Please Help me pup?. Malwarebytes log included I have no idea what to do.

[Holliebaker1988]

Hello I am desperate and I am happy I found this forum. So my Internet has been running very slowly yesterday my computer however is not. I decided to run a system scan with malwarebytes. I am wondering if I should click remove all or will this corrupt my computer somehow. I obviously am not hugely computer savvy and help will be appreciated including how I maybe got this and ways to prevent it in the future thank you in advance.

 

this is the log I have not removed the malaware yet

w.malwarebytes.org

 

 

 

Database version: v2013.08.11.01

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16635

Hollie :: HOLLIEANDMATTPC [administrator]

 

8/11/2013 10:34:52 AM

MBAM-log-2013-08-11 (11-34-46).txt

 

Scan type: Full scan (C:\|D:\|Q:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 373732

Time elapsed: 54 minute(s), 37 second(s)

 

Memory Processes Detected: 2

C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> 1488 -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> 3256 -> No action taken.

 

Memory Modules Detected: 7

C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

 

Registry Keys Detected: 2

HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.SearchProtect.A) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> No action taken.

 

Registry Values Detected: 2

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtectAll (PUP.Optional.SearchProtect.A) -> Data: C:\Program Files (x86)\SearchProtect\bin\cltmng.exe -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.SearchProtect.A) -> Data: C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe -> No action taken.

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 19

C:\Program Files (x86)\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken.

 

Files Detected: 72

C:\Users\Matt\AppData\Local\Temp\SecondStepInstaller.exe (PUP.Optional.Conduit) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Program Files (x86)\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken.

C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken.

 

[Maniac]

Hello Holliebaker1988! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and then post the log files in your next reply.

http://forums.malwarebytes.org/index.php?showtopic=9573

[Holliebaker1988]

thank you so much I will go and try the instructions now.

[Holliebaker1988]

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.21.2

Run by Hollie at 14:23:31 on 2013-08-11

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4044.1440 [GMT -7:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Pando Networks\Pando\Pando.exe

C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\Cricket Broadband Connect\AvqAutorun.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\windows\system32\svchost.exe -k SDRSVC

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Pando] C:\Program Files (x86)\Pando Networks\Pando\Pando.exe /Minimized

uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

uRun: [searchProtect] C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"

mRun: [{9ABA99F9-A8FE-7E89-8E99-AE8b85E9AE9B}] "C:\Program Files (x86)\Cricket Broadband Connect\AvqAutoRun.exe" "C:\Program Files (x86)\Cricket Broadband Connect\mphonetools.exe" /OnPlug=%s

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

mRun: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

dRun: [searchProtect] \SearchProtect\bin\cltmng.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{CB94DC95-4A00-4DDC-B168-87BB42B090A9} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{CB94DC95-4A00-4DDC-B168-87BB42B090A9}\3496479702F6660254577656E656D26427565602055726C696360275966496 : DHCPNameServer = 68.87.69.146 68.87.85.98

TCP: Interfaces\{CB94DC95-4A00-4DDC-B168-87BB42B090A9}\5636F6E6F6D697 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{CB94DC95-4A00-4DDC-B168-87BB42B090A9}\C696E6B6379737 : DHCPNameServer = 192.168.0.1 205.171.3.25

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-6-18 247216]

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384]

R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-4-11 93984]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-2-5 138272]

R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-6-18 139616]

R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [2013-5-18 132056]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-12-19 126392]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-19 2656280]

R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120207.003\BHDrvx64.sys [2012-2-7 1157240]

R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-2-5 167072]

R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-12-19 9216]

R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120208.002\IDSviA64.sys [2012-2-8 488568]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-2-9 77424]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-7-18 366600]

R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-12-19 38096]

R3 pneteth;PdaNet Broadband;C:\windows\System32\drivers\pneteth.sys [2012-3-3 15360]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-12-19 1109096]

R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 SymDS;Symantec Data Store;C:\windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-2-5 451192]

R3 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-2-5 1129120]

R3 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-2-5 190072]

R3 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-2-5 405624]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-12-19 57216]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-9 138152]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-2-18 138912]

S3 FlyUsb;FLY Fusion;C:\windows\System32\drivers\FlyUsb.sys [2012-9-28 24576]

S3 PTUMWBus;PANTECH USB Modem V2 Composite Device Driver;C:\windows\System32\drivers\PTUMWBus.sys [2012-9-4 71056]

S3 PTUMWCDF;PANTECH USB Modem V2 Installation CD;C:\windows\System32\drivers\PTUMWCDF.sys [2012-9-4 24976]

S3 PTUMWFLT;PTUMWNET Filter Driver;C:\windows\System32\drivers\PTUMWFLT.sys [2012-9-4 12688]

S3 PTUMWMdm;PANTECH USB Modem V2 Modem Driver;C:\windows\System32\drivers\PTUMWMdm.sys [2012-9-4 173456]

S3 PTUMWNET;PANTECH USB Modem V2 WWAN Driver;C:\windows\System32\drivers\PTUMWNET.sys [2012-9-4 144912]

S3 PTUMWVsp;PANTECH USB Modem V2 Diagnostic Port;C:\windows\System32\drivers\PTUMWVsp.sys [2012-9-4 173456]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-12-19 243712]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-9-6 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-08-11 20:15:16 941720 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8B3DE2CA-9114-46A0-A46B-6D6114C7A7EC}\gapaengine.dll

2013-08-11 20:15:09 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D66F557-F620-4730-8931-EE5DC8F8ED05}\mpengine.dll

2013-08-11 19:25:18 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2013-08-11 19:25:10 -------- d-----w- C:\Program Files\Microsoft Security Client

2013-08-11 07:47:11 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{528623DF-E7A3-4B52-9D7B-8FC75B829110}\mpengine.dll

2013-08-11 07:43:03 -------- d--h--w- C:\ProgramData\CanonIJMyPrinter

2013-08-11 05:56:18 -------- d-----w- C:\Users\Hollie\AppData\Roaming\SpeedyPC Software

2013-08-11 05:56:18 -------- d-----w- C:\Users\Hollie\AppData\Roaming\DriverCure

2013-08-11 05:55:11 -------- d-----w- C:\ProgramData\SpeedyPC Software

2013-07-28 00:57:47 -------- d-----w- C:\Users\Hollie\AppData\Local\{4A7D55CE-C3C9-4271-B405-BAF5A8CF98CC}

2013-07-19 20:21:39 -------- d-----w- C:\Users\Hollie\AppData\Local\{A1C89FA0-C2BB-41C9-A67A-9FBE209DDACC}

2013-07-15 22:37:41 -------- d-----w- C:\Users\Hollie\AppData\Local\{0C4F35FE-2356-4545-A1A9-1A6C2634A703}

.

==================== Find3M  ====================

.

2013-06-19 04:50:08 247216 ----a-w- C:\windows\System32\drivers\MpFilter.sys

2013-06-19 04:50:08 139616 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys

2013-06-12 04:33:27 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-12 04:33:27 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2013-06-11 23:43:37 1767936 ----a-w- C:\windows\SysWow64\wininet.dll

2013-06-11 23:43:00 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-06-11 23:42:58 61440 ----a-w- C:\windows\SysWow64\iesetup.dll

2013-06-11 23:42:58 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll

2013-06-11 23:26:20 2241024 ----a-w- C:\windows\System32\wininet.dll

2013-06-11 23:25:16 3958784 ----a-w- C:\windows\System32\jscript9.dll

2013-06-11 23:25:13 67072 ----a-w- C:\windows\System32\iesetup.dll

2013-06-11 23:25:13 136704 ----a-w- C:\windows\System32\iesysprep.dll

2013-06-11 22:51:45 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe

2013-06-11 22:50:58 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe

2013-06-07 03:22:18 2706432 ----a-w- C:\windows\System32\mshtml.tlb

2013-06-07 02:37:52 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb

2013-06-05 03:34:27 3153920 ----a-w- C:\windows\System32\win32k.sys

2013-06-04 06:00:13 624128 ----a-w- C:\windows\System32\qedit.dll

2013-06-04 04:53:07 509440 ----a-w- C:\windows\SysWow64\qedit.dll

.

============= FINISH: 14:24:16.95 ===============

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 2/8/2012 8:41:02 PM

System Uptime: 8/11/2013 12:41:07 AM (14 hours ago)

.

Motherboard: TOSHIBA |  | Portable PC

Processor: Intel® Pentium® CPU B960 @ 2.20GHz | CPU | 1496/1333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 581 GiB total, 531.505 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP76: 7/30/2013 6:55:37 AM - Windows Update

RP77: 8/2/2013 10:46:28 AM - Windows Update

RP78: 8/6/2013 6:51:19 PM - Windows Update

RP79: 8/10/2013 10:25:36 AM - Removed Cricket Broadband Connect

RP80: 8/10/2013 10:30:35 AM - Removed Java 7 Update 21

RP81: 8/10/2013 10:31:22 AM - Removed Java 6 Update 25

RP82: 8/10/2013 10:35:57 AM - Removed Microsoft Silverlight

RP83: 8/11/2013 12:33:41 AM - Restore Operation

RP84: 8/11/2013 12:46:25 AM - Windows Update

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.6) MUI

Amazon Links

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Bonjour

Canon Easy-PhotoPrint EX

Canon Easy-WebPrint EX

Canon MG2100 series MP Drivers

Canon MG2100 series On-screen Manual

Canon MG2100 series User Registration

Canon MP Navigator EX 5.0

Canon My Printer

Canon Solution Menu EX

Conexant HD Audio

Cricket Broadband Connect

D3DX10

Google Chrome

Google Drive

Google Toolbar for Internet Explorer

Google Update Helper

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

iTunes

Java 7 Update 21

Java Auto Updater

Java 6 Update 25

Junk Mail filter update

Label@Once 1.0

LeapFrog Connect

LeapFrog Tag Junior Plugin

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319

Mobile PhoneTools

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nikon Message Center 2

Norton Internet Security

Norton PC Checkup

Pando

PANTECH USB Modem V2

PdaNet for Android 3.25

Picasa 3

Picture Control Utility

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

QuickTime

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

RunRev LiveCode Player Browser Plugin

Scratch

Search Protect by conduit

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Stellar Phoenix Photo Recovery

Synaptics Pointing Device Driver

Toshiba App Place

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA Disc Creator

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

TOSHIBA Resolution+ Plug-in for Windows Media Player

TOSHIBA Service Station

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

TOSHIBARegistration

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)

ViewNX 2

Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0)

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

.

==== Event Viewer Messages From Past Week ========

.

8/11/2013 7:49:54 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

8/11/2013 1:02:43 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=0.0.0.0&sig=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: Network Inspection System   Update Type: Full   User: HollieandMattpc\Hollie   Current Engine Version:   Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 

8/11/2013 1:02:43 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: HollieandMattpc\Hollie   Current Engine Version:   Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 

8/11/2013 1:02:43 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: HollieandMattpc\Hollie   Current Engine Version:   Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 

8/11/2013 1:02:42 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 0.0.0.0   Error code: 0x80240022   Error description: The program can't check for definition updates. 

8/11/2013 1:02:42 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 0.0.0.0   Error code: 0x80240022   Error description: The program can't check for definition updates. 

.

==== End Of File ===========================

 

[Maniac]

Step 1

I notice that you are using more than one antivirus program.

• Microsoft Security Essentials
• Norton Internet Security

This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please uninstall one of them.

Also, please uninstall this application: Search Protect by conduit

Then reboot your system.

Step 2

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 3

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click on Delete.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[s1].txt as well.

Step 4

• Launch Malwarebytes' Anti-Malware
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 5

• Download on the desktop RogueKiller
• Quit all programs
• Start RogueKiller.exe
• Wait until Prescan has finished ...
• Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.

In your next reply, post the following log files:

• Junkware Removal Tool log
• AdwCleaner log
• Malwarebytes' Anti-Malware log
• RogueKiller log

[Holliebaker1988]

Thank you so much I am on step 2 with the junkware the black box I pressed a key and it is currently on checking modules. Am I doing this properly?

[Holliebaker1988]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.4.2 (08.11.2013:1)

OS: Windows 7 Home Premium x64

Ran by Hollie on Sun 08/11/2013 at 15:24:49.53

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\speedypc software"

Successfully deleted: [Folder] "C:\Users\Hollie\AppData\Roaming\drivercure"

Successfully deleted: [Folder] "C:\Users\Hollie\AppData\Roaming\pccustubinstaller"

Successfully deleted: [Folder] "C:\Users\Hollie\AppData\Roaming\speedypc software"

Successfully deleted: [Folder] "C:\Users\Hollie\appdata\locallow\conduit"

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{06132061-CB71-4AD4-A8D3-1EE6DEA265A8}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{0931DB1F-E392-4794-A995-589BC8D8F35E}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{09C0EAE6-B595-44BA-9106-C5DCBCF6EF71}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{0C4F35FE-2356-4545-A1A9-1A6C2634A703}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{14BFE3A3-AC23-4A83-92BD-4E01B9AF9892}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{1BE10557-5306-43E5-B782-840DD0F33C5D}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{1D313847-A724-4214-8F71-0459FE8F884D}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{1D896307-12F0-4B41-9BE7-78EF83D148FD}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{1EC5DC2F-D5F9-43CE-A44B-A7487596FCE9}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{2A2F07CA-9543-4DE7-B126-01F5EA29410E}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{340D19D0-D447-40C4-997D-BAB00A385284}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{354B5BD2-2F8C-4F16-9087-E41AA787118E}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{3607231D-D9BC-421D-82FF-E9B399C94EE0}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{399BE141-98B4-45A6-9D4A-4DC14D1E2BED}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{3AC2D659-0CEC-41D5-A0F3-FAC4FFD08B1C}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4196F870-2B8B-416C-A0A7-C3F618D2F839}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4304D47D-D0AC-400E-89D8-D1DE19613D90}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{43157BC4-DA92-4E0C-BFA4-E356D04579C7}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{45026DA0-0E48-48AE-B085-574B79F6C197}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{451FB77D-A904-49CD-A3CD-2372B3662BE3}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4A7D55CE-C3C9-4271-B405-BAF5A8CF98CC}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4C9EB16F-D86B-45ED-9538-4B02AE5F6BE7}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4D43A075-A069-4007-876B-0B6C2DD5D3EC}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4EB73EB0-F14E-4ACE-ACA8-2CA6A8408483}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4FBB3650-AEC7-4D82-AFB7-AFB60BA1472D}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{511582C2-C289-45D3-8EE4-D4B4E444B10B}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{59A43603-2670-46F2-BF77-C3B49A1A53A2}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{5AA88913-A239-43DE-9145-85D5F9F40ED5}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{61596268-2FF2-464A-8645-7A6847C9E430}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{65F4EC8D-F501-4A52-9AA8-D5111116A4F5}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{70BA61C9-3C32-4CE0-A2AE-9BA4A7460C9C}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{73E80B69-56A1-4A4C-9EC6-F9EF4F730F20}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{7E03160D-BB3B-457A-928D-41A1BC12C756}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{7F116282-4C6B-41D7-BE82-D34462A3503A}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{81C6A628-BCB3-4E4A-93DC-953EB220A82F}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{8613664D-031F-4A99-9331-CE4F8B13DB21}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{86244067-BF22-4A41-9AB4-101D30CF0E30}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{879D709A-4F9E-4345-95FC-0D4EFBDFAC64}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{8BCA4119-2B08-4963-8D34-9DA83298CF9B}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{95ACC55B-54CE-4A0B-99AF-B5366DEBEE0D}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{99E34515-CE83-4C27-A882-7922E7E913FA}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{9B201AB1-48EB-4F0A-87D4-E2397231DAE1}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{9D2EAC0B-D90D-4D3F-94B4-4C01310CB075}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{9F35DF50-BCED-4CE9-8471-5508B15EF01C}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{A1C89FA0-C2BB-41C9-A67A-9FBE209DDACC}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{A4E61DD3-DC89-41A6-953C-6C35BDD15299}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{A8D55A3C-E10B-429A-9D98-D3A0809E2139}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{A94801F2-5F7C-476B-AF20-150E7E21A0E2}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{A9CB4151-F174-41F4-A169-DD22D51937EE}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{AD71AE4C-BAC3-452C-9851-0F182824BAAB}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{AE5927E4-13C6-4EDE-A139-BB0F7D8AF992}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{B6FBD60A-1B3F-4A65-8D95-43E21BE7A449}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{BCCDA985-1990-4818-8BF8-DFDAFC42CF89}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{C375D33F-BF5D-47C7-8AFD-CB85ED65EA8D}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{C4641903-B5FD-4B12-9727-654592374E68}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{C52B3161-2102-4F08-9AD1-80A7525A9BED}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{C7C9C191-D4C0-4B4F-8F0C-B5BBAA78C76A}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{CE662C56-D2D8-4BBF-B74D-C073A701D3CE}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{CFE8FDDF-F580-4609-AF17-F18FEB5A78F7}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{D6C41110-BA19-4D88-9394-8C5926E94104}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{DD2E472B-9755-487D-9CD8-65ECB029D64D}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{DE2C3B9E-8EAC-42AC-B6FD-10C82B504C57}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{DFCEAE3E-9FAF-4635-A688-985B0048357D}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{EA48A0E2-AEA6-4ECF-AD6B-2C7D9EA9C839}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{F22E4565-6E6A-4523-8645-86307FFDB34E}

Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{FAC6D75A-6A93-42DC-8B14-20C27CB9FFD1}

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 08/11/2013 at 15:33:04.11

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Holliebaker1988]

# AdwCleaner v2.306 - Logfile created 08/11/2013 at 15:39:42

# Updated 19/07/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Hollie - HOLLIEANDMATTPC

# Boot Mode : Normal

# Running from : C:\Users\Hollie\Downloads\AdwCleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Folder Deleted : C:\Users\Matt\AppData\Local\Temp\boost_interprocess

Folder Deleted : C:\Users\Matt\AppData\Roaming\SearchProtect

 

***** [Registry] *****

 

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Software

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v10.0.9200.16635

 

[OK] Registry is clean.

 

-\\ Google Chrome v28.0.1500.95

 

File : C:\Users\Hollie\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

 

File : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [1444 octets] - [11/08/2013 15:39:17]

AdwCleaner[s1].txt - [1338 octets] - [11/08/2013 15:39:42]

 

########## EOF - C:\AdwCleaner[s1].txt - [1398 octets] ##########

[Holliebaker1988]

  Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.08.11.06

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16635

Hollie :: HOLLIEANDMATTPC [administrator]

 

8/11/2013 3:47:23 PM

mbam-log-2013-08-11 (15-47-23).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 244306

Time elapsed: 8 minute(s), 21 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 1

C:\Users\Matt\AppData\Local\Temp\SecondStepInstaller.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.

 

(end)

[Holliebaker1988]

I am getting an error trying to download roguekiller. 

[Holliebaker1988]

RogueKiller V8.6.5 _x64_ [Aug  5 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.adlice.com/forum/

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Hollie [Admin rights]

Mode : Remove -- Date : 08/11/2013 16:14:08

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 4 ¤¤¤

[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED

[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: TOSHIBA MK6475GSX +++++

--- User ---

[MBR] 1ba6e739e199dda7f7b1e6b6d476187f

[bSP] 35cff5c93c53e5a466e70c6c8ff31d64 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 594982 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1221597184 | Size: 13997 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_D_08112013_161408.txt >>

RKreport[0]_S_08112013_161354.txt

[Maniac]

How are things now?

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!