Jump to content

ANGELIC_MIRACLE

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Results of screen317's Security Check version 0.99.73 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! GFI Software VIPRE Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 25 Google Chrome 28.0.1500.95 Google Chrome 29.0.1547.57 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 3% ````````````````````End of Log``````````````````````
  2. OK I ran MB and removed everything, the computer seems to be running good now.
  3. My browser speed has seemed to pick itself up and lately I have been having problems with my modem resetting itself usually about 7-10 times a day, but it hasn't happened since yesterday. I'm guessing I should remove selected, and it will make everything even better? Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.08.30.09 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16660Laura :: LAURA-PC [administrator] 8/30/2013 6:35:47 PMMBAM-log-2013-08-30 (18-46-31).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 243205Time elapsed: 8 minute(s), 31 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 1HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken. Registry Values Detected: 2HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data: -> No action taken.HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data: C:\Program Files\Updater By SweetPacks\Firefox -> No action taken. Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 2C:\Users\Laura\AppData\Roaming\player (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images (PUP.Optional.VPLMedia.A) -> No action taken. Files Detected: 40C:\Users\Allyssa\AppData\Local\Temp\SecondStepInstaller.exe (PUP.Optional.Conduit) -> No action taken.C:\Users\Allyssa\Local Settings\Temporary Internet Files\Content.IE5\W09MO7IE\iLividSetupV1.exe (PUP.Optional.Bandoo) -> No action taken.C:\Users\Laura\AppData\Roaming\player\playlist.vpl (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\config.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_103.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_11.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_120.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_121.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_122.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_123.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_124.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_125.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_126.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_127.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_136.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_137.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_140.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_141.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_149.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_150.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_160.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_165.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_181.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_191.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_193.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_199.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_200.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_201.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_204.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_219.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_221.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_224.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_268.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_28.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_34.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_37.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_49.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_57.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_86.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\Laura\AppData\Roaming\player\images\channel_ld_99.png (PUP.Optional.VPLMedia.A) -> No action taken. (end)
  4. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.5 (08.28.2013:1) OS: Windows 7 Home Premium x64 Ran by Laura on Fri 08/30/2013 at 18:01:56.11 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1449767166-2851449438-3801735097-1000\Software\Microsoft\Internet Explorer\Main\\Start Page ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\stronghold online backup Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\tuguu sl Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\updater by sweetpacks Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\uniblue Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550155995562} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660066226658} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660166996662} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{77777777-7777-7777-7777-770077227758} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440144994462} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550155995562} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660066226658} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660166996662} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{77777777-7777-7777-7777-770077227758} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440144994462} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3030623 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3287819 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550155995562} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660066226658} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660166996662} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{77777777-7777-7777-7777-770077227758} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440144994462} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\4aSkPlay_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\4aSkPlay_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550155995562} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660066226658} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660166996662} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{77777777-7777-7777-7777-770077227758} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440144994462} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\4aSkPlay_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\4aSkPlay_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{507E2261-EDE7-49BD-81E9-7991A444E2C6} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf} ~~~ Files Successfully deleted: [File] C:\Windows\syswow64\sho83BA.tmp ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\speedypc software" Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup" Successfully deleted: [Folder] "C:\Users\Laura\AppData\Roaming\searchprotect" Successfully deleted: [Folder] "C:\Users\Laura\AppData\Roaming\speedypc software" Successfully deleted: [Folder] "C:\Users\Laura\AppData\Roaming\strongvault" Successfully deleted: [Folder] "C:\Users\Laura\appdata\local\strongvault" Failed to delete: [Folder] "C:\Users\Laura\appdata\local\strongvault online backup" Successfully deleted: [Folder] "C:\Users\Laura\appdata\local\toparcadehits" Successfully deleted: [Folder] "C:\Users\Laura\appdata\local\updater19962" Failed to delete: [Folder] "C:\Program Files (x86)\strongvault online backup" Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\strongvault online backup" Successfully deleted: [Folder] "C:\ai_recyclebin" Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin" Successfully deleted: [Empty Folder] C:\Users\Laura\appdata\local\{167161DD-8E58-4D97-8E76-78A86D597BAD} Successfully deleted: [Empty Folder] C:\Users\Laura\appdata\local\{5AEA5517-E20C-4C2B-9FC4-D8948F3F85AA} Successfully deleted: [Empty Folder] C:\Users\Laura\appdata\local\{867F3C3D-8DCE-4417-B1D7-844E332D70AA} Successfully deleted: [Empty Folder] C:\Users\Laura\appdata\local\{EF65B1F8-801B-47B0-B2BB-CBD31DFB5F8B} Successfully deleted: [Empty Folder] C:\Users\Laura\appdata\local\{EF71F65D-CB4A-41B9-89A9-B0405A8C350B} Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}" ~~~ Chrome Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [blacklisted Policy] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 08/30/2013 at 18:17:02.39 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  5. # AdwCleaner v3.001 - Report created 30/08/2013 at 12:24:53 # Updated 24/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Laura - LAURA-PC # Running from : C:\Users\Laura\Downloads\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** Service Found : CltMngSvc Service Found : DefaultTabUpdate Service Found : TelevisionFanaticService ***** [ Files / Folders ] ***** File Found : C:\END File Found : C:\Users\Public\Desktop\eBay.lnk File Found : C:\Windows\System32\roboot64.exe File Found : C:\Windows\System32\Tasks\BrowserProtect File Found : C:\Windows\System32\Tasks\DSite File Found : C:\Windows\Tasks\DSite.job Folder Found : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf Folder Found : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog Folder Found C:\Program Files (x86)\Ask.com Folder Found C:\Program Files (x86)\Conduit Folder Found C:\Program Files (x86)\MyPC Backup Folder Found C:\Program Files (x86)\MyPC Backup Folder Found C:\Program Files (x86)\optimizer pro Folder Found C:\Program Files (x86)\PricePeep Folder Found C:\Program Files (x86)\RadioHoops Folder Found C:\Program Files (x86)\SearchProtect Folder Found C:\Program Files (x86)\Supreme Savings Folder Found C:\Program Files (x86)\TelevisionFanatic Folder Found C:\Program Files (x86)\tuguu sl Folder Found C:\Program Files (x86)\WinZip Registry Optimizer Folder Found C:\Program Files\DomaIQ Uninstaller Folder Found C:\ProgramData\Ask Folder Found C:\ProgramData\Babylon Folder Found C:\ProgramData\BrowserProtect Folder Found C:\ProgramData\IBUpdaterService Folder Found C:\ProgramData\Tarma Installer Folder Found C:\SearchProtect Folder Found C:\Users\Allyssa\AppData\LocalLow\AskToolbar Folder Found C:\Users\Allyssa\AppData\Roaming\SearchProtect Folder Found C:\Users\Laura\AppData\Local\Conduit Folder Found C:\Users\Laura\AppData\Local\getsavin Folder Found C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0 Folder Found C:\Users\Laura\AppData\Local\PerformerSoft Folder Found C:\Users\Laura\AppData\Local\Supreme Savings Folder Found C:\Users\Laura\AppData\Local\TelevisionFanatic Folder Found C:\Users\Laura\AppData\LocalLow\BabylonToolbar Folder Found C:\Users\Laura\AppData\LocalLow\Conduit Folder Found C:\Users\Laura\AppData\LocalLow\delta Folder Found C:\Users\Laura\AppData\LocalLow\PriceGong Folder Found C:\Users\Laura\AppData\LocalLow\RadioHoops Folder Found C:\Users\Laura\AppData\LocalLow\TelevisionFanatic Folder Found C:\Users\Laura\AppData\Roaming\Babylon Folder Found C:\Users\Laura\AppData\Roaming\Conduit Folder Found C:\Users\Laura\AppData\Roaming\DefaultTab Folder Found C:\Users\Laura\AppData\Roaming\DriverCure Folder Found C:\Users\Laura\AppData\Roaming\DSite Folder Found C:\Users\Laura\AppData\Roaming\file scout Folder Found C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect Folder Found C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\mgubdujx.default\Smartbar Folder Found C:\Users\Laura\AppData\Roaming\PerformerSoft Folder Found C:\Users\Laura\AppData\Roaming\SearchProtect Folder Found C:\Users\Laura\AppData\Roaming\SpeedAnalysis2 Folder Found C:\Users\Laura\AppData\Roaming\Systweak ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\Crossrider Key Found : HKCU\Software\AppDataLow\Software\DefaultTab Key Found : HKCU\Software\AppDataLow\Software\I Want This Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\RadioHoops Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AppDataLow\Software\Supreme Savings Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\BabSolution Key Found : HKCU\Software\BabylonToolbar Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Cr_Installer Key Found : HKCU\Software\DataMngr Key Found : HKCU\Software\Default Tab Key Found : HKCU\Software\DefaultTab Key Found : HKCU\Software\delta LTD Key Found : HKCU\Software\distromatic Key Found : HKCU\Software\dsiteproducts Key Found : HKCU\Software\e53dfd1b66abd41 Key Found : HKCU\Software\filescout Key Found : HKCU\Software\InstallCore Key Found : HKCU\Software\InstalledBrowserExtensions Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0C3110F6-A2E6-4B6F-9516-6DC345E1F7EF} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110111991162} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5D79F641-C168-40DF-A32F-BACEA7509E75} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C064CFF-2112-4120-ABB2-D50D7464D330} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C98D5B61-B0EA-4D48-9839-1079D352D880} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0C3110F6-A2E6-4B6F-9516-6DC345E1F7EF} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110111991162} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D79F641-C168-40DF-A32F-BACEA7509E75} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C064CFF-2112-4120-ABB2-D50D7464D330} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C98D5B61-B0EA-4D48-9839-1079D352D880} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKCU\Software\PerformerSoft Key Found : HKCU\Software\SearchProtect Key Found : [x64] HKCU\Software\BabSolution Key Found : [x64] HKCU\Software\BabylonToolbar Key Found : [x64] HKCU\Software\Conduit Key Found : [x64] HKCU\Software\Cr_Installer Key Found : [x64] HKCU\Software\DataMngr Key Found : [x64] HKCU\Software\Default Tab Key Found : [x64] HKCU\Software\DefaultTab Key Found : [x64] HKCU\Software\delta LTD Key Found : [x64] HKCU\Software\distromatic Key Found : [x64] HKCU\Software\dsiteproducts Key Found : [x64] HKCU\Software\filescout Key Found : [x64] HKCU\Software\InstallCore Key Found : [x64] HKCU\Software\InstalledBrowserExtensions Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : [x64] HKCU\Software\PerformerSoft Key Found : [x64] HKCU\Software\SearchProtect Key Found : HKLM\Software\Babylon Key Found : HKLM\Software\BabylonToolbar Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Found : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Found : HKLM\SOFTWARE\Classes\AppID\DealScout.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL Key Found : HKLM\SOFTWARE\Classes\b Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Key Found : HKLM\SOFTWARE\Classes\CLSID\{04D2B915-19FF-41E9-994D-95DC898BEA43} Key Found : HKLM\SOFTWARE\Classes\CLSID\{0C3110F6-A2E6-4B6F-9516-6DC345E1F7EF} Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110111991162} Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220122992262} Key Found : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D79F641-C168-40DF-A32F-BACEA7509E75} Key Found : HKLM\SOFTWARE\Classes\CLSID\{7C064CFF-2112-4120-ABB2-D50D7464D330} Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Key Found : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Found : HKLM\SOFTWARE\Classes\CLSID\{C98D5B61-B0EA-4D48-9839-1079D352D880} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F02C0832-C85C-4B93-8C6F-9DF20121A10D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0019962.BHO Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0019962.BHO.1 Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0019962.Sandbox Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0019962.Sandbox.1 Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1 Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1 Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Found : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B} Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Found : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\speedupmypc Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\DataMngr Key Found : HKLM\Software\Default Tab Key Found : HKLM\SOFTWARE\e53dfd1b66abd41 Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3193E50F-BFBF-4401-8DCB-F76C61388A4A} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94DCD413-999B-40CB-BADA-2C977D09197F} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C3110F6-A2E6-4B6F-9516-6DC345E1F7EF} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110111991162} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D79F641-C168-40DF-A32F-BACEA7509E75} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04D2B915-19FF-41E9-994D-95DC898BEA43} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C064CFF-2112-4120-ABB2-D50D7464D330} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F02C0832-C85C-4B93-8C6F-9DF20121A10D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RadioHoops Toolbar Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Supreme Savings Key Found : HKLM\Software\RadioHoops Key Found : HKLM\Software\SearchProtect Key Found : HKLM\Software\Supreme Savings Key Found : HKLM\Software\systweak Key Found : HKLM\Software\Uniblue\DriverScanner Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : [x64] HKLM\SOFTWARE\DomaIQ Key Found : [x64] HKLM\SOFTWARE\Tarma Installer Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0C3110F6-A2E6-4B6F-9516-6DC345E1F7EF}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C98D5B61-B0EA-4D48-9839-1079D352D880}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0696F815-A3A9-490A-BB14-9EC3350B1276}] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0C3110F6-A2E6-4B6F-9516-6DC345E1F7EF}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0C3110F6-A2E6-4B6F-9516-6DC345E1F7EF}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C98D5B61-B0EA-4D48-9839-1079D352D880}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0C3110F6-A2E6-4B6F-9516-6DC345E1F7EF}] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [TelevisionFanatic Browser Plugin Loader] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [TelevisionFanatic Search Scope Monitor] Value Found : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1] ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v [ File : C:\Users\Allyssa\AppData\Roaming\Mozilla\Firefox\Profiles\uhrcrb1q.default\prefs.js ] Line Found : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-[...] Line Found : user_pref("browser.search.selectedEngine", "Ask.com"); Line Found : user_pref("browser.search.order.1", "Ask.com"); Line Found : user_pref("browser.search.defaultengine", "Ask.com"); Line Found : user_pref("browser.search.defaultenginename", "Ask.com"); Line Found : user_pref("extensions.asktb.ff-original-keyword-url", ""); Line Found : user_pref("extensions.crossriderapp19962.adsOldValue", -1); -\\ Google Chrome v29.0.1547.57 [ File : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Allyssa\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [22246 octets] - [30/08/2013 12:24:53] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [22307 octets] ##########
  6. I appreciate all the help you have given me so far I will continue tomorrow. Thanks.
  7. I cant get the TFC to open it just continuously loads
  8. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013Ran by Laura (administrator) on 29-08-2013 19:56:24Running from C:\Users\Laura\DownloadsWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe(AMD) C:\Windows\system32\atieclxx.exe(Microsoft Corporation) C:\Windows\system32\WLANExt.exe(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe() C:\Users\Laura\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe(GFI Software Development Ltd.) C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe(Acer Incorporated) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe(GFI Software) C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe(Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe(sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriUp.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE(GFI Software) C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe(GFI Software Development Ltd.) C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\Mantle.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe(Strongvault LLC) C:\Program Files (x86)\Strongvault Online Backup\BackupAgent.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe(GFI Software) C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)HKLM\...\Run: [Power Management] - C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)HKLM\...\Run: [sBRegRebootCleaner] - "c:\users\laura\appdata\local\temp\Downloads\CartSdk\sbrc.exe" [x] <===== ATTENTIONHKCU\...\Run: [Facebook Update] - C:\Users\Laura\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-14] (Facebook Inc.)HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)HKCU\...\Run: [backupAgent] - C:\Program Files (x86)\Strongvault Online Backup\BackupAgent.exe [197448 2013-02-28] (Strongvault LLC)HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-06-30] (Dritek System Inc.)HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-25] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [AVG_TRAY] - "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [x]HKLM-x32\...\Run: [TelevisionFanatic Search Scope Monitor] - C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe [42536 2012-06-24] (MindSpark)HKLM-x32\...\Run: [TelevisionFanatic Browser Plugin Loader] - C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe [30096 2012-06-24] (VER_COMPANY_NAME)HKLM-x32\...\Run: [searchProtectAll] - C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [x]HKLM-x32\...\Run: [sMessaging] - C:\Users\Laura\AppData\Local\Strongvault Online Backup\SMessaging.exe [31664 2012-04-04] (Stronghold Online Backup)HKLM-x32\...\Run: [sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)HKLM-x32\...\Run: [sBAMTray] - C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe [3149704 2012-10-25] (GFI Software)HKU\Default\...\RunOnce: [scrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [154144 2010-07-29] ()HKU\Default User\...\RunOnce: [scrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [154144 2010-07-29] ()AppInit_DLLs-x32: c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll [154144 2010-07-29] ()Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnkShortcutTarget: ZooskMessenger.lnk -> C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe (No File) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com/?cid={8DCDBEA2-D20A-49B5-93C0-28C7596A01AC}&mid=fb8cf38c435e47d18d746939b21e1a25-2fd77287e851ce339daa28563171d0cd1fb624b2〈=en&ds=co011&pr=sa&d=2013-08-19 02:50:53&v=15.4.0.5&pid=safeguard&sg=0&sap=hpHKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://emachines.msn.comHKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.yahoo.com?type=293224&fr=spigot-yhp-iehttp://www.pof.com/everyoneonline.aspx?hide=1&gender=1&tuser_id=55127552&tprofile_id=50461216&age=43&c=1http://eula.mindspark.com/reset-homepage-default-search-settings/HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?affID=119666&tt=gc_&babsrc=HP_ss&mntrId=EE189439E5460625URLSearchHook: (No Name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - No FileURLSearchHook: (No Name) - {0c3110f6-a2e6-4b6f-9516-6dc345e1f7ef} - No FileSearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBoxSearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={27FE6AFA-9362-11E2-B5BF-B870F4FAF3D6}SearchScopes: HKLM-x32 - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm002YYus&ptnrS=XPxdm002YYus&si=CO77kKiD57ACFeEDQAodKymwzA&ptb=6EF9F9B2-B13C-41BF-A843-E7F8CBEF5B9F&psa=&ind=2012062409&st=sb&n=77eda2c9&searchfor={searchTerms}SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={27FE6AFA-9362-11E2-B5BF-B870F4FAF3D6}SearchScopes: HKCU - DefaultScope {39EFEA57-E38F-41A9-A9FD-18573B3AAFDC} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKCU - {39EFEA57-E38F-41A9-A9FD-18573B3AAFDC} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}SearchScopes: HKCU - {507E2261-EDE7-49BD-81E9-7991A444E2C6} URL = http://www.mysearchresults.com/search?c=3254&t=15&q={searchTerms}BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No FileBHO-x32: RadioHoops Toolbar - {0c3110f6-a2e6-4b6f-9516-6dc345e1f7ef} - C:\Program Files (x86)\RadioHoops\prxtbRadi.dll No FileBHO-x32: Supreme Savings - {11111111-1111-1111-1111-110111991162} - C:\Program Files (x86)\Supreme Savings\Supreme Savings.dll No FileBHO-x32: Drop Pad Web Backup - {25DA541F-6ACF-4052-A8AA-1D58284729C7} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)BHO-x32: Search Assistant BHO - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll (MindSpark)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Laura\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Toolbar BHO - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~2\TELEVI~2\bar\1.bin\64bar.dll (MindSpark)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll No FileToolbar: HKLM-x32 - TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)Toolbar: HKLM-x32 - RadioHoops Toolbar - {0c3110f6-a2e6-4b6f-9516-6dc345e1f7ef} - C:\Program Files (x86)\RadioHoops\prxtbRadi.dll No FileToolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileToolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileToolbar: HKCU - No Name - {0C3110F6-A2E6-4B6F-9516-6DC345E1F7EF} - No FileToolbar: HKCU - No Name - {C98D5B61-B0EA-4D48-9839-1079D352D880} - No FileHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)Winsock: Catalog9 01 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 02 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 03 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 04 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 15 C:\Windows\system32\Sendori.dll File Not found ()Tcpip\Parameters: [DhcpNameServer] 24.159.193.40 24.205.224.36 68.190.192.35 FireFox:========FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @TelevisionFanatic.com/Plugin - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll (MindSpark)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Laura\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Laura\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] C:\Program Files\Updater By SweetPacks\FirefoxFF HKLM-x32\...\Firefox\Extensions: [64ffxtbr@TelevisionFanatic.com] C:\Program Files (x86)\TelevisionFanatic\bar\1.binFF Extension: TelevisionFanatic - C:\Program Files (x86)\TelevisionFanatic\bar\1.binFF HKLM-x32\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] C:\Program Files\Updater By SweetPacks\Firefox Chrome: =======CHR RestoreOnStartup: "urls_to_restore_on_startup": nullCHR DefaultSearchURL: (Yahoo!) - http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=293224&p={searchTerms}CHR DefaultSuggestURL: (Yahoo!) - http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No FileCHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\Astrology_4a\bar\1.bin\NP4aStub.dll No FileCHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll (MindSpark)CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No FileCHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (Unity Player) - C:\Users\Laura\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Laura\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No FileCHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)CHR Extension: (Google Docs) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0CHR Extension: (Google Drive) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (Speed Analysis 2) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.4_0CHR Extension: (Web Backup Drop Pad) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\hacjidbllfnlecmikihhjphlicpbepih\1.0.0_0CHR Extension: (Cool Smiley Bar for Facebook) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.5_0CHR Extension: (Chrome In-App Payments service) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0CHR Extension: (Gmail) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0CHR HKLM-x32\...\Chrome\Extension: [dgjkhjdcljddbedokogakmmdjgnbeanf] - C:\Users\Laura\AppData\Roaming\SpeedAnalysis2\speedanalysis.crxCHR HKLM-x32\...\Chrome\Extension: [hacjidbllfnlecmikihhjphlicpbepih] - C:\Program Files (x86)\Strongvault Online Backup\DropPad.crxCHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Laura\AppData\Local\Wajam\Chrome\wajam.crxCHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\Laura\AppData\Roaming\PlusWinks\pluswinks.crx ==================== Services (Whitelisted) ================= R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.)R2 DefaultTabUpdate; C:\Users\Laura\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2013-04-02] ()R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [872552 2011-05-10] (Acer Incorporated)R2 gfi_lanss10_attservice; C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe [115568 2012-10-24] (GFI Software Development Ltd.)R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [39528 2011-01-17] (Acer Incorporated)R2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)R2 SBAMSvc; C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [3677000 2012-10-25] (GFI Software)R2 SBPIMSvc; C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [175496 2012-10-25] (GFI Software)R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori)R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori)S2 TelevisionFanaticService; C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe [42504 2012-06-24] (COMPANYVERS_NAME)S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [x] ==================== Drivers (Whitelisted) ==================== R3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)S3 L1C; system32\DRIVERS\L1C62x64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-29 19:00 - 2013-08-29 19:00 - 00017544 _____ C:\Users\Laura\Desktop\attach.txt2013-08-29 19:00 - 2013-08-29 18:59 - 00020286 _____ C:\Users\Laura\Desktop\dds.txt2013-08-29 18:58 - 2013-08-29 18:58 - 00688992 ____R (Swearware) C:\Users\Laura\Downloads\dds.com2013-08-29 18:53 - 2013-08-29 18:53 - 00002402 _____ C:\Users\Laura\Desktop\RKreport[0]_S_08292013_185344.txt2013-08-29 18:49 - 2013-08-29 19:56 - 00000000 ____D C:\Users\Laura\Desktop\RK_Quarantine2013-08-29 18:49 - 2013-08-29 18:49 - 03771904 _____ C:\Users\Laura\Downloads\RogueKillerX64.exe2013-08-29 17:25 - 2012-07-19 20:44 - 00699536 _____ (MindSpark) C:\Program Files (x86)\4aUninstall Astrology.dll2013-08-29 17:25 - 2012-07-19 20:44 - 00172448 _____ () C:\Program Files (x86)\4ares.dll2013-08-29 01:07 - 2013-08-29 01:07 - 00000000 ____D C:\FRST2013-08-28 19:39 - 2013-08-28 19:39 - 00201216 _____ C:\ProgramData\qfpgsrv.exe2013-08-28 17:12 - 2013-08-28 17:16 - 00000000 ____D C:\ProgramData\sipi2013-08-19 06:34 - 2013-08-19 06:34 - 00000000 ____D C:\Users\Laura\AppData\Roaming\WinRAR2013-08-19 05:59 - 2013-08-29 17:08 - 00000000 ____D C:\Program Files (x86)\WinRAR2013-08-19 05:40 - 2013-08-19 05:40 - 00000000 ____D C:\Users\Laura\AppData\Roaming\PowerISO2013-08-19 05:11 - 2013-08-19 05:11 - 00000000 ___RH C:\Users\Public\Documents\NTIMMV9P.dll2013-08-19 05:07 - 2013-08-19 05:07 - 399693105 _____ C:\Windows\MEMORY.DMP2013-08-19 05:07 - 2013-08-19 05:07 - 00707560 _____ C:\Windows\Minidump\081913-33275-01.dmp2013-08-19 04:18 - 2013-08-19 04:18 - 00000000 ____D C:\Users\Laura\AppData\Roaming\ATI2013-08-19 04:18 - 2013-08-19 04:18 - 00000000 ____D C:\Users\Laura\AppData\Local\ATI2013-08-19 03:12 - 2013-08-19 05:15 - 00000000 ____D C:\Users\Laura\AppData\Local\Performersoft2013-08-19 03:11 - 2013-08-19 03:11 - 00000000 ____D C:\ProgramData\IBUpdaterService2013-08-19 02:54 - 2013-08-19 05:18 - 00000000 ____D C:\Users\Laura\AppData\Local\TopArcadeHits2013-08-19 02:49 - 2013-08-19 05:17 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Systweak2013-08-19 02:49 - 2013-08-19 03:49 - 00000286 _____ C:\Windows\Tasks\DSite.job2013-08-19 02:49 - 2013-08-19 02:49 - 00003226 _____ C:\Windows\System32\Tasks\DSite2013-08-19 02:49 - 2013-08-19 02:49 - 00000000 ____D C:\Users\Laura\AppData\Roaming\DSite2013-08-15 20:58 - 2013-08-15 20:58 - 00000438 _____ C:\Windows\SysWOW64\WSCConfig.xml2013-08-15 20:54 - 2013-08-19 05:45 - 00000000 ____D C:\Users\Laura\AppData\Roaming\vlc2013-08-15 20:52 - 2013-08-29 18:47 - 00000000 ____D C:\Program Files (x86)\VideoLAN2013-08-15 19:05 - 2013-08-15 19:09 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Nico Mak Computing2013-08-15 19:05 - 2013-06-19 17:27 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe2013-08-15 19:04 - 2013-08-15 19:09 - 00000000 ____D C:\Program Files (x86)\WinZip Registry Optimizer2013-08-13 21:42 - 2013-07-26 00:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-08-13 21:42 - 2013-07-25 22:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-08-13 21:42 - 2013-07-25 22:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-08-13 21:42 - 2013-07-25 22:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-08-13 21:42 - 2013-07-25 21:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-08-13 21:41 - 2013-07-26 00:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-08-13 21:41 - 2013-07-26 00:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-08-13 21:41 - 2013-07-26 00:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-08-13 21:41 - 2013-07-26 00:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-08-13 21:41 - 2013-07-26 00:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-08-13 21:41 - 2013-07-26 00:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-08-13 21:41 - 2013-07-26 00:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-08-13 21:41 - 2013-07-26 00:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-08-13 21:41 - 2013-07-26 00:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-08-13 21:41 - 2013-07-26 00:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-08-13 21:41 - 2013-07-26 00:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-08-13 21:41 - 2013-07-26 00:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-08-13 21:41 - 2013-07-26 00:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-08-13 21:41 - 2013-07-25 22:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-08-13 21:41 - 2013-07-25 22:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-08-13 21:41 - 2013-07-25 22:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-08-13 21:41 - 2013-07-25 22:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-08-13 21:41 - 2013-07-25 22:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-08-13 21:41 - 2013-07-25 22:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-08-13 21:41 - 2013-07-25 22:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-08-13 21:41 - 2013-07-25 22:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-08-13 21:41 - 2013-07-25 22:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-08-13 21:41 - 2013-07-25 22:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-08-13 21:41 - 2013-07-25 21:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-08-13 21:41 - 2013-07-25 20:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-08-13 21:40 - 2013-07-25 22:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-08-13 21:25 - 2013-08-13 21:31 - 00000000 ____D C:\Windows\system32\MRT2013-08-13 20:00 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2013-08-13 20:00 - 2013-07-09 00:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2013-08-13 20:00 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2013-08-13 20:00 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll2013-08-13 20:00 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll2013-08-13 20:00 - 2013-07-08 23:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2013-08-13 20:00 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2013-08-13 20:00 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll2013-08-13 19:59 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL2013-08-13 19:59 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL2013-08-13 19:59 - 2013-07-18 20:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2013-08-13 19:59 - 2013-07-18 20:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2013-08-13 19:59 - 2013-07-09 00:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2013-08-13 19:59 - 2013-07-08 23:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2013-08-13 19:58 - 2013-07-09 01:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2013-08-13 19:58 - 2013-07-09 00:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2013-08-13 19:58 - 2013-07-09 00:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2013-08-13 19:58 - 2013-07-09 00:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-08-13 19:58 - 2013-07-09 00:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-08-13 19:58 - 2013-07-08 23:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-08-13 19:58 - 2013-07-08 23:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2013-08-13 19:58 - 2013-07-08 21:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2013-08-13 19:58 - 2013-07-08 21:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2013-08-13 19:58 - 2013-07-08 21:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2013-08-13 19:58 - 2013-07-08 21:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2013-08-13 19:58 - 2013-07-06 01:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2013-08-13 19:58 - 2013-06-14 23:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 _____ C:\Windows\SysWOW64\sho83BA.tmp ==================== One Month Modified Files and Folders ======= 2013-08-29 19:56 - 2013-08-29 18:49 - 00000000 ____D C:\Users\Laura\Desktop\RK_Quarantine2013-08-29 19:54 - 2013-08-29 19:54 - 01579080 _____ (Farbar) C:\Users\Laura\Downloads\FRST64.exe2013-08-29 19:37 - 2013-06-30 13:24 - 01814680 _____ C:\Windows\WindowsUpdate.log2013-08-29 19:29 - 2013-06-30 13:33 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-08-29 19:00 - 2013-08-29 19:00 - 00017544 _____ C:\Users\Laura\Desktop\attach.txt2013-08-29 18:59 - 2013-08-29 19:00 - 00020286 _____ C:\Users\Laura\Desktop\dds.txt2013-08-29 18:58 - 2013-08-29 18:58 - 00688992 ____R (Swearware) C:\Users\Laura\Downloads\dds.com2013-08-29 18:53 - 2013-08-29 18:53 - 00002402 _____ C:\Users\Laura\Desktop\RKreport[0]_S_08292013_185344.txt2013-08-29 18:49 - 2013-08-29 18:49 - 03771904 _____ C:\Users\Laura\Downloads\RogueKillerX64.exe2013-08-29 18:47 - 2013-08-15 20:52 - 00000000 ____D C:\Program Files (x86)\VideoLAN2013-08-29 18:07 - 2012-09-14 18:02 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1449767166-2851449438-3801735097-1000UA.job2013-08-29 18:07 - 2012-09-14 18:02 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1449767166-2851449438-3801735097-1000Core.job2013-08-29 17:45 - 2012-09-15 08:56 - 00000000 ____D C:\Program Files (x86)\RadioHoops2013-08-29 17:39 - 2009-07-13 23:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-08-29 17:39 - 2009-07-13 23:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-08-29 17:36 - 2013-06-30 13:33 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-08-29 17:36 - 2013-03-22 21:36 - 00000000 ____D C:\Users\Laura\AppData\Local\Strongvault Online Backup2013-08-29 17:36 - 2013-01-24 19:42 - 00000354 _____ C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job2013-08-29 17:36 - 2009-07-14 00:13 - 00780172 _____ C:\Windows\system32\PerfStringBackup.INI2013-08-29 17:31 - 2013-07-08 21:27 - 00012240 _____ C:\Windows\PFRO.log2013-08-29 17:31 - 2013-07-08 18:19 - 00006060 _____ C:\Windows\setupact.log2013-08-29 17:31 - 2013-04-02 17:51 - 00000000 ____D C:\ProgramData\Sendori2013-08-29 17:31 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-08-29 17:27 - 2011-07-31 21:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2013-08-29 17:10 - 2011-12-06 19:01 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Skype2013-08-29 17:08 - 2013-08-19 05:59 - 00000000 ____D C:\Program Files (x86)\WinRAR2013-08-29 01:07 - 2013-08-29 01:07 - 00000000 ____D C:\FRST2013-08-28 19:39 - 2013-08-28 19:39 - 00201216 _____ C:\ProgramData\qfpgsrv.exe2013-08-28 19:35 - 2011-12-01 17:55 - 00000000 ____D C:\Users\Laura\AppData\Local\VirtualStore2013-08-28 17:16 - 2013-08-28 17:12 - 00000000 ____D C:\ProgramData\sipi2013-08-26 23:55 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache2013-08-23 08:00 - 2012-03-10 11:35 - 00000000 ____D C:\Users\Laura\AppData\Local\CrashDumps2013-08-21 18:06 - 2013-06-30 13:35 - 00002192 _____ C:\Users\Public\Desktop\Google Chrome.lnk2013-08-21 01:07 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF2013-08-19 21:02 - 2012-04-22 21:37 - 00774388 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2013-08-19 06:34 - 2013-08-19 06:34 - 00000000 ____D C:\Users\Laura\AppData\Roaming\WinRAR2013-08-19 05:45 - 2013-08-15 20:54 - 00000000 ____D C:\Users\Laura\AppData\Roaming\vlc2013-08-19 05:45 - 2013-05-11 23:06 - 00000000 ____D C:\Program Files (x86)\MyPC Backup2013-08-19 05:45 - 2011-12-01 17:56 - 00000000 ___RD C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-08-19 05:40 - 2013-08-19 05:40 - 00000000 ____D C:\Users\Laura\AppData\Roaming\PowerISO2013-08-19 05:18 - 2013-08-19 02:54 - 00000000 ____D C:\Users\Laura\AppData\Local\TopArcadeHits2013-08-19 05:17 - 2013-08-19 02:49 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Systweak2013-08-19 05:16 - 2013-03-07 19:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-08-19 05:16 - 2012-02-15 06:35 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Mozilla2013-08-19 05:15 - 2013-08-19 03:12 - 00000000 ____D C:\Users\Laura\AppData\Local\Performersoft2013-08-19 05:11 - 2013-08-19 05:11 - 00000000 ___RH C:\Users\Public\Documents\NTIMMV9P.dll2013-08-19 05:07 - 2013-08-19 05:07 - 399693105 _____ C:\Windows\MEMORY.DMP2013-08-19 05:07 - 2013-08-19 05:07 - 00707560 _____ C:\Windows\Minidump\081913-33275-01.dmp2013-08-19 05:07 - 2012-10-28 14:06 - 00000000 ____D C:\Windows\Minidump2013-08-19 04:18 - 2013-08-19 04:18 - 00000000 ____D C:\Users\Laura\AppData\Roaming\ATI2013-08-19 04:18 - 2013-08-19 04:18 - 00000000 ____D C:\Users\Laura\AppData\Local\ATI2013-08-19 03:49 - 2013-08-19 02:49 - 00000286 _____ C:\Windows\Tasks\DSite.job2013-08-19 03:11 - 2013-08-19 03:11 - 00000000 ____D C:\ProgramData\IBUpdaterService2013-08-19 02:49 - 2013-08-19 02:49 - 00003226 _____ C:\Windows\System32\Tasks\DSite2013-08-19 02:49 - 2013-08-19 02:49 - 00000000 ____D C:\Users\Laura\AppData\Roaming\DSite2013-08-18 22:17 - 2013-05-25 20:23 - 00000258 __RSH C:\Users\Allyssa\ntuser.pol2013-08-18 22:17 - 2011-12-07 16:46 - 00000000 ____D C:\Users\Allyssa2013-08-16 07:28 - 2013-04-02 17:53 - 00000258 __RSH C:\Users\Laura\ntuser.pol2013-08-16 07:28 - 2011-12-01 17:53 - 00000000 ____D C:\Users\Laura2013-08-16 00:22 - 2012-04-22 21:38 - 00000000 ____D C:\Users\Laura\AppData\Roaming\SoftGrid Client2013-08-15 20:58 - 2013-08-15 20:58 - 00000438 _____ C:\Windows\SysWOW64\WSCConfig.xml2013-08-15 20:48 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Resources2013-08-15 19:09 - 2013-08-15 19:05 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Nico Mak Computing2013-08-15 19:09 - 2013-08-15 19:04 - 00000000 ____D C:\Program Files (x86)\WinZip Registry Optimizer2013-08-15 08:09 - 2013-07-13 13:36 - 00000000 ____D C:\Windows\Patches2013-08-13 21:31 - 2013-08-13 21:25 - 00000000 ____D C:\Windows\system32\MRT2013-08-13 21:25 - 2011-12-11 18:34 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2013-08-10 21:30 - 2011-07-31 22:18 - 00000000 ___RD C:\Program Files (x86)\Skype2013-08-10 21:30 - 2011-07-31 22:17 - 00000000 ____D C:\ProgramData\Skype2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 _____ C:\Windows\SysWOW64\sho83BA.tmp Files to move or delete:====================C:\ProgramData\qfpgsrv.exeC:\Users\Allyssa\AppData\Local\Temp\SecondStepInstaller.exeC:\Users\Allyssa\AppData\Local\Temp\SecurityScan_Release.exeC:\Users\Allyssa\AppData\Local\Temp\SkypeSetup.exeC:\Users\Laura\AppData\Local\Temp\BackupSetup.exeC:\Users\Laura\AppData\Local\Temp\nsoB05C.tmp.exeC:\Users\Laura\AppData\Local\Temp\oi_{50C3A812-F5B9-4289-B18D-EBD56D0D6843}.exeC:\Users\Laura\AppData\Local\Temp\oi_{5B1B3B3F-BFA4-46E7-A43E-F9FB5EA5AAB5}.exeC:\Users\Laura\AppData\Local\Temp\safeguard.exeC:\Users\Laura\AppData\Local\Temp\uninst1.exeC:\Users\Laura\AppData\Local\Temp\UNINSTALL.EXEC:\Users\Laura\AppData\Local\Temp\winziprosetup-WZRO6_20130221.exeC:\Users\Laura\AppData\Local\Temp\~nsu.tmp\Au_.exeC:\Users\Laura\AppData\Local\Temp\{9914B689-DA23-4F6F-92FF-9F0EBE288548}\ISBEW64.exeC:\Users\Laura\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskPartnerCobrandingTool.exeC:\Users\Laura\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\instApp.exeC:\Users\Laura\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exeC:\Users\Laura\AppData\Local\Temp\nsi6432.tmp\ConduitMsTimestamp.dllC:\Users\Laura\AppData\Local\Temp\nsi6432.tmp\System.dllC:\Users\Laura\AppData\Local\Temp\is357113909\AVG_Safeguard.exeC:\Users\Laura\AppData\Local\Temp\is357113909\nss_handler.exeC:\Users\Laura\AppData\Local\Temp\is357113909\OpenItSetup.exeC:\Users\Laura\AppData\Local\Temp\is357113909\rcpsetup_binstall2_binstall2.exeC:\Users\Laura\AppData\Local\Temp\is357113909\SymCCIS.dllC:\Users\Laura\AppData\Local\Temp\is357113909\Toparcadehits.exeC:\Users\Laura\AppData\Local\Temp\is357113909\uninstaller.exeC:\Users\Laura\AppData\Local\Temp\is357113909\wajam_validate.exeC:\Users\Laura\AppData\Local\Temp\is-RF0P5.tmp\jetreports.exeC:\Users\Laura\AppData\Local\Temp\Downloads\XceedZip.dllC:\Users\Laura\AppData\Local\Temp\avg_a07128\avg-secure-search-installer.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\ProgFiles\AVG SafeGuard toolbar\lip.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\ProgFiles\AVG SafeGuard toolbar\PostInstall.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\ProgFiles\AVG SafeGuard toolbar\Uninstall.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\ProgFiles\AVG SafeGuard toolbar\vprot.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\ProgFiles\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dllC:\Users\Laura\AppData\Local\Temp\avg_a07128\ConfigFiles\avguidx.dllC:\Users\Laura\AppData\Local\Temp\avg_a07128\ConfigFiles\MachineIdCreator.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\avgdttbx.dllC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\AVGRewardsWorker.dllC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\helper.dllC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\log4cplusU.dllC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\loggingserver.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\npsitesafety.dllC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\SiteSafety.dllC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exeC:\Users\Laura\AppData\Local\Temp\avg_a07128\CommonFiles\AVG SafeGuard toolbar\ViProtocol.dllC:\Users\Laura\AppData\Local\Temp\avg_a07016\avg-secure-search-installer.exeC:\Users\Laura\AppData\Local\Temp\avg_a07016\ProgFiles\AVG SafeGuard toolbar\lip.exeC:\Users\Laura\AppData\Local\Temp\avg_a07016\ProgFiles\AVG SafeGuard toolbar\PostInstall.exeC:\Users\Laura\AppData\Local\Temp\avg_a07016\ProgFiles\AVG SafeGuard toolbar\Uninstall.exeC:\Users\Laura\AppData\Local\Temp\avg_a07016\ProgFiles\AVG SafeGuard toolbar\vprot.exeC:\Users\Laura\AppData\Local\Temp\avg_a07016\ProgFiles\AVG SafeGuard toolbar\14.0.0.12\AVG SafeGuard toolbar_toolbar.dllC:\Users\Laura\AppData\Local\Temp\avg_a07016\ConfigFiles\avguidx.dllC:\Users\Laura\AppData\Local\Temp\avg_a07016\ConfigFiles\MachineIdCreator.exeC:\Users\Laura\AppData\Local\Temp\avg_a07016\CommonFiles\AVG SafeGuard toolbar\avgdttbx.dllC:\Users\Laura\AppData\Local\Temp\avg_a07016\CommonFiles\AVG SafeGuard toolbar\AVGRewardsWorker.dllC:\Users\Laura\AppData\Local\Temp\avg_a07016\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exeC:\Users\Laura\AppData\Local\Temp\avg_a07016\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exeC:\Users\Laura\AppData\Local\Temp\avg_a07016\CommonFiles\AVG SafeGuard toolbar\npsitesafety.dllC:\Users\Laura\AppData\Local\Temp\avg_a07016\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exeC:\Users\Laura\AppData\Local\Temp\avg_a07016\CommonFiles\AVG SafeGuard toolbar\SiteSafety.dllC:\Users\Laura\AppData\Local\Temp\avg_a07016\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exeC:\Users\Laura\AppData\Local\Temp\avg_a07016\CommonFiles\AVG SafeGuard toolbar\ViProtocol.dllC:\Users\Laura\AppData\Local\Temp\avg_a06100\avg-secure-search-installer.exeC:\Users\Laura\AppData\Local\Temp\avg_a06100\ProgFiles\AVG SafeGuard toolbar\lip.exeC:\Users\Laura\AppData\Local\Temp\avg_a06100\ProgFiles\AVG SafeGuard toolbar\PostInstall.exeC:\Users\Laura\AppData\Local\Temp\avg_a06100\ProgFiles\AVG SafeGuard toolbar\Uninstall.exeC:\Users\Laura\AppData\Local\Temp\avg_a06100\ProgFiles\AVG SafeGuard toolbar\vprot.exeC:\Users\Laura\AppData\Local\Temp\avg_a06100\ProgFiles\AVG SafeGuard toolbar\14.0.0.12\AVG SafeGuard toolbar_toolbar.dllC:\Users\Laura\AppData\Local\Temp\avg_a06100\ConfigFiles\avguidx.dllC:\Users\Laura\AppData\Local\Temp\avg_a06100\ConfigFiles\MachineIdCreator.exeC:\Users\Laura\AppData\Local\Temp\avg_a06100\CommonFiles\AVG SafeGuard toolbar\avgdttbx.dllC:\Users\Laura\AppData\Local\Temp\avg_a06100\CommonFiles\AVG SafeGuard toolbar\AVGRewardsWorker.dllC:\Users\Laura\AppData\Local\Temp\avg_a06100\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exeC:\Users\Laura\AppData\Local\Temp\avg_a06100\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exeC:\Users\Laura\AppData\Local\Temp\avg_a06100\CommonFiles\AVG SafeGuard toolbar\npsitesafety.dllC:\Users\Laura\AppData\Local\Temp\avg_a06100\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exeC:\Users\Laura\AppData\Local\Temp\avg_a06100\CommonFiles\AVG SafeGuard toolbar\SiteSafety.dllC:\Users\Laura\AppData\Local\Temp\avg_a06100\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exeC:\Users\Laura\AppData\Local\Temp\avg_a06100\CommonFiles\AVG SafeGuard toolbar\ViProtocol.dllC:\Users\Laura\AppData\Local\Temp\avg_a05092\avg-secure-search-installer.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\ProgFiles\AVG SafeGuard toolbar\lip.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\ProgFiles\AVG SafeGuard toolbar\PostInstall.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\ProgFiles\AVG SafeGuard toolbar\Uninstall.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\ProgFiles\AVG SafeGuard toolbar\vprot.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\ProgFiles\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dllC:\Users\Laura\AppData\Local\Temp\avg_a05092\ConfigFiles\avguidx.dllC:\Users\Laura\AppData\Local\Temp\avg_a05092\ConfigFiles\MachineIdCreator.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\avgdttbx.dllC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\AVGRewardsWorker.dllC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\helper.dllC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\log4cplusU.dllC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\loggingserver.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\npsitesafety.dllC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\SiteSafety.dllC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exeC:\Users\Laura\AppData\Local\Temp\avg_a05092\CommonFiles\AVG SafeGuard toolbar\ViProtocol.dllC:\Users\Laura\AppData\Local\Temp\A1D65DF2\x86\regsvr32.exeC:\Users\Laura\AppData\Local\Temp\A1D65DF2\x64\regsvr32.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-24 01:19 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2013Ran by Laura at 2013-08-29 20:01:00Running from C:\Users\Laura\DownloadsBoot Mode: Normal========================================================== ==================== Installed Programs ======================= Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)AMD APP SDK Runtime (Version: 2.4.650.9)AMD VISION Engine Control Center (x32 Version: 2011.0524.2352.41027)ATI Catalyst Install Manager (Version: 3.0.829.0)Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)Build-a-lot 4 - Power Source (x32 Version: 2.2.0.97)Catalyst Control Center - Branding (x32 Version: 1.00.0000)Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0524.2352.41027)Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027)Catalyst Control Center Localization All (x32 Version: 2011.0524.2352.41027)CCC Help Chinese Standard (x32 Version: 2011.0524.2351.41027)CCC Help Chinese Traditional (x32 Version: 2011.0524.2351.41027)CCC Help Czech (x32 Version: 2011.0524.2351.41027)CCC Help Danish (x32 Version: 2011.0524.2351.41027)CCC Help Dutch (x32 Version: 2011.0524.2351.41027)CCC Help English (x32 Version: 2011.0524.2351.41027)CCC Help Finnish (x32 Version: 2011.0524.2351.41027)CCC Help French (x32 Version: 2011.0524.2351.41027)CCC Help German (x32 Version: 2011.0524.2351.41027)CCC Help Greek (x32 Version: 2011.0524.2351.41027)CCC Help Hungarian (x32 Version: 2011.0524.2351.41027)CCC Help Italian (x32 Version: 2011.0524.2351.41027)CCC Help Japanese (x32 Version: 2011.0524.2351.41027)CCC Help Korean (x32 Version: 2011.0524.2351.41027)CCC Help Norwegian (x32 Version: 2011.0524.2351.41027)CCC Help Polish (x32 Version: 2011.0524.2351.41027)CCC Help Portuguese (x32 Version: 2011.0524.2351.41027)CCC Help Russian (x32 Version: 2011.0524.2351.41027)CCC Help Spanish (x32 Version: 2011.0524.2351.41027)CCC Help Swedish (x32 Version: 2011.0524.2351.41027)CCC Help Thai (x32 Version: 2011.0524.2351.41027)CCC Help Turkish (x32 Version: 2011.0524.2351.41027)ccc-utility64 (Version: 2011.0524.2352.41027)Chronicles of Albian (x32 Version: 2.2.0.95)Chuzzle Deluxe (x32 Version: 2.2.0.95)Cisco Connect (x32 Version: 1.4.11350.0)Conexant HD Audio (Version: 8.41.1.51)Cradle of Rome 2 (x32 Version: 2.2.0.95)D3DX10 (x32 Version: 15.4.2368.0902)DefaultTab (x32 Version: 2.2.3.0)DomaIQ (x32)Dora's World Adventure (x32 Version: 2.2.0.95)eaner (Version: 4.03)eBay Worldwide (x32 Version: 2.2.0409)eMachines Games (x32 Version: 1.0.2.5)eMachines Power Management (x32 Version: 6.00.3007)eMachines Recovery Management (x32 Version: 5.00.3502)eMachines Registration (x32 Version: 1.04.3502)eMachines ScreenSaver (x32 Version: 1.1.0806.2010)eMachines Updater (x32 Version: 1.02.3500)ETDWare PS/2-X64 8.0.6.0_WHQL (Version: 8.0.6.0)Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)FATE: The Cursed King (x32 Version: 2.2.0.97)Final Drive: Nitro (x32 Version: 2.2.0.95)FlashPlayer (x32 Version: 1.6.8)Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)Google Chrome (x32 Version: 29.0.1547.57)Google Update Helper (x32 Version: 1.3.21.153)Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95)Identity Card (x32 Version: 1.00.3501)InternetHelper3 Firefox Toolbar (x32 Version: 1.0.0.0)Java 7 Update 25 (x32 Version: 7.0.250)Java Auto Updater (x32 Version: 2.1.9.5)Jewel Match 3 (x32 Version: 2.2.0.97)Junk Mail filter update (x32 Version: 15.4.3502.0922)Launch Manager (x32 Version: 5.1.7)Mesh Runtime (x32 Version: 15.4.5722.2)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft .NET Framework 4 Extended (Version: 4.0.30319)Microsoft Application Error Reporting (Version: 12.0.6015.5000)Microsoft Office 2010 (x32 Version: 14.0.4763.1000)Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000)Microsoft Office Starter 2010 - English (x32 Version: 14.0.5131.5000)Microsoft Silverlight (Version: 5.1.20513.0)Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)MSVCRT (x32 Version: 15.4.2862.0708)MSVCRT_amd64 (x32 Version: 15.4.2862.0708)MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)NTI Media Maker 9 (x32 Version: 9.0.2.8942)Pando Media Booster (x32 Version: 2.6.0.7)Penguins! (x32 Version: 2.2.0.95)Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)Polar Bowler (x32 Version: 2.2.0.97)Polar Golfer (x32 Version: 2.2.0.95)PricePeep for Internet Explorer (x32 Version: 2.1.44.0)RadioHoops Toolbar (x32 Version: 6.9.0.16)Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30122)Search Protect by conduit (x32 Version: 1.5.0.71)Sendori (x32 Version: 2.0.15)Skype™ 6.7 (x32 Version: 6.7.102)Strongvault Online Backup (x32 Version: 2.1.1.0)Supreme Savings (x32 Version: 1.26.153.2)swMSM (x32 Version: 12.0.0.1)TelevisionFanatic Toolbar (x32)Times Reader (x32 Version: 2.055)Torchlight (x32 Version: 2.2.0.97)Unity Web Player (HKCU Version: )Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)Update Installer for WildTangent Games App (x32)Video Web Camera (x32 Version: 1.0.1904)VIPRE Internet Security (x32 Version: 6.1.5488)Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97)Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)Welcome Center (x32 Version: 1.02.3503)WildTangent Games App (eMachines Games) (x32 Version: 4.0.5.14)Windows Live (x32 Version: 15.4.3502.0922)Windows Live Communications Platform (x32 Version: 15.4.3502.0922)Windows Live Essentials (x32 Version: 15.4.3502.0922)Windows Live Essentials (x32 Version: 15.4.3508.1109)Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)Windows Live Installer (x32 Version: 15.4.3502.0922)Windows Live Language Selector (Version: 15.4.3508.1109)Windows Live Mail (x32 Version: 15.4.3502.0922)Windows Live Mesh (x32 Version: 15.4.3502.0922)Windows Live Messenger (x32 Version: 15.4.3502.0922)Windows Live MIME IFilter (Version: 15.4.3502.0922)Windows Live Movie Maker (x32 Version: 15.4.3502.0922)Windows Live Photo Common (x32 Version: 15.4.3502.0922)Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)Windows Live Remote Client (Version: 15.4.5722.2)Windows Live Remote Client Resources (Version: 15.4.5722.2)Windows Live Remote Service (Version: 15.4.5722.2)Windows Live Remote Service Resources (Version: 15.4.5722.2)Windows Live SOXE (x32 Version: 15.4.3502.0922)Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)Windows Live UX Platform (x32 Version: 15.4.3502.0922)Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)Windows Live Writer (x32 Version: 15.4.3502.0922)Windows Live Writer Resources (x32 Version: 15.4.3502.0922)Zuma's Revenge (x32 Version: 2.2.0.97) ==================== Restore Points ========================= 11-08-2013 05:14:37 Scheduled Checkpoint14-08-2013 02:22:23 Windows Update20-08-2013 01:54:09 Windows Update20-08-2013 13:13:49 Installed DAEMON Tools20-08-2013 13:23:46 Installed DAEMON Tools29-08-2013 22:15:31 Removed Adobe Reader X (10.1.7) MUI.29-08-2013 22:26:37 Removed Atheros Communications Inc.® AR81Family Gigabit/Fast E™=ÿ29-08-2013 22:28:34 Removed Skype™ 6.729-08-2013 23:41:56 Removed Adobe Reader X (10.1.7) MUI. ==================== Hosts content: ========================== 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\System32\ndfapi.dll [2009-07-13] (Microsoft Corporation)Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\System32\ndfapi.dll [2009-07-13] (Microsoft Corporation)Task: {0E6A7CC8-A466-467F-948E-B930770E275F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe No FileTask: {1438715C-FC8F-4E45-AB2B-CF52326D9322} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-30] (Google Inc.)Task: {24729CB4-A4A9-42D2-A690-7B75AFCF990F} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe No FileTask: {2F6CAFEE-5B15-48F8-B8A1-DA04285CE756} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe No FileTask: {493CFD74-8DAB-4696-9BFF-9F5160239E18} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1449767166-2851449438-3801735097-1000Core => C:\Users\Laura\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-14] (Facebook Inc.)Task: {49723AE3-9C1D-41D3-BF90-D712876491AE} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1449767166-2851449438-3801735097-1001 => C:\Windows\System32\portabledeviceapi.dll [2010-11-20] (Microsoft Corporation)Task: {57345DBE-4300-47EB-9A03-54B9CD5232C5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1449767166-2851449438-3801735097-1000UA => C:\Users\Laura\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-14] (Facebook Inc.)Task: {60503798-68D2-4E84-A28E-3E1A0346A528} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)Task: {73212117-8D63-41B1-9D38-8B584FA92040} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-30] (Google Inc.)Task: {795E1D9E-4448-42A3-97DC-5A8F6F491C51} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1449767166-2851449438-3801735097-1000 => C:\Windows\System32\portabledeviceapi.dll [2010-11-20] (Microsoft Corporation)Task: {8542D9AF-34C8-49C6-8CEC-0E3FAC2D2E9E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update TaskTask: {9110BE33-613D-419B-A1AA-4B50933DA7CB} - System32\Tasks\DSite => C:\Users\Laura\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE No FileTask: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\System32\srrstr.dll [2010-11-20] (Microsoft Corporation)Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2010-11-20] (Microsoft Corporation)Task: {AC8FD358-684D-43C4-A8EB-820D9A608D71} - System32\Tasks\Updater19962.exe => C:\Users\Laura\AppData\Local\Updater19962\Updater19962.exe No FileTask: {C8C33053-E041-4BED-B39F-84D2C6972734} - System32\Tasks\BrowserProtect => C:\Windows\system32\sc.exe [2009-07-13] (Microsoft Corporation)Task: {C8E3F573-8EAA-4D1E-9F9E-5F26B8796EF9} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe No FileTask: {D32228BA-929E-4806-B8AD-1E5128D7C97B} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2009-07-13] (Microsoft Corporation)Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2009-07-13] (Microsoft Corporation)Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2010-11-20] (Microsoft Corporation)Task: C:\Windows\Tasks\DSite.job => C:\Users\Laura\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXETask: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1449767166-2851449438-3801735097-1000Core.job => C:\Users\Laura\AppData\Local\Facebook\Update\FacebookUpdate.exeTask: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1449767166-2851449438-3801735097-1000UA.job => C:\Users\Laura\AppData\Local\Facebook\Update\FacebookUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\State of Michigan Job Opportunities.website:faviconAlternateDataStreams: C:\ProgramData\Temp:373E1720 ==================== Faulty Device Manager Devices ============= Name: Ethernet ControllerDescription: Ethernet ControllerClass Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors:==================Error: (08/29/2013 05:31:53 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 05:19:23 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 05:10:33 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 04:48:31 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 03:50:13 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 00:20:50 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 00:17:36 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 00:10:33 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/28/2013 09:15:37 PM) (Source: Google Update) (User: Laura-PC)Description: Network Request Error.Error: 0x80072ee7. Http status code: 0.Url=https://www.facebook.com/omaha/update.phpTrying config: source=IE, direct connection.trying CUP:WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying CUP:iexplore.Send request returned 0x80004005. Http status code 0.Trying config: source=auto, wpad=1, script=.trying CUP:WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying CUP:iexplore.Send request returned 0x80004005. Http status code 0.Trying config: source=IE, direct connection.trying CUP:WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying CUP:iexplore.Send request returned 0x80004005. Http status code 0.Trying config: source=auto, wpad=1, script=.trying CUP:WinHTTP.Send request returned 0x80072ee7 Error: (08/28/2013 07:30:11 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors:=============Error: (08/29/2013 05:41:40 PM) (Source: Service Control Manager) (User: )Description: The TelevisionFanaticService service terminated unexpectedly. It has done this 1 time(s). Error: (08/29/2013 05:41:34 PM) (Source: Service Control Manager) (User: )Description: The Search Protect by Conduit Updater service terminated unexpectedly. It has done this 1 time(s). Error: (08/29/2013 05:30:40 PM) (Source: DCOM) (User: )Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (08/29/2013 05:17:38 PM) (Source: DCOM) (User: )Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (08/29/2013 04:58:49 PM) (Source: DCOM) (User: )Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046} Error: (08/29/2013 04:58:12 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (08/29/2013 04:56:02 PM) (Source: DCOM) (User: )Description: 1084sndappv2-Service{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD} Error: (08/29/2013 04:48:16 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (08/29/2013 04:48:16 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (08/29/2013 04:48:16 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Microsoft Office Sessions:=========================Error: (08/29/2013 05:31:53 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 05:19:23 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 05:10:33 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 04:48:31 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 03:50:13 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 00:20:50 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 00:17:36 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/29/2013 00:10:33 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/28/2013 09:15:37 PM) (Source: Google Update)(User: Laura-PC)Description: Network Request Error.Error: 0x80072ee7. Http status code: 0.Url=https://www.facebook.com/omaha/update.phpTrying config: source=IE, direct connection.trying CUP:WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying CUP:iexplore.Send request returned 0x80004005. Http status code 0.Trying config: source=auto, wpad=1, script=.trying CUP:WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying CUP:iexplore.Send request returned 0x80004005. Http status code 0.Trying config: source=IE, direct connection.trying CUP:WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying WinHTTP.Send request returned 0x80072ee7. Http status code 0.trying CUP:iexplore.Send request returned 0x80004005. Http status code 0.Trying config: source=auto, wpad=1, script=.trying CUP:WinHTTP.Send request returned 0x80072ee7 Error: (08/28/2013 07:30:11 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Percentage of memory in use: 50%Total physical RAM: 2794.9 MBAvailable physical RAM: 1389.99 MBTotal Pagefile: 5587.99 MBAvailable Pagefile: 3705.84 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (eMachines) (Fixed) (Total:282.99 GB) (Free:233.56 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 7940CC6D)Partition 1: (Not Active) - (Size=15 GB) - (Type=27)Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  9. I apologize I am using a laptop mouse it didnt allow me to select all I right clicked select all this time here is the dds.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2Run by Laura at 18:58:36 on 2013-08-29Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2795.1453 [GMT -5:00].AV: GFI Software VIPRE *Enabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: GFI Software VIPRE *Enabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}FW: GFI Software VIPRE *Enabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\atieclxx.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\CxAudMsg64.exeC:\Users\Laura\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exeC:\Program Files (x86)\Launch Manager\dsiwmis.exeC:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exeC:\Program Files (x86)\Launch Manager\LMutilps32.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exeC:\Program Files (x86)\eMachines\Registration\GREGsvc.exeC:\Program Files\eMachines\eMachines Updater\UpdaterService.exeC:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Program Files (x86)\Sendori\sndappv2.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files (x86)\Sendori\SendoriSvc.exeC:\Program Files (x86)\Sendori\Sendori.Service.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Sendori\SendoriUp.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exeC:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\Mantle.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Elantech\ETDCtrl.exeC:\Program Files\eMachines\eMachines Power Management\ePowerTray.exeC:\Program Files (x86)\Strongvault Online Backup\BackupAgent.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Sendori\SendoriTray.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Launch Manager\MMDx64Fx.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exeC:\Program Files (x86)\Launch Manager\LMworker.exeC:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchIndexer.exeC:\Users\Laura\Downloads\RogueKillerX64.exeC:\Windows\system32\NOTEPAD.EXEC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: <No Name>: {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dlluURLSearchHooks: RadioHoops Toolbar: {0c3110f6-a2e6-4b6f-9516-6dc345e1f7ef} - mURLSearchHooks: RadioHoops Toolbar: {0c3110f6-a2e6-4b6f-9516-6dc345e1f7ef} - mWinlogon: Userinit = userinit.exe,BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>BHO: RadioHoops Toolbar: {0c3110f6-a2e6-4b6f-9516-6dc345e1f7ef} - BHO: Supreme Savings: {11111111-1111-1111-1111-110111991162} - BHO: Drop Pad Web Backup: {25DA541F-6ACF-4052-A8AA-1D58284729C7} - BHO: Search Assistant BHO: {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Laura\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Toolbar BHO: {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: RadioHoops Toolbar: {0C3110F6-A2E6-4B6F-9516-6DC345E1F7EF} - TB: TelevisionFanatic: {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dllTB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - TB: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dllTB: RadioHoops Toolbar: {0c3110f6-a2e6-4b6f-9516-6dc345e1f7ef} - uRun: [Facebook Update] "C:\Users\Laura\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserveruRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunuRun: [backupAgent] C:\Program Files (x86)\Strongvault Online Backup\BackupAgent.exemRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exemRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"mRun: [TelevisionFanatic Search Scope Monitor] "C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /hmRun: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exemRun: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exemRun: [sMessaging] C:\Users\Laura\AppData\Local\Strongvault Online Backup\SMessaging.exemRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [sBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe"dRun: [searchProtect] \SearchProtect\bin\cltmng.exeStartupFolder: C:\Users\Laura\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ZOOSKM~1.LNK - C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllLSP: C:\Windows\System32\Sendori.dllTCP: NameServer = 24.159.193.40 24.205.224.36 68.190.192.35TCP: Interfaces\{8A26AE4B-2908-4865-BD73-04959FB9E6AF} : DHCPNameServer = 24.159.193.40 24.205.224.36 68.190.192.35TCP: Interfaces\{8A26AE4B-2908-4865-BD73-04959FB9E6AF}\24C65756341647 : DHCPNameServer = 24.159.193.40 24.205.224.36 68.190.192.35TCP: Interfaces\{8A26AE4B-2908-4865-BD73-04959FB9E6AF}\34963736F60373131363 : DHCPNameServer = 24.159.193.40 24.205.224.36 68.190.192.35TCP: Interfaces\{8A26AE4B-2908-4865-BD73-04959FB9E6AF}\6457E6029637E6470266275656 : DHCPNameServer = 24.159.193.40 24.205.224.36 68.190.192.35TCP: Interfaces\{8A26AE4B-2908-4865-BD73-04959FB9E6AF}\7456470297F602F677E60277966696 : DHCPNameServer = 24.159.193.40 24.205.224.36 68.190.192.35TCP: Interfaces\{8A26AE4B-2908-4865-BD73-04959FB9E6AF}\7656470297F602F677E60277966696 : DHCPNameServer = 24.159.193.40 24.205.224.36 68.190.192.35TCP: Interfaces\{8A26AE4B-2908-4865-BD73-04959FB9E6AF}\B4F66716C616B6 : DHCPNameServer = 192.168.0.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllAppInit_DLLs= c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exex64-Run: [Power Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exex64-Run: [sBRegRebootCleaner] "c:\users\laura\appdata\local\temp\Downloads\CartSdk\sbrc.exe"x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R1 SbFw;SbFw;C:\Windows\System32\drivers\SbFw.sys [2013-6-29 258848]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-7-31 204288]R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2011-9-29 198784]R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Laura\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-4-2 107520]R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-7-31 353360]R2 ePowerSvc;Acer ePower Service;C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2011-9-29 872552]R2 gfi_lanss10_attservice;GFI LanGuard 10 Attendant Service;C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe [2012-10-24 115568]R2 GREGService;GREGService;C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2011-1-17 39528]R2 Live Updater Service;Live Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2011-7-31 244624]R2 SBAMSvc;VIPRE Internet Security;C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [2012-10-25 3677000]R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2012-10-24 82872]R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [2012-10-25 175496]R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200]R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-7-31 114704]R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-7-31 138024]R3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2013-6-29 39504]R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2013-6-29 120608]R3 sbwtis;sbwtis;C:\Windows\System32\drivers\sbwtis.sys [2012-10-24 86816]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-9-29 47232]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe --> C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [?]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]S2 TelevisionFanaticService;TelevisionFanaticService;C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe [2012-6-24 42504]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-7-31 246376]S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\Windows\System32\drivers\SbFwIm.sys [2013-6-29 120608]S3 sbhips;sbhips;C:\Windows\System32\drivers\sbhips.sys [2013-6-29 61216]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-3 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2013-08-29 22:25:52 699536 ----a-w- C:\Program Files (x86)\4aUninstall Astrology.dll2013-08-29 22:25:52 172448 ----a-w- C:\Program Files (x86)\4ares.dll2013-08-29 06:07:01 -------- d-----w- C:\FRST2013-08-29 00:39:16 201216 ----a-w- C:\ProgramData\qfpgsrv.exe2013-08-28 22:12:39 -------- d-----w- C:\ProgramData\sipi2013-08-21 06:07:24 -------- d-----w- C:\Users\Laura\AppData\Local\ElevatedDiagnostics2013-08-19 10:40:11 -------- d-----w- C:\Users\Laura\AppData\Roaming\PowerISO2013-08-19 09:18:48 -------- d-----w- C:\Users\Laura\AppData\Local\ATI2013-08-19 08:12:05 -------- d-----w- C:\Users\Laura\AppData\Local\Performersoft2013-08-19 08:11:45 -------- d-----w- C:\ProgramData\IBUpdaterService2013-08-19 07:54:43 -------- d-----w- C:\Users\Laura\AppData\Local\TopArcadeHits2013-08-19 07:49:30 -------- d-----w- C:\Users\Laura\AppData\Roaming\Systweak2013-08-19 07:49:06 -------- d-----w- C:\Users\Laura\AppData\Roaming\DSite2013-08-16 01:52:08 -------- d-----w- C:\Program Files (x86)\VideoLAN2013-08-16 01:50:53 -------- d-----w- C:\ProgramData\Tarma Installer2013-08-16 00:05:35 -------- d-----w- C:\Users\Laura\AppData\Roaming\Nico Mak Computing2013-08-16 00:05:19 20312 ----a-w- C:\Windows\System32\roboot64.exe2013-08-16 00:04:41 -------- d-----w- C:\Program Files (x86)\WinZip Registry Optimizer2013-08-14 02:42:09 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-08-14 02:42:09 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-08-14 02:42:06 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll2013-08-14 02:42:05 356864 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll2013-08-14 02:42:03 236032 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll2013-08-14 02:42:02 218112 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll2013-08-14 02:42:01 279040 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll2013-08-14 02:42:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-08-14 02:25:21 -------- d-----w- C:\Windows\System32\MRT2013-08-14 01:00:38 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-08-14 01:00:37 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-08-14 01:00:34 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-08-14 01:00:33 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-08-14 01:00:30 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-08-14 01:00:29 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-08-14 01:00:28 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-08-14 01:00:28 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-08-14 00:59:52 2048 ----a-w- C:\Windows\System32\tzres.dll2013-08-14 00:59:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-08-14 00:59:37 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-08-14 00:59:35 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-08-14 00:59:29 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-08-14 00:59:26 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-31 20:32:58 0 ----a-w- C:\Windows\SysWow64\sho83BA.tmp.==================== Find3M ====================.2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-07-01 16:49:06 325920 ----a-w- C:\Windows\SysWow64\Sendori.dll2013-06-29 22:48:54 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-06-29 22:48:53 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll2013-06-29 22:48:53 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll.============= FINISH: 18:59:48.83 =============== and here is the RKreport RogueKiller V8.6.7 _x64_ [Aug 28 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Laura [Admin rights]Mode : Scan -- Date : 08/29/2013 18:53:44| ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤[sUSP PATH] SMessaging.exe -- C:\Users\Laura\AppData\Local\Strongvault Online Backup\SMessaging.exe [7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 4 ¤¤¤[RUN][sUSP PATH] HKLM\[...]\Run : SBRegRebootCleaner ("c:\users\laura\appdata\local\temp\Downloads\CartSdk\sbrc.exe" [x]) -> FOUND[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : SMessaging (C:\Users\Laura\AppData\Local\Strongvault Online Backup\SMessaging.exe [7]) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 3 ¤¤¤[V1][sUSP PATH] DSite.job : C:\Users\Laura\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND[V2][sUSP PATH] DSite : C:\Users\Laura\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND[V2][sUSP PATH] Updater19962.exe : C:\Users\Laura\AppData\Local\Updater19962\Updater19962.exe - /extensionid=19962 /extensionname="Supreme Savings" /chromeid=ihkeoookbpemkdccdccdmacnidhooohk [x][x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BPVT-22ZEST0 ATA Device +++++--- User ---[MBR] 03fb63b1cf7ec6c74bfb57dcc2b82ce2[bSP] f57bc5b4d05c21b5d8ec02135f57c71a : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 289783 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_08292013_185344.txt >>
  10. DDS.txt :.=============== Created Last 30 ================.2013-08-29 22:25:52 699536 ----a-w- C:\Program Files (x86)\4aUninstall Astrology.dll2013-08-29 22:25:52 172448 ----a-w- C:\Program Files (x86)\4ares.dll2013-08-29 06:07:01 -------- d-----w- C:\FRST2013-08-29 00:39:16 201216 ----a-w- C:\ProgramData\qfpgsrv.exe2013-08-28 22:12:39 -------- d-----w- C:\ProgramData\sipi2013-08-21 06:07:24 -------- d-----w- C:\Users\Laura\AppData\Local\ElevatedDiagnostics2013-08-19 10:40:11 -------- d-----w- C:\Users\Laura\AppData\Roaming\PowerISO2013-08-19 09:18:48 -------- d-----w- C:\Users\Laura\AppData\Local\ATI2013-08-19 08:12:05 -------- d-----w- C:\Users\Laura\AppData\Local\Performersoft2013-08-19 08:11:45 -------- d-----w- C:\ProgramData\IBUpdaterService2013-08-19 07:54:43 -------- d-----w- C:\Users\Laura\AppData\Local\TopArcadeHits2013-08-19 07:49:30 -------- d-----w- C:\Users\Laura\AppData\Roaming\Systweak2013-08-19 07:49:06 -------- d-----w- C:\Users\Laura\AppData\Roaming\DSite2013-08-16 01:52:08 -------- d-----w- C:\Program Files (x86)\VideoLAN2013-08-16 01:50:53 -------- d-----w- C:\ProgramData\Tarma Installer2013-08-16 00:05:35 -------- d-----w- C:\Users\Laura\AppData\Roaming\Nico Mak Computing2013-08-16 00:05:19 20312 ----a-w- C:\Windows\System32\roboot64.exe2013-08-16 00:04:41 -------- d-----w- C:\Program Files (x86)\WinZip Registry Optimizer2013-08-14 02:42:09 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-08-14 02:42:09 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-08-14 02:42:06 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll2013-08-14 02:42:05 356864 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll2013-08-14 02:42:03 236032 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll2013-08-14 02:42:02 218112 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll2013-08-14 02:42:01 279040 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll2013-08-14 02:42:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-08-14 02:25:21 -------- d-----w- C:\Windows\System32\MRT2013-08-14 01:00:38 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-08-14 01:00:37 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-08-14 01:00:34 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-08-14 01:00:33 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-08-14 01:00:30 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-08-14 01:00:29 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-08-14 01:00:28 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-08-14 01:00:28 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-08-14 00:59:52 2048 ----a-w- C:\Windows\System32\tzres.dll2013-08-14 00:59:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-08-14 00:59:37 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-08-14 00:59:35 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-08-14 00:59:29 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-08-14 00:59:26 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-31 20:32:58 0 ----a-w- C:\Windows\SysWow64\sho83BA.tmp.==================== Find3M ====================.2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-07-01 16:49:06 325920 ----a-w- C:\Windows\SysWow64\Sendori.dll2013-06-29 22:48:54 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-06-29 22:48:53 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll2013-06-29 22:48:53 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll.============= FINISH: 18:59:48.83 =============== attach.txt : .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 12/1/2011 4:53:22 PMSystem Uptime: 8/29/2013 5:31:16 PM (1 hours ago).Motherboard: eMachines | | HM50-BZProcessor: AMD E-300 APU with Radeon HD Graphics | Socket FT1 | 1300/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 283 GiB total, 232.572 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: Description: Ethernet ControllerDevice ID: PCI\VEN_1969&DEV_1083&SUBSYS_05201025&REV_C0\4&1F5B09F0&0&00AAManufacturer: Name: Ethernet ControllerPNP Device ID: PCI\VEN_1969&DEV_1083&SUBSYS_05201025&REV_C0\4&1F5B09F0&0&00AAService: .==== System Restore Points ===================.RP106: 8/1/2013 8:08:53 AM - Scheduled CheckpointRP107: 8/11/2013 12:14:37 AM - Scheduled CheckpointRP108: 8/13/2013 9:22:23 PM - Windows UpdateRP109: 8/19/2013 8:54:09 PM - Windows UpdateRP110: 8/20/2013 8:13:49 AM - Installed DAEMON ToolsRP111: 8/20/2013 8:23:46 AM - Installed DAEMON ToolsRP112: 8/29/2013 5:15:31 PM - Removed Adobe Reader X (10.1.7) MUI.RP113: 8/29/2013 5:26:37 PM - Removed Atheros Communications Inc.® AR81Family Gigabit/Fast E™=ÿRP114: 8/29/2013 5:28:34 PM - Removed Skype™ 6.7RP115: 8/29/2013 6:41:56 PM - Removed Adobe Reader X (10.1.7) MUI..==== Installed Programs ======================.Agatha Christie - Death on the NileAMD APP SDK RuntimeAMD VISION Engine Control CenterATI Catalyst Install ManagerBejeweled 2 DeluxeBuild-a-lot 4 - Power SourceCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerChronicles of AlbianChuzzle DeluxeCisco ConnectConexant HD AudioCradle of Rome 2D3DX10DefaultTabDomaIQDora's World AdventureeBay WorldwideeMachines GameseMachines Power ManagementeMachines Recovery ManagementeMachines RegistrationeMachines ScreenSavereMachines UpdaterETDWare PS/2-X64 8.0.6.0_WHQLFacebook Video Calling 1.2.0.287FATE: The Cursed KingFinal Drive: NitroFlashPlayerGalerie de photos Windows LiveGoogle ChromeGoogle Update HelperGovernor of Poker 2 Premium EditionIdentity CardInternetHelper3 Firefox ToolbarJava 7 Update 25Java Auto UpdaterJewel Match 3Junk Mail filter updateLaunch ManagerMesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Office 2010Microsoft Office Click-to-Run 2010Microsoft Office Starter 2010 - EnglishMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Mystery of Mortlake MansionNTI Media Maker 9Pando Media BoosterPenguins!Plants vs. Zombies - Game of the YearPolar BowlerPolar GolferPricePeep for Internet ExplorerRadioHoops ToolbarRealtek USB 2.0 Card ReaderSearch Protect by conduitSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)SendoriSkype™ 6.7Strongvault Online BackupSupreme SavingsswMSMTelevisionFanatic ToolbarTimes ReaderTorchlightUnity Web PlayerUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update Installer for WildTangent Games AppVideo Web CameraVIPRE Internet SecurityVirtual Villagers 5 - New BelieversVisual Studio 2008 x64 RedistributablesWelcome CenterWildTangent Games App (eMachines Games)Windows LiveWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesZuma's Revenge.==== Event Viewer Messages From Past Week ========.8/29/2013 5:41:40 PM, Error: Service Control Manager [7034] - The TelevisionFanaticService service terminated unexpectedly. It has done this 1 time(s).8/29/2013 5:41:34 PM, Error: Service Control Manager [7034] - The Search Protect by Conduit Updater service terminated unexpectedly. It has done this 1 time(s).8/29/2013 4:58:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}8/29/2013 4:58:12 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 4:56:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service sndappv2 with arguments "-Service" in order to run the server: {B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}8/29/2013 4:48:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}8/29/2013 4:48:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}8/29/2013 4:48:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}8/29/2013 4:48:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}8/29/2013 4:48:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}8/29/2013 4:48:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}8/29/2013 4:47:11 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SbFw SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl8/29/2013 4:47:10 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.8/29/2013 4:47:03 PM, Error: Service Control Manager [7001] - The Conexant Audio Message Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 3:50:14 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 218/29/2013 3:49:53 PM, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Responder service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode.8/29/2013 3:49:53 PM, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Mapper I/O Driver service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode.8/29/2013 12:17:43 AM, Error: Service Control Manager [7038] - The PNRPsvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).8/29/2013 12:17:43 AM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service did not start due to a logon failure.8/29/2013 12:17:43 AM, Error: Service Control Manager [7000] - The Peer Name Resolution Protocol service failed to start due to the following error: The service did not start due to a logon failure.8/29/2013 12:15:30 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 12:15:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache SCDEmu spldr Wanarpv68/29/2013 12:14:04 AM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-21474672438/29/2013 12:11:39 AM, Error: Service Control Manager [7034] - The sndappv2 service terminated unexpectedly. It has done this 1 time(s).8/29/2013 12:11:38 AM, Error: Service Control Manager [7022] - The Service Sendori service hung on starting.8/28/2013 9:24:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Application Sendori service.8/28/2013 8:58:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.8/28/2013 8:56:57 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{8A26AE4B-2908-4865-BD73-04959FB9E6AF} because another computer on the network has the same name. The server could not start.8/28/2013 8:55:58 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.8/28/2013 8:45:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.8/28/2013 12:48:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.8/28/2013 11:11:09 AM, Error: Service Control Manager [7031] - The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.8/27/2013 12:00:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service..==== End Of File ===========================
  11. I recently aquired the FBI moneypak virus and I used a video on youtube to get rid of it. I don't have the screen popping up saying my computer is locked anymore but that doesn't mean the virus is completely gone, how can I be positive that the virus won't comeback and that I got rid of it completely?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.