - 05071432 ____A (Swearware) C:\Users\User\Desktop\ComboFix.exe 2013-05-26 11:47 - 2013-05-26 11:47 - 00011150 ____A C:\Users\User\Desktop\JRT.txt 2013-05-26 11:42 - 2013-05-26 11:42 - 00000000 ____D C:\Windows\ERUNT 2013-05-26 11:41 - 2013-05-26 11:41 - 00000000 ____D C:\JRT 2013-05-26 11:38 - 2012-07-26 01:26 - 00262144 __ASH C:\Windows\System32\config\ELAM 2013-05-26 11:37 - 2013-04-14 21:29 - 00000348 ____A C:\Windows\Tasks\HPCeeScheduleForUser.job 2013-05-26 11:37 - 2012-12-30 11:08 - 00000910 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-26 11:37 - 2012-07-26 03:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-26 11:36 - 2012-07-26 01:26 - 00262144 __ASH C:\Windows\System32\config\BBI 2013-05-26 11:35 - 2013-05-26 11:35 - 00001872 ____A C:\AdwCleaner[s4].txt 2013-05-26 11:34 - 2013-05-26 11:34 - 00001788 ____A C:\Users\User\Desktop\AdwCleaner[R6].txt 2013-05-26 11:33 - 2013-05-26 11:33 - 00001788 ____A C:\AdwCleaner[R6].txt 2013-05-26 11:32 - 2013-05-26 11:32 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\User\Desktop\JRT.exe 2013-05-26 11:31 - 2013-05-26 11:31 - 00632031 ____A C:\Users\User\Desktop\AdwCleaner (1).exe 2013-05-25 22:45 - 2013-05-25 22:45 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-25 22:45 - 2013-05-25 22:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-25 22:44 - 2013-04-21 22:49 - 00018373 ____A C:\Users\User\Desktop\dds.txt 2013-05-25 22:44 - 2013-04-21 22:49 - 00007523 ____A C:\Users\User\Desktop\attach.txt 2013-05-25 22:43 - 2013-05-25 22:42 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\User\Desktop\mbam-setup-1.75.0.1300 (1).exe 2013-05-25 22:27 - 2013-05-25 22:27 - 00688992 ____R (Swearware) C:\Users\User\Desktop\dds (1).com 2013-05-25 22:27 - 2013-05-25 22:27 - 00688992 ____A (Swearware) C:\Users\User\Downloads\dds.com 2013-05-25 09:47 - 2013-05-25 09:47 - 00015591 ____A C:\Users\User\Downloads\Rachel Cere 0313354 Essay Proposal.odt 2013-05-24 15:23 - 2013-04-23 08:48 - 00002183 ____A C:\Users\Public\Desktop\Google Chrome.lnk 2013-05-20 20:45 - 2012-08-25 15:38 - 00877348 ____A C:\Windows\System32\perfh00C.dat 2013-05-20 20:45 - 2012-08-25 15:38 - 00191806 ____A C:\Windows\System32\perfc00C.dat 2013-05-20 20:45 - 2012-07-26 03:28 - 01994298 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-19 21:36 - 2012-12-30 23:10 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log 2013-05-19 21:36 - 2012-12-30 23:10 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-05-19 21:07 - 2013-05-19 21:07 - 00015636 ____A C:\Users\User\Downloads\Editorial Board Meeting.zip 2013-05-18 22:03 - 2012-12-30 01:28 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc 2013-05-18 20:25 - 2013-02-19 18:29 - 00000000 ____D C:\Users\User\AppData\Roaming\dvdcss 2013-05-17 08:12 - 2013-05-17 08:12 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk 2013-05-17 08:12 - 2013-05-17 08:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-05-17 08:11 - 2013-05-17 08:11 - 00000000 ____D C:\Program Files\iTunes 2013-05-17 08:11 - 2013-05-17 08:11 - 00000000 ____D C:\Program Files\iPod 2013-05-17 08:11 - 2013-05-17 08:11 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-05-16 22:55 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\System32\NDF 2013-05-09 15:30 - 2013-05-09 15:30 - 06128802 ____A C:\Users\User\Downloads\Annual Report.zip 2013-05-05 02:54 - 2013-05-05 02:54 - 00001230 ____A C:\Users\User\Desktop\RKreport[4]_S_05052013_02d0254.txt 2013-05-03 18:51 - 2013-01-03 17:44 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps 2013-05-01 20:47 - 2013-05-01 20:47 - 00010756 ____A C:\Users\User\Downloads\Presenters and CCIH staff.xlsx 2013-05-01 13:44 - 2013-05-01 13:44 - 00001193 ____A C:\Users\User\Desktop\RKreport[3]_S_05012013_02d1344.txt 2013-04-29 16:18 - 2013-04-25 17:22 - 00000000 ____D C:\Users\User\Desktop\pics from show 2013-04-28 22:44 - 2013-04-28 22:44 - 04829104 ____A (F-Secure Corporation) C:\Users\User\Downloads\F-SecureOnlineScanner(1).exe 2013-04-28 22:40 - 2013-04-28 22:40 - 00659968 ____A C:\Users\User\Downloads\MicrosoftFixit50195.msi 2013-04-27 18:35 - 2013-03-28 21:57 - 00000000 ____D C:\Windows\Minidump 2013-04-27 13:24 - 2013-01-05 16:19 - 00077136 ____A C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2013-04-26 13:21 - 2013-04-03 22:39 - 00000000 ____D C:\Users\User\Desktop\backups 2013-04-26 09:11 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\AUInstallAgent Other Malware: =========== C:\ProgramData\ntuser.dat ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit Last Boot: 2013-05-22 12:40 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-05-2013 04 Ran by User at 2013-05-26 21:27:30 Run: Running from C:\Users\User\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 4 Elements II (Version: 2.2.0.98) 7 Wonders II (Version: 2.2.0.98) Adobe Shockwave Player 11.6 (Version: 11.6.5.635) Aloha TriPeaks (Version: 2.2.0.98) AMD Accelerated Video Transcoding (Version: 12.5.100.20808) AMD APP SDK Runtime (Version: 10.0.938.2) AMD Catalyst Install Manager (Version: 8.0.881.0) AMD Fuel (Version: 2012.0808.1024.16666) AMD Quick Stream (Version: 3.3.26.0) AMD VISION Engine Control Center (Version: 2012.0808.1024.16666) Apple Application Support (Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (Version: 2.1.3.127) Bejeweled 3 (Version: 2.2.0.98) Bonjour (Version: 3.0.0.10) Build-a-lot 4 - Power Source (Version: 2.2.0.98) Catalyst Control Center - Branding (Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (Version: 2012.0808.1024.16666) Catalyst Control Center InstallProxy (Version: 2012.0808.1024.16666) Catalyst Control Center Localization All (Version: 2012.0808.1024.16666) CCC Help Chinese Standard (Version: 2012.0808.1023.16666) CCC Help Chinese Traditional (Version: 2012.0808.1023.16666) CCC Help Czech (Version: 2012.0808.1023.16666) CCC Help Danish (Version: 2012.0808.1023.16666) CCC Help Dutch (Version: 2012.0808.1023.16666) CCC Help English (Version: 2012.0808.1023.16666) CCC Help Finnish (Version: 2012.0808.1023.16666) CCC Help French (Version: 2012.0808.1023.16666) CCC Help German (Version: 2012.0808.1023.16666) CCC Help Greek (Version: 2012.0808.1023.16666) CCC Help Hungarian (Version: 2012.0808.1023.16666) CCC Help Italian (Version: 2012.0808.1023.16666) CCC Help Japanese (Version: 2012.0808.1023.16666) CCC Help Korean (Version: 2012.0808.1023.16666) CCC Help Norwegian (Version: 2012.0808.1023.16666) CCC Help Polish (Version: 2012.0808.1023.16666) CCC Help Portuguese (Version: 2012.0808.1023.16666) CCC Help Russian (Version: 2012.0808.1023.16666) CCC Help Spanish (Version: 2012.0808.1023.16666) CCC Help Swedish (Version: 2012.0808.1023.16666) CCC Help Thai (Version: 2012.0808.1023.16666) CCC Help Turkish (Version: 2012.0808.1023.16666) ccc-utility64 (Version: 2012.0808.1024.16666) CCleaner (Version: 3.28) Chuzzle Deluxe (Version: 2.2.0.95) Cradle of Rome 2 (Version: 2.2.0.98) Crazy Chicken Soccer (Version: 2.2.0.98) CyberLink LabelPrint (Version: 2.5.1.5407) CyberLink Media Suite 10 (Version: 10.0.1.1916) CyberLink PhotoDirector (Version: 2.0.1.3119) CyberLink Power2Go 8 (Version: 8.0.1.1926) CyberLink PowerDirector 10 (Version: 10.0.1.1925) CyberLink PowerDVD (Version: 10.0.6.4319) CyberLink YouCam (Version: 3.5.4.5527) D3DX10 (Version: 15.4.2368.0902) Energy Star (Version: 1.0.8) Farm Frenzy (Version: 2.2.0.98) Final Drive Fury (Version: 2.2.0.95) FlatOut 2 (Version: 2.2.0.98) Foxit Reader (Version: 5.4.5.124) Galerie de photos Windows Live (Version: 15.4.3502.0922) Google Chrome (Version: 27.0.1453.94) Google Toolbar for Internet Explorer (Version: 1.0.0) Google Toolbar for Internet Explorer (Version: 7.4.3607.2246) Google Update Helper (Version: 1.3.21.145) Governor of Poker 2 Premium Edition (Version: 2.2.0.95) Hewlett-Packard ACLM.NET v1.2.0.0 (Version: 1.00.0000) Hoyle Card Games (Version: 2.2.0.95) HP 3D DriveGuard (Version: 4.2.5.1) HP Connected Music (Meridian - installer) (Version: v1.0) HP CoolSense (Version: 2.10.3) HP Customer Experience Enhancements (Version: 6.0.1.7) HP Documentation (Version: 1.1.0.0) HP Games (Version: 1.0.3.0) HP MyRoom (Version: 9.0.0.0) HP Postscript Converter (Version: 3.1.3554) HP Quick Launch (Version: 3.0.3) HP Recovery Manager (Version: 7.00) HP Registration Service (Version: 1.0.5976.4186) HP Software Framework (Version: 4.6.8.1) HP Support Assistant (Version: 7.0.32.44) HP Utility Center (Version: 1.0.7) HP Wireless Button Driver (Version: 1.0.5.1) IDT Audio (Version: 1.0.6417.0) iTunes (Version: 11.0.3.42) Jewel Match 3 (Version: 2.2.0.98) John Deere Drive Green (Version: 2.2.0.95) Letters from Nowhere 2 (Version: 2.2.0.97) Luxor Evolved (Version: 2.2.0.98) Machete Lite 3.8 (Version: 3.8.44) Mahjongg Dimensions Deluxe: Tiles in Time (Version: 2.2.0.98) Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) Memeo AutoSync Memeo Instant Backup (Version: 4.60.0.7923) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office (Version: 14.0.6120.5004) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319) Mozilla Firefox 20.0 (x86 en-US) (Version: 20.0) Mozilla Maintenance Service (Version: 20.0) MSVCRT (Version: 15.4.2862.0708) Norton 360 (Version: 20.3.1.22) Norton Identity Safe (Version: 2013.3.3.19) Peggle Nights (Version: 2.2.0.98) Penguins! (Version: 2.2.0.98) Polar Bowler (Version: 2.2.0.97) Polar Golfer (Version: 2.2.0.98) QuickTime (Version: 7.73.80.64) Ralink Bluetooth Stack64 (Version: 9.0.715.0) Ralink RT3290 802.11bgn Wi-Fi Adapter (Version: 5.0.2.0) Realtek Ethernet Controller Driver (Version: 8.3.730.2012) Realtek PCIE Card Reader (Version: 6.2.8400.29029) Roads of Rome 3 (Version: 2.2.0.98) Seagate Dashboard (Version: 1.1.0.1554) Speed Test Analysis (Version: 1.0.0.0) swMSM (Version: 12.0.0.1) Synaptics Pointing Device Driver (Version: 16.2.10.12) The Treasures of Mystery Island: The Ghost Ship (Version: 2.2.0.98) TouchFreeze (Version: 1.1.0) Trinklit Supreme (Version: 2.2.0.98) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update Installer for WildTangent Games App VLC media player 2.0.5 (Version: 2.0.5) WildTangent Games (Version: 1.0.3.0) WildTangent Games App (Version: 4.0.9.6) Windows Live (Version: 15.4.3502.0922) Windows Live Communications Platform (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3555.0308) Windows Live Installer (Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Movie Maker (Version: 15.4.3502.0922) Windows Live Photo Common (Version: 15.4.3502.0922) Windows Live Photo Gallery (Version: 15.4.3502.0922) Windows Live PIMT Platform (Version: 15.4.3508.1109) Windows Live SOXE (Version: 15.4.3502.0922) Windows Live SOXE Definitions (Version: 15.4.3502.0922) Windows Live UX Platform (Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (Version: 15.4.3508.1109) Windows Live Writer (Version: 15.4.3502.0922) Windows Live Writer Resources (Version: 15.4.3502.0922) Zuma's Revenge (Version: 2.2.0.98) ==================== Restore Points ========================= 07-05-2013 15:25:02 Scheduled Checkpoint 16-05-2013 18:12:25 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2013-05-26 21:26:50.830 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2013-05-26 19:23:30.499 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2013-05-26 19:20:26.207 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2013-05-26 19:18:50.931 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2013-05-26 19:18:37.543 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2013-05-26 17:03:29.966 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2013-05-26 16:57:52.840 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2013-05-26 16:57:36.246 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2013-05-26 16:51:32.339 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2013-05-26 16:50:52.810 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 21% Total physical RAM: 7650.26 MB Available physical RAM: 5993.07 MB Total Pagefile: 8802.26 MB Available Pagefile: 7136.2 MB Total Virtual: 8192 MB Available Virtual: 8191.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:672.8 GB) (Free:542.93 GB) NTFS (Disk=0 Partition=4) ==>[system with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:25.07 GB) (Free:2.97 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 699 GB) (Disk ID: 33044D6F) Partition: GPT Partition Type ==================== End Of Log ============================

Hi Gringo, Windows Smart screen is blocking me from running that app. I tried running as administrator but it wouldn't work either. Do I need to do anything like turning off my anti-virus program before running it? Thank you.

Hi Gringo, Combofix won't run on Windows 8. Is there another option? Thanks!

Hi Gringo, Thanks for your help. Here are my logs: # AdwCleaner v2.301 - Logfile created 05/26/2013 at 11:35:16 # Updated 16/05/2013 by Xplode # Operating system : Windows 8 (64 bits) # User : User - LAPTOP-PC # Boot Mode : Normal # Running from : C:\Users\User\Desktop\AdwCleaner (1).exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\END ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\SearchProtect Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3287823 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Registry is clean. -\\ Mozilla Firefox v20.0 (en-US) -\\ Google Chrome v27.0.1453.94 ************************* AdwCleaner[R1].txt - [1424 octets] - [31/03/2013 15:57:11] AdwCleaner[R2].txt - [771 octets] - [01/04/2013 11:57:50] AdwCleaner[R3].txt - [830 octets] - [01/04/2013 13:44:01] AdwCleaner[R4].txt - [986 octets] - [09/04/2013 23:34:07] AdwCleaner[R5].txt - [2141 octets] - [21/04/2013 23:08:54] AdwCleaner[R6].txt - [1788 octets] - [26/05/2013 11:33:24] AdwCleaner[s1].txt - [1350 octets] - [31/03/2013 15:58:13] AdwCleaner[s2].txt - [889 octets] - [01/04/2013 13:45:05] AdwCleaner[s3].txt - [1045 octets] - [09/04/2013 23:34:28] AdwCleaner[s4].txt - [1743 octets] - [26/05/2013 11:35:16] ########## EOF - C:\AdwCleaner[s4].txt - [1803 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 8 x64 Ran by User on 2013-05-26 at 11:42:22.85 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{ECD5D19E-F577-4A6F-9DF0-BC36C80A769F} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{ECD5D19E-F577-4A6F-9DF0-BC36C80A769F} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\conduit" ~~~ FireFox Successfully deleted: [Folder] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ei4gauue.default\smartbar Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\speedtestanalysis@speedanalysis.com Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\speedtestanalysis@speedanalysis.com Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ei4gauue.default\prefs.js user_pref("CT3287823.1000082.isPlayDisplay", "true"); user_pref("CT3287823.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california. user_pref("CT3287823.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3287823.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3287823.FF19Solved", "true"); user_pref("CT3287823.FirstTime", "true"); user_pref("CT3287823.FirstTimeFF3", "true"); user_pref("CT3287823.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287823&SearchSource=2&CUI=UN21880024042243823&UM=2&q="); user_pref("CT3287823.TopHitsConfig.enc", "ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL3N0b3JhZ2UuY29uZHVpdC5jb20vcHMvVG9wSGl0c0dlbmVyaWNBcHAvY29uZmlncy9VUy1VSy1EYW5jZS1Sb2NrLVJhcC9zc user_pref("CT3287823.UserID", "UN21880024042243823"); user_pref("CT3287823.YTbyClickFavorites.enc", "W10="); user_pref("CT3287823.YTbyClickRecent.enc", "W10="); user_pref("CT3287823.addressBarTakeOverEnabledInHidden", "true"); user_pref("CT3287823.autoDisableScopes", -1); user_pref("CT3287823.browser.search.defaultthis.engineName", "true"); user_pref("CT3287823.defaultSearch", "true"); user_pref("CT3287823.embeddedsData", "[{\"appId\":\"130058557034802204\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get user_pref("CT3287823.enableAlerts", "true"); user_pref("CT3287823.enableFix404ByUser", "TRUE"); user_pref("CT3287823.enableSearchFromAddressBar", "true"); user_pref("CT3287823.firstTimeDialogOpened", "true"); user_pref("CT3287823.fixPageNotFoundError", "true"); user_pref("CT3287823.fixPageNotFoundErrorByUser", "true"); user_pref("CT3287823.fixPageNotFoundErrorInHidden", "true"); user_pref("CT3287823.fixUrls", true); user_pref("CT3287823.installDate", "21/4/2013 12:20:59"); user_pref("CT3287823.installId", "aaa_cid159_87"); user_pref("CT3287823.installSessionId", "{13CE1994-6E8D-4470-8B21-F0E729BF73CC}"); user_pref("CT3287823.installSp", "TRUE"); user_pref("CT3287823.installType", "conduitnsisintegration"); user_pref("CT3287823.installUsage", "2013-04-22T03:45:10.0145328+03:00"); user_pref("CT3287823.installUsageEarly", "2013-04-22T03:45:08.0926209+03:00"); user_pref("CT3287823.installerVersion", "1.4.1.3"); user_pref("CT3287823.isCheckedStartAsHidden", true); user_pref("CT3287823.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3287823.isFirstTimeToolbarLoading", "false"); user_pref("CT3287823.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); user_pref("CT3287823.keyword", "true"); user_pref("CT3287823.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3287823&octid=CT3287823&SearchSource=15&CUI=UN218800240422438 user_pref("CT3287823.lastVersion", "10.15.2.23"); user_pref("CT3287823.mam_gk_appStateReportTime.enc", "MTM2NjU5MTUxODg4Mg=="); user_pref("CT3287823.mam_gk_appState_CouponBuddy.enc", "b24="); user_pref("CT3287823.mam_gk_appState_Easytobook.enc", "b24="); user_pref("CT3287823.mam_gk_appState_Easytobook_targeted.enc", "b24="); user_pref("CT3287823.mam_gk_appState_PriceGong.enc", "b24="); user_pref("CT3287823.mam_gk_appState_WindowShopper.enc", "b24="); user_pref("CT3287823.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnN user_pref("CT3287823.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ=="); user_pref("CT3287823.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IldpbmRvd1Nob3BwZXIiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI2MTkzOWRmZS03OTg4LTQ1NTEtOGM1NC03Mz user_pref("CT3287823.mam_gk_currentVersion.enc", "MS40LjQuNg=="); user_pref("CT3287823.mam_gk_first_time.enc", "MQ=="); user_pref("CT3287823.mam_gk_gadgetOpen.enc", "d2VsY29tZQ=="); user_pref("CT3287823.mam_gk_installer_preapproved.enc", "ZmFsc2U="); user_pref("CT3287823.mam_gk_lastLoginTime.enc", "MTM2NjU5MTUxNDkxNg=="); user_pref("CT3287823.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHM user_pref("CT3287823.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ=="); user_pref("CT3287823.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmll user_pref("CT3287823.mam_gk_showCloseButton.enc", "dHJ1ZQ=="); user_pref("CT3287823.mam_gk_showWelcomeGadget.enc", "dHJ1ZQ=="); user_pref("CT3287823.mam_gk_userId.enc", "YWM4NWU3ZjItZjQyYi00OTQ3LTkwZGMtNGIyODBmYzVjYzky"); user_pref("CT3287823.migrateAppsAndComponents", true); user_pref("CT3287823.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3287823%26octid%3DCT3287823%26Sear user_pref("CT3287823.openThankYouPage", "false"); user_pref("CT3287823.openUninstallPage", "true"); user_pref("CT3287823.revertSettingsEnabled", "false"); user_pref("CT3287823.search.searchAppId", "130058557034802204"); user_pref("CT3287823.search.searchCount", "0"); user_pref("CT3287823.searchFromAddressBarEnabledByUser", "true"); user_pref("CT3287823.searchInNewTabEnabledByUser", "true"); user_pref("CT3287823.searchInNewTabEnabledInHidden", "true"); user_pref("CT3287823.searchRevert", "false"); user_pref("CT3287823.searchUserMode", "2"); user_pref("CT3287823.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3287823.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT3287823.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); user_pref("CT3287823.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3287823\"}"); user_pref("CT3287823.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://MixiDJV9.OurToolbar.com//xpi\"}"); user_pref("CT3287823.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"MixiDJ V9\"}"); user_pref("CT3287823.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3287823.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1366591511913"); user_pref("CT3287823.serviceLayer_services_appsMetadata_lastUpdate", "1366591509892"); user_pref("CT3287823.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1366591510098"); user_pref("CT3287823.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1366591508092"); user_pref("CT3287823.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1366591509762"); user_pref("CT3287823.serviceLayer_services_location_lastUpdate", "1366591507747"); user_pref("CT3287823.serviceLayer_services_login_10.15.2.23_lastUpdate", "1366591511861"); user_pref("CT3287823.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1366591510054"); user_pref("CT3287823.serviceLayer_services_searchAPI_lastUpdate", "1366591507928"); user_pref("CT3287823.serviceLayer_services_serviceMap_lastUpdate", "1366591507039"); user_pref("CT3287823.serviceLayer_services_toolbarContextMenu_lastUpdate", "1366591510142"); user_pref("CT3287823.serviceLayer_services_toolbarSettings_lastUpdate", "1366591508374"); user_pref("CT3287823.serviceLayer_services_translation_lastUpdate", "1366591512129"); user_pref("CT3287823.settingsINI", true); user_pref("CT3287823.shouldFirstTimeDialog", "false"); user_pref("CT3287823.showToolbarPermission", "false"); user_pref("CT3287823.smartbar.CTID", "CT3287823"); user_pref("CT3287823.smartbar.Uninstall", "0"); user_pref("CT3287823.smartbar.homepage", "true"); user_pref("CT3287823.smartbar.toolbarName", "MixiDJ V9 "); user_pref("CT3287823.startPage", "true"); user_pref("CT3287823.toolbarBornServerTime", "22-4-2013"); user_pref("CT3287823.toolbarCurrentServerTime", "22-4-2013"); user_pref("CT3287823.toolbarLoginClientTime", "Sun Apr 21 2013 20:45:11 GMT-0400 (Eastern Daylight Time)"); user_pref("CT3287823.versionFromInstaller", "10.15.2.23"); user_pref("CT3287823_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1366591499766,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0} user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3287823&octid=CT3287823&SearchSource=61&CUI=UN21880024042243823&UM=2&UP=SPA5937323-AD3E-4253-9C99 user_pref("Smartbar.ConduitSearchEngineList", "MixiDJ V9 Customized Web Search"); user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287823&SearchSource=2&CUI=UN21880024042243823&UM=2&q="); user_pref("Smartbar.SearchFromAddressBarSavedUrl", ""); user_pref("Smartbar.keywordURLSelectedCTID", "CT3287823"); user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3287823&CUI=UN21880024042243823&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3287823&oct user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287823&SearchSource=2&CUI=UN21880024042243823&UM=2&q="); user_pref("smartbar.machineId", "3PFCA1ANHHJRWXN7BMZGBX5HK8HPAAYYZBAJDVDUPA0Q2MDNEFU09TKSWWRKMZG551C3BABDKOGMUNPUU3ITJW"); user_pref("smartbar.originalHomepage", "about:home"); user_pref("smartbar.originalSearchAddressUrl", ""); user_pref("smartbar.originalSearchEngine", ""); ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 2013-05-26 at 11:47:01.89 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hello, I think I've been infected with the Dlink redirect virus on Chrome. I've used CCleaner and cleaned my Chrome History but it's still showing up when I search. Thanks in advance for your help. Here are my logs: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 Run by User at 22:28:28 on 2013-05-25 Microsoft Windows 8 6.2.9200.0.1252.2.1033.18.7650.5532 [GMT -4:00] . AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Windows\system32\svchost.exe -k apphost C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\dashost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\dwm.exe C:\Windows\system32\atieclxx.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mStart Page = about:blank mWinlogon: Userinit = userinit.exe, BHO: Speed Test Analysis: {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files (x86)\Speed Test Analysis\ScriptHost.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\CoIEPlg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\IPS\IPSBHO.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\CoIEPlg.dll mRun: [btTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey mRun: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mPolicies-Explorer: NoDriveTypeAutoRun = dword:28 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 192.168.0.1 TCP: Interfaces\{0327BF37-553C-4D09-8230-9F5D50667E24} : DHCPNameServer = 64.71.255.204 64.71.255.198 TCP: Interfaces\{53677ED1-0FBD-40FF-9C76-3CAB33DE80AE} : DHCPNameServer = 192.168.0.1 mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = about:blank x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:28 . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ei4gauue.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - FF - plugin: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll FF - ExtSQL: 2013-04-01 13:47; {F04D2D30-776C-4d02-8627-8E4385ECA58D}; C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.0.26\coFFPlgn FF - ExtSQL: 2013-04-25 12:56; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn FF - ExtSQL: 2013-04-27 11:44; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn FF - ExtSQL: !HIDDEN! 2013-03-12 15:21; speedtestanalysis@SpeedAnalysis.com; C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedtestanalysis@SpeedAnalysis.com . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-7-24 79528] R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-7-24 26280] R0 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\N360x64\1403010.016\SymDS64.sys [2013-4-25 493656] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\N360x64\1403010.016\SymEFA64.sys [2013-4-25 1139800] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130515.001\BHDrvx64.sys [2013-5-20 1390680] R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\Drivers\N360x64\1403010.016\ccSetx64.sys [2013-4-25 168096] R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\Drivers\NSTx64\7DD03030.013\ccsetx64.sys [2013-4-16 168096] R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-21 92536] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130524.001\IDSviA64.sys [2013-5-25 513184] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\N360x64\1403010.016\Ironx64.sys [2013-4-25 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\N360x64\1403010.016\symnets.sys [2013-4-25 432800] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-9 239616] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-8 361984] R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\Drivers\appexDrv.sys [2012-11-21 199008] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-8-10 29600] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-9 35232] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-21 2451456] R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-5-4 25824] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe [2013-4-25 144520] R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccsvchst.exe [2013-4-16 144520] R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2012-10-15 14752] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-7-18 98472] R3 BtAudioBusSrv;IVT Bluetooth Audio Bus Service;C:\Windows\System32\Drivers\BtAudioBus.sys [2012-6-15 23136] R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;C:\Windows\System32\Drivers\BtL2caScoIf.sys [2012-7-19 56904] R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752] R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2012-8-9 48736] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-4-27 138912] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2012-11-21 1958984] R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-11-21 269968] R3 rtbth;RTBTH Bluetooth Device Driver;C:\Windows\System32\Drivers\rtbth.sys [2012-8-9 695392] R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-21 690832] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2012-11-21 57000] R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-3 20288] S0 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\N360x64\1403010.016\SymELAM.sys [2013-4-25 23448] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952] S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-11-21 41272] S3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-11-21 43832] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656] . =============== Created Last 30 ================ . 2013-05-26 01:33:34 198320 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10204.bin 2013-05-17 12:11:29 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-05-17 12:11:29 -------- d-----w- C:\Program Files\iTunes 2013-05-17 12:11:29 -------- d-----w- C:\Program Files\iPod 2013-05-17 12:11:29 -------- d-----w- C:\Program Files (x86)\iTunes . ==================== Find3M ==================== . 2013-04-25 16:52:20 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-04-11 14:22:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll 2013-04-02 22:08:01 78176 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-04-02 22:08:01 692576 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-03-19 22:19:24 4041728 ----a-w- C:\Windows\System32\win32k.sys 2013-03-12 19:28:21 1409 ----a-w- C:\Windows\QTFont.for 2013-03-07 06:50:56 6991592 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-03-02 10:57:48 337128 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS 2013-03-02 10:57:46 77544 ----a-w- C:\Windows\System32\drivers\storahci.sys 2013-03-02 10:57:46 332520 ----a-w- C:\Windows\System32\drivers\storport.sys 2013-03-02 10:57:46 283880 ----a-w- C:\Windows\System32\drivers\spaceport.sys 2013-03-02 10:45:20 148712 ----a-w- C:\Windows\System32\drivers\tpm.sys 2013-03-02 10:45:19 194792 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2013-03-02 10:45:10 125160 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2013-03-02 10:39:39 495336 ----a-w- C:\Windows\System32\drivers\vhdmp.sys 2013-03-02 10:39:38 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys 2013-03-02 10:39:32 327912 ----a-w- C:\Windows\System32\drivers\Classpnp.sys 2013-03-02 09:59:37 2231528 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-03-02 09:59:36 411880 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-03-02 08:24:08 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe 2013-03-02 08:23:43 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll 2013-03-02 08:23:43 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2013-03-02 08:23:30 893952 ----a-w- C:\Windows\SysWow64\winmde.dll 2013-03-02 08:23:30 1338880 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-03-02 08:23:28 601088 ----a-w- C:\Windows\SysWow64\Windows.Globalization.dll 2013-03-02 08:23:28 504320 ----a-w- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll 2013-03-02 08:23:19 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll 2013-03-02 08:23:19 246784 ----a-w- C:\Windows\SysWow64\ubpm.dll 2013-03-02 08:23:04 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll 2013-03-02 08:23:04 100864 ----a-w- C:\Windows\SysWow64\SettingSyncInfo.dll 2013-03-02 08:23:00 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll 2013-03-02 08:22:36 357888 ----a-w- C:\Windows\SysWow64\netcfgx.dll 2013-03-02 08:22:32 5091840 ----a-w- C:\Windows\SysWow64\mstscax.dll 2013-03-02 08:22:18 361984 ----a-w- C:\Windows\SysWow64\MFMediaEngine.dll 2013-03-02 08:22:17 850944 ----a-w- C:\Windows\SysWow64\mfasfsrcsnk.dll 2013-03-02 08:21:56 550912 ----a-w- C:\Windows\SysWow64\drvstore.dll 2013-03-02 08:21:52 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll 2013-03-02 08:21:40 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll 2013-03-02 08:21:39 2033664 ----a-w- C:\Windows\SysWow64\authui.dll 2013-03-02 08:21:32 145408 ----a-w- C:\Windows\SysWow64\powercfg.cpl 2013-03-02 02:44:59 448512 ----a-w- C:\Windows\System32\SettingSync.dll 2013-03-02 02:44:59 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll 2013-03-02 02:44:56 1011200 ----a-w- C:\Windows\System32\reseteng.dll 2013-03-02 02:44:41 455168 ----a-w- C:\Windows\System32\netcfgx.dll 2013-03-02 02:44:41 117248 ----a-w- C:\Windows\System32\NdisImPlatform.dll 2013-03-02 02:44:38 5978624 ----a-w- C:\Windows\System32\mstscax.dll 2013-03-02 02:44:30 468992 ----a-w- C:\Windows\System32\MFMediaEngine.dll 2013-03-02 02:44:29 1048576 ----a-w- C:\Windows\System32\mfasfsrcsnk.dll 2013-03-02 02:44:08 703488 ----a-w- C:\Windows\System32\drvstore.dll 2013-03-02 02:44:07 150016 ----a-w- C:\Windows\System32\discan.dll 2013-03-02 02:44:05 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll 2013-03-02 02:43:59 1933312 ----a-w- C:\Windows\System32\wbem\cimwin32.dll 2013-03-02 02:43:56 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll 2013-03-02 02:43:55 2302464 ----a-w- C:\Windows\System32\authui.dll 2013-03-02 02:43:51 2146304 ----a-w- C:\Windows\System32\actxprxy.dll 2013-03-02 02:43:50 156160 ----a-w- C:\Windows\System32\powercfg.cpl 2013-03-02 02:15:53 26112 ----a-w- C:\Windows\System32\drivers\mouhid.sys 2013-03-01 04:56:33 156672 ----a-w- C:\Windows\System32\drivers\rfcomm.sys 2013-03-01 04:56:18 30720 ----a-w- C:\Windows\System32\drivers\monitor.sys 2013-03-01 04:55:37 1175040 ----a-w- C:\Windows\System32\drivers\bthport.sys . ============= FINISH: 22:29:30.60 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Boot Device: \Device\HarddiskVolume2 Install Date: 2012-12-29 11:43:44 PM System Uptime: 2013-04-27 6:31:08 PM (676 hours ago) . Motherboard: Hewlett-Packard | | 1849 Processor: AMD A10-4600M APU with Radeon HD Graphics | Socket FT1 | 1400/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 673 GiB total, 537.056 GiB free. D: is FIXED (NTFS) - 25 GiB total, 2.967 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP27: 2013-05-07 11:25:02 AM - Scheduled Checkpoint RP28: 2013-05-16 2:12:25 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . 4 Elements II 7 Wonders II Adobe Shockwave Player 11.6 Aloha TriPeaks AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Fuel AMD Quick Stream AMD VISION Engine Control Center Apple Application Support Apple Mobile Device Support Apple Software Update Bejeweled 3 Bonjour Build-a-lot 4 - Power Source Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Chuzzle Deluxe Cradle of Rome 2 Crazy Chicken Soccer CyberLink LabelPrint CyberLink Media Suite 10 CyberLink PhotoDirector CyberLink Power2Go 8 CyberLink PowerDirector 10 CyberLink PowerDVD CyberLink YouCam D3DX10 Energy Star Farm Frenzy Final Drive Fury FlatOut 2 Foxit Reader Galerie de photos Windows Live Google Chrome Google Toolbar for Internet Explorer Google Update Helper Governor of Poker 2 Premium Edition Hewlett-Packard ACLM.NET v1.2.0.0 Hoyle Card Games HP 3D DriveGuard HP Connected Music (Meridian - installer) HP CoolSense HP Customer Experience Enhancements HP Documentation HP Games HP MyRoom HP Postscript Converter HP Quick Launch HP Recovery Manager HP Registration Service HP Software Framework HP Support Assistant HP Utility Center HP Wireless Button Driver IDT Audio iTunes Jewel Match 3 John Deere Drive Green Letters from Nowhere 2 Luxor Evolved Machete Lite 3.8 Mahjongg Dimensions Deluxe: Tiles in Time Memeo AutoSync Memeo Instant Backup Microsoft Application Error Reporting Microsoft Office Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 20.0 (x86 en-US) Mozilla Maintenance Service MSVCRT Norton 360 Norton Identity Safe Peggle Nights Penguins! Polar Bowler Polar Golfer QuickTime Ralink Bluetooth Stack64 Ralink RT3290 802.11bgn Wi-Fi Adapter Realtek Ethernet Controller Driver Realtek PCIE Card Reader Roads of Rome 3 Seagate Dashboard Search Protect by conduit Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Speed Test Analysis swMSM Synaptics Pointing Device Driver The Treasures of Mystery Island: The Ghost Ship TouchFreeze Trinklit Supreme Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update Installer for WildTangent Games App VLC media player 2.0.5 WildTangent Games WildTangent Games App Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Language Selector Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 2013-05-23 8:30:02 PM, Error: cdrom [15] - The device, \Device\CdRom0, is not ready for access yet. . ==== End Of File ===========================

Hi Gringo, That link describes an older version of the Windows operating system. Do you have any idea where I would look for system tools in Windows 8? I did a search for them but nothing came up. Thank you!

Hi Gringo, The first option did not work. The second scan found nothing but didn't produce any results I could post. Internet Explorer still doesn't work. I've stopped using it and use Chrome and Mozilla. The only time this is a problem is if another program tries to open up an IE window. Thanks!

Thanks Gringo! I couldn't run the last scan because my Internet Explorer is not working and hasn't worked for over a month. I tried reinstalling it but it didn't work. One other question. I have the free Malwarebytes and I have almost a year left on my Norton 360 subscription. Can I run both of these programs and do you suggest that I do? When I was reinstalling Norton, Malwarebytes came up as a conflict. Thanks again.

Hi Gringo, The MBAM log turned up clean. The Hijackthis log is below. Thanks for your help. The computer is running smoothly again. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:25:42 PM, on 2013-04-24 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe C:\Users\User\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Speed Test Analysis - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files (x86)\Speed Test Analysis\ScriptHost.dll O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coIEPlg.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coIEPlg.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [btTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey O4 - HKLM\..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui O4 - HKLM\..\Run: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent O4 - HKLM\..\Run: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\runner_avp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @oem22.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12689 bytes

Hi Gringo, After uninstalling Google now comes up as my homepage. I think Firefox is also back to normal. Thanks! Is there anything else I should do? Thanks again!

Hi Gringo, Search Conduit still appears as my Chrome launch page. Here's the log: ========== OTL ========== Process cltmng.exe killed successfully! No active process named Program Files was found! Service CltMngSvc stopped successfully! Service CltMngSvc deleted successfully! C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe moved successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found. HKU\S-1-5-21-3731889160-3860413392-410561627-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-3731889160-3860413392-410561627-1002\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found. Prefs.js: "MixiDJ V9 Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3287823&CUI=UN21880024042243823&UM=2&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: "MixiDJ V9 Customized Web Search" removed from browser.search.selectedEngine Prefs.js: "http://search.conduit.com/?ctid=CT3287823&octid=CT3287823&SearchSource=61&CUI=UN21880024042243823&UM=2&UP=SPA5937323-AD3E-4253-9C99-F0971140BA5D" removed from browser.startup.homepage Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3287823&SearchSource=2&CUI=UN21880024042243823&UM=2&q=" removed from keyword.URL C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\Plugins folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\modules folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\META-INF folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\lib folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\defaults\preferences folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\defaults folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\sl folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\lib\jquery.alerts\images folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\lib\jquery.alerts folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\lib folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\core folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\WEATHER\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\WEATHER\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\WEATHER folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\TWITTER\resources folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\TWITTER\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\TWITTER\img folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\TWITTER folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\SEARCH\view\style folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\SEARCH\view\script folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\SEARCH\view folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\SEARCH\resources folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\SEARCH\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\SEARCH\Css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\SEARCH\buildSettings folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\SEARCH folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\RADIO_PLAYER folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\PRICE_GONG\images folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\PRICE_GONG\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\PRICE_GONG folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\Optimizer\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\Optimizer folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\NOTIFICATION\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\NOTIFICATION\images folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\NOTIFICATION\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\NOTIFICATION folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\MULTI_RSS\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\MULTI_RSS\img folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\MULTI_RSS\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\MULTI_RSS folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\HIGHLIGHTER folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\wa folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\menu\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\menu\img folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\menu\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\menu folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\gf\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\gf\img folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\gf\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\gf folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\gadgetFrame folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\dlg\ftd\images folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\dlg\ftd folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui\dlg folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ui folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\sp\spsd\images folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\sp\spsd folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\sp\spbd\images folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\sp\spbd folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\sp\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\sp folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\options\js\resources folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\options\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\options\images folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\options\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\options folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\msd folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\api folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ac\res folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ac\img folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ac\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\ac folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\aboutBox\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\aboutBox\images folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al\aboutBox folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb\al folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\tb folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\logic\uninstall\dialog\js folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\logic\uninstall\dialog\images folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\logic\uninstall\dialog\css folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\logic\uninstall\dialog folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\logic\uninstall folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content\logic folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823\content folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome\CT3287823 folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7}\chrome folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ei4gauue.default\extensions\{c8d3d585-9468-4853-8d02-a4b7adfbb1d7} folder moved successfully. C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ei4gauue.default\searchplugins\conduit.xml moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtectAll deleted successfully. C:\Program Files (x86)\SearchProtect\bin\cltmng.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-3731889160-3860413392-410561627-1002\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect deleted successfully. C:\Users\User\AppData\Roaming\SearchProtect\bin\cltmng.exe moved successfully. C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully. C:\Program Files (x86)\Conduit folder moved successfully. C:\Users\User\AppData\Local\Conduit folder moved successfully. C:\Users\User\AppData\Local\CRE folder moved successfully. C:\Program Files (x86)\SearchProtect\ffprotect folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs\spsd folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs\spbd folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs\lib folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs folder moved successfully. C:\Program Files (x86)\SearchProtect\bin folder moved successfully. C:\Program Files (x86)\SearchProtect folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\ffprotect\Dialogs folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\ffprotect folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\Dialogs\spsd\images folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\Dialogs\spsd folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\Dialogs\spbd\images folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\Dialogs\spbd folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\Dialogs\lib folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\Dialogs folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect\bin folder moved successfully. C:\Users\User\AppData\Roaming\SearchProtect folder moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\User\Desktop\cmd.bat deleted successfully. C:\Users\User\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Public User: User Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Public User: User ->Flash cache emptied: 506 bytes Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 04222013_220727

And the other: OTL Extras logfile created on: 2013-04-22 7:32:16 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd 7.47 Gb Total Physical Memory | 5.49 Gb Available Physical Memory | 73.43% Memory free 14.97 Gb Paging File | 12.48 Gb Available in Paging File | 83.34% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 672.80 Gb Total Space | 538.16 Gb Free Space | 79.99% Space Free | Partition Type: NTFS Drive D: | 25.07 Gb Total Space | 2.97 Gb Free Space | 11.84% Space Free | Partition Type: NTFS Computer Name: LAPTOP-PC | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{55FDCDA6-8A8D-4279-AB44-47ED514419D0}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{AEEC24FD-9AF9-4EA8-BC1E-CEE9158EB29F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{050095B0-95B1-4F64-B8A8-9166D6FD3B0F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{0A01AE66-F0BE-463B-9FF6-7CBB16D1FD76}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe | "{0AE85121-D5B4-49FC-9B25-5847489BE778}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{1522A2BD-FC43-4EBA-995C-8CD052230375}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{173E009D-107A-4A86-B8B8-9260F031045F}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{184A15BC-D2E3-4ACF-99C0-A6883B67F6EE}" = dir=in | name=skype | "{191487FE-D290-4C6D-BE29-896BB8402A76}" = dir=out | name=windows_ie_ac_001 | "{197F6DDB-087F-4609-8565-3D73AACFBE5F}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{1C3A0ECE-5B79-4E42-9742-D59B38FAE0A2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{1D1CA0AD-8F9F-4CF6-AF0C-BDA2449C3D2F}" = dir=in | name=print experience | "{1DE62FC5-AFA8-4E05-A290-693077FE8EF3}" = dir=in | name=ebay | "{2A025A9E-DC7E-4645-A1C2-194BE4E7D960}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe | "{2E633D72-17DE-4F8A-8FCE-5828301718A0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{385B613A-B54F-4BD2-8271-E38DF0E2BA76}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe | "{39E1514F-83CB-4845-AA9A-EB6BD494E0E7}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{3F921D53-93B0-4694-A5A6-85F28410EB9C}" = protocol=17 | dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe | "{46F6ECC1-6398-41AF-8B4F-D3D979AF8B3E}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe | "{55F8BCDD-48C6-47E1-9E6B-6D50122923A6}" = dir=out | name=microsoft solitaire collection | "{60560A85-C141-47EA-87A6-B29B3F54B30F}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{659ED486-1639-49D1-9693-F05E54BD7AF3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{67379F6C-FD79-4DAF-AC4A-29D0E94CA8C5}" = dir=out | name=getting started with windows 8 | "{693DEDD8-7B54-4904-B787-6CD5D06DDCE1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{6DBD83D1-5D78-4513-9B73-1AFB7147FB62}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{741F4A7A-D6F0-4FD0-82D7-5ED0B04AD00D}" = dir=out | name=microsoft mahjong | "{76F77B70-C3FC-443A-BBD2-317E21AAAB45}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{77AE9FFF-4EF8-4DAE-AB20-D9351B052F7F}" = dir=in | name=kindle | "{79C81208-3084-409E-9EB6-3D60E558D609}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{84286311-7645-421C-9D90-137B8F465CAF}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{847D5B62-101C-464E-8831-C3E7844DA776}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{852C4426-8B44-4C69-86D0-8FE3C30B18B9}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{88D52F1C-9181-4555-A90C-252EB5A35D8B}" = dir=out | name=ebay | "{8F9BE69F-ADC8-45D2-80EE-F4E82A14DED8}" = dir=out | name=hp connected photo powered by snapfish | "{9BC539F4-9232-450E-BD02-01F883F197A5}" = protocol=6 | dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe | "{A089C02E-394A-443A-9266-F081E0A951A5}" = dir=out | name=norton studio | "{A366950C-F03F-4FDE-A668-585DDAE51E1D}" = dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe | "{AF977333-1A18-463B-A99A-5B2D3028C1F8}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{B2CE3989-93AA-4A37-ABE9-2C646F81191B}" = dir=out | name=skype | "{B4768D35-7A30-47F5-A670-09A820E2DD7E}" = dir=out | name=netflix | "{BB0C6C25-9AB5-4307-A4BD-1DF39A8CBEE2}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{C142E764-C093-4DDF-AE09-D79AD8890654}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{C39BFC1D-5361-407E-A45D-9CBC8A63B43F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe | "{CEBBCB61-E20E-4D6B-AD7E-8AFF00AD39A1}" = dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe | "{D1ED3A1E-F015-41EA-B2E4-450E3D1993F6}" = dir=out | name=print experience | "{D306F9E8-4746-4952-B079-B9E31D6CC7B5}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{D6C86523-01A4-481E-8421-966534749700}" = dir=out | name=hp+ | "{DAFC3D02-3E55-4633-B3FD-E2472E890262}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{DD2EB370-245C-4E95-A4DB-CCB640C34504}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{E578975C-4D3C-4F1C-B70C-5922180D084F}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{E89D7035-2CCB-4CF4-85A9-A1EA68E10687}" = dir=out | name=kindle | "{E9A5D866-466E-4261-89FB-45163AD98C6A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{EBAF5A53-14EB-402A-AFCC-9E36D59E4651}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{EEBA5997-3AC8-4E90-98A0-9254A54331EB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{F07D05F0-9831-42F2-8189-3751ED799346}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{F0E4D61B-3A4A-47CD-95DF-B2A8CF134862}" = dir=out | name=hp registration | "{FECA595C-5DBD-4A4E-80A7-4D21F24AFE44}" = dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{08F2724F-3B6A-91BD-E63F-1B9F8463D097}" = AMD Accelerated Video Transcoding "{0FA995CC-C849-4755-B14B-5404CC75DC24}" = Energy Star "{14D155F8-40FC-F843-30C6-8776BF5CEBAA}" = AMD Fuel "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{58BC91D0-42E7-125D-F9B6-F2F5C0CDB096}" = Ralink Bluetooth Stack64 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A257DDD7-AFD4-ABEA-0F67-9C3930091B19}" = ccc-utility64 "{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}" = AMD Catalyst Install Manager "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service "{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream "{F244D07D-1876-4CDD-914D-214E15A8D327}" = HP 3D DriveGuard "CCleaner" = CCleaner "SynTPDeinstKey" = Synaptics Pointing Device Driver "VLC media player" = VLC media player 2.0.5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{097CB5A1-D19E-F62A-6400-91DBF8D97B17}" = CCC Help Turkish "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C57987A-A03A-4B95-A309-D23F78F406CA}" = HP Utility Center "{0DCCD5F4-29E7-4AA0-8C1D-F8E1503B91F4}" = Catalyst Control Center - Branding "{0EF2A1AF-6F24-FD4B-3140-3656CC9A6BEC}" = CCC Help Italian "{11230C68-9248-D3B8-A0C5-0461D8C0691E}" = CCC Help Dutch "{16B7BDA1-B967-4D2D-8B27-E12727C28350}" = HP CoolSense "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}" = HP Documentation "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{29A6A747-07ED-DB5E-AD38-5F66B06E8888}" = CCC Help Russian "{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8 "{2BE3A1BC-D155-1D32-9080-685C54689C34}" = CCC Help Korean "{2F413B34-8C18-328C-E68C-0332AB527CFF}" = CCC Help Czech "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D062C86-0CCA-8F10-A575-3564BD50372C}" = Catalyst Control Center Graphics Previews Common "{3E2D81D1-5FEE-6E90-2E0C-B8C15F05237A}" = CCC Help Norwegian "{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support "{47B3FDA1-E7F2-D3C3-0970-B9916C5530F3}" = AMD VISION Engine Control Center "{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4ED7050C-9332-4FB2-AB07-E94F25A53D39}" = HP Quick Launch "{528AB81B-D65A-4AB0-A2B6-82B51A087D01}" = HP Recovery Manager "{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013 "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5CBA9A98-4CAE-92DC-4662-A77268EE1D04}" = CCC Help English "{5F1C0CF4-49C6-B096-0F72-AA2C319BBEE0}" = CCC Help German "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{650AA9FB-CA49-A284-8E13-F3732CC20D9A}" = Catalyst Control Center Localization All "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6DF0DAF1-BED0-F5BB-B96E-10AA15DF65E7}" = CCC Help Swedish "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.0.0 "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73AD6CBA-D50D-F30C-E579-14389FF41D1D}" = Catalyst Control Center InstallProxy "{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7AF962CF-7018-C589-8439-EA7C9F2FA200}" = CCC Help Danish "{7BB80D45-4024-2E0C-FC0D-45A319CD3F99}" = CCC Help Thai "{835B275B-F29B-464B-BD4B-097FD55FAB0A}" = HP Software Framework "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup "{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT3290 802.11bgn Wi-Fi Adapter "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{941DE69D-6CEE-4171-8F1F-3D7E352AA498}" = HP Wireless Button Driver "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office "{95A762D1-99E7-F428-99B3-E3CC636C48D9}" = CCC Help Hungarian "{96DAE3D0-5008-F1FC-186D-0B364071C98C}" = CCC Help French "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B42457E-3781-7293-5643-C722BA43397E}" = CCC Help Greek "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C35EDE5-4B0F-45E7-A438-314BA889948E}" = HP MyRoom "{9C9744E5-2BB7-4042-BD1C-8A339480A08C}" = TouchFreeze "{9E2BCF78-EDAD-A8BC-123D-10E0D9234753}" = CCC Help Chinese Traditional "{9FEDC691-A307-D525-7D71-EDB97240CFF3}" = CCC Help Chinese Standard "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB1F1677-926B-894A-A890-56A3FCD9794B}" = CCC Help Finnish "{ACC5984D-6859-874C-B939-058DED2692FA}" = CCC Help Portuguese "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10 "{B8019B54-F9BE-490A-9619-6D06F18F129F}" = HP Support Assistant "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard "{C458E818-0B4F-C961-AFDF-29F172EE5A1B}" = CCC Help Spanish "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E175B925-538F-6D69-A9C9-4D0699648752}" = CCC Help Japanese "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E46BF405-4ADF-36F4-A0EA-EF4CDF1A21E6}" = CCC Help Polish "{F05CE84D-4C4C-4EA7-840B-BAB0C72B60E2}" = Machete Lite 3.8 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Foxit Reader_is1" = Foxit Reader "Google Chrome" = Google Chrome "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10 "InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8 "InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector "InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10 "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Mozilla Firefox 20.0 (x86 en-US)" = Mozilla Firefox 20.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NST" = Norton Identity Safe "SearchProtect" = Search Protect by conduit "Speed Test Analysis" = Speed Test Analysis "StartHPConnectedMusic" = HP Connected Music (Meridian - installer) "WildTangent hp Master Uninstall" = HP Games "WildTangent wildgames Master Uninstall" = WildTangent Games "WinLiveSuite" = Windows Live Essentials "WTA-10b065a3-0440-455e-acd1-f012702b6303" = Crazy Chicken Soccer "WTA-1d8a611e-f5bf-4a1a-8c7e-c9b5de7e0cf8" = Letters from Nowhere 2 "WTA-265b5af6-9a2b-47ae-b299-eac4b72a5203" = Bejeweled 3 "WTA-2798fa44-35c5-4b44-b78e-6e094c2a2631" = Zuma's Revenge "WTA-27cf4df1-84c2-408e-9e55-82f29abfdd00" = Polar Bowler "WTA-326a5f5f-653f-49fa-b9e2-6cb144b74704" = Roads of Rome 3 "WTA-32c2b46a-b9ae-4564-a40f-ed32bc409819" = 7 Wonders II "WTA-3565a268-2bb9-4976-91f6-0d57ff237d07" = FlatOut 2 "WTA-529b80d3-5221-46e6-84c6-2f497e5c2c33" = Luxor Evolved "WTA-657d3f13-9f44-4c83-ae66-87a3ef709d92" = Final Drive Fury "WTA-685edaff-7172-47da-bd98-d1c96b8971d9" = Jewel Match 3 "WTA-79d0fa23-978e-48f9-83fd-8662c887d07a" = Chuzzle Deluxe "WTA-9290cc9e-60c6-4de3-94d2-daeb2280e02f" = John Deere Drive Green "WTA-afa4f8ec-d8c6-4af7-9d8f-de15336eb227" = Trinklit Supreme "WTA-b0c2be9b-ba00-44d0-b282-96229e931afe" = The Treasures of Mystery Island: The Ghost Ship "WTA-b0e27fcf-8b24-429e-8433-507cc7d28ee2" = Aloha TriPeaks "WTA-beb8302b-0624-469a-a995-679a9bb17ef6" = Build-a-lot 4 - Power Source "WTA-c987238a-35bf-4b3f-864e-364f136acd50" = Cradle of Rome 2 "WTA-cddbd586-8086-4b46-9f0d-86166f088bb5" = Penguins! "WTA-d551f653-77e1-44b4-b387-f5f872d3c80e" = Farm Frenzy "WTA-dbeab373-7889-4d43-9551-a7b568662c34" = Mahjongg Dimensions Deluxe: Tiles in Time "WTA-dd426649-2172-42c7-bbeb-2f3e0da25a1e" = Governor of Poker 2 Premium Edition "WTA-e21096ad-7f6b-4f24-a8e8-f1e4d4f498f6" = Hoyle Card Games "WTA-e279fad3-a89c-4727-af87-de32b54539d6" = 4 Elements II "WTA-ee6252db-b583-42e2-b1f3-7aa5083cea6e" = Peggle Nights "WTA-ff1acb51-2d0f-4455-ba10-678179df88b1" = Polar Golfer ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2013-04-15 9:51:50 AM | Computer Name = Laptop-pc | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 15647 Error - 2013-04-16 10:48:55 AM | Computer Name = Laptop-pc | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 2013-04-16 10:48:55 AM | Computer Name = Laptop-pc | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 15538 Error - 2013-04-16 10:48:55 AM | Computer Name = Laptop-pc | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 15538 Error - 2013-04-16 11:10:44 AM | Computer Name = Laptop-pc | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 2013-04-16 11:10:44 AM | Computer Name = Laptop-pc | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1323638 Error - 2013-04-16 11:10:44 AM | Computer Name = Laptop-pc | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1323638 Error - 2013-04-16 1:55:37 PM | Computer Name = Laptop-pc | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 2013-04-16 1:55:37 PM | Computer Name = Laptop-pc | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 15585 Error - 2013-04-16 1:55:37 PM | Computer Name = Laptop-pc | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 15585 [ System Events ] Error - 2013-04-05 3:38:09 PM | Computer Name = Laptop-pc | Source = Microsoft-Windows-Kernel-Boot | ID = 29 Description = Error - 2013-04-05 3:38:40 PM | Computer Name = Laptop-pc | Source = EventLog | ID = 6008 Description = The previous system shutdown at 3:32:31 PM on ?2013-?04-?05 was unexpected. Error - 2013-04-05 3:38:55 PM | Computer Name = LAPTOP-PC | Source = BugCheck | ID = 1001 Description = Error - 2013-04-05 11:07:47 PM | Computer Name = Laptop-pc | Source = EventLog | ID = 6008 Description = The previous system shutdown at 5:38:40 PM on ?2013-?04-?05 was unexpected. Error - 2013-04-07 10:48:52 AM | Computer Name = Laptop-pc | Source = EventLog | ID = 6008 Description = The previous system shutdown at 4:27:15 PM on ?2013-?04-?06 was unexpected. Error - 2013-04-07 10:49:30 AM | Computer Name = Laptop-pc | Source = DCOM | ID = 10016 Description = Error - 2013-04-08 10:34:38 PM | Computer Name = Laptop-pc | Source = EventLog | ID = 6008 Description = The previous system shutdown at 12:02:26 PM on ?2013-?04-?08 was unexpected. Error - 2013-04-09 12:39:23 AM | Computer Name = Laptop-pc | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 2013-04-09 12:39:37 AM | Computer Name = Laptop-pc | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 2013-04-09 12:40:37 AM | Computer Name = Laptop-pc | Source = Service Control Manager | ID = 7032 Description = The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: %%1056 < End of report > Thank you!