Help!

[j33pfx]

The other day I was job searching and box popped up telling me I needed to upgrade my browser to IE 11 .. I tried to x it and it went away. Then I started to notice that I could not download anything and my windows update stopped working and windows defender all but vanished off my computer.... Im usually pretty good with thing like this but I couldn't figure it out. my avg and Norton and MacAfee are all out of date and could not download any trials to run. I finally took my wifes advice restarted and tried in safe mode... no dice .. but AVG allowed my to run it in safe mode.... came up with one thing .. I have the log and I'll post it for you... I also downloaded bitdefender and ran it found 4 things ... I have the logs for that too.. anyway I still could download or run windows update I looked into your site and downloaded your program and ran it on my computer and the dds.src too.. I have those logs too.. I do need some help .. I would greatly appreciate it.. 

[j33pfx]

This is the avg log: 

 

VG 2014 AntiVirus command line scanner
Copyright © 1992 - 2013 AVG Technologies
Program version 2014.0.4158, engine 2014.0.3615
Virus Database: Version 3615/6797 2013-10-31
C:\Documents and Settings\ Locked file. Not tested.
C:\hiberfil.sys Locked file. Not tested.
C:\pagefile.sys Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\DEFAULT Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\DEFAULT.LOG1 Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\DEFAULT.LOG2 Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\RegBack\DEFAULT Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\RegBack\SAM Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\RegBack\SECURITY Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\RegBack\SOFTWARE Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\RegBack\SYSTEM Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SAM Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SAM.LOG1 Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SAM.LOG2 Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SECURITY Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SECURITY.LOG1 Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SECURITY.LOG2 Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SOFTWARE Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SOFTWARE.LOG1 Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SOFTWARE.LOG2 Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SYSTEM Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SYSTEM.LOG1 Locked file. Not tested.
C:\Program Files\Windows Defender\en-US\SYSTEM.LOG2 Locked file. Not tested.
C:\Program Files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\   \...\???\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\ Locked file. Not tested.
C:\Program Files (x86)\WildTangent Games\Games\Gardenscapes\Gardenscapes-WT.exe  is OK.
C:\ProgramData\AVG\AWL2012\TTUSvc.tt Locked file. Not tested.
C:\ProgramData\Desktop\ Locked file. Not tested.
C:\ProgramData\Documents\ Locked file. Not tested.
C:\ProgramData\Favorites\ Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0052ade64555e2898f7069e688b3cd4a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\00a8b83b96cfb6030ac6e876be2dd8de_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\01a06173ea5ea5cff02c8b7fab47895a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\033aa13ae5cc9b42636680a2d3fb36b5_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\04debf6f9afa4f32880f9d38832c620c_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0504aa7854ca2cc95c907375b056b783_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\05292f0aa04eec080fa19e0ed7a56909_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\069990c6f99206489cbc566773defabb_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0736517bb50276f3578ebbbaab55e4ef_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0995db78a82c4a299852e4760912c8af_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\09fb85c8161fd70830fdbaa3e83c344b_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0a17fb3d431a414c26ad01a3dc903e32_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0bdf10636557a1a56ac0ed8b89136a68_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0bdf12191665aba6fac76a1b5b060b26_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0d33501ffa14301a533d5ac0846ec64d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0d4e3184b1444f783c177523707be8e1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0df7c7b1bc3eba1769922b619411f5c7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0e138600de7feaa6d52b083cd42af60d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0f3ef20cdfb74192ccdcf7f37dc92083_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0f5fa43f3ad88a71af9e008f2725e1a8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0fbef963566bff773c58b6ee937a0d14_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1273116792fa2001b113d308d1471d69_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1454b10a8a9fa62d19b55f322231dcea_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\14a325160fd2d3dae92cf5b193e9cf37_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\14b1c5398b031641581a7bc3111a7042_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1598624b9e66454335416364e9babdc4_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\17c7e70d88ccce79d59119d44480e0f1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1875a0a9ff2a08e09937eb6c45128f0d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\18ff33881d97f13ea2744ea5ab7acdd4_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1a7413f266a898f4017c2d8610168f0d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1aa871aae485407d7d567b103d411661_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1cff55323e1f568199a55f205593e356_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2049b73c5543b19bb6430219ddbd01dc_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\213f36e28112a57981bea3deabaf7d8d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\21c08f9a2fbe94500b2a498a8bd152cd_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\231dfafda5fe97a3e977387342b5ab4d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2378c24cc540a821a94e7535d1c8d078_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2494f25a4fae2955ddcf019ab72e4248_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2571719a3b2289e81ed89c71c996a0ec_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\259416140fb5a600cd7c1d0b57459b64_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\280cc87bb152d7851f595822c6e015ed_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2a435447a61bb140741ccfbb071e4d80_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2ac8ea320e9440265fb87959108e2d65_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2af49a1ba01b3b5f96826af276d12e58_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2c2b2fa00ed92779d446abecb6fef5ab_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2d4be2cfc2642d089f22dbe906265616_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\301e257f49dcf539887278df7b7c4522_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3195cbb4d47d9b81b4686dbc91c82733_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3296f0b583951ef080257ab28b7c308b_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\32ccfed0a597a9e29347be170e8fd781_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\33b5b8145b76eefa17b9f06633e8475e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\33dacaff576b22d1aac48bdfeb6db046_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\36a87e202871d3676fdc0714aff9c0ce_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3a077e9201342bbcf817dcf8006f1336_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3d1ed8a64021c88758a57303459065bc_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3e035958414e63624519e81a0f43edf0_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3e12a4d57f0a53001d5c3ec064bbd576_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3e2d9c576ae13aea539f88e10adfbe87_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3ebeea318e70f25bf1e25945a7256b80_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3f46fb1bd7be63f819b2186d901953a6_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4026c21adeb0b3b958c12c9c32235c08_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\403793468fe3db8a26f912b2a44af077_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\407582be2477998d73d503f8734634a1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4276097d887c66f002cf8ba1f58f532f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\440502470ac63f5bdc542cc46f43a251_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\441911c32b8302e5f01a9148602b98b9_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\44cc1ffd6958008d7ec960f41b4212d9_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\46bca71f87bab030bf6014ea1a0abfc7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\481c172264f02a84ba2c997d9cf731d2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\485fe4968e425dbe2d7faa6ce970aec8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4a6ac71b143aa3cf0f8ba789ff48a701_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4ab3896ab1e78b36cbf2c29487f19a5f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4b99139a9931adea941eb4f6e8890e6a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4d1a0b74b12efe32103c68f8724940d1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4dd35fa06e80ae40496623e0c5259fd1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4e5a134821f1982a1ecff388f646ca9a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4f996fc477bac060d89c8aa18a7e26b2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4fa13c71b1f600d64f1ab4e74f2d1c5d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\500cd8d87a7ac025667f60994ed6843e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\51ca71d149ceac7e41e0efea92998952_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\52c046204deccaaa71f7079e2ebf0ef8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\56263f36755b4b42c9a44b9453a24d9a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\562ef5908b2767b687a5fd1692ce76f3_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5675c7fad614954996c69bf1e492b9d2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5751c07613d470ac55f30a137223d8f5_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\58d72e85ae5059e55b3d8b7cbcff605d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5910322b261d02bbba5d763ab6e52990_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5a32ff568c99182facf8fdb9b8f4a0c7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5d7b8b24683f0a93aaf880c07be4c42b_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5da45a5eeb492479d501fe95ad150c58_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5f381e18b286c355b8a250c506a2b147_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5f73838e4da26b733dcbc7b2c21f8ab2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\602eec60837202e300167edca92239bb_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6125000c51dded972cea137628e89335_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6394393eec31513a9ae17f8ef9f68c0f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\63ef0d2deef236142fea8bcca4bebd73_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\64543761b0c5a59796f752b076fd5129_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\652c50697c47fe2f00ddbb81da3a8bc2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\65a343e969ef8aea98d6845b4d2f83a7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\66d1f96fc62ca36938823654404746aa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6792b122d47ae60f2ae659d853b5c991_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\69f8d977136b76781f5cc95b27285ae5_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6a5f32ebe2bfc3f73c9a20a20f4c6214_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6b1e3601a52efcaab29df5956451a6ea_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6bc370b5bd7338467710b4d8801f7e07_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6d34bddf1c524acbdd989b117cfdc7ff_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6f849d91db768c3490c4267000f2336f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6fc2b1e3eb9763ccca410a7e14820e31_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7151b0f4dcf108044baa7bdd2be0e0c2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\74f1365233b9a294a92c71d4af344ff3_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7553b9d9097a9f5851ab59fddd562cdd_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\75672ef2b53785eb2cbcb98ff2cee944_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7615d9f3d6b459020c1222c1da70091d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7794060db5a2841078950d92fb1c300f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\79bcd9547d196ce633eee7ad9b0347cb_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\79eddbb40af33af91a01c8ecf9e05bb3_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7a2e278bbed26c9c73d27cd951114e1f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7cefb28018e500e70d84a719c8303cbd_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7e6fce33ade1d06d7d456431efc08a29_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7f704dbf0a9c91671c1585dbd18f12d0_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8091a5cba378f0f2dc52061e82687e86_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\81e528ed067fe43a9f6d79abe69b0dd4_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\838c8c82cc24bccdc993018f2db8cf34_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\85b028af55f0c5031a0fc47d62fe82fd_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\87c019435d6f025d8a6fe4fbbadb72fa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\88b360f7292b15d7d33e454b112dcf16_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8967afad0cb5e886a1cc763c62846572_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\89c293db3be6fc845307479f3ea47b84_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8b37d8fdc045644763276977a55fce5f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8b82aad8bf8730c06a0b929d9eb04099_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8c8ef6f823b90962165e0cceee756f36_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8eb3b5c9e68d6e054a1f7bc667920663_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8fb6fc39534482916936ea988daddd93_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8fb9282b6bfa2e1aa42a90fa71e17bb2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8fefcb4d30bc6359122f998db3e9a5b8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\90517ef4bcbe4851c368b2f8ecd12caa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\914ef851e2689c2ff5826f7e647d4a8b_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\945780cecd8fbfefcf1ed78bb0568fc7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\94893d8ec9d1d281deb1cf35e5e01b69_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\981ca32f8606702ca32d60125934baaa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\98ade10feb4473c4d762b866a2127c38_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\99001e542e315ce9544295dd14ba67ba_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9e2c8fb5aeee424f0efa4277a83f6687_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a325813cab7f3aab808265999ba0924d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a4123f3e01cdf0fb38b723c8dcb61429_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a45591196619e69dee4821c31f9cde39_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a728cbb2d6904ab79278f3548b0f4cc6_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a760d1cb37810ef6f19d1c5a7249accf_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a84816f5e5df1cd69b08bd9e0c2ec799_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a8741e5dacf43600fb30ccae2d3ec953_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a8cbf30faa98c7ffab384bdc92d33edf_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a9319b93cf11b5055fccec790d528337_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a9de24743b408f0be320018cfd617077_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ac0adb8e138093cc9562130ee6f671a2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ac805fab991fa9f08cf6e44dfc071504_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ad346aed2943a627f1c2d2a486315b24_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\af0c338af3847a2a393128a7dbeb4f21_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\af3fb96995df982f464c3800ca212d9d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b0840331932f926e74612ce9937592fa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b2171dca852e358dea5e9299f79e9423_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b4437ea9dfa6fa8a507a7cebd288df39_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b50255b4c6176f39d205b44e218e56d7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b5975f1b953841e03477a18702793b28_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b6311ec81fe54ca2a12f2ee0941a36ca_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b80d46a5dc5238b93bea82670b6e2158_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ba92ec801a8470ed9bf7ec99b10a2a57_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bac682dc70e9414785b0309f77885820_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bb877554d899bfe68174c73f7b8caacb_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bc3e9e9af4b6d3d8564705cd7ec9a741_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bc8ce7236c06bb57ac5db53244efc169_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\be2abe0a20478e0c7714c4f641b2bf69_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\be5d5418df3776a72b284066ad4b471c_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bee818a7e65113de28710fc6988c0c4c_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bf637790a2fd36fb5597ab03c1bc8c22_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bf6b36e79deb522712f06f03f97155aa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c0608555afa03ea9f22e7b31aa626c50_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c1ea5608c1205e1bd189e0a986067f23_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c27a65e49d6935b6d905b9c28b1b179c_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c5b62278d0ba4f1a0bc0b77a022666db_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c5cab04907b8d92e0bcd3eb14d91c84a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c642df588f9a84dfc66a910fe39865c5_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c8dc62cdbd26abf64c40aad136c3b433_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c92c9980cf94d6acc0c2234367515502_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c938a60a9ffc356052fa797844c4e008_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cc51d584de449d7b1198683472943913_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ccca7b1f3700f097acdbf876de24c36d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cd3780941e83ada0ea986586cf53f47d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cd689fe19ed7ee88ed2dbf84eb7e9a4e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cff8d3d0a0197d62b2c3ed49a257eebe_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d0a9f10634b07b42afcdcb2f387ee5a8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d29165e6668cc9312a0c0465f727bb7e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d35a2843b62258f0a40bde8d3fee6d0a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d682e9d2c19b438cb377a26625773556_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d77a8216eb0402b0bdbdb48a8be62469_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d8765889364ae769a0bd61f882275cf8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d9f1bba5bd5f9da31d86e3eaa78a1d0e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\da3314e6914dc4d9144790997006b32f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\da8df1c45c33843cb43354611900767b_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\dcfcfd5368ca391b7941308daf838c74_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e0140a73fd9e4860bda349331cf6bdca_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e21f5cdf438c80d406e13691abcefcb7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e42d1529d1d93bebf5e87458a65b5ed8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e45745841f6860f78b2cc36cbfb1a0b5_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e4e747edff406f465ec11cf501604ca7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e5177d4a2726de602da5c0012e44dc8e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e51b51c89fd7486ec696e89d98d14ebf_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e958998273b5129aef140cf9f2f50f6f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ea78f60efd9d84ff977e6a44302906e9_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eaa0b615ab8bbc1872cabe13f4cbce7a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eb721cd5881a0a3b5bc83caa44fc8559_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ec1d985d9b0967659a974d9dc83604d4_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ec9b7398b96af0362f189bf4d1dff9a8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ee4433d2e5adc38dbbe584c67718ddd8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ee57162d5e9dd295e641963cff1bcaf1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eecaf54e80a95494404af121d7456a10_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f496a6aac42daef6c64950db5e442da8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f60ecd74e867fe54f7ff55ad9778b656_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f61c285073129c738f01c4b659fb8e04_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f6521065250f40704a2402a2ebb37826_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f668639e641480c13713c0e70c73f385_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f827d11daf4437b2b7f895b482a5ae9f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f855c126983108e3b04df5d21fe13306_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f8a424565dba6b8a0a6a051e96331ac8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f8d3f51530308d0d4fd55343db97a937_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fc19a273c885ca2e3dfab21ad60a2e1a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fc5db8c303bbdd687537f0f6c8d492ce_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fe711c83947bd68c0f162c49ba037229_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fef9ccbe22dcdc49a4b9ef2c4961cce1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.
C:\ProgramData\Microsoft\Windows\GameExplorer\{2b7d455e-90f0-47e0-9c27-63bc87a82570}\PlayTasks\0\Gardenscapes.lnk  is OK.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Gardenscapes.lnk  is OK.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SRTSP\LightningSand.CFD Locked file. Not tested.
C:\ProgramData\Templates\ Locked file. Not tested.
C:\System Volume Information\ Locked file. Not tested.
C:\Users\Default\AppData\Local\History\ Locked file. Not tested.
C:\Users\Default\Documents\My Music\ Locked file. Not tested.
C:\Users\Default\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Default\Documents\My Videos\ Locked file. Not tested.
C:\Users\Default\NetHood\ Locked file. Not tested.
C:\Users\Default\PrintHood\ Locked file. Not tested.
C:\Users\Default\Templates\ Locked file. Not tested.
C:\Users\Public\Documents\My Music\ Locked file. Not tested.
C:\Users\Public\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Public\Documents\My Videos\ Locked file. Not tested.
C:\Users\Shanahan\AppData\Local\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\???\???\???\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\ Locked file. Not tested.
C:\Users\Shanahan\AppData\Local\History\ Locked file. Not tested.
C:\Users\Shanahan\AppData\Local\Microsoft\CardSpace\CardSpaceSP2.db Locked file. Not tested.
C:\Users\Shanahan\AppData\Local\Microsoft\CardSpace\CardSpaceSP2.db.shadow Locked file. Not tested.
C:\Users\Shanahan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OKQSOA3X\avg_tuh_stf_all_2013_2_24c4.exe.pfbgfvh.partial Corrupted executable file
C:\Users\Shanahan\AppData\Local\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Users\Shanahan\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Locked file. Not tested.
C:\Users\Shanahan\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Locked file. Not tested.
C:\Users\Shanahan\AppData\Local\Microsoft\Windows\WebCache\V01.log Locked file. Not tested.
C:\Users\Shanahan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat Locked file. Not tested.
C:\Users\Shanahan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.tmp Locked file. Not tested.
C:\Users\Shanahan\Documents\My Music\ Locked file. Not tested.
C:\Users\Shanahan\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Shanahan\Documents\My Videos\ Locked file. Not tested.
C:\Users\Shanahan\NTUSER.DAT Locked file. Not tested.
C:\Users\Shanahan\ntuser.dat.LOG1 Locked file. Not tested.
C:\Users\Shanahan\ntuser.dat.LOG2 Locked file. Not tested.
C:\Users\Shanahan\PrintHood\ Locked file. Not tested.
C:\Users\Shanahan\Templates\ Locked file. Not tested.
C:\Windows\assembly\GAC_32\Desktop.ini Locked file. Not tested.
C:\Windows\assembly\GAC_64\Desktop.ini Locked file. Not tested.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Locked file. Not tested.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Locked file. Not tested.
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Locked file. Not tested.
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 Locked file. Not tested.
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 Locked file. Not tested.
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT Locked file. Not tested.
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 Locked file. Not tested.
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 Locked file. Not tested.
C:\Windows\System32\catroot2\edb.log Locked file. Not tested.
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Locked file. Not tested.
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Locked file. Not tested.
C:\Windows\System32\LogFiles\WMI\RtBackup\ Locked file. Not tested.
C:\Windows\SysWOW64\config\systemprofile\Documents\My Music\ Locked file. Not tested.
C:\Windows\SysWOW64\config\systemprofile\Documents\My Pictures\ Locked file. Not tested.
C:\Windows\SysWOW64\config\systemprofile\Documents\My Videos\ Locked file. Not tested.
C:\Windows\SysWOW64\config\systemprofile\My Documents\ Locked file. Not tested.
C:\Windows\SysWOW64\config\systemprofile\PrintHood\ Locked file. Not tested.
C:\Windows\SysWOW64\config\systemprofile\Recent\ Locked file. Not tested.
C:\Windows\SysWOW64\config\systemprofile\SendTo\ Locked file. Not tested.
C:\Windows\SysWOW64\config\systemprofile\Start Menu\ Locked file. Not tested.
C:\Windows\SysWOW64\config\systemprofile\Templates\ Locked file. Not tested.

------------------------------------------------------------
Test started: 14.11.2013 14:08:08
Duration of test: 1 hour(s) 5 minute(s) 4 second(s)
------------------------------------------------------------
Objects scanned     : 343347
Found infections    :  311
Found high severity :    0
Found med severity  :    1
Found info severity :  310
Fixed high severity :    0
Fixed med severity  :    1
Fixed info severity :    0
------------------------------------------------------------

[j33pfx]

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.16.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Shanahan :: SANDM [administrator]

Protection: Enabled

11/16/2013 11:31:27 AM
mbam-log-2013-11-16 (11-31-27).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 437508
Time elapsed: 1 hour(s), 7 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Shanahan\AppData\Local\Temp\ydnupgsqlliygwqnqwc.exe (Trojan.Zbot) -> Quarantined and deleted successfully.
C:\Users\Shanahan\Desktop\New folder\Downloads\FedEx mail.zip (Trojan.Email.Gen) -> Quarantined and deleted successfully.

(end)

[Maniac]

Hello j33pfx! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and then post the log files in your next reply.

http://forums.malwarebytes.org/index.php?showtopic=9573

[j33pfx]

In my previous post to yours post #3 is the results of the malwarebytes scan I have done. Below you will find the other two logs.

 

attach.txt

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/14/2010 11:15:38 PM
System Uptime: 11/16/2013 12:41:15 PM (1 hours ago)
.
Motherboard: Gateway |  | ZX4800
Processor: Pentium® Dual-Core CPU       T4400  @ 2.20GHz | CPU 1 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 685 GiB total, 561.955 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP399: 11/3/2013 9:10:32 AM - Installed Microsoft Fix it 50123
RP400: 11/3/2013 9:12:51 AM - Windows Update
RP401: 11/3/2013 9:23:00 AM - Windows Update
RP402: 11/3/2013 10:02:04 AM - Windows Update
RP403: 11/3/2013 10:03:04 AM - Installed Microsoft Fix it 50123
RP404: 11/3/2013 10:05:53 AM - Windows Update
RP405: 11/10/2013 11:02:53 AM - Scheduled Checkpoint
RP406: 11/14/2013 3:00:22 AM - Windows Update
RP407: 11/14/2013 8:45:33 AM - Windows Update
RP408: 11/14/2013 11:24:04 AM - Restore Operation
RP409: 11/15/2013 9:12:48 AM - Removed AVG 2014
RP410: 11/15/2013 9:15:53 AM - Removed AVG 2014
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
3ivx MPEG-4 5.0.3 (remove only)
Acrobat.com
Adobe AIR
Adobe Creative Cloud
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8)
Adobe Shockwave Player 12.0
Advertising Center
aioprnt
aioscnnr
AVG 2013
AVG 2014
AVG SafeGuard toolbar
Backup Assistant Plus
Backup Manager Advance
Bitdefender Antivirus Free Edition
Bonjour
C4USelfUpdater
CCleaner
center
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CyberLink MediaShow
CyberLink PowerCinema
CyberLink YouCam
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dragon Keeper
eBay Worldwide
essentials
Farmscapes
ffdshow [rev 2527] [2008-12-19]
FlipShare
Frontline Systems Premium Solver for Education V7.0
Gardenscapes
Gardenscapes: Mansion Makeover
Gateway Games
Gateway InfoCentre
Gateway MyBackup
Gateway Recovery Management
Gateway Registration
Gateway ScreenSaver
Gateway Touch Suite
Gateway Updater
Google Chrome
Google Chrome Frame
Google Toolbar for Internet Explorer
Google Update Helper
HTC Driver Installer
HTC Sync
Identity Card
ImagXpress
Intel® Graphics Media Accelerator Driver
ITECIR
Java Auto Updater
Java 6 Update 35
JMicron Flash Media Controller Driver
Junk Mail filter update
Kodak AIO Printer
KODAK AiO Software
ksDIP
LeapFrog Connect
LeapFrog Tag Plugin
Learning Lodge Navigator
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.4
Microsoft Office Office 64-bit Components 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Touch Pack for Windows 7
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft XNA Framework Redistributable 3.0
Microsoft XNA Framework Redistributable 4.0
Motorola Mobile Drivers Installation 4.7.1
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
Norton Internet Security
Norton Online Backup
Norton Security Scan
ocr
Oracle Crystal Ball
PDF Settings CC
PowerCinema Movie
PreReq
PrintProjects
Python 3.3.2 (64-bit)
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
ShopAtHome.com Toolbar
SpongeBob Diner Dash 2
SpongeBob Typing
Spotify
swMSM
System Requirements Lab
System Requirements Lab for Intel
TouchSettings
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Update Installer for WildTangent Games App
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
Verizon V CAST Media Manager
Virtual Earth 3D (Beta)
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VTech Download Agent Library
WebEx
Welcome Center
WildTangent Games
WildTangent Games App
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WModem Driver Installer
Yahoo! BrowserPlus 2.9.8
Youda Jewel Shop
.
==== Event Viewer Messages From Past Week ========
.
11/9/2013 9:02:28 AM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.2.3 with the system having network hardware address A8-26-D9-51-D7-C9. Network operations on this system may be disrupted as a result.
11/16/2013 12:55:14 PM, Error: Service Control Manager [7023]  - The Function Discovery Resource Publication service terminated with the following error:  %%-2147024891
11/16/2013 12:55:14 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:  %%-2147024891
11/16/2013 12:42:32 PM, Error: Service Control Manager [7003]  - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
11/16/2013 12:42:21 PM, Error: Service Control Manager [7023]  - The Computer Browser service terminated with the following error:  The specified service does not exist as an installed service.
11/15/2013 9:50:09 AM, Error: Service Control Manager [7000]  - The bdfwfpf service failed to start due to the following error:  The system cannot find the file specified.
11/15/2013 9:11:00 AM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.2.4 with the system having network hardware address A8-26-D9-51-D7-C9. Network operations on this system may be disrupted as a result.
11/14/2013 8:46:34 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Office Live add-in 1.5.
11/14/2013 7:16:59 PM, Error: Service Control Manager [7024]  - The AVG Firewall service terminated with service-specific error %%-536805289.
11/14/2013 7:16:35 PM, Error: Service Control Manager [7024]  - The AVGIDSAgent service terminated with service-specific error %%-536753636.
11/14/2013 7:13:04 PM, Error: Service Control Manager [7000]  - The Windows Live ID Sign-in Assistant service failed to start due to the following error:  The pipe has been ended.
11/14/2013 3:49:30 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
11/14/2013 3:49:30 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
11/14/2013 3:26:41 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}
11/14/2013 3:15:23 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
11/14/2013 2:04:51 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/14/2013 2:04:51 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/14/2013 2:04:46 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/14/2013 2:04:41 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/14/2013 2:04:33 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Avgdiska AVGIDSDriver Avgldx64 BHDrvx64 ccHP discache eeCtrl IDSVia64 spldr SRTSPX SYMTDI Wanarpv6
11/14/2013 2:04:33 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
11/14/2013 2:04:33 PM, Error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.
11/14/2013 11:37:48 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgfws service.
11/12/2013 3:37:43 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR4.
11/12/2013 1:10:16 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D3DCB472-7261-43CE-924B-0704BD730D5F}  and APPID  {D3DCB472-7261-43CE-924B-0704BD730D5F}  to the user SandM\Shanahan SID (S-1-5-21-3767387943-2614688804-3758695101-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/12/2013 1:10:16 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {145B4335-FE2A-4927-A040-7C35AD3180EF}  and APPID  {145B4335-FE2A-4927-A040-7C35AD3180EF}  to the user SandM\Shanahan SID (S-1-5-21-3767387943-2614688804-3758695101-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/10/2013 8:19:22 AM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.2.2 with the system having network hardware address A8-26-D9-51-D7-C9. Network operations on this system may be disrupted as a result.
11/10/2013 1:47:04 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================
dds.txt

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16736
Run by Shanahan at 13:03:51 on 2013-11-16
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4060.2356 [GMT -5:00]
.
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files (x86)\SelectRebates\SelectRebates.exe
C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

mStart Page = about:blank
mWinlogon: Userinit = userinit.exe,
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: ShopAtHomeIEHelper Class: {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\31.0.1650.57\npchrome_frame.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: ShopAtHome.com Toolbar: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll
TB: ShopAtHome.com Toolbar: {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [HLBackupScheduler] C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
mRun: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
mRun: [Mobile Connectivity Suite] "C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
mRun: [selectRebates] C:\Program Files (x86)\SelectRebates\SelectRebates.exe
mRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
mRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\Users\Shanahan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: mswsock.dll










TCP: NameServer = 192.168.2.1
TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6}\2456C6B696E6F574F505C65737F5D494D4F4F5738353030303 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6}\E6F6470237F60266163747E2E2E2E2 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\31.0.1650.57\npchrome_frame.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - LocalServer32 - <no file>
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [TouchPortal] C:\Program Files (x86)\Gateway\Gateway Touch Suite\TouchPortal.exe
x64-Run: [TouchORB] C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - LocalServer32 - <no file>
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-11-15 718840]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1008030.006\SymEFA64.sys [2011-10-11 402992]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-9-16 46368]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-11-15 121928]
R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\System32\drivers\NISx64\1008030.006\BHDrvx64.sys [2011-10-11 334384]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\NISx64\1008030.006\cchpx64.sys [2011-10-11 561800]
R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-11-15 148696]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100505.001\IDSviA64.sys [2010-5-7 466992]
R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-11-15 69368]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-16 701512]
R2 Norton Internet Security;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [2011-10-11 117648]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-12 62208]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-11-27 240160]
R2 vToolbarUpdater17.1.2;vToolbarUpdater17.1.2;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [2013-11-12 1734680]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-11-15 593144]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-11-27 140128]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-16 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-27 233472]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2009-11-27 658944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 240736]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2010-6-18 20992]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2010-1-25 10240]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2009-11-27 702976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-11 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-11 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-1 1255736]
.
=============== Created Last 30 ================
.
2013-11-16 17:44:01 -------- d-----w- C:\Users\Shanahan\AppData\Local\{AAA50666-DA53-47A0-931B-C2EB8F266201}
2013-11-16 15:25:18 -------- d-----w- C:\Users\Shanahan\AppData\Roaming\Malwarebytes
2013-11-16 15:25:08 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-16 15:25:07 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-16 15:25:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-16 15:24:33 -------- d-----w- C:\Users\Shanahan\AppData\Local\Programs
2013-11-15 14:50:15 190299 ----a-w- C:\ProgramData\1384526894.bdinstall.bin
2013-11-15 14:49:59 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2013-11-15 14:49:58 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
2013-11-15 14:49:57 718840 ----a-w- C:\Windows\System32\drivers\avc3.sys
2013-11-15 14:49:57 593144 ----a-w- C:\Windows\System32\drivers\avckf.sys
2013-11-15 14:48:37 -------- d-----w- C:\Users\Shanahan\AppData\Local\{FD63764C-152D-4E4C-B3C9-2164391D52CB}
2013-11-15 14:48:21 148696 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2013-11-15 14:46:31 132854 ----a-w- C:\ProgramData\1384526281.bdinstall.bin
2013-11-15 14:41:28 -------- d-----w- C:\Program Files\Bitdefender
2013-11-15 14:40:56 382536 ----a-w- C:\Windows\System32\drivers\trufos.sys
2013-11-15 14:38:20 -------- d-----w- C:\Users\Shanahan\AppData\Local\{3C9C45ED-9B89-42A6-A7F5-C737A6B879F4}
2013-11-15 14:35:20 798 ----a-w- C:\ProgramData\1384526111.5576.bin
2013-11-15 14:35:19 1457 ----a-w- C:\ProgramData\1384526111.1204.bin
2013-11-15 14:35:11 43344 ----a-w- C:\ProgramData\1384526111.5952.bin
2013-11-15 14:34:44 43608 ----a-w- C:\ProgramData\1384526069.bdinstall.bin
2013-11-15 14:12:17 45710 ----a-w- C:\ProgramData\1384524702.bdinstall.bin
2013-11-15 14:11:42 -------- d-----w- C:\Users\Shanahan\AppData\Roaming\QuickScan
2013-11-15 14:10:29 -------- d-----w- C:\Program Files\CCleaner
2013-11-15 00:19:53 -------- d-----w- C:\Users\Shanahan\AppData\Local\{9E90925A-C0C0-4735-9539-6150C7BD8C45}
2013-11-14 11:05:12 -------- d-----w- C:\Users\Shanahan\AppData\Local\{3E91625A-65EC-489C-9C40-7CE621ADF242}
2013-11-14 08:05:59 2241536 ----a-w- C:\Windows\System32\wininet.dll
2013-11-06 13:54:08 -------- d-----w- C:\Users\Shanahan\AppData\Local\{A51DD7F9-1548-4CE6-B0EF-B4AC67BDC73F}
2013-10-30 13:43:51 -------- d--h--w- C:\Windows\AxInstSV
2013-10-19 15:53:14 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-10-19 15:53:14 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-10-19 15:53:14 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-10-19 15:53:14 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-10-19 15:53:14 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-10-19 15:53:14 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-10-19 15:53:14 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
.
==================== Find3M  ====================
.
2013-11-12 14:22:16 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-10-14 22:13:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-14 22:13:22 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-12 08:43:37 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2013-10-12 08:43:32 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-10-12 08:43:32 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-10-12 07:03:50 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-10-12 07:02:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-10-12 07:02:29 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-10-12 07:02:29 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-10-12 06:35:26 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-10-12 06:08:58 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-10-12 05:44:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-10-12 05:15:39 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
.
============= FINISH: 13:04:25.95 ===============
 

[Maniac]

Step 1

I notice that you are using more than one antivirus program.

• AVG 2013
• AVG 2014
• Norton Internet Security
• This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please choose one of them and uninstall the others. Also, please uninstall:

  AVG SafeGuard toolbar

  ShopAtHome.com Toolbar

  When you are done here, please reboot your system.

  Step 2

  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  Step 3

  Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
  Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
  Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

  In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log

[j33pfx]

It gave me some trouble uninstalling avg 2014 and Norton.... but here are the logs...

 

JRT.txt

 

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Shanahan on Tue 11/19/2013 at 10:27:46.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\selectrebates
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\Users\Shanahan\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\selectrebates"
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{000D931B-9044-4F12-9395-96CA707D9C03}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{02958EF6-AAFD-461C-A8E9-8695A128E08F}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{03DE2CC6-CC24-4589-9443-A00471622B83}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{05CC1CAE-45E9-40FC-BE78-5F506AB0C887}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{06F04983-3E29-48D8-9D1C-448BBC0F4390}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{0793948A-9F6D-477E-B9B0-1241C4F7668B}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{0882DA5B-7D29-484D-BE4A-724B57EB2337}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{08D799EA-BECF-4621-97A5-5AB570DC9E1B}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{0F5B56C3-DF89-4657-BB76-F39C6D032D5B}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{1022DCCF-5D61-4720-A1B5-2048BF3B40AD}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{10C02414-81B6-4276-B811-714A60DFCC23}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{13A78ABD-F8E7-4E27-A4CD-3FAB377EF6A1}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{13C46BFB-F5A5-4D16-807C-875B46D55555}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{148956F3-BDAE-4B53-A851-CED84E63E8B2}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{17BCE8B7-7635-4D49-B08F-3027D59ACD52}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{19C3AB45-4FDA-457B-AAA3-AC5196467A68}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{1D3EC675-304A-4A54-B82B-1BCA90B00295}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{1E9C1608-B5CB-4F0A-97D9-7A55D0B4F577}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{208EAA8C-2E53-41F9-A890-D65197AA6F42}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{210A76C8-6506-4ED7-85A8-82D72146C9F5}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{232EC207-B3F9-434F-8C84-852D2A1611DF}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{2343DBAF-3829-44C5-9CFC-ECD9E9CA1E76}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{23AB5817-D540-4806-A548-918D631D5611}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{24623948-F0C4-4611-BEC6-FB8DB2995F40}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{2697D514-1514-443A-B68A-D4F5162256BC}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{26F4EF42-A17C-4A5D-8D5A-4E7E13251763}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{299E4B02-48B4-4227-AA76-8C6DE9F7E434}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{29EBA685-2BFA-44D2-9434-1982F3D1DB15}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{2B4D2B15-ECAE-449C-A574-89D296F6127A}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{2DA91F02-8D9E-48EC-8F57-7577328D79DA}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{2DA9DBF2-8602-4CD9-BC7B-B2AD88670EC8}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3104AECC-3C1E-44E6-9536-FAC7C3FA036C}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{31B31259-9056-43E6-B42C-BA78C7E0990B}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{31F09362-E72A-400D-817D-8D14CAAE3C0F}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{32E3475E-F7F0-4B2B-88A6-193445EB073C}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{33EE76E6-5621-4AB5-8AD4-9E0C99DB84EF}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{34436668-1DEC-45E5-B67E-9246ADE7722C}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{352692A9-4289-4591-BDC0-36B43FFA9E1F}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{359C5A86-3985-42A4-9C4D-1B2C82BEC741}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3722471A-A231-46BD-83EB-DE6572FE95A6}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{384C6FE6-87CE-48FD-90EE-AC40EC943437}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{38C581BF-108E-4555-88CC-05FEBC6132CA}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{39BF3127-3291-4FD7-8C12-3DD6345D4863}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{39D7BDCB-B6AD-4E6B-A2EB-1799403A66AC}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3A06A112-3081-4C19-A7C5-46FEF9BC8FF0}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3C9C45ED-9B89-42A6-A7F5-C737A6B879F4}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3D080582-DCA0-4C29-B26B-0D19CC79344E}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3D0D4D98-DC63-485A-BF01-4C202A68E996}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3E411A71-DCD4-4153-91F9-5BDF02E4EF7D}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3E91625A-65EC-489C-9C40-7CE621ADF242}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3F391E4A-2391-4D6F-B56C-7FFE012BF94A}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{44A3252F-CB67-4A46-8D40-49BE32F3324D}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{49848138-E42E-4132-97B5-0B4F73BA08D0}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{4A26E426-705B-4ED1-ABFF-E4B5384098D2}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{4BBCD497-F09A-4761-AD64-FE0704CD8F8C}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{4F1313A2-89C9-4EC6-89F2-C6B8B7639738}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{4F6BDE3F-B65F-4265-B48A-D6D8EF2B2518}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{52BDA171-773D-4ED4-B260-C07C672791F5}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{539540CF-58FB-4B84-A020-3D24C4490B47}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{551C1E13-B225-4511-A150-CB2DC9AD9E83}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{55862EDB-D0F2-4B19-AB8A-B05DD554D4F9}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{55AF1E51-CD35-4799-8D6B-426E8D907B50}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{57AC8F3B-B46B-4C7B-8B74-DF6B071506D2}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{57AD88C4-1AFA-4254-9C1A-C6EBE699AD1E}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5834FB27-95E1-46B4-A062-E19071A450F9}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5A9E0AEF-11C1-4EB4-AA1D-8612588DDFA7}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5AD4F67C-8D44-4CD9-9CE8-2C8281A20A4F}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5AF07CAB-C65B-412C-A06A-A46C58100EBC}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5B4E8C61-AFD0-4A8C-BEAC-95410F934D1E}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5E9B59E8-87C6-4368-A6ED-EE96A1C3662D}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{60253825-0B81-48C2-A3ED-12C70E4ADCEF}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{60E1017F-FBC8-4E8A-9426-9485E9BFABA4}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{613B0EAF-232B-44D1-98F2-CA7C2DA5BC04}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6206626C-2D48-4857-9DE5-547D8B88919D}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{62B86B67-78E6-48ED-B689-E57819EFACC8}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6305F2DC-F267-46F0-8FCB-82D28BDDA0C8}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{64112A84-A262-4C15-A478-F05EA69FAFCC}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{693AFF92-E0E1-48D9-9870-1D689994E57D}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6A0E829F-4625-4A06-B327-4E3DAF4EF45E}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6C275301-F821-4B7E-9F4C-28BC55104579}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6DDF2AED-F578-40BA-8598-73E999C0642C}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6EA12A6D-DFF3-49BE-A339-A9EFB38174F1}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6FDDD1DD-C772-41AD-A5BF-FFB016D1273B}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7339B68C-3396-4C40-8BAD-829D14F0BF13}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7483D81D-F9D6-42CB-9CFB-60F32070233A}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7932761C-99EE-4E37-A58F-1F6CB7B2C8D7}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7A96715E-1627-47B6-9122-9F9766982664}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7AC5FF2A-3235-42F6-962A-06C196DD2268}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7B45E87E-3DC3-4817-9B3A-3E997D163E43}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7B67B364-11A6-4BE8-BA62-50E80CC81EFD}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7BD02739-5AC7-4A05-9522-7BFBBBAC571C}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7D235F25-5B93-4F51-B7AB-7AD97A8F7D10}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7D719F6B-C1B7-423C-BE3E-D226B91D8D41}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7DD5C1FE-A666-43C5-9D11-F5F6DD5B4DBD}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7EBCC22D-9880-4290-83C0-5E403E4C1BC3}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{82FBD647-8AC9-4F7A-9E0B-4F2BFDC8080A}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{83139D27-F3B5-4215-9282-E76028937394}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{852236F0-3D5D-43C6-B64E-B073B8666D5A}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{8CB30D34-AA1D-438F-ADE0-9F97F86FF64C}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{8D1FEBF9-DA7B-4B16-B480-DD4BA85FB2F7}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{90256A86-68E7-422B-8FA5-6C46DC74243D}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{93F047DA-F730-4315-B153-6D371E02B524}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{95344663-0C66-49C6-8BFD-63D0D235A518}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{965ABE80-7562-4074-8353-B39EECE815F3}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{966CC131-AA1D-4C73-891D-C0087D70A9B9}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{96BD24F2-3A35-4CCE-9B72-BF3D158DB63E}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9723FB31-C715-4E91-A1E8-5889B7406815}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{986DD34F-4F49-48E2-B0FF-28A1954D6E43}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9AC79358-9E23-483D-90AD-AB6A2067E656}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9D33EA8F-767A-4AD4-AAC3-7F6E7A55281B}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9D3E03A2-23DD-48B1-BC2B-C40E1FE332EF}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9DCB19AB-0596-45B3-9C31-ED7324F8AF7A}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9E3D5634-CE5F-4901-B911-3303269F2CCF}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9E90925A-C0C0-4735-9539-6150C7BD8C45}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9F998087-C149-416C-A3AB-8E1AA26837E1}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9FF1FF2B-FD3A-4770-AB93-56396422D228}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A02DD4EB-EF05-403A-A9A2-83C12CDFC5C8}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A07422D6-E6AB-48DE-B07F-D72822315EA1}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A0920C58-9CA2-43B4-85D0-C0A44170FAB7}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A26F5F51-64D3-4749-9104-7F23FB20C604}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A43D30DF-C9E0-4516-8ECF-DEF4B9B4DF33}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A51DD7F9-1548-4CE6-B0EF-B4AC67BDC73F}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A5AD9464-A7B2-4342-A133-08D6821AD588}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A9785C6B-8075-4FD5-B688-A02393BBC0D8}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{AAA50666-DA53-47A0-931B-C2EB8F266201}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{AACBB7C8-9F34-4C18-B06B-97EC13D7B628}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{ADAECF9F-782C-4314-9541-591956683973}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B08470E8-856A-4E31-91F1-B98906D68C6F}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B127F211-495B-44CA-A1DA-239E73DCD2DC}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B1822C3B-59CD-48CA-A21B-DB1E69E68F49}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B28D60C5-6CBA-4B2B-9588-02FB4686CAD1}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B37AE999-C518-4BA0-AEAB-5043CD6C98B8}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B3D9B585-89F2-477B-A6CE-48C23543BDCC}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B565A94C-4732-4005-AF63-CE0F4A6B62DA}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B653425C-AD59-4405-BE68-D1205F8D3D5A}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B7D00EB4-BE07-4950-98E1-B33462788583}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B8C1264C-59F5-4936-BAD1-505A6E9E6BF0}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{BB2F2522-F319-4D12-98C0-2E70669C8EA7}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{BC72E3BA-A234-4331-9965-DE2BAF93F05B}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{BC7535ED-B39F-4E81-AA5A-584AD30496BD}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{BD038044-C0DC-40B4-93FE-B42E098BC083}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{C0FB9D28-27DD-4388-8983-59230A60F018}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{CAE4E7C3-5482-453F-A32E-11AEA1D17230}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D071151F-04EF-4BE9-B4B8-7B71DB993DE9}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D3E043B6-C1F0-4471-BC0C-9606F74646FE}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D5F94436-D949-4B33-8CBC-1AF33376B648}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D66D62F4-7620-4999-9312-EAFF405DF64B}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D82DE81C-507E-40AA-8755-79AD0163C277}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D8B4F800-0FF5-46B9-9CF7-033536B04707}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E50BCEFC-5E91-495E-8308-753296F1816F}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E59D0027-85EF-4403-AB63-C0826794B806}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E70B01A9-9EFB-46C0-93F0-A8F2CEEEF699}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E8375880-CF14-41D0-B1D2-39CCEB3F21DB}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E8AB8504-63F6-4A7D-AE03-4DE177C5A775}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E93B81F5-D6DF-440E-A8AE-35DE64E6AC8F}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{EC2F7F7F-DCCA-44E5-A821-51C07B34E6C2}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{EDE1F7D0-991D-4B0D-84D2-3F55FFCA8D48}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{EF5989DC-90FD-460B-9CD1-ABDC792F9350}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{EF63AC4F-6DC8-4790-A830-52A8879B0D15}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{EF939FF0-B7A3-4C11-8523-DB1D629A9387}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F11BD1C8-8029-40F3-940A-5DC8E8C65A42}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F1DD2B71-5DC6-46ED-984F-501A1189E03E}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F441F698-BA7F-49D8-BF6C-899EDC30ACC9}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F5259036-E255-4A2A-83FA-89E9521F5EF2}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F88DDE40-FA84-4D65-85B4-876A8660D591}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F971F3D9-580C-4AC1-8C18-2D0043888368}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{FA4AD985-68C6-4E3E-A026-8493D4158D9B}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{FA99FB64-AE3E-49AC-96F9-2A1E7A04CCAD}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{FD63764C-152D-4E4C-B3C9-2164391D52CB}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{FDE56C02-6DA1-40EA-9735-5E444A7892CA}
Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{FE506705-B2B5-4AF1-BBCD-41AB22051D1E}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/19/2013 at 10:42:20.44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Adwcleaner

 

 

# AdwCleaner v3.012 - Report created 19/11/2013 at 10:46:12
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Shanahan - SANDM
# Running from : C:\Users\Shanahan\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Shanahan\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Shanahan\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Shanahan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Shanahan\AppData\Local\Temp\Uninstall.exe

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Shanahan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url

*************************

AdwCleaner[R0].txt - [4303 octets] - [19/11/2013 10:44:26]
AdwCleaner[s0].txt - [3866 octets] - [19/11/2013 10:46:12]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3926 octets] ##########

 

Malware bytes

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.19.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Shanahan :: SANDM [administrator]

Protection: Enabled

11/19/2013 10:57:52 AM
mbam-log-2013-11-19 (10-57-52).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219354
Time elapsed: 5 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

[Maniac]

It gave me some trouble uninstalling avg 2014 and Norton.... but here are the logs...

Could you please explain to me about these problems?

[j33pfx]

The uninstaller really didn't do anything with the avg 2014. When I checked the box next to it and ran the uninstaller nothing happened, but when I went to try and uninstall Norton or the tool bar it said I had to wait till the process was done...   Norton starts the process then as its collecting its error logs it has a box that pops up and says " Cannot Export C:\ProgramData/NortonInstaller/Sym Temp\Registry5.txt: Error writing the file. There may be a disk or file system error."  Then it tell me that it cannot complete the process had an error and to go to the tech support web site

[j33pfx]

Says I need to download a Norton removal tool....

[Maniac]

Okay, let's try another way.

Download AVG uninstaller:

http://download.avg.com/filedir/util/support/avg_remover_stf_x64_2014_4116.exe

Follow the instructions to complete the procedure.

Next, follow the instructions here to remove Norton Internet Security from your system.

https://support.norton.com/sp/en/us/home/current/solutions/kb20080828154508EN_EndUserProfile_en_us

When you are ready, reboot your system and generate a new fresh DDS log files. Post them in your next reply.

[j33pfx]

Ok after having a little trouble with both I opted to just reinstall previous valid versions or both Norton and AVG to update and restore corrupt or missing files for both and then properly uninstall them. her are the two logs.

 

 .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/14/2010 11:15:38 PM
System Uptime: 11/21/2013 3:17:43 PM (0 hours ago)
.
Motherboard: Gateway |  | ZX4800
Processor: Pentium® Dual-Core CPU       T4400  @ 2.20GHz | CPU 1 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 685 GiB total, 563.85 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP409: 11/15/2013 9:12:48 AM - Removed AVG 2014
RP410: 11/15/2013 9:15:53 AM - Removed AVG 2014
RP411: 11/19/2013 10:17:19 AM - Removed Norton Online Backup
RP412: 11/21/2013 2:52:43 PM - Installed AVG 2014
RP413: 11/21/2013 2:53:16 PM - Installed AVG 2014
RP414: 11/21/2013 3:02:58 PM - Installed AVG 2014
RP415: 11/21/2013 3:03:40 PM - Installed AVG 2014
RP416: 11/21/2013 3:15:01 PM - Removed AVG 2014
RP417: 11/21/2013 3:16:43 PM - Removed AVG 2014
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
3ivx MPEG-4 5.0.3 (remove only)
Acrobat.com
Adobe AIR
Adobe Creative Cloud
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8)
Adobe Shockwave Player 12.0
Advertising Center
aioprnt
aioscnnr
Backup Assistant Plus
Backup Manager Advance
Bitdefender Antivirus Free Edition
Bonjour
C4USelfUpdater
CCleaner
center
Compatibility Pack for the 2007 Office system
CyberLink MediaShow
CyberLink PowerCinema
CyberLink YouCam
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dragon Keeper
eBay Worldwide
essentials
Farmscapes
ffdshow [rev 2527] [2008-12-19]
FlipShare
Frontline Systems Premium Solver for Education V7.0
Gardenscapes
Gardenscapes: Mansion Makeover
Gateway Games
Gateway InfoCentre
Gateway MyBackup
Gateway Recovery Management
Gateway Registration
Gateway ScreenSaver
Gateway Touch Suite
Gateway Updater
Google Chrome
Google Chrome Frame
Google Toolbar for Internet Explorer
Google Update Helper
HTC Driver Installer
HTC Sync
Identity Card
ImagXpress
Intel® Graphics Media Accelerator Driver
ITECIR
Java Auto Updater
Java 6 Update 35
JMicron Flash Media Controller Driver
Junk Mail filter update
Kodak AIO Printer
KODAK AiO Software
ksDIP
LeapFrog Connect
LeapFrog Tag Plugin
Learning Lodge Navigator
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.4
Microsoft Office Office 64-bit Components 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Touch Pack for Windows 7
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft XNA Framework Redistributable 3.0
Microsoft XNA Framework Redistributable 4.0
Motorola Mobile Drivers Installation 4.7.1
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
ocr
Oracle Crystal Ball
PDF Settings CC
PowerCinema Movie
PreReq
PrintProjects
Python 3.3.2 (64-bit)
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SpongeBob Diner Dash 2
SpongeBob Typing
Spotify
swMSM
System Requirements Lab
System Requirements Lab for Intel
TouchSettings
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Update Installer for WildTangent Games App
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
Verizon V CAST Media Manager
Virtual Earth 3D (Beta)
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VTech Download Agent Library
WebEx
Welcome Center
WildTangent Games
WildTangent Games App
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WModem Driver Installer
Yahoo! BrowserPlus 2.9.8
Youda Jewel Shop
.
==== Event Viewer Messages From Past Week ========
.
11/21/2013 3:20:19 PM, Error: Service Control Manager [7023]  - The Function Discovery Resource Publication service terminated with the following error:  %%-2147024891
11/21/2013 3:20:19 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:  %%-2147024891
11/21/2013 3:18:19 PM, Error: Service Control Manager [7003]  - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
11/21/2013 3:18:02 PM, Error: Service Control Manager [7023]  - The Computer Browser service terminated with the following error:  The specified service does not exist as an installed service.
11/21/2013 3:05:17 PM, Error: Service Control Manager [7024]  - The AVG Firewall service terminated with service-specific error %%-536805289.
11/19/2013 10:51:42 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Player Network Sharing Service service, but this action failed with the following error:  An instance of the service is already running.
11/19/2013 10:51:12 AM, Error: Service Control Manager [7031]  - The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/19/2013 10:51:12 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
11/19/2013 10:48:48 AM, Error: Service Control Manager [7000]  - The vToolbarUpdater17.1.2 service failed to start due to the following error:  The system cannot find the file specified.
.
==== End Of File ===========================

 DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16736
Run by Shanahan at 15:19:52 on 2013-11-21
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4060.2421 [GMT -5:00]
.
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Gateway\Gateway Touch Suite\SNSAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

mStart Page = about:blank

mWinlogon: Userinit = userinit.exe,
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\31.0.1650.57\npchrome_frame.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [HLBackupScheduler] C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
mRun: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
mRun: [Mobile Connectivity Suite] "C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
mRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
mRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\Users\Shanahan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}










TCP: NameServer = 192.168.2.1
TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6}\2456C6B696E6F574F505C65737F5D494D4F4F5738353030303 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6}\E6F6470237F60266163747E2E2E2E2 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\31.0.1650.57\npchrome_frame.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - LocalServer32 - <no file>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [TouchPortal] C:\Program Files (x86)\Gateway\Gateway Touch Suite\TouchPortal.exe
x64-Run: [TouchORB] C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - LocalServer32 - <no file>
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-11-15 718840]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-9-16 46368]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-11-15 121928]
R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-11-15 148696]
R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-11-15 69368]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-16 701512]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-12 62208]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-11-27 240160]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-11-15 593144]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-11-27 140128]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-16 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-27 233472]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2009-11-27 658944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 240736]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2010-6-18 20992]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2010-1-25 10240]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2009-11-27 702976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-11 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-11 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-1 1255736]
.
=============== Created Last 30 ================
.
2013-11-21 20:19:07 -------- d-----w- C:\Users\Shanahan\AppData\Local\{708E4816-C28B-4434-A557-09AB57544481}
2013-11-21 20:00:46 -------- d-----w- C:\Users\Shanahan\AppData\Local\{44365F34-B3D9-49C3-8E4F-82BB3D853E94}
2013-11-21 19:57:54 -------- d-----w- C:\Users\Shanahan\AppData\Local\CrashDumps
2013-11-21 19:34:37 -------- d-----w- C:\Users\Shanahan\AppData\Local\{550696BF-62E0-4883-B1D3-89949B9683E4}
2013-11-21 19:24:37 -------- d-----w- C:\Users\Shanahan\AppData\Local\{2AFAA0F5-5233-4075-9AFD-81C60BE4F22C}
2013-11-21 19:21:05 -------- d-----w- C:\ProgramData\PCSettings
2013-11-19 15:44:06 -------- d-----w- C:\AdwCleaner
2013-11-19 15:27:43 -------- d-----w- C:\Windows\ERUNT
2013-11-16 15:25:18 -------- d-----w- C:\Users\Shanahan\AppData\Roaming\Malwarebytes
2013-11-16 15:25:08 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-16 15:25:07 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-16 15:25:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-16 15:24:33 -------- d-----w- C:\Users\Shanahan\AppData\Local\Programs
2013-11-15 14:50:15 190299 ----a-w- C:\ProgramData\1384526894.bdinstall.bin
2013-11-15 14:49:59 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2013-11-15 14:49:58 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
2013-11-15 14:49:57 718840 ----a-w- C:\Windows\System32\drivers\avc3.sys
2013-11-15 14:49:57 593144 ----a-w- C:\Windows\System32\drivers\avckf.sys
2013-11-15 14:48:21 148696 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2013-11-15 14:46:31 132854 ----a-w- C:\ProgramData\1384526281.bdinstall.bin
2013-11-15 14:41:28 -------- d-----w- C:\Program Files\Bitdefender
2013-11-15 14:40:56 382536 ----a-w- C:\Windows\System32\drivers\trufos.sys
2013-11-15 14:35:20 798 ----a-w- C:\ProgramData\1384526111.5576.bin
2013-11-15 14:35:19 1457 ----a-w- C:\ProgramData\1384526111.1204.bin
2013-11-15 14:35:11 43344 ----a-w- C:\ProgramData\1384526111.5952.bin
2013-11-15 14:34:44 43608 ----a-w- C:\ProgramData\1384526069.bdinstall.bin
2013-11-15 14:12:17 45710 ----a-w- C:\ProgramData\1384524702.bdinstall.bin
2013-11-15 14:11:42 -------- d-----w- C:\Users\Shanahan\AppData\Roaming\QuickScan
2013-11-15 14:10:29 -------- d-----w- C:\Program Files\CCleaner
2013-11-14 08:05:59 2241536 ----a-w- C:\Windows\System32\wininet.dll
2013-10-30 13:43:51 -------- d--h--w- C:\Windows\AxInstSV
.
==================== Find3M  ====================
.
2013-11-12 14:22:16 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-10-14 22:13:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-14 22:13:22 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-12 08:43:37 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2013-10-12 08:43:32 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-10-12 08:43:32 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-10-12 07:03:50 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-10-12 07:02:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-10-12 07:02:29 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-10-12 07:02:29 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-10-12 06:35:26 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-10-12 06:08:58 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-10-12 05:44:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-10-12 05:15:39 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
.
============= FINISH: 15:21:40.19 ===============

 

[Maniac]

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

• Once you've read the article and are ready to use the program you can download it directly from the link below.
• Important! - Please make sure you save combofix to your desktop and do not run it from your browser
• Direct download link for: ComboFix.exe
• Please make sure you disable your security applications before running ComboFix.
• Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
• Please copy/paste the contents or attach that log file to your next reply.
• If needed the file can be located here: C:\combofix.txt
• NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

[j33pfx]

Ran it here is the log... I have not run anything yet but I do see the icon for windows defender and windows update ...

 

 Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4060.1894 [GMT -5:00]
Running from: c:\users\Shanahan\Desktop\ComboFix.exe
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Google\Desktop\Install
c:\program files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\9519~1\A535~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\@
c:\program files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\9519~1\A535~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\L\00000004.@
c:\program files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\9519~1\A535~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\L\201d3dde
c:\program files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\9519~1\A535~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\L\76603ac3
c:\program files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\9519~1\A535~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\U\80000032.@
c:\programdata\1384526069.bdinstall.bin
c:\programdata\1384526111.1204.bin
c:\programdata\1384526111.5576.bin
c:\programdata\1384526111.5952.bin
c:\programdata\1384526281.bdinstall.bin
c:\programdata\1384526894.bdinstall.bin
c:\users\Shanahan\AppData\Local\assembly\tmp
c:\users\Shanahan\AppData\Local\Google\Desktop\Install
c:\users\Shanahan\AppData\Local\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\2E2F~1\28F0~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\@
c:\users\Shanahan\Documents\~WRL0001.tmp
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\additional.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\avcheck.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\bdardrv.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\bdmetrics.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\bdnc.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\core\bdcore.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\gzflt.sys . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\gzfltum.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\htmlayout.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\Installer.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\installerpackage.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\lang\en-US.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\lang\it-IT.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\lang\pt-BR.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\lang\ro-RO.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\npcomm.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\setuplauncher.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\ThreatScanner.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\trufos.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\trufos.sys . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\unrar64.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\WPFKickstarter.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\WPFKickstarter4.exe . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\wslib.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\wspack.dll . . . . Failed to delete
c:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\wsutils.dll . . . . Failed to delete
.
.
(((((((((((((((((((((((((   Files Created from 2013-10-22 to 2013-11-22  )))))))))))))))))))))))))))))))
.
.
2013-11-22 17:55 . 2013-11-22 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-21 19:57 . 2013-11-21 19:57 -------- d-----w- c:\users\Shanahan\AppData\Local\CrashDumps
2013-11-21 19:21 . 2013-11-21 19:21 -------- d-----w- c:\programdata\PCSettings
2013-11-19 15:44 . 2013-11-19 15:46 -------- d-----w- C:\AdwCleaner
2013-11-19 15:27 . 2013-11-19 15:27 -------- d-----w- c:\windows\ERUNT
2013-11-16 15:25 . 2013-11-16 15:25 -------- d-----w- c:\users\Shanahan\AppData\Roaming\Malwarebytes
2013-11-16 15:25 . 2013-11-16 15:25 -------- d-----w- c:\programdata\Malwarebytes
2013-11-16 15:25 . 2013-11-16 15:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-11-16 15:25 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-16 15:24 . 2013-11-16 15:24 -------- d-----w- c:\users\Shanahan\AppData\Local\Programs
2013-11-15 14:49 . 2009-07-15 06:21 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-11-15 14:49 . 2012-11-02 19:17 261056 ----a-w- c:\windows\system32\drivers\avchv.sys
2013-11-15 14:49 . 2013-04-17 19:59 593144 ----a-w- c:\windows\system32\drivers\avckf.sys
2013-11-15 14:49 . 2013-04-17 19:59 718840 ----a-w- c:\windows\system32\drivers\avc3.sys
2013-11-15 14:48 . 2013-04-22 18:21 148696 ----a-w- c:\windows\system32\drivers\gzflt.sys
2013-11-15 14:41 . 2013-11-15 14:50 -------- d-----w- c:\program files\Bitdefender
2013-11-15 14:40 . 2013-05-28 17:12 382536 ----a-w- c:\windows\system32\drivers\trufos.sys
2013-11-15 14:12 . 2013-11-15 14:12 45710 ----a-w- c:\programdata\1384524702.bdinstall.bin
2013-11-15 14:11 . 2013-11-15 14:49 -------- d-----w- c:\users\Shanahan\AppData\Roaming\QuickScan
2013-11-15 14:10 . 2013-11-15 14:10 -------- d-----w- c:\program files\CCleaner
2013-11-14 08:05 . 2013-10-12 08:45 2241536 ----a-w- c:\windows\system32\wininet.dll
2013-11-14 08:05 . 2013-10-12 08:43 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-11-14 08:05 . 2013-10-12 08:43 19269632 ----a-w- c:\windows\system32\mshtml.dll
2013-11-07 12:48 . 2013-11-07 12:48 -------- d-----w- c:\users\Shanahan\AppData\Roaming\PlayFirst
2013-11-07 12:48 . 2013-11-07 12:48 -------- d-----w- c:\programdata\PlayFirst
2013-10-30 13:43 . 2013-10-30 13:44 -------- d--h--w- c:\windows\AxInstSV
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 08:01 . 2010-05-23 16:49 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-12 14:22 . 2013-09-16 22:30 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-10-14 22:13 . 2013-10-14 21:27 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-14 22:13 . 2011-10-06 18:49 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-08 02:30 . 2013-10-10 16:48 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 16:48 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 16:48 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-19 15:53 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-19 15:53 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-19 15:53 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-19 15:53 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-19 15:53 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-19 15:53 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-19 15:53 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-10 16:48 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-10 16:48 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-10 16:48 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-10 16:48 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-10 16:48 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-10 16:48 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-10 16:48 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-10 16:48 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-10 16:48 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-10 16:48 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-10 16:48 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-10 16:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-10 16:48 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-10 16:48 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-10 16:48 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-10 16:48 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-10 16:48 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-10 16:48 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PhotoGadgetFirstRun"="0 (0x0)" [X]
"MusicGadget"="0 (0x0)" [X]
"PhotoGadget"="0 (0x0)" [X]
"TouchMemo"="0 (0x0)" [X]
"PhotoGadgetFirstRun_Portal"="0 (0x0)" [X]
"HLBackupScheduler"="c:\program files\Backup Assistant Plus\V CAST Backup Scheduler.exe" [2012-08-20 7065224]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-27 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" [2009-08-12 244480]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2009-09-15 167008]
"Mobile Connectivity Suite"="c:\program files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-11-19 598016]
"AgentMonitor"="c:\program files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" [2012-11-05 377800]
"VMM Mode Selection"="c:\program files\HTC\ModeSelection\VMMModeSelection.exe" [2011-02-14 43520]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-09-03 2237328]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2013-03-15 2236792]
.
c:\users\Shanahan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ    autocheck autochk *\0 /sync /restart\0 /sync /restart
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Conime"=%windir%\system32\conime.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]
S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S2 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Gateway\Registration\GregHSRW.exe;c:\program files (x86)\Gateway\Registration\GregHSRW.exe [x]
S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 14:19 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-14 22:13]
.
2013-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-15 03:49]
.
2013-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-15 03:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-08-30 14:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-08-30 14:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-08-30 14:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TouchPortal"="c:\program files (x86)\Gateway\Gateway Touch Suite\TouchPortal.exe" [2009-10-24 4940800]
"TouchORB"="c:\program files (x86)\TouchSettings\TouchPortalOBR.exe" [2009-10-23 151368]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-24 8081952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-13 472984]
.
------- Supplementary Scan -------
.

uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3767387943-2614688804-3758695101-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3767387943-2614688804-3758695101-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Flip Video\FlipShare\FlipShareService.exe
c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
c:\program files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
c:\program files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
c:\program files (x86)\Common Files\Teleca Shared\logger.exe
c:\program files (x86)\Common Files\Teleca Shared\Generic.exe
c:\program files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
c:\program files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
c:\program files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
c:\program files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
.
**************************************************************************
.
Completion time: 2013-11-22  13:06:38 - machine was rebooted
ComboFix-quarantined-files.txt  2013-11-22 18:06
.
Pre-Run: 605,509,496,832 bytes free
Post-Run: 605,172,596,736 bytes free
.
- - End Of File - - B926237C2E46C2261E8F83CED7504F18
A36C5E4F47E84449FF07ED3517B43A31
 

[Maniac]

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

SecCenter::

AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

Folder::

c:\programdata\PCSettings

JavaClearCache::

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!