Jump to content

Recommended Posts

I've had Malwarebytes for a few years now and absolutley love it! Purchased the Pro version 2 years ago and haven't ever had any problems. Have no clue what is going on with my PC now but have been having major issues with it being slow and garbled audio from the speakers for the last couple months now. Malwarebytes has detected Spigot before and I tried removal following directions on other posts but the issues keep coming back and now Malwarebytes comes up clean...thank you in advance!!!
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.25.2
Run by Billy Bloodbath at 18:42:56 on 2014-01-18
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Gateway\Gateway TouchPortal\Touch Movie\TouchMovieService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\OEM\USBDECTION\FixIt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: {650598e1-b35a-45d3-b607-896d7acb64c3} - <orphaned>
mWinlogon: Userinit = userinit.exe,
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
mRun: [MDS_Menu] "C:\Program Files (x86)\Gateway\Gateway TouchPortal\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Gateway\Gateway TouchPortal\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRun: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
mRun: [updReg] C:\Windows\UpdReg.EXE
mRun: [TouchMovieService] "C:\Program Files (x86)\Gateway\Gateway TouchPortal\Touch Movie\TouchMovieService.exe"
mRun: [Conime] C:\Windows\System32\conime.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
IE: {3437D640-C91A-458f-89F5-B9095EA4C28B} - {04F93351-81D2-4484-9982-0D55DEFFFAE6} - C:\Program Files (x86)\PicLensIE\cooliris.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - 
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{074954E7-4144-4912-9FD3-F18CA3EE9744} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{5421AC5E-92EB-42F1-B2EC-33FF4BCDCEE5} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{D90471BF-5C3A-46C9-9F3D-DA24332CDE34} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{D90471BF-5C3A-46C9-9F3D-DA24332CDE34}\279656D65627 : DHCPNameServer = 209.103.248.1 209.103.224.3
TCP: Interfaces\{D90471BF-5C3A-46C9-9F3D-DA24332CDE34}\350594445425D414E4 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{D90471BF-5C3A-46C9-9F3D-DA24332CDE34}\350796465627D616E623 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D90471BF-5C3A-46C9-9F3D-DA24332CDE34}\370796465627D616E6 : DHCPNameServer = 24.196.64.53 68.113.206.10 24.178.162.3
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R? androidusb;SAMSUNG Android Composite ADB Interface Driver
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? clwvd;CyberLink WebCam Virtual Driver
R? cpuz134;cpuz134
R? dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
R? FlyUsb;FLY Fusion
R? IEEtwCollectorService;Internet Explorer ETW Collector Service
R? NisDrv;Microsoft Network Inspection System
R? NisSrv;Microsoft Network Inspection
R? RdpVideoMiniport;Remote Desktop Video Miniport Driver
R? ssadbus;SAMSUNG Android USB Composite Device driver (WDM)
R? ssadmdfl;SAMSUNG Android USB Modem (Filter)
R? ssadmdm;SAMSUNG Android USB Modem Drivers
R? ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
R? SWDUMon;SWDUMon
R? TsUsbFlt;TsUsbFlt
R? TsUsbGD;Remote Desktop Generic USB Device
R? USBAAPL64;Apple Mobile USB Driver
R? WatAdminSvc;Windows Activation Technologies Service
S? ccSet_NST;Norton Identity Safe Settings Manager
S? cvhsvc;Client Virtualization Handler
S? GREGService;GREGService
S? IAStorDataMgrSvc;Intel® Rapid Storage Technology
S? Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service
S? Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service
S? Live Updater Service;Live Updater Service
S? MBAMProtector;MBAMProtector
S? MBAMScheduler;MBAMScheduler
S? MBAMService;MBAMService
S? MBfilt;MBfilt
S? MpFilter;Microsoft Malware Protection Driver
S? NAUpdate;Nero Update
S? NCO;Norton Identity Safe
S? RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter
S? Sftfs;Sftfs
S? sftlist;Application Virtualization Client
S? Sftplay;Sftplay
S? Sftredir;Sftredir
S? Sftvol;Sftvol
S? sftvsa;Application Virtualization Service Agent
S? swvspser;Sierra VSP using Ethernet
S? UNS;Intel® Management and Security Application User Notification Service
S? USBS3S4Detection;USBS3S4Detection
.
=============== Created Last 30 ================
.
2014-01-18 12:45:27 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-18 12:45:26 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-18 12:45:26 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-18 12:45:26 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-18 12:45:26 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-18 12:45:26 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-18 12:45:26 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-18 12:45:12 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-18 12:45:06 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-18 12:23:04 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8B733BB5-C344-4D5A-BB32-B12B6BA99809}\mpengine.dll
2014-01-18 12:07:39 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-21 06:04:22 225656 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2013-12-12 11:00:35 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 11:00:35 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-10 05:43:19 50053120 ----a-w- C:\Program Files (x86)\GUTBC17.tmp
.
============= FINISH: 19:08:55.19 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 6/8/2012 7:33:16 AM
System Uptime: 1/18/2014 3:39:02 PM (4 hours ago)
.
Motherboard: Gateway |  | ZX6961
Processor: Intel® Pentium® CPU G620 @ 2.60GHz | CPU 1 | 2600/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 448 GiB total, 287.432 GiB free.
.
==== Disabled Device Manager Items =============
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.06)
Adobe Shockwave Player 12.0
Advertising Center
aioscnnr
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Best Buy pc app
Bonjour
BufferChm
center
Cooliris for Internet Explorer
Coupon Printer for Windows
CutePDF Writer 3.0
DeviceDiscovery
DolbyFiles
Dropbox
essentials
Gateway Recovery Management
Gateway Registration
Gateway ScreenSaver
Gateway TouchPortal
Gateway Updater
Google Chrome
Google Update Helper
GPBaseService2
Hotkey Utility
HP Customer Participation Program 13.0
HP Deskjet & Photosmart Printer Driver Software 13.0 Rel. A
HP Imaging Device Functions 13.0
HP Photosmart Essential 3.5
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
iCloud
Identity Card
ImagXpress
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Internet TV for Windows Media Center
Java 7 Update 25
Java Auto Updater
JavaFX 2.1.1
Kodak AIO Printer
KODAK AiO Software
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Media Player Codec Pack 4.2.0
MediaShow Espresso
Menu Templates - Starter Kit
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Office Starter 2010 - English
Microsoft Primary Interoperability Assemblies 2005
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Touch Pack for Windows 7
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.0
Movie Templates - Starter Kit
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 11 DiscSpeed
Nero 9 Trial
Nero Audio Pack 1
Nero Blu-ray Player
Nero Blu-ray Player Help (CHM)
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero ControlCenter Help (CHM)
Nero Core Components
Nero CoverDesigner
Nero CoverDesigner Help
Nero CoverDesigner Help (CHM)
Nero Disc Copy Gadget
Nero DiscSpeed
Nero DiscSpeed 11
Nero DiscSpeed 11 Help (CHM)
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Kwik Themes Basic
Nero MediaHome
Nero MediaHome Free
Nero MediaHome Help (CHM)
Nero PhotoSnap
Nero Prerequisite Installer 1.0
Nero Recode
Nero SharedVideoCodecs
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Update
Nero Vision
Nero Vision Help
Nero WaveEditor
Nero WaveEditor Help (CHM)
nero.prerequisites.msi
NeroBurningROM
NeroExpress
neroxml
Norton Identity Safe
ocr
PreReq
Prerequisite installer
QuickTime
Realtek High Definition Audio Driver
RealUpgrade 1.1
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
SF_CDA_ProductContext
SF_CDA_Software
SmartWebPrinting
SolutionCenter
SoundTrax
Status
swMSM
THX TruStudio Pro
Toolbox
Touch Movie
Touch MVP
TouchSettings
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Virtual Earth 3D (Beta)
WebReg
Welcome Center
Windows 7 Upgrade Advisor
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Welcome to the forum.

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running, please create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

I would like to note that when the scan completed I promptly closed the program and then I attempted to connect to the internet to post the log but was unable to due to my PC having no connection and no connections available. Due to the major lag and the overall issues going on I found it easier to copy the log file to a USB drive and use a different PC in my home to post the log. I hope this is acceptable but if not please advise. Thank you.

 

 

RogueKiller V8.8.2 _x64_ [Jan 17 2014] by Tigzy

mail : tigzyRK<at>gmail<dot>com




 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Billy Bloodbath [Admin rights]

Mode : Scan -- Date : 01/22/2014 11:41:19

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 9 ¤¤¤

[RUN][sUSP PATH] HKCU\[...]\Run : Best Buy pc app (C:\Users\CAREYS DESKTOP PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x][x][x][x][x]) -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-634927914-388604562-380135810-1001\[...]\Run : Best Buy pc app (C:\Users\CAREYS DESKTOP PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x][x][x][x][x]) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 1 ¤¤¤

[V2][sUSP PATH] TidyNetwork Update : C:\Users\CAREYS DESKTOP PC\AppData\Local\TidyNetwork.com\tidy2update.exe [x] -> FOUND

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Browser Addons : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

127.0.0.1 08sr.combineads.info # hosts anti-adware / pups

127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups

127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups

127.0.0.1 2010-fr.com # hosts anti-adware / pups

127.0.0.1 2012-new.biz # hosts anti-adware / pups

127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups

127.0.0.1 24h00business.com # hosts anti-adware / pups

127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups

127.0.0.1 ad.adn360.com # hosts anti-adware / pups

127.0.0.1 adeartss.eu # hosts anti-adware / pups

127.0.0.1 adesoeasy.eu # hosts anti-adware / pups

127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups

127.0.0.1 adm.soft365.com # hosts anti-adware / pups

127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups

127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups

127.0.0.1 ads.aff.co # hosts anti-adware / pups

127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups

127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups

127.0.0.1 ads.eorezo.com # hosts anti-adware / pups

127.0.0.1 ads.hooqy.com # hosts anti-adware / pups

[...]

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000AAKX-221CA0 +++++

--- User ---

[MBR] 577884a8fabc27e851b5dd4d4afe8f50

[bSP] 543e1c7a068c3ddd2bfe3132359b6447 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18000 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 36866048 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 37070848 | Size: 458838 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_01222014_114119.txt >>

 

 

 

 

Link to post
Share on other sites

Run RogueKiller again and click Scan

When the scan completes > click on the Registry tab

Put a check next to all of these and uncheck the rest: (if found)

 

[V2][sUSP PATH] TidyNetwork Update : C:\Users\CAREYS DESKTOP PC\AppData\Local\TidyNetwork.com\tidy2update.exe [x] -> FOUND

Now click Delete on the right hand column under Options

-------------

Then lets start with this procedure:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

# AdwCleaner v3.005 - Report created 23/09/2013 at 12:35:17

# Updated 22/09/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : CAREYS DESKTOP PC - THEBLOODWERKS

# Running from : C:\Users\Billy Bloodbath\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16686

 

 

-\\ Mozilla Firefox v22.0 (en-US)

 

[ File : C:\Users\Billy Bloodbath\AppData\Roaming\Mozilla\Firefox\Profiles\mulmrlm5.default\prefs.js ]

 

 

[ File : C:\Users\CAREYS DESKTOP PC\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

 

 

[ File : C:\Users\CAREYS DESKTOP PC\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

 

 

[ File : C:\Users\CAREYS DESKTOP PC\AppData\Roaming\Mozilla\Firefox\Profiles\jadzxrvb.default\prefs.js ]

 

 

-\\ Google Chrome v29.0.1547.76

 

[ File : C:\Users\Billy Bloodbath\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\CAREYS DESKTOP PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted : icon_url

Deleted : search_url

Deleted : suggest_url

Deleted : keyword

 

*************************

 

AdwCleaner[R0].txt - [20074 octets] - [22/09/2013 02:30:50]

AdwCleaner[R1].txt - [1646 octets] - [23/09/2013 12:33:15]

AdwCleaner[s0].txt - [19804 octets] - [22/09/2013 02:32:04]

AdwCleaner[s1].txt - [1481 octets] - [23/09/2013 12:35:17]

 

########## EOF - \AdwCleaner\AdwCleaner[s1].txt - [1541 octets] ##########

# AdwCleaner v3.007 - Report created 09/10/2013 at 11:27:49

# Updated 09/10/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Billy Bloodbath - THEBLOODWERKS

# Running from : C:\Users\CAREYS DESKTOP PC\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16686

 

 

-\\ Mozilla Firefox v

 

[ File : C:\Users\Billy Bloodbath\AppData\Roaming\Mozilla\Firefox\Profiles\mulmrlm5.default\prefs.js ]

 

 

[ File : C:\Users\CAREYS DESKTOP PC\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

 

 

[ File : C:\Users\CAREYS DESKTOP PC\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

 

 

-\\ Google Chrome v30.0.1599.69

 

[ File : C:\Users\Billy Bloodbath\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\CAREYS DESKTOP PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [29644 octets] - [22/09/2013 02:30:50]

AdwCleaner[R1].txt - [3118 octets] - [23/09/2013 12:33:15]

AdwCleaner[R2].txt - [1766 octets] - [01/01/2011 18:01:29]

AdwCleaner[s0].txt - [28403 octets] - [22/09/2013 02:32:04]

AdwCleaner[s1].txt - [2954 octets] - [23/09/2013 12:35:17]

 

########## EOF - \AdwCleaner\AdwCleaner[s1].txt - [3014 octets] ##########

# AdwCleaner v3.017 - Report created 24/01/2014 at 04:43:17

# Updated 12/01/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Billy Bloodbath - THEBLOODWERKS

# Running from : C:\Users\Billy Bloodbath\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Program Files (x86)\GreenTree Applications

Folder Deleted : C:\Program Files (x86)\MyPC Backup

Folder Deleted : C:\Program Files\Level Quality Watcher

Folder Deleted : C:\Users\Billy Bloodbath\AppData\Roaming\Mozilla\Firefox\Profiles\mulmrlm5.default\Extensions\ScorpionSaver@jetpack

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp

Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : [x64] HKLM\SOFTWARE\Scorpion Saver

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16428

 

 

-\\ Mozilla Firefox v

 

[ File : C:\Users\Billy Bloodbath\AppData\Roaming\Mozilla\Firefox\Profiles\mulmrlm5.default\prefs.js ]

 

 

[ File : C:\Users\CAREYS DESKTOP PC\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

 

 

[ File : C:\Users\CAREYS DESKTOP PC\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

 

 

-\\ Google Chrome v32.0.1700.76

 

[ File : C:\Users\Billy Bloodbath\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\CAREYS DESKTOP PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [29644 octets] - [22/09/2013 01:30:50]

AdwCleaner[R1].txt - [6655 octets] - [23/09/2013 11:33:15]

AdwCleaner[R2].txt - [1766 octets] - [01/01/2011 17:01:29]

AdwCleaner[s0].txt - [28403 octets] - [22/09/2013 01:32:04]

AdwCleaner[s1].txt - [6542 octets] - [23/09/2013 11:35:17]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [6602 octets] ##########

 

 


Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.01.24.03

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16476

Billy Bloodbath :: THEBLOODWERKS [administrator]

 

Protection: Enabled

 

1/24/2014 5:19:50 AM

mbam-log-2014-01-24 (05-19-50).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled: 

Objects scanned: 291354

Time elapsed: 1 hour(s), 21 minute(s), 47 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)


 

Link to post
Share on other sites

Next:

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

Took about 4.5 hours to run the ComboFix....but here's the log!!

 

 

 ComboFix 14-01-23.02 - Billy Bloodbath 01/24/2014   9:50.1.2 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8136.5653 [GMT -6:00]
Running from: c:\users\Billy Bloodbath\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Billy Bloodbath\AppData\Local\assembly\tmp
c:\users\Billy Bloodbath\Documents\~yt4A87.tmp
c:\users\CAREYS DESKTOP PC\AppData\Local\assembly\tmp
c:\users\Guest\AppData\Local\assembly\tmp
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-24 to 2014-01-24  )))))))))))))))))))))))))))))))
.
.
2014-01-24 18:37 . 2014-01-24 18:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-24 13:01 . 2014-01-24 13:01 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12C9A74B-F987-4351-A0E0-878D913533F7}\offreg.dll
2014-01-23 17:36 . 2013-11-05 16:51 965000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D3B33A5F-A37D-4EDA-BDFF-CCE45DA0552A}\gapaengine.dll
2014-01-23 17:07 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12C9A74B-F987-4351-A0E0-878D913533F7}\mpengine.dll
2014-01-22 14:50 . 2014-01-22 14:50 -------- d-----w- c:\windows\Migration
2014-01-22 05:36 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-18 12:45 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-18 12:45 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-18 12:45 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-18 12:45 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-18 12:45 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-18 12:45 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-18 12:45 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-18 12:45 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-18 12:45 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-09 00:03 . 2014-01-09 00:03 -------- d-----w- c:\users\Guest\AppData\Local\Diagnostics
2013-12-30 21:49 . 2013-12-30 21:49 -------- d-----w- c:\users\CAREYS DESKTOP PC\AppData\Local\Eastman_Kodak_Company
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-18 21:51 . 2012-06-29 09:14 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2014-01-18 21:50 . 2012-06-29 09:14 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-01-18 21:49 . 2012-06-29 09:14 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-01-18 21:49 . 2012-06-26 09:39 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-01-18 17:33 . 2012-06-09 06:31 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-15 09:07 . 2013-12-15 09:07 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-15 09:07 . 2013-12-15 09:07 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-15 09:07 . 2013-12-15 09:07 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-15 09:07 . 2013-12-15 09:07 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-15 09:07 . 2013-12-15 09:07 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-15 09:07 . 2013-12-15 09:07 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-15 09:07 . 2013-12-15 09:07 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-15 09:07 . 2013-12-15 09:07 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-15 09:07 . 2013-12-15 09:07 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-15 09:07 . 2013-12-15 09:07 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-15 09:07 . 2013-12-15 09:07 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-15 09:07 . 2013-12-15 09:07 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-15 09:07 . 2013-12-15 09:07 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-15 09:07 . 2013-12-15 09:07 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-15 09:07 . 2013-12-15 09:07 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-15 09:07 . 2013-12-15 09:07 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-15 09:07 . 2013-12-15 09:07 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-15 09:07 . 2013-12-15 09:07 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-15 09:07 . 2013-12-15 09:07 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-15 09:07 . 2013-12-15 09:07 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-15 09:07 . 2013-12-15 09:07 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-15 09:07 . 2013-12-15 09:07 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-15 09:07 . 2013-12-15 09:07 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-15 09:07 . 2013-12-15 09:07 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-15 09:07 . 2013-12-15 09:07 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-15 09:07 . 2013-12-15 09:07 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-15 09:07 . 2013-12-15 09:07 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-15 09:07 . 2013-12-15 09:07 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-15 09:07 . 2013-12-15 09:07 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-15 09:07 . 2013-12-15 09:07 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-15 09:07 . 2013-12-15 09:07 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-15 09:07 . 2013-12-15 09:07 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-15 09:07 . 2013-12-15 09:07 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-15 09:07 . 2013-12-15 09:07 413696 ----a-w- c:\windows\system32\html.iec
2013-12-15 09:07 . 2013-12-15 09:07 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-15 09:07 . 2013-12-15 09:07 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-15 09:07 . 2013-12-15 09:07 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-15 09:07 . 2013-12-15 09:07 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-15 09:07 . 2013-12-15 09:07 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-15 09:07 . 2013-12-15 09:07 235520 ----a-w- c:\windows\system32\url.dll
2013-12-15 09:07 . 2013-12-15 09:07 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-15 09:07 . 2013-12-15 09:07 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-15 09:07 . 2013-12-15 09:07 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-15 09:07 . 2013-12-15 09:07 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-15 09:07 . 2013-12-15 09:07 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-15 09:07 . 2013-12-15 09:07 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-15 09:07 . 2013-12-15 09:07 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-15 09:07 . 2013-12-15 09:07 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-15 09:07 . 2013-12-15 09:07 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-15 09:07 . 2013-12-15 09:07 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-15 09:07 . 2013-12-15 09:07 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-15 09:07 . 2013-12-15 09:07 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-15 09:07 . 2013-12-15 09:07 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-15 09:07 . 2013-12-15 09:07 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-15 09:07 . 2013-12-15 09:07 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-15 09:07 . 2013-12-15 09:07 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-15 09:07 . 2013-12-15 09:07 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-15 09:07 . 2013-12-15 09:07 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-15 09:07 . 2013-12-15 09:07 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-14 22:12 . 2012-06-29 09:14 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-12-14 00:07 . 2012-06-26 09:39 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-12-14 00:07 . 2012-06-26 09:39 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-12-12 11:00 . 2012-06-08 15:21 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 11:00 . 2012-06-08 15:21 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-01 12:11 . 2012-06-26 09:39 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-11-26 11:54 . 2013-12-17 09:05 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-17 09:05 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-17 09:05 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-17 09:05 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-17 09:05 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-17 09:05 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-17 09:05 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-17 09:05 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-17 09:05 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-17 09:05 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-17 09:05 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-17 09:05 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-17 09:05 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-17 09:05 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-17 09:05 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-17 09:05 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-17 09:05 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-17 09:05 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-17 09:05 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-17 09:05 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-17 09:05 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-17 09:05 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-17 09:05 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-17 09:05 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-12 01:25 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 01:25 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-12 01:24 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-12 01:24 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-11-07 07:52 . 2013-11-07 07:52 279000 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Best Buy pc app"="c:\users\CAREYS DESKTOP PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms" [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-01 1374720]
"MDS_Menu"="c:\program files (x86)\Gateway\Gateway TouchPortal\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2012-07-25 223128]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-23 150528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2010-09-02 2045440]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"TouchMovieService"="c:\program files (x86)\Gateway\Gateway TouchPortal\Touch Movie\TouchMovieService.exe" [2012-04-26 126024]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"Hotkey Utility"="c:\program files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe" [2011-01-19 620136]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe "c:\programdata\Best Buy pc app\Best Buy pc app.application" [2011-8-29 16032]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe "c:\programdata\Best Buy pc app\Best Buy pc app.application" [2011-8-29 16032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 cpuz134;cpuz134;c:\users\BILLYB~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\BILLYB~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys;c:\windows\SYSNATIVE\DRIVERS\FlyUsb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DE05000.043\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\7DE05000.043\ccSetx64.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 GREGService;GREGService;c:\program files (x86)\Gateway\Registration\GREGsvc.exe;c:\program files (x86)\Gateway\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe;c:\program files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe;c:\oem\USBDECTION\USBS3S4Detection.exe [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 swvspser;Sierra VSP using Ethernet;c:\windows\system32\DRIVERS\swvspser.sys;c:\windows\SYSNATIVE\DRIVERS\swvspser.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-18 12:11 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 11:00]
.
2014-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-09 09:47]
.
2014-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-09 09:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2010-09-02 2045440]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-07 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-07 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-11-07 442328]
"TouchPortalV3Launcher"="c:\program files (x86)\Gateway\Gateway TouchPortal\TouchPortalLauncher.exe" [2010-11-30 438376]
"TouchORB"="c:\program files (x86)\TouchSettings\TouchPortalOBR.exe" [2010-11-12 155752]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-12 11485800]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{650598e1-b35a-45d3-b607-896d7acb64c3} - (no file)
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
Wow6432Node-HKLM-Run-TkBellExe - c:\program files (x86)\Real\RealPlayer\Update\realsched.exe
Wow6432Node-HKLM-Run-PivotSoftware - c:\program files (x86)\Portrait Displays\Pivot Software\wpctrl.exe
Wow6432Node-HKLM-Run-Monitor - c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
Wow6432Node-HKLM-Run-iTunesHelper - c:\program files (x86)\iTunes\iTunesHelper.exe
Wow6432Node-HKLM-Run-DT GWY - c:\program files (x86)\Gateway\EzTune\DTHtml.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-{FBBC4667-2521-4E78-B1BD-8706F774549B} - c:\programdata\{D8EAEB0B-7E66-400B-9DCD-5E815A852728}\Best Buy pc app Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NCO]
"ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2014.5.0.67\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\ACR0101\4&29b312dc&0&12345678&00&02\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\ACR0101\4&29b312dc&0&12345678&00&02\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\ACR0101\4&29b312dc&0&12345678&00&02\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\ACR0101\4&29b312dc&0&UID50529024\Device Parameters\MODES]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\ACR0101\4&29b312dc&0&UID50529024\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\ACR0101\4&29b312dc&0&UID50529024\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\ACR0101\4&29b312dc&0&UID50529024\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
Completion time: 2014-01-24  12:49:16
ComboFix-quarantined-files.txt  2014-01-24 18:49
.
Pre-Run: 308,240,687,104 bytes free
Post-Run: 313,490,849,792 bytes free
.
- - End Of File - - B6769D8282BB0C2D5ACC21481B1B172A
 
Link to post
Share on other sites

Well, I'm not exactly sure how to answer that question right now.  Had some issues again with the internet connection after running the ComboFix but turning the PC off and back on resolved that issue.  And then early this morning I turned the PC on and surprisingly it booted up in less than 5 minutes, which is a huge improvement! Also the internet opened quite quickly and I got into the forum to reply quite smoothly.  But then as I was typing my reply the PC started slow and to start to lag, and got bad quickly!  The letters were appearing on the screen a good 5 to 10 seconds after I had typed them and some letters as I typed were randomly not registering at all....almost as if the wireless keyboard batteries were dying, but that wasn't the case because I replaced it with brand new batteries as well as tried typing with the onscreen keyboard and had the same issues.  I had nothing open at the time except the one internet window, and it ended up getting so bad that eventually I just gave up on trying to reply and closed the window. But before I shut down I decided to take a look at the Task Manager, and oddly to me it showed a constant 100% usage under the Performance Tab when I know that the only thing I had running was the Task Manager. So then after shutting down I powered back up, which had worked recently to fix some other issues as well, but this time it froze at the Start Screen for over 20 minutes until I force turned the power off (held the power button down) so it never made it to the Welcome Screen.  This was the same big issue we had when we first started having some problems some time ago.  The other major issue that we've had since the beginning that has never showed any improvement whatsoever is how the audio on any video or mp3 or I guess all audio played sounds absolutely terrible, all garbled and choppy no matter what else is open on the PC as well as when nothing else is open at all. So then I did shut it down once again for the day until now, where since I started it up again I do not seem to be having any major issues with slow speed or major lag, but I wanted to point out that it definitely is running faster and smoother but not quite yet comparable to how great it ran before all of these issues began.  Also, as things seem to be going ok during this reply I am watching the Task Manager which has been showing a varying percentage for usage under the Performance Tab but still constantly stays between 80 and 100%. That's about the best I can describe what has been going on with it but would be happy to answer any questions you might have...thank you! 

Link to post
Share on other sites

Microsoft Windows [Version 6.1.7601]

Sorry for the delay!! I honestly have no idea what I'm looking for!! So hopefully you can work with this...if not please advise!! Thank you!!

 

Copyright © 2009 Microsoft Corporation.  All rights reserved.

 

C:\Users\Billy Bloodbath>tasklist /svc /fi "imagename eq svchost.exe"

 

Image Name                     PID Services

========================= ======== ============================================

svchost.exe                 452388 DcomLaunch, PlugPlay, Power

svchost.exe                 455296 RpcEptMapper, RpcSs

svchost.exe                 458828 AudioSrv, Dhcp, eventlog,

                                   HomeGroupProvider, lmhosts, wscsvc

svchost.exe                 460688 AudioEndpointBuilder, hidserv, Netman,

                                   PcaSvc, SysMain, TabletInputService,

                                   TrkWks, UxSms, Wlansvc

svchost.exe                 461136 EventSystem, fdPHost, FontCache, netprofm,

                                   nsi, SstpSvc, WdiServiceHost,

                                   WinHttpAutoProxySvc

svchost.exe                 461304 Appinfo, BITS, Browser, EapHost, IKEEXT,

                                   iphlpsvc, LanmanServer, MMCSS, ProfSvc,

                                   RasMan, Schedule, seclogon, SENS,

                                   ShellHWDetection, Themes, Winmgmt, wuauserv

svchost.exe                 465052 gpsvc

svchost.exe                 466584 CryptSvc, Dnscache, LanmanWorkstation,

                                   NlaSvc, TapiSrv

svchost.exe                 468348 BFE, DPS, MpsSvc

svchost.exe                 472744 FDResPub, SSDPSRV, upnphost, wcncsvc

svchost.exe                 472968 hpqcxs08, hpqddsvc

svchost.exe                 479972 Net Driver HPZ12

svchost.exe                 480648 Pml Driver HPZ12

svchost.exe                 499620 PolicyAgent

svchost.exe                 500512 p2pimsvc, p2psvc, PNRPsvc

 

C:\Users\Billy Bloodbath>

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.