j33pfx Posted November 18, 2013 ID:755089 Share Posted November 18, 2013 The other day I was job searching and box popped up telling me I needed to upgrade my browser to IE 11 .. I tried to x it and it went away. Then I started to notice that I could not download anything and my windows update stopped working and windows defender all but vanished off my computer.... Im usually pretty good with thing like this but I couldn't figure it out. my avg and Norton and MacAfee are all out of date and could not download any trials to run. I finally took my wifes advice restarted and tried in safe mode... no dice .. but AVG allowed my to run it in safe mode.... came up with one thing .. I have the log and I'll post it for you... I also downloaded bitdefender and ran it found 4 things ... I have the logs for that too.. anyway I still could download or run windows update I looked into your site and downloaded your program and ran it on my computer and the dds.src too.. I have those logs too.. I do need some help .. I would greatly appreciate it.. Link to post Share on other sites More sharing options...
j33pfx Posted November 18, 2013 Author ID:755090 Share Posted November 18, 2013 This is the avg log: VG 2014 AntiVirus command line scannerCopyright © 1992 - 2013 AVG TechnologiesProgram version 2014.0.4158, engine 2014.0.3615Virus Database: Version 3615/6797 2013-10-31C:\Documents and Settings\ Locked file. Not tested.C:\hiberfil.sys Locked file. Not tested.C:\pagefile.sys Locked file. Not tested.C:\Program Files\Windows Defender\en-US\DEFAULT Locked file. Not tested.C:\Program Files\Windows Defender\en-US\DEFAULT.LOG1 Locked file. Not tested.C:\Program Files\Windows Defender\en-US\DEFAULT.LOG2 Locked file. Not tested.C:\Program Files\Windows Defender\en-US\RegBack\DEFAULT Locked file. Not tested.C:\Program Files\Windows Defender\en-US\RegBack\SAM Locked file. Not tested.C:\Program Files\Windows Defender\en-US\RegBack\SECURITY Locked file. Not tested.C:\Program Files\Windows Defender\en-US\RegBack\SOFTWARE Locked file. Not tested.C:\Program Files\Windows Defender\en-US\RegBack\SYSTEM Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SAM Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SAM.LOG1 Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SAM.LOG2 Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SECURITY Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SECURITY.LOG1 Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SECURITY.LOG2 Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SOFTWARE Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SOFTWARE.LOG1 Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SOFTWARE.LOG2 Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SYSTEM Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SYSTEM.LOG1 Locked file. Not tested.C:\Program Files\Windows Defender\en-US\SYSTEM.LOG2 Locked file. Not tested.C:\Program Files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\ \...\???\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\ Locked file. Not tested.C:\Program Files (x86)\WildTangent Games\Games\Gardenscapes\Gardenscapes-WT.exe is OK.C:\ProgramData\AVG\AWL2012\TTUSvc.tt Locked file. Not tested.C:\ProgramData\Desktop\ Locked file. Not tested.C:\ProgramData\Documents\ Locked file. Not tested.C:\ProgramData\Favorites\ Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0052ade64555e2898f7069e688b3cd4a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\00a8b83b96cfb6030ac6e876be2dd8de_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\01a06173ea5ea5cff02c8b7fab47895a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\033aa13ae5cc9b42636680a2d3fb36b5_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\04debf6f9afa4f32880f9d38832c620c_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0504aa7854ca2cc95c907375b056b783_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\05292f0aa04eec080fa19e0ed7a56909_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\069990c6f99206489cbc566773defabb_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0736517bb50276f3578ebbbaab55e4ef_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0995db78a82c4a299852e4760912c8af_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\09fb85c8161fd70830fdbaa3e83c344b_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0a17fb3d431a414c26ad01a3dc903e32_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0bdf10636557a1a56ac0ed8b89136a68_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0bdf12191665aba6fac76a1b5b060b26_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0d33501ffa14301a533d5ac0846ec64d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0d4e3184b1444f783c177523707be8e1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0df7c7b1bc3eba1769922b619411f5c7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0e138600de7feaa6d52b083cd42af60d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0f3ef20cdfb74192ccdcf7f37dc92083_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0f5fa43f3ad88a71af9e008f2725e1a8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0fbef963566bff773c58b6ee937a0d14_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1273116792fa2001b113d308d1471d69_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1454b10a8a9fa62d19b55f322231dcea_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\14a325160fd2d3dae92cf5b193e9cf37_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\14b1c5398b031641581a7bc3111a7042_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1598624b9e66454335416364e9babdc4_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\17c7e70d88ccce79d59119d44480e0f1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1875a0a9ff2a08e09937eb6c45128f0d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\18ff33881d97f13ea2744ea5ab7acdd4_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1a7413f266a898f4017c2d8610168f0d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1aa871aae485407d7d567b103d411661_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1cff55323e1f568199a55f205593e356_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2049b73c5543b19bb6430219ddbd01dc_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\213f36e28112a57981bea3deabaf7d8d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\21c08f9a2fbe94500b2a498a8bd152cd_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\231dfafda5fe97a3e977387342b5ab4d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2378c24cc540a821a94e7535d1c8d078_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2494f25a4fae2955ddcf019ab72e4248_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2571719a3b2289e81ed89c71c996a0ec_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\259416140fb5a600cd7c1d0b57459b64_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\280cc87bb152d7851f595822c6e015ed_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2a435447a61bb140741ccfbb071e4d80_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2ac8ea320e9440265fb87959108e2d65_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2af49a1ba01b3b5f96826af276d12e58_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2c2b2fa00ed92779d446abecb6fef5ab_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2d4be2cfc2642d089f22dbe906265616_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\301e257f49dcf539887278df7b7c4522_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3195cbb4d47d9b81b4686dbc91c82733_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3296f0b583951ef080257ab28b7c308b_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\32ccfed0a597a9e29347be170e8fd781_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\33b5b8145b76eefa17b9f06633e8475e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\33dacaff576b22d1aac48bdfeb6db046_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\36a87e202871d3676fdc0714aff9c0ce_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3a077e9201342bbcf817dcf8006f1336_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3d1ed8a64021c88758a57303459065bc_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3e035958414e63624519e81a0f43edf0_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3e12a4d57f0a53001d5c3ec064bbd576_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3e2d9c576ae13aea539f88e10adfbe87_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3ebeea318e70f25bf1e25945a7256b80_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3f46fb1bd7be63f819b2186d901953a6_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4026c21adeb0b3b958c12c9c32235c08_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\403793468fe3db8a26f912b2a44af077_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\407582be2477998d73d503f8734634a1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4276097d887c66f002cf8ba1f58f532f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\440502470ac63f5bdc542cc46f43a251_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\441911c32b8302e5f01a9148602b98b9_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\44cc1ffd6958008d7ec960f41b4212d9_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\46bca71f87bab030bf6014ea1a0abfc7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\481c172264f02a84ba2c997d9cf731d2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\485fe4968e425dbe2d7faa6ce970aec8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4a6ac71b143aa3cf0f8ba789ff48a701_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4ab3896ab1e78b36cbf2c29487f19a5f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4b99139a9931adea941eb4f6e8890e6a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4d1a0b74b12efe32103c68f8724940d1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4dd35fa06e80ae40496623e0c5259fd1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4e5a134821f1982a1ecff388f646ca9a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4f996fc477bac060d89c8aa18a7e26b2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4fa13c71b1f600d64f1ab4e74f2d1c5d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\500cd8d87a7ac025667f60994ed6843e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\51ca71d149ceac7e41e0efea92998952_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\52c046204deccaaa71f7079e2ebf0ef8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\56263f36755b4b42c9a44b9453a24d9a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\562ef5908b2767b687a5fd1692ce76f3_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5675c7fad614954996c69bf1e492b9d2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5751c07613d470ac55f30a137223d8f5_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\58d72e85ae5059e55b3d8b7cbcff605d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5910322b261d02bbba5d763ab6e52990_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5a32ff568c99182facf8fdb9b8f4a0c7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5d7b8b24683f0a93aaf880c07be4c42b_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5da45a5eeb492479d501fe95ad150c58_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5f381e18b286c355b8a250c506a2b147_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5f73838e4da26b733dcbc7b2c21f8ab2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\602eec60837202e300167edca92239bb_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6125000c51dded972cea137628e89335_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6394393eec31513a9ae17f8ef9f68c0f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\63ef0d2deef236142fea8bcca4bebd73_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\64543761b0c5a59796f752b076fd5129_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\652c50697c47fe2f00ddbb81da3a8bc2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\65a343e969ef8aea98d6845b4d2f83a7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\66d1f96fc62ca36938823654404746aa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6792b122d47ae60f2ae659d853b5c991_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\69f8d977136b76781f5cc95b27285ae5_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6a5f32ebe2bfc3f73c9a20a20f4c6214_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6b1e3601a52efcaab29df5956451a6ea_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6bc370b5bd7338467710b4d8801f7e07_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6d34bddf1c524acbdd989b117cfdc7ff_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6f849d91db768c3490c4267000f2336f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6fc2b1e3eb9763ccca410a7e14820e31_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7151b0f4dcf108044baa7bdd2be0e0c2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\74f1365233b9a294a92c71d4af344ff3_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7553b9d9097a9f5851ab59fddd562cdd_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\75672ef2b53785eb2cbcb98ff2cee944_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7615d9f3d6b459020c1222c1da70091d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7794060db5a2841078950d92fb1c300f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\79bcd9547d196ce633eee7ad9b0347cb_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\79eddbb40af33af91a01c8ecf9e05bb3_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7a2e278bbed26c9c73d27cd951114e1f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7cefb28018e500e70d84a719c8303cbd_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7e6fce33ade1d06d7d456431efc08a29_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7f704dbf0a9c91671c1585dbd18f12d0_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8091a5cba378f0f2dc52061e82687e86_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\81e528ed067fe43a9f6d79abe69b0dd4_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\838c8c82cc24bccdc993018f2db8cf34_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\85b028af55f0c5031a0fc47d62fe82fd_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\87c019435d6f025d8a6fe4fbbadb72fa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\88b360f7292b15d7d33e454b112dcf16_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8967afad0cb5e886a1cc763c62846572_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\89c293db3be6fc845307479f3ea47b84_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8b37d8fdc045644763276977a55fce5f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8b82aad8bf8730c06a0b929d9eb04099_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8c8ef6f823b90962165e0cceee756f36_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8eb3b5c9e68d6e054a1f7bc667920663_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8fb6fc39534482916936ea988daddd93_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8fb9282b6bfa2e1aa42a90fa71e17bb2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8fefcb4d30bc6359122f998db3e9a5b8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\90517ef4bcbe4851c368b2f8ecd12caa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\914ef851e2689c2ff5826f7e647d4a8b_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\945780cecd8fbfefcf1ed78bb0568fc7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\94893d8ec9d1d281deb1cf35e5e01b69_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\981ca32f8606702ca32d60125934baaa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\98ade10feb4473c4d762b866a2127c38_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\99001e542e315ce9544295dd14ba67ba_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9e2c8fb5aeee424f0efa4277a83f6687_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a325813cab7f3aab808265999ba0924d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a4123f3e01cdf0fb38b723c8dcb61429_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a45591196619e69dee4821c31f9cde39_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a728cbb2d6904ab79278f3548b0f4cc6_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a760d1cb37810ef6f19d1c5a7249accf_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a84816f5e5df1cd69b08bd9e0c2ec799_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a8741e5dacf43600fb30ccae2d3ec953_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a8cbf30faa98c7ffab384bdc92d33edf_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a9319b93cf11b5055fccec790d528337_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a9de24743b408f0be320018cfd617077_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ac0adb8e138093cc9562130ee6f671a2_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ac805fab991fa9f08cf6e44dfc071504_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ad346aed2943a627f1c2d2a486315b24_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\af0c338af3847a2a393128a7dbeb4f21_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\af3fb96995df982f464c3800ca212d9d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b0840331932f926e74612ce9937592fa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b2171dca852e358dea5e9299f79e9423_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b4437ea9dfa6fa8a507a7cebd288df39_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b50255b4c6176f39d205b44e218e56d7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b5975f1b953841e03477a18702793b28_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b6311ec81fe54ca2a12f2ee0941a36ca_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b80d46a5dc5238b93bea82670b6e2158_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ba92ec801a8470ed9bf7ec99b10a2a57_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bac682dc70e9414785b0309f77885820_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bb877554d899bfe68174c73f7b8caacb_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bc3e9e9af4b6d3d8564705cd7ec9a741_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bc8ce7236c06bb57ac5db53244efc169_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\be2abe0a20478e0c7714c4f641b2bf69_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\be5d5418df3776a72b284066ad4b471c_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bee818a7e65113de28710fc6988c0c4c_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bf637790a2fd36fb5597ab03c1bc8c22_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bf6b36e79deb522712f06f03f97155aa_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c0608555afa03ea9f22e7b31aa626c50_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c1ea5608c1205e1bd189e0a986067f23_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c27a65e49d6935b6d905b9c28b1b179c_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c5b62278d0ba4f1a0bc0b77a022666db_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c5cab04907b8d92e0bcd3eb14d91c84a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c642df588f9a84dfc66a910fe39865c5_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c8dc62cdbd26abf64c40aad136c3b433_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c92c9980cf94d6acc0c2234367515502_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c938a60a9ffc356052fa797844c4e008_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cc51d584de449d7b1198683472943913_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ccca7b1f3700f097acdbf876de24c36d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cd3780941e83ada0ea986586cf53f47d_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cd689fe19ed7ee88ed2dbf84eb7e9a4e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cff8d3d0a0197d62b2c3ed49a257eebe_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d0a9f10634b07b42afcdcb2f387ee5a8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d29165e6668cc9312a0c0465f727bb7e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d35a2843b62258f0a40bde8d3fee6d0a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d682e9d2c19b438cb377a26625773556_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d77a8216eb0402b0bdbdb48a8be62469_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d8765889364ae769a0bd61f882275cf8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d9f1bba5bd5f9da31d86e3eaa78a1d0e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\da3314e6914dc4d9144790997006b32f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\da8df1c45c33843cb43354611900767b_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\dcfcfd5368ca391b7941308daf838c74_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e0140a73fd9e4860bda349331cf6bdca_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e21f5cdf438c80d406e13691abcefcb7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e42d1529d1d93bebf5e87458a65b5ed8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e45745841f6860f78b2cc36cbfb1a0b5_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e4e747edff406f465ec11cf501604ca7_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e5177d4a2726de602da5c0012e44dc8e_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e51b51c89fd7486ec696e89d98d14ebf_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e958998273b5129aef140cf9f2f50f6f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ea78f60efd9d84ff977e6a44302906e9_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eaa0b615ab8bbc1872cabe13f4cbce7a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eb721cd5881a0a3b5bc83caa44fc8559_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ec1d985d9b0967659a974d9dc83604d4_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ec9b7398b96af0362f189bf4d1dff9a8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ee4433d2e5adc38dbbe584c67718ddd8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ee57162d5e9dd295e641963cff1bcaf1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eecaf54e80a95494404af121d7456a10_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f496a6aac42daef6c64950db5e442da8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f60ecd74e867fe54f7ff55ad9778b656_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f61c285073129c738f01c4b659fb8e04_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f6521065250f40704a2402a2ebb37826_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f668639e641480c13713c0e70c73f385_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f827d11daf4437b2b7f895b482a5ae9f_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f855c126983108e3b04df5d21fe13306_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f8a424565dba6b8a0a6a051e96331ac8_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f8d3f51530308d0d4fd55343db97a937_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fc19a273c885ca2e3dfab21ad60a2e1a_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fc5db8c303bbdd687537f0f6c8d492ce_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fe711c83947bd68c0f162c49ba037229_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fef9ccbe22dcdc49a4b9ef2c4961cce1_abcd0521-9802-46ed-8045-9ade96e8179f Locked file. Not tested.C:\ProgramData\Microsoft\Windows\GameExplorer\{2b7d455e-90f0-47e0-9c27-63bc87a82570}\PlayTasks\0\Gardenscapes.lnk is OK.C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Gardenscapes.lnk is OK.C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SRTSP\LightningSand.CFD Locked file. Not tested.C:\ProgramData\Templates\ Locked file. Not tested.C:\System Volume Information\ Locked file. Not tested.C:\Users\Default\AppData\Local\History\ Locked file. Not tested.C:\Users\Default\Documents\My Music\ Locked file. Not tested.C:\Users\Default\Documents\My Pictures\ Locked file. Not tested.C:\Users\Default\Documents\My Videos\ Locked file. Not tested.C:\Users\Default\NetHood\ Locked file. Not tested.C:\Users\Default\PrintHood\ Locked file. Not tested.C:\Users\Default\Templates\ Locked file. Not tested.C:\Users\Public\Documents\My Music\ Locked file. Not tested.C:\Users\Public\Documents\My Pictures\ Locked file. Not tested.C:\Users\Public\Documents\My Videos\ Locked file. Not tested.C:\Users\Shanahan\AppData\Local\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\???\???\???\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\ Locked file. Not tested.C:\Users\Shanahan\AppData\Local\History\ Locked file. Not tested.C:\Users\Shanahan\AppData\Local\Microsoft\CardSpace\CardSpaceSP2.db Locked file. Not tested.C:\Users\Shanahan\AppData\Local\Microsoft\CardSpace\CardSpaceSP2.db.shadow Locked file. Not tested.C:\Users\Shanahan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OKQSOA3X\avg_tuh_stf_all_2013_2_24c4.exe.pfbgfvh.partial Corrupted executable fileC:\Users\Shanahan\AppData\Local\Microsoft\Windows\UsrClass.dat Locked file. Not tested.C:\Users\Shanahan\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Locked file. Not tested.C:\Users\Shanahan\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Locked file. Not tested.C:\Users\Shanahan\AppData\Local\Microsoft\Windows\WebCache\V01.log Locked file. Not tested.C:\Users\Shanahan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat Locked file. Not tested.C:\Users\Shanahan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.tmp Locked file. Not tested.C:\Users\Shanahan\Documents\My Music\ Locked file. Not tested.C:\Users\Shanahan\Documents\My Pictures\ Locked file. Not tested.C:\Users\Shanahan\Documents\My Videos\ Locked file. Not tested.C:\Users\Shanahan\NTUSER.DAT Locked file. Not tested.C:\Users\Shanahan\ntuser.dat.LOG1 Locked file. Not tested.C:\Users\Shanahan\ntuser.dat.LOG2 Locked file. Not tested.C:\Users\Shanahan\PrintHood\ Locked file. Not tested.C:\Users\Shanahan\Templates\ Locked file. Not tested.C:\Windows\assembly\GAC_32\Desktop.ini Locked file. Not tested.C:\Windows\assembly\GAC_64\Desktop.ini Locked file. Not tested.C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Locked file. Not tested.C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Locked file. Not tested.C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Locked file. Not tested.C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 Locked file. Not tested.C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 Locked file. Not tested.C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT Locked file. Not tested.C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 Locked file. Not tested.C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 Locked file. Not tested.C:\Windows\System32\catroot2\edb.log Locked file. Not tested.C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Locked file. Not tested.C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Locked file. Not tested.C:\Windows\System32\LogFiles\WMI\RtBackup\ Locked file. Not tested.C:\Windows\SysWOW64\config\systemprofile\Documents\My Music\ Locked file. Not tested.C:\Windows\SysWOW64\config\systemprofile\Documents\My Pictures\ Locked file. Not tested.C:\Windows\SysWOW64\config\systemprofile\Documents\My Videos\ Locked file. Not tested.C:\Windows\SysWOW64\config\systemprofile\My Documents\ Locked file. Not tested.C:\Windows\SysWOW64\config\systemprofile\PrintHood\ Locked file. Not tested.C:\Windows\SysWOW64\config\systemprofile\Recent\ Locked file. Not tested.C:\Windows\SysWOW64\config\systemprofile\SendTo\ Locked file. Not tested.C:\Windows\SysWOW64\config\systemprofile\Start Menu\ Locked file. Not tested.C:\Windows\SysWOW64\config\systemprofile\Templates\ Locked file. Not tested.------------------------------------------------------------Test started: 14.11.2013 14:08:08Duration of test: 1 hour(s) 5 minute(s) 4 second(s)------------------------------------------------------------Objects scanned : 343347Found infections : 311Found high severity : 0Found med severity : 1Found info severity : 310Fixed high severity : 0Fixed med severity : 1Fixed info severity : 0------------------------------------------------------------ Link to post Share on other sites More sharing options...
j33pfx Posted November 18, 2013 Author ID:755094 Share Posted November 18, 2013 Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.11.16.03Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16736Shanahan :: SANDM [administrator]Protection: Enabled11/16/2013 11:31:27 AMmbam-log-2013-11-16 (11-31-27).txtScan type: Full scan (C:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 437508Time elapsed: 1 hour(s), 7 minute(s), 57 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 2C:\Users\Shanahan\AppData\Local\Temp\ydnupgsqlliygwqnqwc.exe (Trojan.Zbot) -> Quarantined and deleted successfully.C:\Users\Shanahan\Desktop\New folder\Downloads\FedEx mail.zip (Trojan.Email.Gen) -> Quarantined and deleted successfully.(end) Link to post Share on other sites More sharing options...
Maniac Posted November 19, 2013 ID:755365 Share Posted November 19, 2013 Hello j33pfx! My name is Borislav and I will be glad to help you solve your malware problem. Please note:If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.Please follow the instructions here and then post the log files in your next reply. http://forums.malwarebytes.org/index.php?showtopic=9573 Link to post Share on other sites More sharing options...
j33pfx Posted November 19, 2013 Author ID:755403 Share Posted November 19, 2013 In my previous post to yours post #3 is the results of the malwarebytes scan I have done. Below you will find the other two logs. attach.txtUNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume2Install Date: 3/14/2010 11:15:38 PMSystem Uptime: 11/16/2013 12:41:15 PM (1 hours ago).Motherboard: Gateway | | ZX4800Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz | CPU 1 | 2200/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 685 GiB total, 561.955 GiB free.D: is CDROM ()E: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP399: 11/3/2013 9:10:32 AM - Installed Microsoft Fix it 50123RP400: 11/3/2013 9:12:51 AM - Windows UpdateRP401: 11/3/2013 9:23:00 AM - Windows UpdateRP402: 11/3/2013 10:02:04 AM - Windows UpdateRP403: 11/3/2013 10:03:04 AM - Installed Microsoft Fix it 50123RP404: 11/3/2013 10:05:53 AM - Windows UpdateRP405: 11/10/2013 11:02:53 AM - Scheduled CheckpointRP406: 11/14/2013 3:00:22 AM - Windows UpdateRP407: 11/14/2013 8:45:33 AM - Windows UpdateRP408: 11/14/2013 11:24:04 AM - Restore OperationRP409: 11/15/2013 9:12:48 AM - Removed AVG 2014RP410: 11/15/2013 9:15:53 AM - Removed AVG 2014.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)3ivx MPEG-4 5.0.3 (remove only)Acrobat.comAdobe AIRAdobe Creative CloudAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.8)Adobe Shockwave Player 12.0Advertising CenteraioprntaioscnnrAVG 2013AVG 2014AVG SafeGuard toolbarBackup Assistant PlusBackup Manager AdvanceBitdefender Antivirus Free EditionBonjourC4USelfUpdaterCCleanercenterCompatibility Pack for the 2007 Office systemCoupon Printer for WindowsCyberLink MediaShowCyberLink PowerCinemaCyberLink YouCamD3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDragon KeepereBay WorldwideessentialsFarmscapesffdshow [rev 2527] [2008-12-19]FlipShareFrontline Systems Premium Solver for Education V7.0GardenscapesGardenscapes: Mansion MakeoverGateway GamesGateway InfoCentreGateway MyBackupGateway Recovery ManagementGateway RegistrationGateway ScreenSaverGateway Touch SuiteGateway UpdaterGoogle ChromeGoogle Chrome FrameGoogle Toolbar for Internet ExplorerGoogle Update HelperHTC Driver InstallerHTC SyncIdentity CardImagXpressIntel® Graphics Media Accelerator DriverITECIRJava Auto UpdaterJava 6 Update 35JMicron Flash Media Controller DriverJunk Mail filter updateKodak AIO PrinterKODAK AiO SoftwareksDIPLeapFrog ConnectLeapFrog Tag PluginLearning Lodge NavigatorMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2007Microsoft Office Excel MUI (English) 2010Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office Live Add-in 1.4Microsoft Office Office 64-bit Components 2007Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2007Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2010Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Professional 2010Microsoft Office Proof (English) 2007Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2007Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2007Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2007Microsoft Office Proofing (English) 2010Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2007Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Suite Activation AssistantMicrosoft Office Word MUI (English) 2007Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Touch Pack for Windows 7Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft WorksMicrosoft XNA Framework Redistributable 3.0Microsoft XNA Framework Redistributable 4.0Motorola Mobile Drivers Installation 4.7.1MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Nero ControlCenterNero DiscSpeedNero DiscSpeed HelpNero DriveSpeedNero DriveSpeed HelpNero Express HelpNero InfoToolNero InfoTool HelpNero InstallerNero Online UpgradeNero StartSmartNero StartSmart HelpNero StartSmart OEMNeroExpressneroxmlNorton Internet SecurityNorton Online BackupNorton Security ScanocrOracle Crystal BallPDF Settings CCPowerCinema MoviePreReqPrintProjectsPython 3.3.2 (64-bit)Realtek High Definition Audio DriverSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596825) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597973) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687309) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760411) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760415) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760585) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760591) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2827326) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2827329) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553284) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2760781) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2827330) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2837597) 32-Bit EditionService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit EditionShopAtHome.com ToolbarSpongeBob Diner Dash 2SpongeBob TypingSpotifyswMSMSystem Requirements LabSystem Requirements Lab for IntelTouchSettingsUnity Web PlayerUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589352) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2597087) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Update for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2827323) 32-Bit EditionUpdate Installer for WildTangent Games AppUse the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)Verizon V CAST Media ManagerVirtual Earth 3D (Beta)Visual Studio 2008 x64 RedistributablesVisual Studio 2010 x64 RedistributablesVisual Studio 2012 x64 RedistributablesVisual Studio 2012 x86 RedistributablesVTech Download Agent LibraryWebExWelcome CenterWildTangent GamesWildTangent Games AppWindows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWModem Driver InstallerYahoo! BrowserPlus 2.9.8Youda Jewel Shop.==== Event Viewer Messages From Past Week ========.11/9/2013 9:02:28 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.2.3 with the system having network hardware address A8-26-D9-51-D7-C9. Network operations on this system may be disrupted as a result.11/16/2013 12:55:14 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-214702489111/16/2013 12:55:14 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-214702489111/16/2013 12:42:32 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.11/16/2013 12:42:21 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.11/15/2013 9:50:09 AM, Error: Service Control Manager [7000] - The bdfwfpf service failed to start due to the following error: The system cannot find the file specified.11/15/2013 9:11:00 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.2.4 with the system having network hardware address A8-26-D9-51-D7-C9. Network operations on this system may be disrupted as a result.11/14/2013 8:46:34 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Office Live add-in 1.5.11/14/2013 7:16:59 PM, Error: Service Control Manager [7024] - The AVG Firewall service terminated with service-specific error %%-536805289.11/14/2013 7:16:35 PM, Error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error %%-536753636.11/14/2013 7:13:04 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The pipe has been ended.11/14/2013 3:49:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}11/14/2013 3:49:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}11/14/2013 3:26:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}11/14/2013 3:15:23 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.11/14/2013 2:04:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}11/14/2013 2:04:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}11/14/2013 2:04:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}11/14/2013 2:04:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}11/14/2013 2:04:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgdiska AVGIDSDriver Avgldx64 BHDrvx64 ccHP discache eeCtrl IDSVia64 spldr SRTSPX SYMTDI Wanarpv611/14/2013 2:04:33 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.11/14/2013 2:04:33 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.11/14/2013 11:37:48 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgfws service.11/12/2013 3:37:43 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR4.11/12/2013 1:10:16 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user SandM\Shanahan SID (S-1-5-21-3767387943-2614688804-3758695101-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.11/12/2013 1:10:16 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user SandM\Shanahan SID (S-1-5-21-3767387943-2614688804-3758695101-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.11/10/2013 8:19:22 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.2.2 with the system having network hardware address A8-26-D9-51-D7-C9. Network operations on this system may be disrupted as a result.11/10/2013 1:47:04 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1..==== End Of File ===========================dds.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16736Run by Shanahan at 13:03:51 on 2013-11-16Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4060.2356 [GMT -5:00].AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\SYSTEM32\WISPTIS.EXEC:\Windows\System32\spoolsv.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exeC:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exeC:\Program Files (x86)\Gateway\Registration\GregHSRW.exeC:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exeC:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exeC:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exeC:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exeC:\Program Files (x86)\CyberLink\Shared files\RichVideo.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Gateway\Gateway Updater\UpdaterService.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\taskhost.exeC:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exeC:\Windows\SYSTEM32\WISPTIS.EXEC:\Program Files\Common Files\microsoft shared\ink\TabTip.exeC:\Windows\System32\WUDFHost.exeC:\Windows\System32\rundll32.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\TouchSettings\TouchPortalOBR.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exeC:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exeC:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exeC:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exeC:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEC:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exeC:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exeC:\Program Files (x86)\SelectRebates\SelectRebates.exeC:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exeC:\Program Files\HTC\ModeSelection\VMMModeSelection.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exeC:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exeC:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exeC:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exeC:\Program Files (x86)\Common Files\Teleca Shared\logger.exeC:\Program Files (x86)\Common Files\Teleca Shared\Generic.exeC:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exeC:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exeC:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exeC:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mStart Page = about:blankmWinlogon: Userinit = userinit.exe,BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dllBHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: ShopAtHomeIEHelper Class: {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dllBHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\31.0.1650.57\npchrome_frame.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: ShopAtHome.com Toolbar: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dllTB: ShopAtHome.com Toolbar: {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dllTB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dlluRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /backgrounduRun: [HLBackupScheduler] C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exeuRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -kmRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDEDmRun: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"mRun: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /smRun: [Mobile Connectivity Suite] "C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptionsmRun: [selectRebates] C:\Program Files (x86)\SelectRebates\SelectRebates.exemRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exemRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exemRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=truemRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exemRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"StartupFolder: C:\Users\Shanahan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}LSP: mswsock.dllTCP: NameServer = 192.168.2.1TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6}\2456C6B696E6F574F505C65737F5D494D4F4F5738353030303 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6}\E6F6470237F60266163747E2E2E2E2 : DHCPNameServer = 192.168.2.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\31.0.1650.57\npchrome_frame.dllHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-mStart Page = about:blankx64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - LocalServer32 - <no file>x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [TouchPortal] C:\Program Files (x86)\Gateway\Gateway Touch Suite\TouchPortal.exex64-Run: [TouchORB] C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exex64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exex64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchx64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - LocalServer32 - <no file>x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>x64-Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - <orphaned>x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-11-15 718840]R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1008030.006\SymEFA64.sys [2011-10-11 402992]R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-9-16 46368]R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-11-15 121928]R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\System32\drivers\NISx64\1008030.006\BHDrvx64.sys [2011-10-11 334384]R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\NISx64\1008030.006\cchpx64.sys [2011-10-11 561800]R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-11-15 148696]R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100505.001\IDSviA64.sys [2010-5-7 466992]R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-11-15 69368]R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-16 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-16 701512]R2 Norton Internet Security;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [2011-10-11 117648]R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-12 62208]R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-11-27 240160]R2 vToolbarUpdater17.1.2;vToolbarUpdater17.1.2;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [2013-11-12 1734680]R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-11-15 593144]R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-11-27 140128]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-16 25928]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-27 233472]R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2009-11-27 658944]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 240736]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2010-6-18 20992]S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2010-1-25 10240]S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2009-11-27 702976]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-11 19456]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-11 57856]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-1 1255736].=============== Created Last 30 ================.2013-11-16 17:44:01 -------- d-----w- C:\Users\Shanahan\AppData\Local\{AAA50666-DA53-47A0-931B-C2EB8F266201}2013-11-16 15:25:18 -------- d-----w- C:\Users\Shanahan\AppData\Roaming\Malwarebytes2013-11-16 15:25:08 -------- d-----w- C:\ProgramData\Malwarebytes2013-11-16 15:25:07 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-11-16 15:25:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-16 15:24:33 -------- d-----w- C:\Users\Shanahan\AppData\Local\Programs2013-11-15 14:50:15 190299 ----a-w- C:\ProgramData\1384526894.bdinstall.bin2013-11-15 14:49:59 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll2013-11-15 14:49:58 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys2013-11-15 14:49:57 718840 ----a-w- C:\Windows\System32\drivers\avc3.sys2013-11-15 14:49:57 593144 ----a-w- C:\Windows\System32\drivers\avckf.sys2013-11-15 14:48:37 -------- d-----w- C:\Users\Shanahan\AppData\Local\{FD63764C-152D-4E4C-B3C9-2164391D52CB}2013-11-15 14:48:21 148696 ----a-w- C:\Windows\System32\drivers\gzflt.sys2013-11-15 14:46:31 132854 ----a-w- C:\ProgramData\1384526281.bdinstall.bin2013-11-15 14:41:28 -------- d-----w- C:\Program Files\Bitdefender2013-11-15 14:40:56 382536 ----a-w- C:\Windows\System32\drivers\trufos.sys2013-11-15 14:38:20 -------- d-----w- C:\Users\Shanahan\AppData\Local\{3C9C45ED-9B89-42A6-A7F5-C737A6B879F4}2013-11-15 14:35:20 798 ----a-w- C:\ProgramData\1384526111.5576.bin2013-11-15 14:35:19 1457 ----a-w- C:\ProgramData\1384526111.1204.bin2013-11-15 14:35:11 43344 ----a-w- C:\ProgramData\1384526111.5952.bin2013-11-15 14:34:44 43608 ----a-w- C:\ProgramData\1384526069.bdinstall.bin2013-11-15 14:12:17 45710 ----a-w- C:\ProgramData\1384524702.bdinstall.bin2013-11-15 14:11:42 -------- d-----w- C:\Users\Shanahan\AppData\Roaming\QuickScan2013-11-15 14:10:29 -------- d-----w- C:\Program Files\CCleaner2013-11-15 00:19:53 -------- d-----w- C:\Users\Shanahan\AppData\Local\{9E90925A-C0C0-4735-9539-6150C7BD8C45}2013-11-14 11:05:12 -------- d-----w- C:\Users\Shanahan\AppData\Local\{3E91625A-65EC-489C-9C40-7CE621ADF242}2013-11-14 08:05:59 2241536 ----a-w- C:\Windows\System32\wininet.dll2013-11-06 13:54:08 -------- d-----w- C:\Users\Shanahan\AppData\Local\{A51DD7F9-1548-4CE6-B0EF-B4AC67BDC73F}2013-10-30 13:43:51 -------- d--h--w- C:\Windows\AxInstSV2013-10-19 15:53:14 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-10-19 15:53:14 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-10-19 15:53:14 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-10-19 15:53:14 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-10-19 15:53:14 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-10-19 15:53:14 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-10-19 15:53:14 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys.==================== Find3M ====================.2013-11-12 14:22:16 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2013-10-14 22:13:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-14 22:13:22 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-10-12 08:43:37 3959808 ----a-w- C:\Windows\System32\jscript9.dll2013-10-12 08:43:32 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-10-12 08:43:32 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-10-12 07:03:50 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-10-12 07:02:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-10-12 07:02:29 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-10-12 07:02:29 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-10-12 06:35:26 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-10-12 06:08:58 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-10-12 05:44:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-10-12 05:15:39 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll.============= FINISH: 13:04:25.95 =============== Link to post Share on other sites More sharing options...
Maniac Posted November 19, 2013 ID:755428 Share Posted November 19, 2013 Step 1 I notice that you are using more than one antivirus program.AVG 2013AVG 2014Norton Internet SecurityThis is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please choose one of them and uninstall the others. Also, please uninstall: AVG SafeGuard toolbar ShopAtHome.com Toolbar When you are done here, please reboot your system. Step 2 Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.Step 3 Please download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Clean.Confirm each time with Ok.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile with your next answer.You can find the logfile at C:\AdwCleaner[s1].txt as well.Step 4Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.Go to Scanner tab and select Perform Quick Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately. In your next reply, post the following log files:Junkware Removal Tool logAdwCleaner logMalwarebytes' Anti-Malware log Link to post Share on other sites More sharing options...
j33pfx Posted November 19, 2013 Author ID:755449 Share Posted November 19, 2013 It gave me some trouble uninstalling avg 2014 and Norton.... but here are the logs... JRT.txt Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.8 (11.05.2013:1)OS: Windows 7 Home Premium x64Ran by Shanahan on Tue 11/19/2013 at 10:27:46.48~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry ValuesSuccessfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\selectrebatesSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exeSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettingsSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbarSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocolSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapiSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocololeSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E8DAAA30-6CAA-4b58-9603-8E54238219E2} ~~~ Files ~~~ FoldersSuccessfully deleted: [Folder] "C:\ProgramData\partner"Successfully deleted: [Folder] "C:\Users\Shanahan\appdata\locallow\conduit"Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"Successfully deleted: [Folder] "C:\Program Files (x86)\selectrebates"Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{000D931B-9044-4F12-9395-96CA707D9C03}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{02958EF6-AAFD-461C-A8E9-8695A128E08F}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{03DE2CC6-CC24-4589-9443-A00471622B83}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{05CC1CAE-45E9-40FC-BE78-5F506AB0C887}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{06F04983-3E29-48D8-9D1C-448BBC0F4390}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{0793948A-9F6D-477E-B9B0-1241C4F7668B}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{0882DA5B-7D29-484D-BE4A-724B57EB2337}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{08D799EA-BECF-4621-97A5-5AB570DC9E1B}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{0F5B56C3-DF89-4657-BB76-F39C6D032D5B}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{1022DCCF-5D61-4720-A1B5-2048BF3B40AD}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{10C02414-81B6-4276-B811-714A60DFCC23}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{13A78ABD-F8E7-4E27-A4CD-3FAB377EF6A1}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{13C46BFB-F5A5-4D16-807C-875B46D55555}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{148956F3-BDAE-4B53-A851-CED84E63E8B2}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{17BCE8B7-7635-4D49-B08F-3027D59ACD52}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{19C3AB45-4FDA-457B-AAA3-AC5196467A68}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{1D3EC675-304A-4A54-B82B-1BCA90B00295}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{1E9C1608-B5CB-4F0A-97D9-7A55D0B4F577}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{208EAA8C-2E53-41F9-A890-D65197AA6F42}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{210A76C8-6506-4ED7-85A8-82D72146C9F5}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{232EC207-B3F9-434F-8C84-852D2A1611DF}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{2343DBAF-3829-44C5-9CFC-ECD9E9CA1E76}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{23AB5817-D540-4806-A548-918D631D5611}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{24623948-F0C4-4611-BEC6-FB8DB2995F40}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{2697D514-1514-443A-B68A-D4F5162256BC}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{26F4EF42-A17C-4A5D-8D5A-4E7E13251763}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{299E4B02-48B4-4227-AA76-8C6DE9F7E434}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{29EBA685-2BFA-44D2-9434-1982F3D1DB15}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{2B4D2B15-ECAE-449C-A574-89D296F6127A}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{2DA91F02-8D9E-48EC-8F57-7577328D79DA}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{2DA9DBF2-8602-4CD9-BC7B-B2AD88670EC8}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3104AECC-3C1E-44E6-9536-FAC7C3FA036C}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{31B31259-9056-43E6-B42C-BA78C7E0990B}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{31F09362-E72A-400D-817D-8D14CAAE3C0F}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{32E3475E-F7F0-4B2B-88A6-193445EB073C}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{33EE76E6-5621-4AB5-8AD4-9E0C99DB84EF}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{34436668-1DEC-45E5-B67E-9246ADE7722C}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{352692A9-4289-4591-BDC0-36B43FFA9E1F}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{359C5A86-3985-42A4-9C4D-1B2C82BEC741}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3722471A-A231-46BD-83EB-DE6572FE95A6}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{384C6FE6-87CE-48FD-90EE-AC40EC943437}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{38C581BF-108E-4555-88CC-05FEBC6132CA}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{39BF3127-3291-4FD7-8C12-3DD6345D4863}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{39D7BDCB-B6AD-4E6B-A2EB-1799403A66AC}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3A06A112-3081-4C19-A7C5-46FEF9BC8FF0}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3C9C45ED-9B89-42A6-A7F5-C737A6B879F4}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3D080582-DCA0-4C29-B26B-0D19CC79344E}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3D0D4D98-DC63-485A-BF01-4C202A68E996}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3E411A71-DCD4-4153-91F9-5BDF02E4EF7D}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3E91625A-65EC-489C-9C40-7CE621ADF242}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{3F391E4A-2391-4D6F-B56C-7FFE012BF94A}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{44A3252F-CB67-4A46-8D40-49BE32F3324D}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{49848138-E42E-4132-97B5-0B4F73BA08D0}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{4A26E426-705B-4ED1-ABFF-E4B5384098D2}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{4BBCD497-F09A-4761-AD64-FE0704CD8F8C}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{4F1313A2-89C9-4EC6-89F2-C6B8B7639738}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{4F6BDE3F-B65F-4265-B48A-D6D8EF2B2518}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{52BDA171-773D-4ED4-B260-C07C672791F5}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{539540CF-58FB-4B84-A020-3D24C4490B47}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{551C1E13-B225-4511-A150-CB2DC9AD9E83}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{55862EDB-D0F2-4B19-AB8A-B05DD554D4F9}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{55AF1E51-CD35-4799-8D6B-426E8D907B50}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{57AC8F3B-B46B-4C7B-8B74-DF6B071506D2}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{57AD88C4-1AFA-4254-9C1A-C6EBE699AD1E}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5834FB27-95E1-46B4-A062-E19071A450F9}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5A9E0AEF-11C1-4EB4-AA1D-8612588DDFA7}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5AD4F67C-8D44-4CD9-9CE8-2C8281A20A4F}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5AF07CAB-C65B-412C-A06A-A46C58100EBC}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5B4E8C61-AFD0-4A8C-BEAC-95410F934D1E}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{5E9B59E8-87C6-4368-A6ED-EE96A1C3662D}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{60253825-0B81-48C2-A3ED-12C70E4ADCEF}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{60E1017F-FBC8-4E8A-9426-9485E9BFABA4}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{613B0EAF-232B-44D1-98F2-CA7C2DA5BC04}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6206626C-2D48-4857-9DE5-547D8B88919D}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{62B86B67-78E6-48ED-B689-E57819EFACC8}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6305F2DC-F267-46F0-8FCB-82D28BDDA0C8}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{64112A84-A262-4C15-A478-F05EA69FAFCC}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{693AFF92-E0E1-48D9-9870-1D689994E57D}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6A0E829F-4625-4A06-B327-4E3DAF4EF45E}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6C275301-F821-4B7E-9F4C-28BC55104579}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6DDF2AED-F578-40BA-8598-73E999C0642C}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6EA12A6D-DFF3-49BE-A339-A9EFB38174F1}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{6FDDD1DD-C772-41AD-A5BF-FFB016D1273B}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7339B68C-3396-4C40-8BAD-829D14F0BF13}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7483D81D-F9D6-42CB-9CFB-60F32070233A}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7932761C-99EE-4E37-A58F-1F6CB7B2C8D7}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7A96715E-1627-47B6-9122-9F9766982664}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7AC5FF2A-3235-42F6-962A-06C196DD2268}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7B45E87E-3DC3-4817-9B3A-3E997D163E43}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7B67B364-11A6-4BE8-BA62-50E80CC81EFD}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7BD02739-5AC7-4A05-9522-7BFBBBAC571C}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7D235F25-5B93-4F51-B7AB-7AD97A8F7D10}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7D719F6B-C1B7-423C-BE3E-D226B91D8D41}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7DD5C1FE-A666-43C5-9D11-F5F6DD5B4DBD}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{7EBCC22D-9880-4290-83C0-5E403E4C1BC3}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{82FBD647-8AC9-4F7A-9E0B-4F2BFDC8080A}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{83139D27-F3B5-4215-9282-E76028937394}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{852236F0-3D5D-43C6-B64E-B073B8666D5A}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{8CB30D34-AA1D-438F-ADE0-9F97F86FF64C}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{8D1FEBF9-DA7B-4B16-B480-DD4BA85FB2F7}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{90256A86-68E7-422B-8FA5-6C46DC74243D}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{93F047DA-F730-4315-B153-6D371E02B524}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{95344663-0C66-49C6-8BFD-63D0D235A518}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{965ABE80-7562-4074-8353-B39EECE815F3}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{966CC131-AA1D-4C73-891D-C0087D70A9B9}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{96BD24F2-3A35-4CCE-9B72-BF3D158DB63E}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9723FB31-C715-4E91-A1E8-5889B7406815}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{986DD34F-4F49-48E2-B0FF-28A1954D6E43}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9AC79358-9E23-483D-90AD-AB6A2067E656}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9D33EA8F-767A-4AD4-AAC3-7F6E7A55281B}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9D3E03A2-23DD-48B1-BC2B-C40E1FE332EF}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9DCB19AB-0596-45B3-9C31-ED7324F8AF7A}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9E3D5634-CE5F-4901-B911-3303269F2CCF}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9E90925A-C0C0-4735-9539-6150C7BD8C45}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9F998087-C149-416C-A3AB-8E1AA26837E1}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{9FF1FF2B-FD3A-4770-AB93-56396422D228}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A02DD4EB-EF05-403A-A9A2-83C12CDFC5C8}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A07422D6-E6AB-48DE-B07F-D72822315EA1}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A0920C58-9CA2-43B4-85D0-C0A44170FAB7}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A26F5F51-64D3-4749-9104-7F23FB20C604}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A43D30DF-C9E0-4516-8ECF-DEF4B9B4DF33}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A51DD7F9-1548-4CE6-B0EF-B4AC67BDC73F}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A5AD9464-A7B2-4342-A133-08D6821AD588}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{A9785C6B-8075-4FD5-B688-A02393BBC0D8}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{AAA50666-DA53-47A0-931B-C2EB8F266201}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{AACBB7C8-9F34-4C18-B06B-97EC13D7B628}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{ADAECF9F-782C-4314-9541-591956683973}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B08470E8-856A-4E31-91F1-B98906D68C6F}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B127F211-495B-44CA-A1DA-239E73DCD2DC}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B1822C3B-59CD-48CA-A21B-DB1E69E68F49}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B28D60C5-6CBA-4B2B-9588-02FB4686CAD1}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B37AE999-C518-4BA0-AEAB-5043CD6C98B8}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B3D9B585-89F2-477B-A6CE-48C23543BDCC}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B565A94C-4732-4005-AF63-CE0F4A6B62DA}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B653425C-AD59-4405-BE68-D1205F8D3D5A}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B7D00EB4-BE07-4950-98E1-B33462788583}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{B8C1264C-59F5-4936-BAD1-505A6E9E6BF0}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{BB2F2522-F319-4D12-98C0-2E70669C8EA7}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{BC72E3BA-A234-4331-9965-DE2BAF93F05B}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{BC7535ED-B39F-4E81-AA5A-584AD30496BD}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{BD038044-C0DC-40B4-93FE-B42E098BC083}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{C0FB9D28-27DD-4388-8983-59230A60F018}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{CAE4E7C3-5482-453F-A32E-11AEA1D17230}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D071151F-04EF-4BE9-B4B8-7B71DB993DE9}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D3E043B6-C1F0-4471-BC0C-9606F74646FE}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D5F94436-D949-4B33-8CBC-1AF33376B648}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D66D62F4-7620-4999-9312-EAFF405DF64B}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D82DE81C-507E-40AA-8755-79AD0163C277}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{D8B4F800-0FF5-46B9-9CF7-033536B04707}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E50BCEFC-5E91-495E-8308-753296F1816F}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E59D0027-85EF-4403-AB63-C0826794B806}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E70B01A9-9EFB-46C0-93F0-A8F2CEEEF699}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E8375880-CF14-41D0-B1D2-39CCEB3F21DB}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E8AB8504-63F6-4A7D-AE03-4DE177C5A775}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{E93B81F5-D6DF-440E-A8AE-35DE64E6AC8F}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{EC2F7F7F-DCCA-44E5-A821-51C07B34E6C2}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{EDE1F7D0-991D-4B0D-84D2-3F55FFCA8D48}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{EF5989DC-90FD-460B-9CD1-ABDC792F9350}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{EF63AC4F-6DC8-4790-A830-52A8879B0D15}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{EF939FF0-B7A3-4C11-8523-DB1D629A9387}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F11BD1C8-8029-40F3-940A-5DC8E8C65A42}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F1DD2B71-5DC6-46ED-984F-501A1189E03E}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F441F698-BA7F-49D8-BF6C-899EDC30ACC9}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F5259036-E255-4A2A-83FA-89E9521F5EF2}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F88DDE40-FA84-4D65-85B4-876A8660D591}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{F971F3D9-580C-4AC1-8C18-2D0043888368}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{FA4AD985-68C6-4E3E-A026-8493D4158D9B}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{FA99FB64-AE3E-49AC-96F9-2A1E7A04CCAD}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{FD63764C-152D-4E4C-B3C9-2164391D52CB}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{FDE56C02-6DA1-40EA-9735-5E444A7892CA}Successfully deleted: [Empty Folder] C:\Users\Shanahan\appdata\local\{FE506705-B2B5-4AF1-BBCD-41AB22051D1E} ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Tue 11/19/2013 at 10:42:20.44End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Adwcleaner # AdwCleaner v3.012 - Report created 19/11/2013 at 10:46:12# Updated 11/11/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Shanahan - SANDM# Running from : C:\Users\Shanahan\Desktop\AdwCleaner.exe# Option : Clean***** [ Services ] ********** [ Files / Folders ] *****Folder Deleted : C:\ProgramData\AVG Security ToolbarFolder Deleted : C:\Program Files (x86)\Common Files\AVG Secure SearchFolder Deleted : C:\Users\Shanahan\AppData\Local\AVG Secure SearchFolder Deleted : C:\Users\Shanahan\AppData\Local\Temp\boost_interprocessFolder Deleted : C:\Users\Shanahan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofFile Deleted : C:\Users\Public\Desktop\eBay.lnkFile Deleted : C:\Users\Shanahan\AppData\Local\Temp\Uninstall.exe***** [ Shortcuts ] ********** [ Registry ] *****Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofValue Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-pluginKey Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\Software\AVG Secure SearchKey Deleted : HKLM\Software\AVG Security Toolbar***** [ Browsers ] *****-\\ Internet Explorer v10.0.9200.16736-\\ Google Chrome v31.0.1650.57[ File : C:\Users\Shanahan\AppData\Local\Google\Chrome\User Data\Default\preferences ]Deleted : icon_url*************************AdwCleaner[R0].txt - [4303 octets] - [19/11/2013 10:44:26]AdwCleaner[s0].txt - [3866 octets] - [19/11/2013 10:46:12]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3926 octets] ########## Malware bytes Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.11.19.07Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16736Shanahan :: SANDM [administrator]Protection: Enabled11/19/2013 10:57:52 AMmbam-log-2013-11-19 (10-57-52).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 219354Time elapsed: 5 minute(s), 38 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
Maniac Posted November 20, 2013 ID:755862 Share Posted November 20, 2013 It gave me some trouble uninstalling avg 2014 and Norton.... but here are the logs... Could you please explain to me about these problems? Link to post Share on other sites More sharing options...
j33pfx Posted November 20, 2013 Author ID:755872 Share Posted November 20, 2013 The uninstaller really didn't do anything with the avg 2014. When I checked the box next to it and ran the uninstaller nothing happened, but when I went to try and uninstall Norton or the tool bar it said I had to wait till the process was done... Norton starts the process then as its collecting its error logs it has a box that pops up and says " Cannot Export C:\ProgramData/NortonInstaller/Sym Temp\Registry5.txt: Error writing the file. There may be a disk or file system error." Then it tell me that it cannot complete the process had an error and to go to the tech support web site Link to post Share on other sites More sharing options...
j33pfx Posted November 20, 2013 Author ID:755877 Share Posted November 20, 2013 Says I need to download a Norton removal tool.... Link to post Share on other sites More sharing options...
Maniac Posted November 20, 2013 ID:755881 Share Posted November 20, 2013 Okay, let's try another way. Download AVG uninstaller: http://download.avg.com/filedir/util/support/avg_remover_stf_x64_2014_4116.exe Follow the instructions to complete the procedure. Next, follow the instructions here to remove Norton Internet Security from your system. https://support.norton.com/sp/en/us/home/current/solutions/kb20080828154508EN_EndUserProfile_en_us When you are ready, reboot your system and generate a new fresh DDS log files. Post them in your next reply. Link to post Share on other sites More sharing options...
j33pfx Posted November 21, 2013 Author ID:756501 Share Posted November 21, 2013 Ok after having a little trouble with both I opted to just reinstall previous valid versions or both Norton and AVG to update and restore corrupt or missing files for both and then properly uninstall them. her are the two logs. .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume2Install Date: 3/14/2010 11:15:38 PMSystem Uptime: 11/21/2013 3:17:43 PM (0 hours ago).Motherboard: Gateway | | ZX4800Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz | CPU 1 | 2200/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 685 GiB total, 563.85 GiB free.D: is CDROM ()E: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP409: 11/15/2013 9:12:48 AM - Removed AVG 2014RP410: 11/15/2013 9:15:53 AM - Removed AVG 2014RP411: 11/19/2013 10:17:19 AM - Removed Norton Online BackupRP412: 11/21/2013 2:52:43 PM - Installed AVG 2014RP413: 11/21/2013 2:53:16 PM - Installed AVG 2014RP414: 11/21/2013 3:02:58 PM - Installed AVG 2014RP415: 11/21/2013 3:03:40 PM - Installed AVG 2014RP416: 11/21/2013 3:15:01 PM - Removed AVG 2014RP417: 11/21/2013 3:16:43 PM - Removed AVG 2014.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)3ivx MPEG-4 5.0.3 (remove only)Acrobat.comAdobe AIRAdobe Creative CloudAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.8)Adobe Shockwave Player 12.0Advertising CenteraioprntaioscnnrBackup Assistant PlusBackup Manager AdvanceBitdefender Antivirus Free EditionBonjourC4USelfUpdaterCCleanercenterCompatibility Pack for the 2007 Office systemCyberLink MediaShowCyberLink PowerCinemaCyberLink YouCamD3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDragon KeepereBay WorldwideessentialsFarmscapesffdshow [rev 2527] [2008-12-19]FlipShareFrontline Systems Premium Solver for Education V7.0GardenscapesGardenscapes: Mansion MakeoverGateway GamesGateway InfoCentreGateway MyBackupGateway Recovery ManagementGateway RegistrationGateway ScreenSaverGateway Touch SuiteGateway UpdaterGoogle ChromeGoogle Chrome FrameGoogle Toolbar for Internet ExplorerGoogle Update HelperHTC Driver InstallerHTC SyncIdentity CardImagXpressIntel® Graphics Media Accelerator DriverITECIRJava Auto UpdaterJava 6 Update 35JMicron Flash Media Controller DriverJunk Mail filter updateKodak AIO PrinterKODAK AiO SoftwareksDIPLeapFrog ConnectLeapFrog Tag PluginLearning Lodge NavigatorMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2007Microsoft Office Excel MUI (English) 2010Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office Live Add-in 1.4Microsoft Office Office 64-bit Components 2007Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2007Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2010Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Professional 2010Microsoft Office Proof (English) 2007Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2007Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2007Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2007Microsoft Office Proofing (English) 2010Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2007Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Suite Activation AssistantMicrosoft Office Word MUI (English) 2007Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Touch Pack for Windows 7Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft WorksMicrosoft XNA Framework Redistributable 3.0Microsoft XNA Framework Redistributable 4.0Motorola Mobile Drivers Installation 4.7.1MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Nero ControlCenterNero DiscSpeedNero DiscSpeed HelpNero DriveSpeedNero DriveSpeed HelpNero Express HelpNero InfoToolNero InfoTool HelpNero InstallerNero Online UpgradeNero StartSmartNero StartSmart HelpNero StartSmart OEMNeroExpressneroxmlocrOracle Crystal BallPDF Settings CCPowerCinema MoviePreReqPrintProjectsPython 3.3.2 (64-bit)Realtek High Definition Audio DriverSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596825) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597973) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687309) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760411) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760415) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760585) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760591) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2827326) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2827329) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553284) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2760781) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2827330) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2837597) 32-Bit EditionService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit EditionSpongeBob Diner Dash 2SpongeBob TypingSpotifyswMSMSystem Requirements LabSystem Requirements Lab for IntelTouchSettingsUnity Web PlayerUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589352) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2597087) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Update for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2827323) 32-Bit EditionUpdate Installer for WildTangent Games AppUse the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)Verizon V CAST Media ManagerVirtual Earth 3D (Beta)Visual Studio 2008 x64 RedistributablesVisual Studio 2010 x64 RedistributablesVisual Studio 2012 x64 RedistributablesVisual Studio 2012 x86 RedistributablesVTech Download Agent LibraryWebExWelcome CenterWildTangent GamesWildTangent Games AppWindows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWModem Driver InstallerYahoo! BrowserPlus 2.9.8Youda Jewel Shop.==== Event Viewer Messages From Past Week ========.11/21/2013 3:20:19 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-214702489111/21/2013 3:20:19 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-214702489111/21/2013 3:18:19 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.11/21/2013 3:18:02 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.11/21/2013 3:05:17 PM, Error: Service Control Manager [7024] - The AVG Firewall service terminated with service-specific error %%-536805289.11/19/2013 10:51:42 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Player Network Sharing Service service, but this action failed with the following error: An instance of the service is already running.11/19/2013 10:51:12 AM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.11/19/2013 10:51:12 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.11/19/2013 10:48:48 AM, Error: Service Control Manager [7000] - The vToolbarUpdater17.1.2 service failed to start due to the following error: The system cannot find the file specified..==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16736Run by Shanahan at 15:19:52 on 2013-11-21Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4060.2421 [GMT -5:00].AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\SYSTEM32\WISPTIS.EXEC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exeC:\Windows\system32\taskhost.exeC:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\SYSTEM32\WISPTIS.EXEC:\Program Files\Common Files\microsoft shared\ink\TabTip.exeC:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exeC:\Program Files (x86)\TouchSettings\TouchPortalOBR.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Windows\System32\hkcmd.exeC:\Program Files (x86)\Gateway\Registration\GregHSRW.exeC:\Windows\System32\igfxpers.exeC:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exeC:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exeC:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exeC:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exeC:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exeC:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exeC:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEC:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exeC:\Program Files\HTC\ModeSelection\VMMModeSelection.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exeC:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exeC:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exeC:\Program Files (x86)\CyberLink\Shared files\RichVideo.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Gateway\Gateway Updater\UpdaterService.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\sysWOW64\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exeC:\Program Files (x86)\Common Files\Teleca Shared\Generic.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\Common Files\Teleca Shared\logger.exeC:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exeC:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exeC:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exeC:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exeC:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Gateway\Gateway Touch Suite\SNSAgent.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mStart Page = about:blankmWinlogon: Userinit = userinit.exe,BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\31.0.1650.57\npchrome_frame.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dlluRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /backgrounduRun: [HLBackupScheduler] C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exeuRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -kmRun: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"mRun: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /smRun: [Mobile Connectivity Suite] "C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptionsmRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exemRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exemRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=truemRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"StartupFolder: C:\Users\Shanahan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 192.168.2.1TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6}\2456C6B696E6F574F505C65737F5D494D4F4F5738353030303 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{85B87C65-B579-4967-86FC-6BC6654EC6F6}\E6F6470237F60266163747E2E2E2E2 : DHCPNameServer = 192.168.2.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\31.0.1650.57\npchrome_frame.dllHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-mStart Page = about:blankx64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - LocalServer32 - <no file>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [TouchPortal] C:\Program Files (x86)\Gateway\Gateway Touch Suite\TouchPortal.exex64-Run: [TouchORB] C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exex64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exex64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchx64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - LocalServer32 - <no file>x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-11-15 718840]R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-9-16 46368]R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-11-15 121928]R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-11-15 148696]R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-11-15 69368]R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-16 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-16 701512]R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-12 62208]R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-11-27 240160]R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-11-15 593144]R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-11-27 140128]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-16 25928]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-27 233472]R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2009-11-27 658944]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 240736]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2010-6-18 20992]S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2010-1-25 10240]S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2009-11-27 702976]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-11 19456]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-11 57856]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-1 1255736].=============== Created Last 30 ================.2013-11-21 20:19:07 -------- d-----w- C:\Users\Shanahan\AppData\Local\{708E4816-C28B-4434-A557-09AB57544481}2013-11-21 20:00:46 -------- d-----w- C:\Users\Shanahan\AppData\Local\{44365F34-B3D9-49C3-8E4F-82BB3D853E94}2013-11-21 19:57:54 -------- d-----w- C:\Users\Shanahan\AppData\Local\CrashDumps2013-11-21 19:34:37 -------- d-----w- C:\Users\Shanahan\AppData\Local\{550696BF-62E0-4883-B1D3-89949B9683E4}2013-11-21 19:24:37 -------- d-----w- C:\Users\Shanahan\AppData\Local\{2AFAA0F5-5233-4075-9AFD-81C60BE4F22C}2013-11-21 19:21:05 -------- d-----w- C:\ProgramData\PCSettings2013-11-19 15:44:06 -------- d-----w- C:\AdwCleaner2013-11-19 15:27:43 -------- d-----w- C:\Windows\ERUNT2013-11-16 15:25:18 -------- d-----w- C:\Users\Shanahan\AppData\Roaming\Malwarebytes2013-11-16 15:25:08 -------- d-----w- C:\ProgramData\Malwarebytes2013-11-16 15:25:07 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-11-16 15:25:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-16 15:24:33 -------- d-----w- C:\Users\Shanahan\AppData\Local\Programs2013-11-15 14:50:15 190299 ----a-w- C:\ProgramData\1384526894.bdinstall.bin2013-11-15 14:49:59 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll2013-11-15 14:49:58 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys2013-11-15 14:49:57 718840 ----a-w- C:\Windows\System32\drivers\avc3.sys2013-11-15 14:49:57 593144 ----a-w- C:\Windows\System32\drivers\avckf.sys2013-11-15 14:48:21 148696 ----a-w- C:\Windows\System32\drivers\gzflt.sys2013-11-15 14:46:31 132854 ----a-w- C:\ProgramData\1384526281.bdinstall.bin2013-11-15 14:41:28 -------- d-----w- C:\Program Files\Bitdefender2013-11-15 14:40:56 382536 ----a-w- C:\Windows\System32\drivers\trufos.sys2013-11-15 14:35:20 798 ----a-w- C:\ProgramData\1384526111.5576.bin2013-11-15 14:35:19 1457 ----a-w- C:\ProgramData\1384526111.1204.bin2013-11-15 14:35:11 43344 ----a-w- C:\ProgramData\1384526111.5952.bin2013-11-15 14:34:44 43608 ----a-w- C:\ProgramData\1384526069.bdinstall.bin2013-11-15 14:12:17 45710 ----a-w- C:\ProgramData\1384524702.bdinstall.bin2013-11-15 14:11:42 -------- d-----w- C:\Users\Shanahan\AppData\Roaming\QuickScan2013-11-15 14:10:29 -------- d-----w- C:\Program Files\CCleaner2013-11-14 08:05:59 2241536 ----a-w- C:\Windows\System32\wininet.dll2013-10-30 13:43:51 -------- d--h--w- C:\Windows\AxInstSV.==================== Find3M ====================.2013-11-12 14:22:16 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2013-10-14 22:13:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-14 22:13:22 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-10-12 08:43:37 3959808 ----a-w- C:\Windows\System32\jscript9.dll2013-10-12 08:43:32 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-10-12 08:43:32 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-10-12 07:03:50 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-10-12 07:02:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-10-12 07:02:29 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-10-12 07:02:29 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-10-12 06:35:26 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-10-12 06:08:58 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-10-12 05:44:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-10-12 05:15:39 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll.============= FINISH: 15:21:40.19 =============== Link to post Share on other sites More sharing options...
Maniac Posted November 22, 2013 ID:756826 Share Posted November 22, 2013 Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here Please visit this webpage and read the ComboFix User's Guide:Once you've read the article and are ready to use the program you can download it directly from the link below.Important! - Please make sure you save combofix to your desktop and do not run it from your browserDirect download link for: ComboFix.exePlease make sure you disable your security applications before running ComboFix.Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.Please copy/paste the contents or attach that log file to your next reply.If needed the file can be located here: C:\combofix.txtNOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer. Link to post Share on other sites More sharing options...
j33pfx Posted November 22, 2013 Author ID:756904 Share Posted November 22, 2013 Ran it here is the log... I have not run anything yet but I do see the icon for windows defender and windows update ... Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4060.1894 [GMT -5:00]Running from: c:\users\Shanahan\Desktop\ComboFix.exeAV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..C:\install.exec:\program files (x86)\Google\Desktop\Installc:\program files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\9519~1\A535~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\@c:\program files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\9519~1\A535~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\L\00000004.@c:\program files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\9519~1\A535~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\L\201d3ddec:\program files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\9519~1\A535~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\L\76603ac3c:\program files (x86)\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\9519~1\A535~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\U\80000032.@c:\programdata\1384526069.bdinstall.binc:\programdata\1384526111.1204.binc:\programdata\1384526111.5576.binc:\programdata\1384526111.5952.binc:\programdata\1384526281.bdinstall.binc:\programdata\1384526894.bdinstall.binc:\users\Shanahan\AppData\Local\assembly\tmpc:\users\Shanahan\AppData\Local\Google\Desktop\Installc:\users\Shanahan\AppData\Local\Google\Desktop\Install\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\2E2F~1\28F0~1\E628~1\{ace1cffe-eb29-e81b-5610-fbf1b0def297}\@c:\users\Shanahan\Documents\~WRL0001.tmpc:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\additional.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\avcheck.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\bdardrv.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\bdmetrics.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\bdnc.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\core\bdcore.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\gzflt.sys . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\gzfltum.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\htmlayout.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\Installer.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\installerpackage.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\lang\en-US.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\lang\it-IT.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\lang\pt-BR.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\lang\ro-RO.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\npcomm.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\setuplauncher.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\ThreatScanner.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\trufos.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\trufos.sys . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\unrar64.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\WPFKickstarter.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\WPFKickstarter4.exe . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\wslib.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\wspack.dll . . . . Failed to deletec:\users\Shanahan\AppData\Local\Temp\GZ_INSTALL_0\wsutils.dll . . . . Failed to delete..((((((((((((((((((((((((( Files Created from 2013-10-22 to 2013-11-22 )))))))))))))))))))))))))))))))..2013-11-22 17:55 . 2013-11-22 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp2013-11-21 19:57 . 2013-11-21 19:57 -------- d-----w- c:\users\Shanahan\AppData\Local\CrashDumps2013-11-21 19:21 . 2013-11-21 19:21 -------- d-----w- c:\programdata\PCSettings2013-11-19 15:44 . 2013-11-19 15:46 -------- d-----w- C:\AdwCleaner2013-11-19 15:27 . 2013-11-19 15:27 -------- d-----w- c:\windows\ERUNT2013-11-16 15:25 . 2013-11-16 15:25 -------- d-----w- c:\users\Shanahan\AppData\Roaming\Malwarebytes2013-11-16 15:25 . 2013-11-16 15:25 -------- d-----w- c:\programdata\Malwarebytes2013-11-16 15:25 . 2013-11-16 15:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-11-16 15:25 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-11-16 15:24 . 2013-11-16 15:24 -------- d-----w- c:\users\Shanahan\AppData\Local\Programs2013-11-15 14:49 . 2009-07-15 06:21 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll2013-11-15 14:49 . 2012-11-02 19:17 261056 ----a-w- c:\windows\system32\drivers\avchv.sys2013-11-15 14:49 . 2013-04-17 19:59 593144 ----a-w- c:\windows\system32\drivers\avckf.sys2013-11-15 14:49 . 2013-04-17 19:59 718840 ----a-w- c:\windows\system32\drivers\avc3.sys2013-11-15 14:48 . 2013-04-22 18:21 148696 ----a-w- c:\windows\system32\drivers\gzflt.sys2013-11-15 14:41 . 2013-11-15 14:50 -------- d-----w- c:\program files\Bitdefender2013-11-15 14:40 . 2013-05-28 17:12 382536 ----a-w- c:\windows\system32\drivers\trufos.sys2013-11-15 14:12 . 2013-11-15 14:12 45710 ----a-w- c:\programdata\1384524702.bdinstall.bin2013-11-15 14:11 . 2013-11-15 14:49 -------- d-----w- c:\users\Shanahan\AppData\Roaming\QuickScan2013-11-15 14:10 . 2013-11-15 14:10 -------- d-----w- c:\program files\CCleaner2013-11-14 08:05 . 2013-10-12 08:45 2241536 ----a-w- c:\windows\system32\wininet.dll2013-11-14 08:05 . 2013-10-12 08:43 15404544 ----a-w- c:\windows\system32\ieframe.dll2013-11-14 08:05 . 2013-10-12 08:43 19269632 ----a-w- c:\windows\system32\mshtml.dll2013-11-07 12:48 . 2013-11-07 12:48 -------- d-----w- c:\users\Shanahan\AppData\Roaming\PlayFirst2013-11-07 12:48 . 2013-11-07 12:48 -------- d-----w- c:\programdata\PlayFirst2013-10-30 13:43 . 2013-10-30 13:44 -------- d--h--w- c:\windows\AxInstSV...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-11-14 08:01 . 2010-05-23 16:49 82896128 ----a-w- c:\windows\system32\MRT.exe2013-11-12 14:22 . 2013-09-16 22:30 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys2013-10-14 22:13 . 2013-10-14 21:27 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-10-14 22:13 . 2011-10-06 18:49 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-09-08 02:30 . 2013-10-10 16:48 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys2013-09-08 02:27 . 2013-10-10 16:48 327168 ----a-w- c:\windows\system32\mswsock.dll2013-09-08 02:03 . 2013-10-10 16:48 231424 ----a-w- c:\windows\SysWow64\mswsock.dll2013-09-04 12:12 . 2013-10-19 15:53 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys2013-09-04 12:11 . 2013-10-19 15:53 325120 ----a-w- c:\windows\system32\drivers\usbport.sys2013-09-04 12:11 . 2013-10-19 15:53 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys2013-09-04 12:11 . 2013-10-19 15:53 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys2013-09-04 12:11 . 2013-10-19 15:53 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys2013-09-04 12:11 . 2013-10-19 15:53 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys2013-09-04 12:11 . 2013-10-19 15:53 7808 ----a-w- c:\windows\system32\drivers\usbd.sys2013-08-29 02:17 . 2013-10-10 16:48 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe2013-08-29 02:16 . 2013-10-10 16:48 1732032 ----a-w- c:\windows\system32\ntdll.dll2013-08-29 02:16 . 2013-10-10 16:48 243712 ----a-w- c:\windows\system32\wow64.dll2013-08-29 02:16 . 2013-10-10 16:48 859648 ----a-w- c:\windows\system32\tdh.dll2013-08-29 02:13 . 2013-10-10 16:48 878080 ----a-w- c:\windows\system32\advapi32.dll2013-08-29 01:51 . 2013-10-10 16:48 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51 . 2013-10-10 16:48 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe2013-08-29 01:50 . 2013-10-10 16:48 5120 ----a-w- c:\windows\SysWow64\wow32.dll2013-08-29 01:50 . 2013-10-10 16:48 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll2013-08-29 01:50 . 2013-10-10 16:48 619520 ----a-w- c:\windows\SysWow64\tdh.dll2013-08-29 01:48 . 2013-10-10 16:48 640512 ----a-w- c:\windows\SysWow64\advapi32.dll2013-08-29 01:48 . 2013-10-10 16:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll2013-08-29 00:49 . 2013-10-10 16:48 25600 ----a-w- c:\windows\SysWow64\setup16.exe2013-08-29 00:49 . 2013-10-10 16:48 7680 ----a-w- c:\windows\SysWow64\instnm.exe2013-08-29 00:49 . 2013-10-10 16:48 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll2013-08-29 00:49 . 2013-10-10 16:48 2048 ----a-w- c:\windows\SysWow64\user.exe2013-08-28 01:21 . 2013-10-10 16:48 3155968 ----a-w- c:\windows\system32\win32k.sys2013-08-28 01:12 . 2013-10-10 16:48 461312 ----a-w- c:\windows\system32\scavengeui.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"PhotoGadgetFirstRun"="0 (0x0)" [X]"MusicGadget"="0 (0x0)" [X]"PhotoGadget"="0 (0x0)" [X]"TouchMemo"="0 (0x0)" [X]"PhotoGadgetFirstRun_Portal"="0 (0x0)" [X]"HLBackupScheduler"="c:\program files\Backup Assistant Plus\V CAST Backup Scheduler.exe" [2012-08-20 7065224]"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-27 39408].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" [2009-08-12 244480]"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]"YouCam Mirror Tray icon"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2009-09-15 167008]"Mobile Connectivity Suite"="c:\program files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-11-19 598016]"AgentMonitor"="c:\program files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" [2012-11-05 377800]"VMM Mode Selection"="c:\program files\HTC\ModeSelection\VMMModeSelection.exe" [2011-02-14 43520]"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-09-03 2237328]"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2013-03-15 2236792].c:\users\Shanahan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0 /sync /restart\0 /sync /restart.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]"Conime"=%windir%\system32\conime.exe"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe""AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe""SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]S2 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [x]S2 Greg_Service;GRegService;c:\program files (x86)\Gateway\Registration\GregHSRW.exe;c:\program files (x86)\Gateway\Registration\GregHSRW.exe [x]S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [x]S2 Updater Service;Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [x]S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-11-15 14:19 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-11-22 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-14 22:13].2013-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-15 03:49].2013-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-15 03:49]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]2013-08-30 14:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]2013-08-30 14:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]2013-08-30 14:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"TouchPortal"="c:\program files (x86)\Gateway\Gateway Touch Suite\TouchPortal.exe" [2009-10-24 4940800]"TouchORB"="c:\program files (x86)\TouchSettings\TouchPortalOBR.exe" [2009-10-23 151368]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-24 8081952]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-13 472984].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmStart Page = about:blankmLocal Page = c:\windows\SysWOW64\blank.htmIE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105TCP: DhcpNameServer = 192.168.2.1.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)Toolbar-Locked - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-3767387943-2614688804-3758695101-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.Email.1".[HKEY_USERS\S-1-5-21-3767387943-2614688804-3758695101-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.VCard.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exec:\program files (x86)\Bonjour\mDNSResponder.exec:\program files (x86)\Flip Video\FlipShare\FlipShareService.exec:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exec:\program files (x86)\CyberLink\Shared files\RichVideo.exec:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exec:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exec:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXEc:\program files (x86)\Common Files\Teleca Shared\CapabilityManager.exec:\program files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exec:\program files (x86)\Common Files\Teleca Shared\logger.exec:\program files (x86)\Common Files\Teleca Shared\Generic.exec:\program files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exec:\program files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exec:\program files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exec:\program files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exec:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe.**************************************************************************.Completion time: 2013-11-22 13:06:38 - machine was rebootedComboFix-quarantined-files.txt 2013-11-22 18:06.Pre-Run: 605,509,496,832 bytes freePost-Run: 605,172,596,736 bytes free.- - End Of File - - B926237C2E46C2261E8F83CED7504F18A36C5E4F47E84449FF07ED3517B43A31 Link to post Share on other sites More sharing options...
Maniac Posted November 23, 2013 ID:757238 Share Posted November 23, 2013 1. Close any open browsers. 2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. 3. Open notepad and copy/paste the text in the quotebox below into it: SecCenter:: AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} Folder:: c:\programdata\PCSettings JavaClearCache:: Save this as CFScript.txt, in the same location as ComboFix.exe Refering to the picture above, drag CFScript into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 10, 2013 Root Admin ID:762757 Share Posted December 10, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts