Jump to content

Updating (0,0 dns error) and error 137 for google chrome

Recommended Posts

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.17.2

Run by Ryan Dennis at 17:11:36 on 2013-04-17

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.4851 [GMT -5:00]


SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}

FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}


============== Running Processes ===============



C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\Windows\system32\svchost.exe -k NetworkService


C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService




C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Program Files (x86)\Ralink\Common\RaRegistry.exe

C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe



C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe

C:\Users\Ryan Dennis\AppData\Local\Google\Update\GoogleUpdate.exe


C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Sendori\SendoriTray.exe

C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe

C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe

C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe

C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\Sendori\sndappv2.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Users\Ryan Dennis\AppData\LocalLow\StretchClockStats\IE\StretchClockStatsUpdater.exe

C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Sendori\SendoriSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Sendori\Sendori.Service.exe


C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe


C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

C:\Program Files (x86)\Sendori\SendoriUp.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files\COMODO\COMODO Internet Security\cis.exe

C:\Program Files\Internet Explorer\iexplore.exe


C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Windows Media Player\wmpnetwk.exe


C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Windows\System32\svchost.exe -k secsvcs


C:\Program Files\Java\jre7\bin\jp2launcher.exe

C:\Program Files\Java\jre7\bin\java.exe

C:\Users\Ryan Dennis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ryan Dennis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ryan Dennis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ryan Dennis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ryan Dennis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Advanced PC Tweaker\AdvancedPCTweaker.exe

C:\Users\Ryan Dennis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe





============== Pseudo HJT Report ===============


uStart Page = hxxp://www.facebook.com/

uURLSearchHooks: RuneScape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\RuneScape\prxtbRune.dll

uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned>

mURLSearchHooks: RuneScape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\RuneScape\prxtbRune.dll

mWinlogon: Userinit = userinit.exe,

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: StretchClockStats: {6904D1AA-C3D8-479D-A0F3-F096C6690FC3} - C:\Users\Ryan Dennis\AppData\LocalLow\StretchClockStats\IE\StretchClockStats.dll

BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: RuneScape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\RuneScape\prxtbRune.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: PC Antivirus Web Protection BHO: {C11CBDA9-6702-469E-9CE1-64E3971A6B44} - C:\Program Files (x86)\PC Antivirus\pf.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

TB: RuneScape Toolbar: {A8864317-E18B-4292-99D9-E6E65AB905D3} - C:\Program Files (x86)\RuneScape\prxtbRune.dll

TB: RuneScape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\RuneScape\prxtbRune.dll

uRun: [Google Update] "C:\Users\Ryan Dennis\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIHRA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 435"

uRun: [PC Antivirus] "C:\Program Files (x86)\PC Antivirus\PCCleanerAV.exe" /minimize

mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"

mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"

mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [gbrspcontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

LSP: C:\Windows\System32\Sendori.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

TCP: NameServer =

TCP: Interfaces\{003C63EA-8AD1-4684-8AE9-9CB5D5674BF0} : NameServer =,

TCP: Interfaces\{3F9CACF0-61A2-44F4-91B8-A1F99C6F2379} : NameServer =,,

TCP: Interfaces\{3F9CACF0-61A2-44F4-91B8-A1F99C6F2379} : DHCPNameServer =

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>


============= SERVICES / DRIVERS ===============


R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-19 75904]

R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-19 38016]

R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-1-16 23176]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-1-16 699880]

R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-1-16 48360]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-5 204288]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]

R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]

R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2012-12-10 118632]

R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-3-29 70352]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-4-16 2074760]

R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]

R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-3-13 1851088]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-15 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-15 682344]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-4-19 1127448]

R2 RalinkRegistryWriter;RalinkRegistryWriter;C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [2012-5-20 372736]

R2 RalinkRegistryWriter64;RalinkRegistryWriter64;C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [2012-5-20 447488]

R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]

R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2012-12-10 14696]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2012-12-10 3569512]

R2 StretchClockStatsUpdater;StretchClockStats Updater;C:\Users\Ryan Dennis\AppData\LocalLow\StretchClockStats\IE\StretchClockStatsUpdater.exe [2012-2-27 18432]

R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-11 2923392]

R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-2-12 46136]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-15 24176]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-5-20 1860672]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-19 412776]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-4-19 38456]

S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 RaMediaServer;Ralink UPnP Media Server;C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [2012-5-20 625728]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-1-24 158928]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-9 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]


=============== Created Last 30 ================


2013-04-17 21:47:34 -------- d-----w- C:\Program Files (x86)\Advanced PC Tweaker

2013-04-16 22:52:19 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E1CE639-3D85-4206-9BDA-5D92F19B66AE}\mpengine.dll

2013-04-10 23:44:45 44032 ----a-w- C:\Windows\System32\tsgqec.dll

2013-04-10 23:44:45 3717632 ----a-w- C:\Windows\System32\mstscax.dll

2013-04-10 23:44:45 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll

2013-04-10 23:44:45 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll

2013-04-10 23:44:45 158720 ----a-w- C:\Windows\System32\aaclient.dll

2013-04-10 23:44:45 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll

2013-04-10 23:44:15 3153408 ----a-w- C:\Windows\System32\win32k.sys

2013-04-10 23:43:47 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys

2013-04-10 23:43:22 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-04-10 23:43:20 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-04-10 23:43:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-04-10 23:43:20 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-04-10 23:43:20 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-04-10 23:43:20 112640 ----a-w- C:\Windows\System32\smss.exe

2013-04-08 22:59:05 -------- d-----w- C:\Users\Ryan Dennis\AppData\Local\{DA25827D-88FA-4688-9EEC-AFA6840B3E9C}

2013-04-08 21:43:56 -------- d-s---w- C:\Windows\SysWow64\Microsoft

2013-04-06 21:45:05 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive

2013-04-06 21:45:05 -------- d-----r- C:\Users\Ryan Dennis\SkyDrive

2013-04-06 21:44:52 -------- d-----w- C:\ProgramData\Microsoft SkyDrive

2013-04-06 21:27:01 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2013-04-06 21:26:07 -------- d-----w- C:\Users\Ryan Dennis\AppData\Local\Microsoft Help

2013-04-06 19:34:43 -------- d-----w- C:\Users\Ryan Dennis\AppData\Local\{EEE7FDE3-1D94-44FC-A71F-B5FC0B382427}

2013-04-02 23:36:41 -------- d-----w- C:\Program Files (x86)\Common Files\COMODO

2013-03-28 05:36:07 -------- d-----w- C:\Users\Ryan Dennis\AppData\Local\{E5057092-E73D-4E2F-BB18-3414CBAF9C5B}

2013-03-23 22:01:17 -------- d-----w- C:\Users\Ryan Dennis\AppData\Local\{D7EE7112-75A3-4795-9451-C232E2D87D22}

2013-03-23 21:49:07 -------- d-----w- C:\Users\Ryan Dennis\AppData\Local\{A6B70E68-8E72-4C11-A4D8-8AB28EE57230}

2013-03-23 21:31:16 -------- d-----w- C:\Users\Ryan Dennis\AppData\Local\{82A5832E-75DF-4ADE-B905-0DEACD027394}

2013-03-23 21:12:35 -------- d-----w- C:\Users\Ryan Dennis\AppData\Local\{D161CAD3-6F00-41F5-9088-677985638A5E}

2013-03-19 02:40:03 6198512 ----a-w- C:\Windows\uninstac.exe

2013-03-19 02:40:02 582992 ----a-w- C:\Windows\SysWow64\sbap.dll

2013-03-19 02:40:01 415056 ----a-w- C:\Windows\SysWow64\SpursDownload.dll

2013-03-19 02:40:01 308560 ----a-w- C:\Windows\SysWow64\vipre.dll

2013-03-19 02:40:01 160768 ----a-w- C:\Windows\SysWow64\unrar.dll

2013-03-19 02:40:01 1332560 ----a-w- C:\Windows\SysWow64\sbte.dll

2013-03-19 02:39:59 -------- d-----w- C:\Users\Ryan Dennis\AppData\Roaming\AVPro

2013-03-19 02:39:59 -------- d-----w- C:\Program Files (x86)\PC Antivirus


==================== Find3M ====================


2013-03-28 21:57:46 56072 ----a-w- C:\Windows\System32\certsentry.dll

2013-03-15 20:48:18 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2013-03-15 20:48:14 1085344 ----a-w- C:\Windows\System32\npDeployJava1.dll

2013-03-13 23:27:29 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-03-13 23:27:29 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-03-13 23:27:06 15859416 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2013-03-13 23:02:44 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-13 23:02:44 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-03-13 23:02:44 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-03-12 06:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe

2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2013-01-25 03:43:04 43216 ----a-w- C:\Windows\System32\cmdcsr.dll

2013-01-25 03:43:02 461384 ----a-w- C:\Windows\System32\guard64.dll

2013-01-25 03:43:02 354752 ----a-w- C:\Windows\SysWow64\guard32.dll

2013-01-25 03:42:54 45776 ----a-w- C:\Windows\System32\cmdkbd64.dll

2013-01-25 03:42:54 326352 ----a-w- C:\Windows\System32\cmdvrt64.dll

2013-01-25 03:42:50 40656 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll

2013-01-25 03:42:50 263888 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll


============= FINISH: 17:12:47.30 ===============





DDS (Ver_2012-11-20.01)


Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 12/7/2011 10:13:08 PM

System Uptime: 4/17/2013 4:32:58 PM (1 hours ago)


Motherboard: FOXCONN | | 2AB1

Processor: AMD Phenom II X4 960T Processor | CPU 1 | 3000/200mhz


==== Disk Partitions =========================


C: is FIXED (NTFS) - 1386 GiB total, 1277.797 GiB free.

D: is FIXED (NTFS) - 11 GiB total, 1.366 GiB free.


F: is Removable

G: is Removable

H: is Removable

I: is Removable


==== Disabled Device Manager Items =============


==== System Restore Points ===================


RP210: 4/2/2013 5:31:19 PM - Windows Update

RP211: 4/6/2013 4:25:12 PM - Installed Microsoft Office Home and Student 2010

RP212: 4/6/2013 11:31:00 PM - Windows Update

RP213: 4/8/2013 4:42:35 PM - avast! Free Antivirus Setup

RP214: 4/10/2013 6:37:30 PM - Windows Update

RP215: 4/10/2013 10:23:42 PM - Windows Update

RP216: 4/16/2013 5:51:14 PM - Windows Update


==== Installed Programs ======================


Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Shockwave Player 11.6

Advanced PC Tweaker v4.2

Agatha Christie - Peril at End House

AMD Accelerated Video Transcoding


AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Fuel

AMD Media Foundation Decoders

AMD Problem Report Wizard

AMD Steady Video Plug-In

AMD VISION Engine Control Center

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Blackhawk Striker 2

Blasterball 3


Bounce Symphony

Build-a-lot 2

Cake Mania

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All


CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Comodo Dragon

COMODO Internet Security


Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Diner Dash 2 Restaurant Rescue

Dora's World Adventure

Epson Connect

Epson Customer Participation

Epson FAX Utility

Epson PC-FAX Driver


EPSON WorkForce 435 Series Printer Uninstall

EpsonNet Print

Farm Frenzy

FATE - The Traitor Soul


Glucofacts Deluxe Updater 2.0

Google Chrome

Google Earth

Google Update Helper

Hewlett-Packard ACLM.NET v1.2.1.1

HP Auto

HP Client Services

HP Customer Experience Enhancements

HP Games

HP LinkUp

HP MediaSmart/TouchSmart Netflix

HP MovieStore

HP Odometer

HP Product Detection

HP Setup

HP Setup Manager

HP Support Assistant

HP Support Information

HP Update

HP Vision Hardware Diagnostics

Hulu Desktop


HyperCam 2


Java 7 Update 17

Java 7 Update 17 (64-bit)

Java Auto Updater

Java 6 Update 39 (64-bit)

Junk Mail filter update



LightScribe System Software

LogMeIn Hamachi

Mah Jong Medley

Malwarebytes Anti-Malware version

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Starter 2010 - English

Microsoft Office Word MUI (English) 2010

Microsoft PowerPoint Viewer

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WSE 3.0 Runtime



MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mystery P.I. - Stolen in San Francisco

Namco All-Stars PAC-MAN

Norton Online Backup


Pando Media Booster

PC Cleaner AV

PDF Complete Special Edition


Plants vs. Zombies - Game of the Year

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

Poker Superstars III

Polar Bowler

Polar Golfer




Ralink 802.11n Wireless LAN Card

RealNetworks - Microsoft Visual C++ 2008 Runtime


Realtek High Definition Audio Driver

RealUpgrade 1.1

Recovery Manager

Remote Graphics Receiver

RoxioNow Player

RuneScape Toolbar

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition


Skype Click to Call

Skype™ 6.1

Slingo Supreme





TeamSpeak 3 Client

TeamViewer 7

The Elder Scrolls V: Skyrim

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update Installer for WildTangent Games App

Virtual Villagers 4 - The Tree of Life

Visual Studio 2008 x64 Redistributables

Wheel of Fortune 2

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Zinio Reader 4

Zuma Deluxe


==== Event Viewer Messages From Past Week ========


4/17/2013 4:35:23 PM, Error: Service Control Manager [7000] - The AODDriver4.1 service failed to start due to the following error: The system cannot find the file specified.

4/17/2013 4:35:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD

4/17/2013 4:35:21 PM, Error: Service Control Manager [7022] - The Service Sendori service hung on starting.

4/17/2013 4:33:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Ralink UPnP Media Server service to connect.

4/10/2013 12:03:07 AM, Error: Service Control Manager [7034] - The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).


==== End Of File ===========================

Link to post
Share on other sites

Hello ryandennis and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Step 1

Please uninstall the following applications:

Advanced PC Tweaker v4.2

PC Cleaner AV

RuneScape Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 3

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan


On completion of the scan click save log, save it to your desktop and post in your next reply


In your next reply, post the following log files:

  • Junkware Removal Tool log
  • Malwarebytes' Anti-Malware log
  • aswMBR log
  • a new fresh DDS log

Link to post
Share on other sites


Junkware Removal Tool (JRT) by Thisisu

Version: 4.8.7 (04.21.2013:1)

OS: Windows 7 Home Premium x64

Ran by Ryan Dennis on Sun 04/21/2013 at 18:15:41.69


~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\searchscopes\{536A2B60-3662-41BC-9714-77F0AEA12518}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\searchscopes\{860A062E-8B2A-480B-9F40-DA717AFA5EEF}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\searchscopes\{9DC60AF4-828E-4CE7-8F19-6AE4FCFE5734}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\searchscopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9DC60AF4-828E-4CE7-8F19-6AE4FCFE5734}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\speedypc software"

Successfully deleted: [Folder] "C:\Users\Ryan Dennis\AppData\Roaming\drivercure"

Successfully deleted: [Folder] "C:\Users\Ryan Dennis\AppData\Roaming\opencandy"

Successfully deleted: [Folder] "C:\Users\Ryan Dennis\AppData\Roaming\speedypc software"

Successfully deleted: [Folder] "C:\Users\Ryan Dennis\appdata\local\conduit"

Successfully deleted: [Folder] "C:\Users\Ryan Dennis\appdata\locallow\conduit"

Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"

Successfully deleted: [Folder] "C:\Program Files (x86)\winzip registry optimizer"

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{160EDC81-D2DC-461B-B8A8-08E72DCD9478}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{49A98006-F6B2-45AC-8C05-FCA623EF5397}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{6C0B4884-87B2-4FE8-A3FA-8C4DDEF761E5}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{77504B09-13C4-4515-AEDF-8ADFC1A22B0C}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{82A5832E-75DF-4ADE-B905-0DEACD027394}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{8415A811-585B-48CE-9C60-B7BEBEAFB861}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{8557BA1D-07C0-4D4C-BF07-D33A6D47A27E}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{8F8C5AE8-CE37-4189-811E-64081BEFEEB6}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{9DDEB362-816A-4DA4-AFE8-33045532CFBE}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{A6B70E68-8E72-4C11-A4D8-8AB28EE57230}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{A80B6B6A-9856-48EC-A10D-A56FD7BC14E2}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{D161CAD3-6F00-41F5-9088-677985638A5E}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{D7EE7112-75A3-4795-9451-C232E2D87D22}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{DA25827D-88FA-4688-9EEC-AFA6840B3E9C}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{E5057092-E73D-4E2F-BB18-3414CBAF9C5B}

Successfully deleted: [Empty Folder] C:\Users\Ryan Dennis\appdata\local\{EEE7FDE3-1D94-44FC-A71F-B5FC0B382427}

~~~ Event Viewer Logs were cleared


Scan was completed on Sun 04/21/2013 at 18:24:39.08

End of JRT log


Link to post
Share on other sites

Malwarebytes Anti-Malware


Database version: v2013.04.04.07

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Ryan Dennis :: RYANDENNIS-HP [administrator]

4/21/2013 6:33:57 PM

mbam-log-2013-04-21 (18-33-57).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 215045

Time elapsed: 3 minute(s), 11 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)


Link to post
Share on other sites

aswMBR version Copyright© 2011 AVAST Software

Run date: 2013-04-21 18:41:25


18:41:25.383 OS Version: Windows x64 6.1.7601 Service Pack 1

18:41:25.383 Number of processors: 4 586 0xA00

18:41:25.383 ComputerName: RYANDENNIS-HP UserName: Ryan Dennis

18:41:28.566 Initialize success

18:41:52.935 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000059

18:41:52.935 Disk 0 Vendor: WDC_WD15 51.0 Size: 1430799MB BusType: 11

18:41:53.028 Disk 0 MBR read successfully

18:41:53.028 Disk 0 MBR scan

18:41:53.028 Disk 0 unknown MBR code

18:41:53.044 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

18:41:53.044 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1419254 MB offset 206848

18:41:53.075 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11441 MB offset 2906840897

18:41:53.091 Disk 0 scanning C:\Windows\system32\drivers

18:41:57.864 Service scanning

18:42:08.270 Modules scanning

18:42:08.270 Disk 0 trace - called modules:

18:42:08.285 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys

18:42:08.301 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007487790]

18:42:08.301 3 CLASSPNP.SYS[fffff8800148743f] -> nt!IofCallDriver -> [0xfffffa8007288ac0]

18:42:08.301 5 amd_xata.sys[fffff880010bd8b4] -> nt!IofCallDriver -> \Device\00000059[0xfffffa80072849c0]

18:42:08.301 Scan finished successfully

18:43:25.958 Disk 0 MBR has been saved successfully to "C:\Users\Ryan Dennis\Desktop\MBR.dat"

18:43:25.958 The log file has been saved successfully to "C:\Users\Ryan Dennis\Desktop\aswMBR.txt"

Link to post
Share on other sites

We are not finish yet.

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:


* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.