Jump to content
Sign in to follow this  
humpd

Superantispyware?

Recommended Posts

I continue to have a problem with Malwarebytes crashing on my Windows 7 64 bit system after years of successfull scanning. Thought I had it fixed a couple of days ago (see earlier post) but it crashed again. After doing everything that various sites recommended to solve the problem, I have given up since I do not want to go through all sorts of scans and fixes to see if I can get Mbam to work again on my system. Any thoughts concerning Superantispyware? Is it a really good on demand scanner or are there others that I should look at. I tried Hitman Pro and after installing it I had all sorts of additional software installed that I did not know were installing when I first set up the program so I do not want to mess with that program again. Thanks for any opinions. By the way, I use Norton Internet Security 2012 but want an on demand scanner to catch anything that might slip through.

Share this post


Link to post
Share on other sites

I use MBAM on my W7 x64 system and not one problem. Are you disabling Norton when you install MBAM?

BTW, for what it's worth...I won't let Norton anywhere near my systems.

 

 

 

 

:geezer:

Share this post


Link to post
Share on other sites

Yes I did, indeed, disable Norton when I installed MBAM. It worked flawlessly until this week when it suddenly began to crash when I tried to use the full scan. The quick scan worked just fine. Wierd. I do not think it is Norton based upon the fact that it worked without problems for years AND what I have read on Norton and MBAM forums. Thus, I am looking for a new scanner.

Share this post


Link to post
Share on other sites

I neglected to mention in my last post that I also keep SUPERAntispyware on had as an on demand scanner. It has "saved my bacon" on more than one occasion. There will be some folks that tell you that SAS is not a 64 bit application, but I don't care, I still use it and it still works for me. ;)

 

 

 

 

:geezer:

Share this post


Link to post
Share on other sites

Nothing wrong with Superantispyware (outside of it's silly name, IMHO), it's held a strong reputation for years and does it's job well. :nospys:

 

:) Y

Share this post


Link to post
Share on other sites

humpd, download Security Check by screen317 from here http://screen317.spywareinfoforum.org/SecurityCheck.exe or here http://screen317.changelog.fr/SecurityCheck.exe
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please post the contents of that document.

 

Also,

download VEW by Vino Rosso http://images.malwareremoval.com/vino/VEW.exe
and save it to your desktop

Double click it to start it Note: If running Windows Vista or Windows 7 you will need to right click the file and select Run as administrator and click Continue or Allow at the User Account Control Prompt.

Click the check boxes next to Application and System located under Select log to query on the upper left

Under Select type to list on the right click the boxes next to Error and Warning Note: If running Windows Vista or Windows 7 also click the box next to Critical (not XP).

Under Number or date of events select Number of events and type 20 in the box next to 1 to 20 and click Run

Once it finishes it will display a log file in notepad

Please copy and paste its entire contents into your next reply


Share this post


Link to post
Share on other sites

Yes I did, indeed, disable Norton when I installed MBAM. It worked flawlessly until this week when it suddenly began to crash when I tried to use the full scan. The quick scan worked just fine.

I think thats the problem. Norton's will allow the quick scan but when MBAM try's to run the full scan and access deeper areas of a computer such as heuristics,or other mostly guarded areas, it sends out a block guard.

Might have to open the Norton program and set an allow entry.

Share this post


Link to post
Share on other sites

Here is the log from the Security check:

Results of screen317's Security Check version 0.99.61

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Disabled!

Norton Internet Security

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

SpywareBlaster 5.0

McAfee SiteAdvisor

Java 6 Update 29

Java 7 Update 13

Java 6 Update 7

Java version out of Date!

Adobe Flash Player 11.6.602.180

Adobe Reader 10.1.6 Adobe Reader out of Date!

Mozilla Firefox (19.0.2)

Mozilla Thunderbird (17.0.4)

Google Chrome 25.0.1364.172

Google Chrome 26.0.1410.43

````````Process Check: objlist.exe by Laurent````````

Norton ccSvcHst.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

I could not get VEW to post as it could not find a VEW text file. That is the error message I see after running the program. This is one reason I just wanted to see if there were other malware scanners that do the job just about as well as Malwarebytes.

Edited by humpd

Share this post


Link to post
Share on other sites

Tried again to get VEW to work but although the notepad window comes up, there is an error message stating that it could not find a VEW.text file and when it asks me if I want to create a file and I select yes, even then I get the same error message. Don't know what else to do. I have followed all the instructions from other web sites about completely deleting Mbam and will try once again to install it with Norton turned off and see if that works. If it fails again, I guess I will use Superantispyware as I am afraid to use Hit Man Pro because of all the additional software that installed the last time I tried to use it.

Share this post


Link to post
Share on other sites

Well, I tried to install and run Malwarebytes again with all virus protection off. It installed OK but as soon as I clicked on Full Scan button, a window popped up with boxes regarding what drives to scan. If I click on any of those or click on the start scan button, the program immediately crashes. Since I cannot get VEW to work, I do not know how to see what happened in the event log so I guess it is Superantispyware unless someone can direct me to a Hit Man Pro that does NOT come with all sorts of additional software one of which is a web backup program (there were 3 altogether the last time I use Hit Man Pro). Thanks for any suggestions.

Share this post


Link to post
Share on other sites

There is noting in the notepad window at all -- just blank. I will try to look for the .txt file in the C drive but I do not thing the program is generating one. Will post back after I run VEW again and look for the file.

Share this post


Link to post
Share on other sites

What about running any of the programs in Safe Mode?

Do you get the same "crash" results?

 

:) Y

Share this post


Link to post
Share on other sites

Found the VEW text file, at least I think this is it. See below: This report was right after I attempted to run Malwarebytes in full scan mode.

'Application' Log - Critical Type~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'Application' Log - Error Type~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Log: 'Application' Date/Time: 01/04/2013 5:03:38 PMType: Error Category: 0Event: 10 Source: Microsoft-Windows-WMIEvent filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.Log: 'Application' Date/Time: 01/04/2013 4:35:36 PMType: Error Category: 101Event: 1002 Source: Application HangThe program mbam.exe version 1.70.0.9 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1644 Start Time: 01ce2ef694371f20 Termination Time: 60000 Application Path: C:Program Files (x86)Malwarebytes' Anti-Malwarembam.exe Report Id: f7f2b4c1-9ae9-11e2-9674-002511e9a8e0Log: 'Application' Date/Time: 31/03/2013 7:32:51 PMType: Error Category: 0Event: 59 Source: SideBySideActivation context generation failed for "c:program files (x86)microsoftsearch enhancement packsearch helpersepsearchhelperie.dll".Error in manifest or policy file "c:program files (x86)microsoftsearch enhancement packsearch helpersepsearchhelperie.dll" on line 2. Invalid Xml syntax.Log: 'Application' Date/Time: 31/03/2013 7:32:24 PMType: Error Category: 0Event: 80 Source: SideBySideActivation context generation failed for "c:program files (x86)ESETeset online scannerESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:WindowsWinSxSmanifestsamd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:WindowsWinSxSmanifestsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.Log: 'Application' Date/Time: 31/03/2013 7:31:37 PMType: Error Category: 0Event: 75 Source: SideBySideActivation context generation failed for "C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPluginBroker.exe".Error in manifest or policy file "C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPluginBroker.exe" on line 2. Multiple requestedPrivileges elements are not allowed in manifest.Log: 'Application' Date/Time: 31/03/2013 6:32:59 PMType: Error Category: 0Event: 80 Source: SideBySideActivation context generation failed for "c:program files (x86)ESETeset online scannerESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:WindowsWinSxSmanifestsamd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:WindowsWinSxSmanifestsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.Log: 'Application' Date/Time: 31/03/2013 6:30:08 PMType: Error Category: 0Event: 75 Source: SideBySideActivation context generation failed for "C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPluginBroker.exe".Error in manifest or policy file "C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPluginBroker.exe" on line 2. Multiple requestedPrivileges elements are not allowed in manifest.Log: 'Application' Date/Time: 31/03/2013 1:29:15 PMType: Error Category: 0Event: 10 Source: Microsoft-Windows-WMIEvent filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.Log: 'Application' Date/Time: 31/03/2013 8:45:30 AMType: Error Category: 0Event: 4104 Source: Windows BackupThe backup was not successful. The error is: The request could not be performed because of an I/O device error. (0x8007045D).Log: 'Application' Date/Time: 31/03/2013 8:42:09 AMType: Error Category: 0Event: 517 Source: Microsoft-Windows-BackupThe backup operation that started at '?2013?-?03?-?31T07:05:17.526400000Z' has failed with following error code '2147943517' (The request could not be performed because of an I/O device error.). Please review the event details for a solution, and then rerun the backup operation once the issue is resolved.Log: 'Application' Date/Time: 31/03/2013 8:36:38 AMType: Error Category: 0Event: 8193 Source: VSSVolume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered .Operation: Instantiating VSS serverLog: 'Application' Date/Time: 31/03/2013 8:36:38 AMType: Error Category: 0Event: 22 Source: VSSVolume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered. This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider. The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name IVssCoordinatorEx2 is [0x80040154, Class not registered ].Operation: Instantiating VSS serverLog: 'Application' Date/Time: 30/03/2013 4:53:24 PMType: Error Category: 0Event: 10 Source: Microsoft-Windows-WMIEvent filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.Log: 'Application' Date/Time: 30/03/2013 4:34:34 PMType: Error Category: 0Event: 10 Source: Microsoft-Windows-WMIEvent filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.Log: 'Application' Date/Time: 30/03/2013 3:43:29 PMType: Error Category: 0Event: 8193 Source: System RestoreFailed to create restore point (Process = C:Program Files (x86)VS Revo GroupRevo UninstallerRevouninstaller.exe Files (x86)VS Revo GroupRevo UninstallerRevouninstaller.exe" ; Description = Revo Uninstaller's restore point - Pokki; Error = 0x800706be).Log: 'Application' Date/Time: 30/03/2013 1:40:45 PMType: Error Category: 0Event: 12503 Source: Distributed Link Tracking ClientThe event description cannot be found.Log: 'Application' Date/Time: 30/03/2013 1:39:09 PMType: Error Category: 0Event: 12503 Source: Distributed Link Tracking ClientThe event description cannot be found.Log: 'Application' Date/Time: 30/03/2013 6:54:04 AMType: Error Category: 0Event: 59 Source: SideBySideActivation context generation failed for "c:program files (x86)microsoftsearch enhancement packsearch helpersepsearchhelperie.dll".Error in manifest or policy file "c:program files (x86)microsoftsearch enhancement packsearch helpersepsearchhelperie.dll" on line 2. Invalid Xml syntax.Log: 'Application' Date/Time: 30/03/2013 6:53:16 AMType: Error Category: 0Event: 80 Source: SideBySideActivation context generation failed for "c:program files (x86)ESETeset online scannerESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:WindowsWinSxSmanifestsamd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:WindowsWinSxSmanifestsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.Log: 'Application' Date/Time: 30/03/2013 6:50:52 AMType: Error Category: 0Event: 75 Source: SideBySideActivation context generation failed for "C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPluginBroker.exe".Error in manifest or policy file "C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPluginBroker.exe" on line 2. Multiple requestedPrivileges elements are not allowed in manifest.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'Application' Log - Information Type~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Log: 'Application' Date/Time: 01/04/2013 5:50:19 PMType: Information Category: 0Event: 0 Source: APC Data ServicePowerEvent handled successfully by the service.Log: 'Application' Date/Time: 01/04/2013 5:50:16 PMType: Information Category: 0Event: 0 Source: APC Data ServicePowerEvent handled successfully by the service.Log: 'Application' Date/Time: 01/04/2013 5:23:28 PMType: Information Category: 0Event: 0 Source: APC Data ServicePowerEvent handled successfully by the service.Log: 'Application' Date/Time: 01/04/2013 5:16:34 PMType: Information Category: 0Event: 1001 Source: Windows Error ReportingFault bucket , type 0 Event Name: AppTermFailureEvent Response: Not available Cab Id: 0 Problem signature: P1: P2: P3: P4: P5: P6: P7: P8: P9: P10: Attached files: C:WindowsTempWER860F.tmpatk.kdmp C:WindowsTempWER862F.tmp.appcompat.txt C:WindowsTempWER868E.tmp.xml These files may be available here: C:ProgramDataMicrosoftWindowsWERReportQueueKernel_0_0_10248737 Analysis symbol: Rechecking for solution: 0 Report Id: 6e56a151-9aed-11e2-9674-002511e9a8e0 Report Status: 0Log: 'Application' Date/Time: 01/04/2013 5:10:43 PMType: Information Category: 0Event: 903 Source: Microsoft-Windows-Security-SPPThe Software Protection service has stopped.Log: 'Application' Date/Time: 01/04/2013 5:05:42 PMType: Information Category: 0Event: 902 Source: Microsoft-Windows-Security-SPPThe Software Protection service has started. 6.1.7601.17514Log: 'Application' Date/Time: 01/04/2013 5:05:42 PMType: Information Category: 0Event: 1003 Source: Microsoft-Windows-Security-SPPThe Software Protection service has completed licensing status check. Application Id=55c92734-d682-4d71-983e-d6ec3f16059f Licensing Status=1: 01f5fc37-a99e-45c5-b65e-d762f3518ead, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]2: 2e7d060d-4714-40f2-9896-1e4f15b612ad, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 3 0 msft:rm/algorithm/hwid/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]3: 3b965dfc-31d9-4903-886f-873a0382776c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]4: 586bc076-c93d-429a-afe5-a69fbc644e88, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]5: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]6: 5e35dc43-389b-47c5-b889-2088b06738cb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]7: 6a7d5d8a-92af-4e6a-af4b-8fddaec800e5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]8: 9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]9: 9f83d90f-a151-4665-ae69-30b3f63ec659, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]10: a63275f4-530c-48a7-b0d3-4f00d688d151, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]11: b8a4bb91-69b1-460d-93f8-40e0670af04a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]12: d2c04e90-c3dd-4260-b0f3-f845f5d27d64, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]13: e68b141f-4dfa-4387-b3b7-e65c4889216e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]14: ee4e1629-bcdc-4b42-a68f-b92e135f78d7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]16: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]Log: 'Application' Date/Time: 01/04/2013 5:05:42 PMType: Information Category: 0Event: 1066 Source: Microsoft-Windows-Security-SPPInitialization status for service objects. C:Windowssystem32sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000C:Windowssystem32sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000C:Windowssystem32sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000C:Windowssystem32sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000C:Windowssystem32sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000C:Windowssystem32sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000Log: 'Application' Date/Time: 01/04/2013 5:05:40 PMType: Information Category: 0Event: 1 Source: SecurityCenterThe Windows Security Center Service has started.Log: 'Application' Date/Time: 01/04/2013 5:05:36 PMType: Information Category: 0Event: 900 Source: Microsoft-Windows-Security-SPPThe Software Protection service is starting.Log: 'Application' Date/Time: 01/04/2013 5:05:36 PMType: Information Category: 0Event: 0 Source: Intuit Update ServiceService started successfully.Log: 'Application' Date/Time: 01/04/2013 5:05:26 PMType: Information Category: 0Event: 0 Source: Intuit Update ServiceService started successfully.Log: 'Application' Date/Time: 01/04/2013 5:05:20 PMType: Information Category: 0Event: 0 Source: gupdateThe event description cannot be found.Log: 'Application' Date/Time: 01/04/2013 5:05:02 PMType: Information Category: 1Event: 101 Source: SkypeUpdateService stopped.Log: 'Application' Date/Time: 01/04/2013 5:05:01 PMType: Information Category: 1Event: 103 Source: SkypeUpdateSkypeUpdate service is shutting down due to idle timeout.Log: 'Application' Date/Time: 01/04/2013 5:03:32 PMType: Information Category: 1Event: 1003 Source: Microsoft-Windows-SearchThe Windows Search Service started.Log: 'Application' Date/Time: 01/04/2013 5:03:28 PMType: Information Category: 3Event: 302 Source: ESENTWindows (4168) Windows: The database engine has successfully completed recovery steps.Log: 'Application' Date/Time: 01/04/2013 5:03:26 PMType: Information Category: 3Event: 301 Source: ESENTWindows (4168) Windows: The database engine has begun replaying logfile C:ProgramDataMicrosoftSearchDataApplicationsWindowsMSS.log.Log: 'Application' Date/Time: 01/04/2013 5:03:24 PMType: Information Category: 0Event: 0 Source: HPSLPSVCThe event description cannot be found.Log: 'Application' Date/Time: 01/04/2013 5:03:21 PMType: Information Category: 3Event: 301 Source: ESENTWindows (4168) Windows: The database engine has begun replaying logfile C:ProgramDataMicrosoftSearchDataApplicationsWindowsMSS00113.log.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'System' Log - Critical Type~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Log: 'System' Date/Time: 01/04/2013 5:02:41 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 31/03/2013 1:27:30 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 30/03/2013 4:31:20 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 29/03/2013 3:06:43 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 25/03/2013 1:49:41 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 24/03/2013 9:54:57 AMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 24/03/2013 8:38:20 AMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 24/03/2013 7:14:17 AMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 20/03/2013 6:54:57 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 23/02/2013 3:44:38 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 22/01/2013 5:11:27 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 20/11/2012 4:41:34 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 11/11/2012 7:15:16 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 30/10/2012 8:46:14 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 18/10/2012 11:42:36 AMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.Log: 'System' Date/Time: 09/10/2012 10:23:16 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'System' Log - Error Type~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Log: 'System' Date/Time: 01/04/2013 5:50:22 PMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.Log: 'System' Date/Time: 01/04/2013 12:49:06 PMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.Log: 'System' Date/Time: 01/04/2013 4:23:41 AMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.Log: 'System' Date/Time: 01/04/2013 4:16:14 AMType: Error Category: 0Event: 14 Source: volsnapThe shadow copies of volume L: were aborted because of an IO failure on volume L:.Log: 'System' Date/Time: 01/04/2013 12:54:24 AMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.Log: 'System' Date/Time: 31/03/2013 3:38:23 PMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.Log: 'System' Date/Time: 31/03/2013 7:07:15 AMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.Log: 'System' Date/Time: 30/03/2013 8:51:20 PMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.Log: 'System' Date/Time: 30/03/2013 5:38:09 PMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.Log: 'System' Date/Time: 30/03/2013 4:33:06 PMType: Error Category: 0Event: 7000 Source: Service Control ManagerThe APC Data Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.Log: 'System' Date/Time: 30/03/2013 4:33:06 PMType: Error Category: 0Event: 7009 Source: Service Control ManagerA timeout was reached (30000 milliseconds) while waiting for the APC Data Service service to connect.Log: 'System' Date/Time: 30/03/2013 4:32:07 PMType: Error Category: 0Event: 6008 Source: EventLogThe previous system shutdown at 12:18:28 PM on ?3/?30/?2013 was unexpected.Log: 'System' Date/Time: 30/03/2013 3:10:19 AMType: Error Category: 0Event: 10010 Source: Microsoft-Windows-DistributedCOMThe server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.Log: 'System' Date/Time: 29/03/2013 6:15:06 PMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.Log: 'System' Date/Time: 28/03/2013 12:17:42 PMType: Error Category: 0Event: 7000 Source: Service Control ManagerThe Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.Log: 'System' Date/Time: 28/03/2013 12:17:42 PMType: Error Category: 0Event: 7009 Source: Service Control ManagerA timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.Log: 'System' Date/Time: 28/03/2013 12:15:49 PMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.Log: 'System' Date/Time: 28/03/2013 8:17:08 AMType: Error Category: 0Event: 7031 Source: Service Control ManagerThe Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.Log: 'System' Date/Time: 28/03/2013 8:17:08 AMType: Error Category: 0Event: 7024 Source: Service Control ManagerThe Windows Search service terminated with service-specific error %%-1073473535.Log: 'System' Date/Time: 28/03/2013 7:05:17 AMType: Error Category: 0Event: 11 Source: DiskThe driver detected a controller error on DeviceHarddisk2DR2.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'System' Log - Information Type~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Log: 'System' Date/Time: 01/04/2013 6:05:13 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe Diagnostic System Host service entered the stopped state.Log: 'System' Date/Time: 01/04/2013 5:58:49 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe Multimedia Class Scheduler service entered the stopped state.Log: 'System' Date/Time: 01/04/2013 5:54:37 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe Application Experience service entered the running state.Log: 'System' Date/Time: 01/04/2013 5:53:25 PMType: Information Category: 0Event: 26 Source: Application PopupApplication popup: Windows - Delayed Write Failed : Exception Processing Message 0xc000a082 Parameters 0x000007FEFDD7718C 0x000007FEFDD7718C 0x000007FEFDD7718C 0x000007FEFDD7718CLog: 'System' Date/Time: 01/04/2013 5:53:25 PMType: Information Category: 0Event: 26 Source: Application PopupApplication popup: Windows - Delayed Write Failed : Exception Processing Message 0xc000a082 Parameters 0x000007FEFDD7718C 0x000007FEFDD7718C 0x000007FEFDD7718C 0x000007FEFDD7718CLog: 'System' Date/Time: 01/04/2013 5:53:25 PMType: Information Category: 0Event: 26 Source: Application PopupApplication popup: Windows - Delayed Write Failed : Exception Processing Message 0xc000a082 Parameters 0x000007FEFDD7718C 0x000007FEFDD7718C 0x000007FEFDD7718C 0x000007FEFDD7718CLog: 'System' Date/Time: 01/04/2013 5:53:23 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe Windows Connect Now - Config Registrar service entered the running state.Log: 'System' Date/Time: 01/04/2013 5:53:23 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe Function Discovery Provider Host service entered the running state.Log: 'System' Date/Time: 01/04/2013 5:50:58 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe Multimedia Class Scheduler service entered the running state.Log: 'System' Date/Time: 01/04/2013 5:50:52 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe WinHTTP Web Proxy Auto-Discovery Service service entered the stopped state.Log: 'System' Date/Time: 01/04/2013 5:50:21 PMType: Information Category: 0Event: 1 Source: Microsoft-Windows-Power-TroubleshooterThe system has resumed from sleep. Sleep Time: ?2013?-?04?-?01T17:23:26.544200000Z Wake Time: ?2013?-?04?-?01T17:50:16.683400000Z Wake Source: Device -USB Root HubLog: 'System' Date/Time: 01/04/2013 5:50:20 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe Adobe Flash Player Update Service service entered the stopped state.Log: 'System' Date/Time: 01/04/2013 5:50:20 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe Adobe Flash Player Update Service service entered the running state.Log: 'System' Date/Time: 01/04/2013 5:50:20 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe TCP/IP NetBIOS Helper service entered the running state.Log: 'System' Date/Time: 01/04/2013 5:50:20 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe Pml Driver HPZ12 service entered the running state.Log: 'System' Date/Time: 01/04/2013 5:50:20 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe Windows Image Acquisition (WIA) service entered the running state.Log: 'System' Date/Time: 01/04/2013 5:50:13 PMType: Information Category: 0Event: 1 Source: Microsoft-Windows-Kernel-GeneralThe system time has changed to ?2013?-?04?-?01T17:50:13.500000000Z from ?2013?-?04?-?01T17:23:42.518600000Z.Log: 'System' Date/Time: 01/04/2013 5:23:39 PMType: Information Category: 0Event: 7036 Source: Service Control ManagerThe TCP/IP NetBIOS Helper service entered the stopped state.Log: 'System' Date/Time: 01/04/2013 5:23:39 PMType: Information Category: 0Event: 7042 Source: Service Control ManagerThe TCP/IP NetBIOS Helper service was successfully sent a stop control. The reason specified was: 0x40030011 [Operating System: Network Connectivity (Planned)] Comment: NoneLog: 'System' Date/Time: 01/04/2013 5:23:39 PMType: Information Category: 0Event: 8033 Source: BROWSERThe browser has forced an election on network DeviceNetBT_Tcpip_{A4E21433-30FF-433A-A2CA-C9295CDF5DB1} because a master browser was stopped.

Share this post


Link to post
Share on other sites

Download DDS from one of these links:
http://download.bleepingcomputer.com/sUBs/dds.com]DDS.com[/url]
http://www.forospyware.com/sUBs/dds]DDS.pif[/url]

  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.
No need for that though ..... just post it's contents as you would any other log.

Share this post


Link to post
Share on other sites

Here it is:

DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.13.2Run by Owner at 15:29:55 on 2013-04-01Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3966.2644 [GMT -4:00].AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:Windowssystem32lsm.exeC:Windowssystem32svchost.exe -k DcomLaunchC:Program Files (x86)USB Safely RemoveUSBSRService.exeC:Windowssystem32nvvsvc.exeC:Windowssystem32svchost.exe -k RPCSSC:WindowsSystem32svchost.exe -k LocalServiceNetworkRestrictedC:WindowsSystem32svchost.exe -k LocalSystemNetworkRestrictedC:Windowssystem32svchost.exe -k netsvcsC:Windowssystem32svchost.exe -k LocalServiceC:Windowssystem32svchost.exe -k NetworkServiceC:Windowssystem32nvvsvc.exeC:WindowsSystem32spoolsv.exeC:Windowssystem32svchost.exe -k LocalServiceNoNetworkC:Program Files (x86)Common FilesAdobeARM1.0armsvc.exeC:Program Files (x86)APCPowerChute Personal Editionmainserv.exeC:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exeC:Program Files (x86)Application UpdaterApplicationUpdater.exeC:WindowsSysWOW64atashost.exeC:Program FilesBonjourmDNSResponder.exeC:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonationC:WindowsSysWOW64svchost.exe -k hpdevmgmtc:Program Files (x86)Common FilesLightScribeLSSrvc.exeC:Program Files (x86)McAfeeSiteAdvisorMcSACore.exeC:Windowssystem32rundll32.exeC:Program Files (x86)MotorolaMotoHelperMotoHelperService.exeC:WindowsSysWOW64rundll32.exeC:Windowssystem32rundll32.exeC:Program FilesMicrosoft LifeCamMSCamS64.exeC:Windowssystem32taskhost.exeC:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccSvcHst.exeC:Windowssystem32Dwm.exeC:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exeC:WindowsExplorer.EXEC:Program Files (x86)MotorolaMotoHelperMotoHelperAgent.exeC:Windowssystem32taskeng.exeC:Windowssystem32svchost.exe -k imgsvcC:Program Files (x86)Common FilesUlead SystemsDVDULCDRSvr.exeC:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXEC:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccSvcHst.exeC:Program Files (x86)APCPowerChute Personal Editiondataserv.exeC:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exeC:Program FilesLogitechSetPointPSetPoint.exeC:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exeC:Program Files (x86)GoogleDrivegoogledrivesync.exeC:Program Files (x86)HPDigital Imagingbinhpqtra08.exeC:Program Files (x86)EvernoteEvernoteEvernoteClipper.exeC:Program Files (x86)Hewlett-PackardMediaDVDDVDAgent.exeC:hpsupporthpsysdrv.exeC:Program Files (x86)Hewlett-PackardTouchSmartMediaTSMAgent.exeC:Program Files (x86)Hewlett-PackardTouchSmartMediaKernelCLMLCLMLSvc.exeC:Program Files (x86)HPHP Software Updatehpwuschd2.exeC:Program Files (x86)IObitSmart Defrag 2SmartDefrag.exeC:Program Files (x86)Callawayupro syncUPROsync.exeC:Program Files (x86)iTunesiTunesHelper.exeC:Program Files (x86)Common FilesSpigotSearch SettingsSearchSettings.exeC:Program Files (x86)APCPowerChute Personal Editionapcsystray.exeC:Program Files (x86)GoogleDrivegoogledrivesync.exeC:Program FilesiPodbiniPodService.exeC:Windowssystem32SearchIndexer.exeC:Windowssystem32svchost.exe -k HPServiceC:Windowssystem32svchost.exe -k NetworkServiceNetworkRestrictedC:Program Files (x86)HPDigital ImagingbinhpqSTE08.exeC:Program Files (x86)HPDigital Imagingbinhpqbam08.exeC:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exeC:Program Files (x86)HPDigital Imagingbinhpqgpc01.exeC:Program FilesCommon FilesLogiShrdKHAL3KHALMNPR.EXEC:Program Files (x86)Hewlett-PackardKBDkbd.exeC:Program Files (x86)Common FilesIntuitUpdate ServiceIntuitUpdateService.exeC:Program Files (x86)Common FilesIntuitUpdate Service v4IntuitUpdateService.exeC:WindowsSystem32WUDFHost.exeC:Program FilesWindows Media Playerwmpnetwk.exeC:Windowssystem32svchost.exe -k SDRSVCC:Program Files (x86)Mozilla Firefoxfirefox.exeC:Windowssystem32NOTEPAD.EXEC:WindowsSystem32svchost.exe -k HPZ12C:Windowssystem32taskeng.exeC:Windowssystem32SearchProtocolHost.exeC:Windowssystem32SearchFilterHost.exeC:Windowssystem32taskhost.exeC:Windowssystem32wbemwmiprvse.exeC:WindowsSystem32cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://search.yahoo.com?type=902615&fr=spigot-yhp-ieuSearch Bar = PreserveuSearch Page = hxxp://www.google.comuDefault_Page_URL = hxxp://isearch.glarysoft.com/?src=iehomemStart Page = hxxp://isearch.glarysoft.com/?src=iehomemDefault_Page_URL = hxxp://isearch.glarysoft.com/?src=iehomeuProxyOverride = 192.168.*.*;*.local;<local>uSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%suURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:Program Files (x86)IObit Apps ToolbarIE7.0iobitappsToolbarIE.dlluURLSearchHooks: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - <orphaned>BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dllBHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_printenhancer.dllBHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:Program Files (x86)IObit Apps ToolbarIE7.0iobitappsToolbarIE.dllBHO: InfoAtoms: {103089DA-0F31-4A8B-843F-7D24A7FE8345} - C:Program Files (x86)InfoAtomsIE32InfoAtomsClientIE.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dllBHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:Program Files (x86)AskBarDisbarbinaskBar.dllBHO: GetSavin 5.0: {35FEAFD5-3DBB-4971-BC1C-42FF009A4089} - C:UsersOwnerAppDataLocalgetsaviniegetsavin_1364569801.dllBHO: FastestTubeBHO Class: {3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} - C:Program Files (x86)FastestTube2.1.5WombatBHO.dllBHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dllBHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ipsipsbho.dllBHO: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:Program Files (x86)StartNow ToolbarToolbar32.dllBHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dllBHO: Search.com Bar: {80987362-6216-49bc-98e4-77e6cf71a5d7} - C:Program Files (x86)searchcom_001searchcom_001X.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dllBHO: TBSB05810 Class: {A7AF277D-1466-4A7B-93AF-B043984A5671} - C:Program Files (x86)Glarysoft Toolbartbcore3.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dllBHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dllBHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:Program Files (x86)MSNToolbar3.0.0541.0msneshellx.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dllBHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dllTB: Ask Toolbar: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:Program Files (x86)AskBarDisbarbinaskBar.dllTB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dllTB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:Program Files (x86)MSNToolbar3.0.0541.0msneshellx.dllTB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:Program Files (x86)AskBarDisbarbinaskBar.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dllTB: att.net Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dllTB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:Program Files (x86)StartNow ToolbarToolbar32.dllTB: Search.com Bar: {80987362-6216-49bc-98e4-77e6cf71a5d7} - C:Program Files (x86)searchcom_001searchcom_001X.dllTB: Glarysoft Toolbar: {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - C:Program Files (x86)Glarysoft Toolbartbcore3.dllTB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:Program Files (x86)IObit Apps ToolbarIE7.0iobitappsToolbarIE.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_bho.dlluRun: [ehTray.exe] C:WindowsehomeehTray.exeuRun: [HPAdvisor] C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe autorun=AUTORUNuRun: [GoogleDriveSync] "C:Program Files (x86)GoogleDrivegoogledrivesync.exe" /autostartmRun: [DVDAgent] "c:Program Files (x86)Hewlett-PackardMediaDVDDVDAgent.exe"mRun: [hpsysdrv] c:hpsupporthpsysdrv.exemRun: [KBD] C:Program Files (x86)Hewlett-PackardKBDKbdStub.EXEmRun: [TSMAgent] "c:Program Files (x86)Hewlett-PackardTouchSmartMediaTSMAgent.exe"mRun: [updateP2GoShortCut] "c:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe" "c:Program Files (x86)CyberLinkPower2Go" UpdateWithCreateOnce "SOFTWARECyberLinkPower2Go6.0"mRun: [updatePDIRShortCut] "c:Program Files (x86)CyberLinkPowerDirectorMUITransferMUIStartMenu.exe" "c:Program Files (x86)CyberLinkPowerDirector" UpdateWithCreateOnce "SOFTWARECyberLinkPowerDirector7.0"mRun: [updatePSTShortCut] "c:Program Files (x86)CyberLinkCyberLink DVD Suite DeluxeMUITransferMUIStartMenu.exe" "c:Program Files (x86)CyberLinkCyberLink DVD Suite Deluxe" UpdateWithCreateOnce "SoftwareCyberLinkPowerStarter"mRun: [CLMLServer for HP TouchSmart] "c:Program Files (x86)Hewlett-PackardTouchSmartMediaKernelCLMLCLMLSvc.exe"mRun: [HP Software Update] C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exemRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"mRun: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio SE DVDuvPL.exemRun: [Display] C:Program Files (x86)APCPowerChute Personal EditionDataCollectionLauncher.exemRun: [uProWebSync] C:Program Files (x86)Callawayupro syncUPROsync.exemRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"mRun: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"mRun: [searchSettings] "C:Program Files (x86)Common FilesSpigotSearch SettingsSearchSettings.exe"StartupFolder: C:UsersOwnerAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupEVERNO~1.LNK - C:Program Files (x86)EvernoteEvernoteEvernoteClipper.exeStartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupAPCUPS~1.LNK - C:Program Files (x86)APCPowerChute Personal EditionDisplay.exeStartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupHPDIGI~1.LNK - C:Program Files (x86)HPDigital Imagingbinhpqtra08.exeStartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupMRI_DI~1PICTUR~1.LNK - C:Program Files (x86)PictureMoverBinPictureMover.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Evernote 4.0 - C:Program Files (x86)EvernoteEvernoteEvernoteIE.dll/204IE: Add to Google Photos Screensa&ver - C:WindowsSystem32GPhotos.scr/200IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:Program Files (x86)Microsoft OfficeOffice12ONBttnIE.dllIE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exeIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:Program Files (x86)EvernoteEvernoteEvernoteIE.dll/204IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CABDPF: {3356DB7C-58A7-11D4-AA5C-006097314BF8} - hxxp://smartdownload.encore.com/new/launcher.cabDPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cabDPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cabDPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cabDPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cabDPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cabDPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cabDPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://linksyssupport.webex.com/client/T26L10NSP49EP32-linksyssupport/support/ieatgpc1.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15110/CTPID.cabDPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dllTCP: NameServer = 192.168.1.1TCP: Interfaces{A4E21433-30FF-433A-A2CA-C9295CDF5DB1} : DHCPNameServer = 192.168.1.1Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:Program Files (x86)GoogleChromeApplication26.0.1410.43Installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromeIFEO: taskmgr.exe - "C:USERSOWNERPROCESS EXPLORERPROCEXP.EXE"x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndtx64-mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndtx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dllx64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dllx64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dllx64-Run: [Logitech Download Assistant] C:WindowsSystem32rundll32.exe C:WindowsSystem32LogiLDA.dll,LogiFetchx64-Run: [EvtMgr6] C:Program FilesLogitechSetPointPSetPoint.exe /launchGamingx64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dllx64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dllx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: GoToAssist Express Customer - C:Program Files (x86)CitrixGoToAssist Express Customer223g2ax_winlogonx64.dllx64-Notify: LBTWlgn - c:program filescommon fileslogishrdbluetoothLBTWlgn.dllx64-SSODL: WebCheck - <orphaned>x64-IFEO: taskmgr.exe - "C:USERSOWNERPROCESS EXPLORERPROCEXP.EXE".================= FIREFOX ===================.FF - ProfilePath - C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnegct32p.defaultFF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/?m=1FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p=FF - component: C:Program Files (x86)McAfeeSiteAdvisorcomponentsMcFFPlg.dllFF - component: C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_18.1.0.37coFFPlgncomponentscoFFPlgn.dllFF - component: C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_18.1.0.37IPSFFPlgncomponentsIPSFFPl.dllFF - component: C:UsersOwnerAppDat[email protected]lastpass.complatformWINNT_x86-msvccomponentslpxpcom.dllFF - plugin: C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dllFF - plugin: C:Program Files (x86)AmazonMP3 DownloadernpAmazonMP3DownloaderPlugin1017300.dllFF - plugin: C:Program Files (x86)GoogleGoogle Earthpluginnpgeplugin.dllFF - plugin: C:Program Files (x86)GooglePicasa3npPicasa3.dllFF - plugin: C:Program Files (x86)GoogleUpdate1.3.21.135npGoogleUpdate3.dllFF - plugin: C:Program Files (x86)Javajre7binplugin2npjp2.dllFF - plugin: C:Program Files (x86)McAfeeSiteAdvisorNPMcFFPlg32.dllFF - plugin: c:Program Files (x86)Microsoft Silverlight5.1.20125.0npctrlui.dllFF - plugin: C:Program Files (x86)MicrosoftOffice LivenpOLW.dllFF - plugin: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dllFF - plugin: C:UsersOwnerAppDataLocalLowUnityWebPlayerloadernpUnity3D32.dllFF - plugin: C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnegct32p.defaultextensions{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}pluginsnpGarmin.dllFF - plugin: C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnegct32p.defaultextensions{e001c731-5e37-4538-a5cb-8168736a2360}pluginsnpqscan.dllFF - plugin: C:UsersOwnerAppD[email protected]ip.cnpluginsnpCoralIETab.dllFF - plugin: C:WindowsSysWOW64AdobeDirectornp32dsw.dllFF - plugin: C:WindowsSysWOW64AdobeDirectornp32dsw_1168638.dllFF - plugin: C:WindowsSysWOW64MacromedFlashNPSWF32_11_6_602_180.dllFF - plugin: C:WindowsSysWOW64npDeployJava1.dllFF - plugin: C:WindowsSysWOW64npmproxy.dllFF - ExtSQL: 2013-03-01 09:43; [email protected]; C:UsersOwnerApp[email protected]abine.comFF - ExtSQL: 2013-03-29 11:16; [email protected]; C:Program Files (x86)Mozilla [email protected] - ExtSQL: 2013-03-31 09:32; [email protected]; C:Program Files (x86)IObit Apps ToolbarFFFF - ExtSQL: !HIDDEN! 2009-11-10 19:52; {20a82645-c095-46ed-80e3-08825760534b}; c:WindowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtensionFF - ExtSQL: !HIDDEN! 2010-02-22 12:14; [email protected]; C:Program Files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3FF - ExtSQL: !HIDDEN! 2013-03-29 11:16; [email protected]; C:Program Files (x86)Mozilla [email protected]============= SERVICES / DRIVERS ===============.R0 PxHlpa64;PxHlpa64;C:WindowsSystem32driversPxHlpa64.sys [2009-6-18 55024]R0 SmartDefragDriver;SmartDefragDriver;C:WindowsSystem32driversSmartDefragDriver.sys [2013-3-31 17720]R0 SymDS;Symantec Data Store;C:WindowsSystem32driversNISx641309010.00Esymds64.sys [2013-2-5 451192]R0 SymEFA;Symantec Extended File Attributes;C:WindowsSystem32driversNISx641309010.00Esymefa64.sys [2013-2-5 1129120]R1 BHDrvx64;BHDrvx64;C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_19.5.1.2DefinitionsBASHDefs20130322.001BHDrvx64.sys [2013-3-21 1387608]R1 ccSet_NIS;Norton Internet Security Settings Manager;C:WindowsSystem32driversNISx641309010.00Eccsetx64.sys [2013-2-5 167072]R1 IDSVia64;IDSVia64;C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_19.5.1.2DefinitionsIPSDefs20130329.001IDSviA64.sys [2013-3-29 513184]R1 SymIRON;Symantec Iron Driver;C:WindowsSystem32driversNISx641309010.00Eironx64.sys [2013-2-5 190072]R1 SymNetS;Symantec Network Security WFP Driver;C:WindowsSystem32driversNISx641309010.00Esymnets.sys [2013-2-5 405624]R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:Program Files (x86)Hewlett-PackardMediaDVD000.fcl [2008-9-26 27632]R2 APC Data Service;APC Data Service;C:Program Files (x86)APCPowerChute Personal Editiondataserv.exe [2012-1-24 21880]R2 Application Updater;Application Updater;C:Program Files (x86)Application UpdaterApplicationUpdater.exe [2013-2-23 805752]R2 atashost;WebEx Service Host for Support Center;C:WindowsSysWOW64atashost.exe [2009-9-30 20376]R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:Program Files (x86)Common FilesIntuitUpdate Service v4IntuitUpdateService.exe [2011-8-25 13672]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:Program Files (x86)McAfeeSiteAdvisormcsacore.exe [2013-1-10 103472]R2 MotoHelper;MotoHelper Service;C:Program Files (x86)MotorolaMotoHelperMotoHelperService.exe [2011-12-6 214896]R2 NIS;Norton Internet Security;C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccsvchst.exe [2013-2-5 138272]R2 USBSafelyRemoveService;USB Safely Remove Assistant;C:Program Files (x86)USB Safely RemoveUSBSRService.exe [2010-1-5 550840]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:Program Files (x86)Common FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [2012-8-15 138912]R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:WindowsSystem32driversLEqdUsb.sys [2011-9-2 76056]R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:WindowsSystem32driversLHidEqd.sys [2011-9-2 15128]R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:WindowsSystem32driversnetr7364.sys [2009-5-20 716288]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-7-13 160944]S3 123MediaStreamer;123 Media Streamer;C:Program Files (x86)123CopyDVDPlatinum 2012MediaStreamerService.exe [2012-10-24 48128]S3 BTCFilterService;USB Networking Driver Filter Service;C:WindowsSystem32driversmotfilt.sys [2009-1-29 6144]S3 fssfltr;fssfltr;C:WindowsSystem32driversfssfltr.sys [2010-10-31 48488]S3 fsssvc;Windows Live Family Safety Service;C:Program Files (x86)Windows LiveFamily Safetyfsssvc.exe [2010-9-23 1493352]S3 GoToAssist Express Customer;GoToAssist Express Customer;C:Program Files (x86)CitrixGoToAssist Express Customer223g2ax_service.exe [2010-4-26 161144]S3 motccgp;Motorola USB Composite Device Driver;C:WindowsSystem32driversmotccgp.sys [2011-4-4 21504]S3 motccgpfl;MotCcgpFlService;C:WindowsSystem32driversmotccgpfl.sys [2009-1-29 9216]S3 Motousbnet;Motorola USB Networking Driver Service;C:WindowsSystem32driversMotousbnet.sys [2010-4-1 26624]S3 motusbdevice;Motorola USB Dev Driver;C:WindowsSystem32driversmotusbdevice.sys [2011-11-8 11776]S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:WindowsSystem32driversnx6000.sys [2010-3-1 36720]S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver;C:WindowsSystem32driversPcaSp60.sys [2013-3-8 38912]S3 SMIUSBAVCALL;SMI Grabber Device 4CH1CH ALL;C:WindowsSystem32driversSmiUsbGrabber3F.sys [2012-11-14 153344]S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2011-6-20 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:WindowsSystem32driversusbaapl64.sys [2012-9-28 53760]S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2010-4-26 1255736]S4 PCPitstop Scheduling;PCPitstop Scheduling;C:Program Files (x86)PCPitstopPCPitstopScheduleService.exe [2009-12-21 85504].=============== Created Last 30 ================.2013-04-01 16:33:03 -------- d-----w- C:UsersOwnerAppDataRoamingMalwarebytes2013-04-01 16:32:32 -------- d-----w- C:ProgramDataMalwarebytes2013-03-31 13:32:46 32600 ----a-w- C:WindowsSystem32SmartDefragBootTime.exe2013-03-31 13:32:46 -------- d-----w- C:ProgramDataIObit2013-03-31 13:32:31 -------- d-----w- C:Program Files (x86)IObit Apps Toolbar2013-03-31 13:32:31 -------- d-----w- C:Program Files (x86)Common FilesSpigot2013-03-31 13:32:31 -------- d-----w- C:Program Files (x86)Application Updater2013-03-31 13:32:21 17720 ----a-w- C:WindowsSystem32driversSmartDefragDriver.sys2013-03-30 15:29:48 -------- d-----w- C:4a49792ae976d976a0a54b2013-03-30 15:17:54 -------- d-----w- C:UsersOwnerAppDataRoamingStrongvault2013-03-29 15:52:03 12872 ----a-w- C:WindowsSystem32bootdelete.exe2013-03-29 15:20:36 -------- d-----w- C:ProgramDataHitmanPro2013-03-29 15:18:14 -------- d-----w- C:UsersOwnerAppDataLocalPokki2013-03-29 15:17:09 -------- d-sh--w- C:WindowsSysWow64AI_RecycleBin2013-03-29 15:17:04 -------- d-----w- C:ProgramDataStrongvault Online Backup2013-03-29 15:16:54 -------- d-sh--w- C:AI_RecycleBin2013-03-29 15:16:03 -------- d-----w- C:UsersOwnerAppDataLocalgetsavin2013-03-29 15:16:01 -------- d-----w- C:Program Files (x86)InfoAtoms2013-03-27 08:27:51 19968 ----a-w- C:WindowsSystem32driversusb8023x.sys2013-03-27 08:27:51 19968 ----a-w- C:WindowsSystem32driversusb8023.sys2013-03-25 20:39:46 4546560 ----a-w- C:WindowsSysWow64GPhotos.scr2013-03-19 18:21:06 -------- d-----w- C:2013 AMTA Concurrent Session -- Survey2013-03-13 12:26:00 16486616 ----a-w- C:WindowsSysWow64FlashPlayerInstaller.exe2013-03-08 20:37:16 61440 ----a-w- C:WindowsSysWow64ASIW32N50.dll2013-03-08 20:37:16 52800 ----a-w- C:WindowsSysWow64driversPCASp50.sys2013-03-08 20:37:16 41280 ----a-w- C:WindowsSysWow64driversPCASp50a64.sys2013-03-08 20:37:16 16302 ----a-w- C:WindowsSysWow64ASINDIS5.sys2013-03-08 20:37:15 15577 ----a-w- C:WindowsSysWow64ASINDIS3.vxd2013-03-08 20:37:09 -------- d-----w- C:Program Files (x86)ASUS2013-03-08 19:14:09 38912 ----a-r- C:WindowsSystem32driversPcaSp60.sys2013-03-08 19:14:00 38912 ----a-r- C:WindowsSysWow64driversPcaSp60.sys2013-03-05 21:00:50 -------- d-----w- C:2012 taxes2013-03-03 17:49:44 -------- d-----w- C:ProgramDataLicenses.==================== Find3M ====================.2013-03-13 12:26:48 73432 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl2013-03-13 12:26:48 693976 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe2013-02-19 18:34:40 95648 ----a-w- C:WindowsSysWow64WindowsAccessBridge-32.dll2013-02-19 18:34:40 861088 ----a-w- C:WindowsSysWow64npDeployJava1.dll2013-02-19 18:34:40 782240 ----a-w- C:WindowsSysWow64deployJava1.dll2013-02-12 05:45:24 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll2013-02-12 05:45:22 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll2013-02-12 05:45:22 308736 ----a-w- C:WindowsapppatchAppPatch64AcGenral.dll2013-02-12 05:45:22 111104 ----a-w- C:WindowsapppatchAppPatch64acspecfc.dll2013-02-12 04:48:31 474112 ----a-w- C:WindowsapppatchAcSpecfc.dll2013-02-12 04:48:26 2176512 ----a-w- C:WindowsapppatchAcGenral.dll2013-02-02 06:57:02 2312704 ----a-w- C:WindowsSystem32jscript9.dll2013-02-02 06:47:24 1494528 ----a-w- C:WindowsSystem32inetcpl.cpl2013-02-02 06:47:19 1392128 ----a-w- C:WindowsSystem32wininet.dll2013-02-02 06:42:18 173056 ----a-w- C:WindowsSystem32ieUnatt.exe2013-02-02 06:41:51 599040 ----a-w- C:WindowsSystem32vbscript.dll2013-02-02 06:38:01 2382848 ----a-w- C:WindowsSystem32mshtml.tlb2013-02-02 03:38:35 1800704 ----a-w- C:WindowsSysWow64jscript9.dll2013-02-02 03:30:32 1427968 ----a-w- C:WindowsSysWow64inetcpl.cpl2013-02-02 03:30:21 1129472 ----a-w- C:WindowsSysWow64wininet.dll2013-02-02 03:26:47 142848 ----a-w- C:WindowsSysWow64ieUnatt.exe2013-02-02 03:26:21 420864 ----a-w- C:WindowsSysWow64vbscript.dll2013-02-02 03:23:28 2382848 ----a-w- C:WindowsSysWow64mshtml.tlb2013-01-22 18:05:43 103832 ----a-w- C:UsersOwnerGoToAssistDownloadHelper.exe2013-01-05 05:53:43 5553512 ----a-w- C:WindowsSystem32ntoskrnl.exe2013-01-05 05:00:15 3967848 ----a-w- C:WindowsSysWow64ntkrnlpa.exe2013-01-05 05:00:11 3913064 ----a-w- C:WindowsSysWow64ntoskrnl.exe2013-01-04 05:46:09 215040 ----a-w- C:WindowsSystem32winsrv.dll2013-01-04 04:51:16 5120 ----a-w- C:WindowsSysWow64wow32.dll2013-01-04 04:43:21 44032 ----a-w- C:Windowsapppatchacwow64.dll2013-01-04 03:26:48 3153408 ----a-w- C:WindowsSystem32win32k.sys2013-01-04 02:47:35 25600 ----a-w- C:WindowsSysWow64setup16.exe2013-01-04 02:47:34 7680 ----a-w- C:WindowsSysWow64instnm.exe2013-01-04 02:47:34 2048 ----a-w- C:WindowsSysWow64user.exe2013-01-04 02:47:33 14336 ----a-w- C:WindowsSysWow64ntvdm64.dll2013-01-03 06:00:54 1913192 ----a-w- C:WindowsSystem32driverstcpip.sys2013-01-03 06:00:42 288088 ----a-w- C:WindowsSystem32driversFWPKCLNT.SYS2010-06-18 00:56:51 11663212 ----a-w- C:Program Files (x86)Bushnell Neo Sync.exe2009-10-16 19:05:19 278016 ----a-w- C:Program Files (x86)EPipes3.dll.============= FINISH: 15:30:31.55 ===============

Share this post


Link to post
Share on other sites

Please download TFC by Old Timer http://www.geekstogo.com/forum/TFC-Temp-File-Cleaner-OldTimer-file187.html and save it to your desktop.

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

 

After rebooting, download AdWareCleaner http://www.bleepingcomputer.com/download/adwcleaner/ to your desktop

1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.


2.Click on Delete button.


3.Confirm each time with OK.


4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:AdwCleaner[sn].txt as well - n is the order number.

Posted Image

Share this post


Link to post
Share on other sites

Did as instructed. Below is the file from AdWareCleaner:

# AdwCleaner v2.115 - Logfile created 04/01/2013 at 20:23:47# Updated 17/03/2013 by Xplode# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)# User : Owner - OWNER-PC# Boot Mode : Normal# Running from : C:UsersOwnerDesktopAdwCleaner.exe# Option [Delete]***** [services] *****Stopped & Deleted : Application Updater***** [Files / Folders] *****File Deleted : C:ENDFile Deleted : C:Program Files (x86)Mozilla FireFoxComponentsAskSearch.jsFile Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesef1b419d.defaultsearchpluginsAskcom.xmlFile Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesef1b419d.defaultsearchpluginsSurf-canyon.xmlFile Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesikzg4k77.Dave HsearchpluginsAskcom.xmlFile Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesikzg4k77.Dave HsearchpluginsSurf-canyon.xmlFile Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnegct32p.defaultsearchpluginsSurf-canyon.xmlFile Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfiless0wer4zm.MarciasearchpluginsSurf-canyon.xmlFolder Deleted : C:Program Files (x86)Application UpdaterFolder Deleted : C:Program Files (x86)AskBarDisFolder Deleted : C:Program Files (x86)Common FilesspigotFolder Deleted : C:Program Files (x86)Glarysoft ToolbarFolder Deleted : C:Program Files (x86)searchcom_001Folder Deleted : C:ProgramDataAnti-phishing Domain AdvisorFolder Deleted : C:ProgramDatablekko toolbarsFolder Deleted : C:UsersdhumpalAppDataRoamingMozillaFirefoxProfilesoun6wmpd.defaultsearchcom_001Folder Deleted : C:UsersOwnerAppDataLocalgetsavinFolder Deleted : C:UsersOwnerAppDataLocalsearchcom_001Folder Deleted : C:UsersOwnerAppDataLocalLowSearch SettingsFolder Deleted : C:UsersOwnerAppDataLocalLowsearchcom_001Folder Deleted : C:UsersOwnerAppDataLocalLowToolbar4Folder Deleted : C:UsersOwnerAppDataRoamingDesktopiconFolder Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesef1b419d.defaultextensions{E9A1DEE0-C623-4439-8932-001E7D17607D}Folder Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesfebeprof.Dave Hextensions{5911488E-9D1E-40ec-8CBB-06B231CC153F}Folder Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesfebeprof.Dave Hsearchcom_001Folder Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnegct32p.defaultsearchcom_001Folder Deleted : C:UsersOwnerAppDataRoamingMozillaFirefoxProfiless0wer4zm.Marciaextensions{75623d5d-4683-402a-b610-ac4bab767c86}***** [Registry] *****Key Deleted : HKCUSoftwareAppDataLowAskBarDisKey Deleted : HKCUSoftwareAppDataLowSoftwareSearch SettingsKey Deleted : HKCUSoftwareInstallCoreKey Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{201F27D4-3704-41D6-89C1-AA35E39143ED}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{3041D03E-FD4B-44E0-B742-2D9B88305F98}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{32D47EA5-9473-4CAD-805D-9999F15D5AE2}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{5911488E-9D1E-40EC-8CBB-06B231CC153F}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{80987362-6216-49BC-98E4-77E6CF71A5D7}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{A7AF277D-1466-4A7B-93AF-B043984A5671}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{201F27D4-3704-41D6-89C1-AA35E39143ED}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{3041D03E-FD4B-44E0-B742-2D9B88305F98}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{32D47EA5-9473-4CAD-805D-9999F15D5AE2}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{5911488E-9D1E-40EC-8CBB-06B231CC153F}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{80987362-6216-49BC-98E4-77E6CF71A5D7}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{A7AF277D-1466-4A7B-93AF-B043984A5671}Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKCUSoftwareSearch SettingsKey Deleted : HKCUSoftwareStartNow ToolbarKey Deleted : HKCUSoftwareZugoKey Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{CF739809-1C6C-47C0-85B9-569DBB141420}Key Deleted : HKLMSoftwareApplication UpdaterKey Deleted : HKLMSOFTWAREClassesAppID{4CE516A7-F7AC-4628-B411-8F886DC5733E}Key Deleted : HKLMSOFTWAREClassesAppID{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLMSOFTWAREClassesAppID{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}Key Deleted : HKLMSOFTWAREClassesAppID{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}Key Deleted : HKLMSOFTWAREClassesAppID{FAA8C612-F1B6-461B-8B60-B54D74D9642E}Key Deleted : HKLMSOFTWAREClassesAppIDTbCommonUtils.DLLKey Deleted : HKLMSOFTWAREClassesAppIDTbHelper.EXEKey Deleted : HKLMSOFTWAREClassesAppIDToolbar.DLLKey Deleted : HKLMSOFTWAREClassesAppIDToolbarBroker.EXEKey Deleted : HKLMSOFTWAREClassesAppIDWMHelper.DLLKey Deleted : HKLMSOFTWAREClassesComObject.DeskbarEnablerKey Deleted : HKLMSOFTWAREClassesComObject.DeskbarEnabler.1Key Deleted : HKLMSOFTWAREClassesTbCommonUtils.CommonUtilsKey Deleted : HKLMSOFTWAREClassesTbCommonUtils.CommonUtils.1Key Deleted : HKLMSOFTWAREClassesTbHelper.TbDownloadManagerKey Deleted : HKLMSOFTWAREClassesTbHelper.TbDownloadManager.1Key Deleted : HKLMSOFTWAREClassesTbHelper.TbPropertyManagerKey Deleted : HKLMSOFTWAREClassesTbHelper.TbPropertyManager.1Key Deleted : HKLMSOFTWAREClassesTbHelper.TbRequestKey Deleted : HKLMSOFTWAREClassesTbHelper.TbRequest.1Key Deleted : HKLMSOFTWAREClassesTbHelper.TbTaskKey Deleted : HKLMSOFTWAREClassesTbHelper.TbTask.1Key Deleted : HKLMSOFTWAREClassesTbHelper.ToolbarHelperKey Deleted : HKLMSOFTWAREClassesTbHelper.ToolbarHelper.1Key Deleted : HKLMSOFTWAREClassesTBSB05810.IEToolbarKey Deleted : HKLMSOFTWAREClassesTBSB05810.IEToolbar.1Key Deleted : HKLMSOFTWAREClassesTBSB05810.TBSB05810Key Deleted : HKLMSOFTWAREClassesTBSB05810.TBSB05810.3Key Deleted : HKLMSOFTWAREClassesToolbar.BandObjectKey Deleted : HKLMSOFTWAREClassesToolbar.BandObject.1Key Deleted : HKLMSOFTWAREClassesToolbar.ToolbarHelperObjectKey Deleted : HKLMSOFTWAREClassesToolbar.ToolbarHelperObject.1Key Deleted : HKLMSOFTWAREClassesToolbar3.ContextMenuNotifierKey Deleted : HKLMSOFTWAREClassesToolbar3.ContextMenuNotifier.1Key Deleted : HKLMSOFTWAREClassesToolbar3.CustomInternetSecurityImplKey Deleted : HKLMSOFTWAREClassesToolbar3.CustomInternetSecurityImpl.1Key Deleted : HKLMSOFTWAREClassesToolbar3.SearchProviderManagerKey Deleted : HKLMSOFTWAREClassesToolbar3.SearchProviderManager.1Key Deleted : HKLMSOFTWAREClassesToolbar3.TBSB05810Key Deleted : HKLMSOFTWAREClassesToolbar3.TBSB05810.1Key Deleted : HKLMSOFTWAREClassesTypeLib{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}Key Deleted : HKLMSOFTWAREClassesTypeLib{4509D3CC-B642-4745-B030-645B79522C6D}Key Deleted : HKLMSOFTWAREClassesTypeLib{4B1C1E16-6B34-430E-B074-5928ECA4C150}Key Deleted : HKLMSOFTWAREClassesTypeLib{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}Key Deleted : HKLMSOFTWAREClassesTypeLib{B87F8B63-7274-43FD-87FA-09D3B7496148}Key Deleted : HKLMSOFTWAREClassesTypeLib{C4BAE205-5E02-4E32-876E-F34B4E2D000C}Key Deleted : HKLMSOFTWAREClassesTypeLib{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}Key Deleted : HKLMSOFTWAREClassesTypeLib{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}Key Deleted : HKLMSOFTWAREClassesZGClnt.MngrKey Deleted : HKLMSOFTWAREClassesZGClnt.Mngr.1Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLMSoftwareSearch SettingsKey Deleted : HKLMSoftwareStartNow ToolbarKey Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{0702A2B6-13AA-4090-9E01-BCDC85DD933F}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{08993A7C-E764-4172-9627-BFB5EA6897B2}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{128A6C66-AC6A-4617-8268-AB7F47B7215E}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{1C950DE5-D31E-42FB-AFB9-91B0161633D8}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{201F27D4-3704-41D6-89C1-AA35E39143ED}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{3041D03E-FD4B-44E0-B742-2D9B88305F98}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{32D47EA5-9473-4CAD-805D-9999F15D5AE2}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{571715D7-3395-4DF0-B43C-784836209E60}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{57CADC46-58FF-4105-B733-5A9F3FC9783C}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{5911488E-9D1E-40EC-8CBB-06B231CC153F}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{622FD888-4E91-4D68-84D4-7262FD0811BF}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{80987362-6216-49BC-98E4-77E6CF71A5D7}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{A7AF277D-1466-4A7B-93AF-B043984A5671}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{AE338F6D-5A7C-4D1D-86E3-C618532079B5}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{C339D489-FABC-41DD-B39D-276101667C70}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{D433A9D0-8267-40CB-8AD5-24F22FA5373F}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{D565B35E-B787-40FA-95E3-E3562F8FC1A0}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{D89031C2-10DA-4C90-9A62-FCED012BC46B}Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{0FA32667-9A8A-4E9C-902F-CA3323180003}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{1C888195-0160-4883-91B7-294C0CE2F277}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{2A42D13C-D427-4787-821B-CF6973855778}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{3D8478AA-7B88-48A9-8BCB-B85D594411EC}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{452AE416-9A97-44CA-93DA-D0F15C36254F}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{45CDA4F7-594C-49A0-AAD1-8224517FE979}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{4634804A-F0B0-4A74-A550-FC0EEF8A4362}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{4897BBA6-48D9-468C-8EFA-846275D7701B}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{6B458F62-592F-4B25-8967-E6A350A59328}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{81E852CC-1FD5-4004-8761-79A48B975E29}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{95B6A271-FEB4-4160-B0FF-44394C21C8DC}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B9F43021-60D4-42A6-A065-9BA37F38AC47}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E67D5BC7-7129-493E-9281-F47BDAFACE4F}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{F131923C-381D-4E4C-A472-4A17118FD742}Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{80987362-6216-49BC-98E4-77E6CF71A5D7}Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{201F27D4-3704-41D6-89C1-AA35E39143ED}Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{80987362-6216-49BC-98E4-77E6CF71A5D7}Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A7AF277D-1466-4A7B-93AF-B043984A5671}Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallAnti-phishing Domain AdvisorKey Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallAsk Toolbar_is1Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallStartNow ToolbarKey Deleted : HKLMSOFTWAREClassesInterface{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Deleted : HKLMSOFTWAREClassesInterface{0FA32667-9A8A-4E9C-902F-CA3323180003}Key Deleted : HKLMSOFTWAREClassesInterface{1C888195-0160-4883-91B7-294C0CE2F277}Key Deleted : HKLMSOFTWAREClassesInterface{2A42D13C-D427-4787-821B-CF6973855778}Key Deleted : HKLMSOFTWAREClassesInterface{3D8478AA-7B88-48A9-8BCB-B85D594411EC}Key Deleted : HKLMSOFTWAREClassesInterface{452AE416-9A97-44CA-93DA-D0F15C36254F}Key Deleted : HKLMSOFTWAREClassesInterface{45CDA4F7-594C-49A0-AAD1-8224517FE979}Key Deleted : HKLMSOFTWAREClassesInterface{4634804A-F0B0-4A74-A550-FC0EEF8A4362}Key Deleted : HKLMSOFTWAREClassesInterface{4897BBA6-48D9-468C-8EFA-846275D7701B}Key Deleted : HKLMSOFTWAREClassesInterface{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}Key Deleted : HKLMSOFTWAREClassesInterface{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}Key Deleted : HKLMSOFTWAREClassesInterface{6B458F62-592F-4B25-8967-E6A350A59328}Key Deleted : HKLMSOFTWAREClassesInterface{81E852CC-1FD5-4004-8761-79A48B975E29}Key Deleted : HKLMSOFTWAREClassesInterface{95B6A271-FEB4-4160-B0FF-44394C21C8DC}Key Deleted : HKLMSOFTWAREClassesInterface{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}Key Deleted : HKLMSOFTWAREClassesInterface{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}Key Deleted : HKLMSOFTWAREClassesInterface{B9F43021-60D4-42A6-A065-9BA37F38AC47}Key Deleted : HKLMSOFTWAREClassesInterface{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}Key Deleted : HKLMSOFTWAREClassesInterface{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}Key Deleted : HKLMSOFTWAREClassesInterface{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}Key Deleted : HKLMSOFTWAREClassesInterface{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}Key Deleted : HKLMSOFTWAREClassesInterface{E67D5BC7-7129-493E-9281-F47BDAFACE4F}Key Deleted : HKLMSOFTWAREClassesInterface{F131923C-381D-4E4C-A472-4A17118FD742}Key Deleted : HKLMSOFTWAREClassesInterface{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}Key Deleted : HKU.DEFAULTSoftwareMicrosoftInternet ExplorerSearchScopes{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}Key Deleted : HKUS-1-5-19SoftwareMicrosoftInternet ExplorerSearchScopes{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}Key Deleted : HKUS-1-5-20SoftwareMicrosoftInternet ExplorerSearchScopes{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]Value Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun [searchSettings]Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{32D47EA5-9473-4CAD-805D-9999F15D5AE2}]Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{80987362-6216-49BC-98E4-77E6CF71A5D7}]Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]***** [internet Browsers] *****- Internet Explorer v9.0.8112.16470Replaced : [HKCUSoftwareMicrosoftInternet ExplorerMain - Default_Page_URL] = hxxp://isearch.glarysoft.com/?src=iehome --> hxxp://www.google.comReplaced : [HKLMSOFTWAREMicrosoftInternet ExplorerAboutURls - Tabs] = hxxp://isearch.glarysoft.com/?src=newtab --> hxxp://www.google.comReplaced : [HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain - Default_Page_URL] = hxxp://isearch.glarysoft.com/?src=iehome --> hxxp://www.google.comReplaced : [HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain - Start Page] = hxxp://isearch.glarysoft.com/?src=iehome --> hxxp://www.google.com- Mozilla Firefox v19.0.2 (en-US)File : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesaozgejdd.Marciaprefs.jsC:UsersOwnerAppDataRoamingMozillaFirefoxProfilesaozgejdd.Marciauser.js ... Deleted ![OK] File is clean.File : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesef1b419d.defaultprefs.jsC:UsersOwnerAppDataRoamingMozillaFirefoxProfilesef1b419d.defaultuser.js ... Deleted !Deleted : user_pref("gm-notifier.ui.counter.showInbox", true);File : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesfebeprof.Dave Hprefs.jsDeleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.install_folder", "C:Program Files (x86)StartNo[...]Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar");Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.startpage", "lf.startnow.com");File : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesikzg4k77.Dave Hprefs.js[OK] File is clean.File : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnegct32p.defaultprefs.jsDeleted : user_pref("extensions.FastestTube_wombat.CachedhxxpRequest.hxxp://lite.adlesse.com/addon/helper.php?[...]Deleted : user_pref("extensions.browserprotect.urlBarExceptions", "hxxp://www.google.com;hxxp://search.yahoo.c[...]Deleted : user_pref("[email protected]", true);Deleted : user_pref("google_apps", "hxxps://mail.google.com/mail/?hl=en&shva=1#inbox");File : C:UsersOwnerAppDataRoamingMozillaFirefoxProfiless0wer4zm.Marciaprefs.jsDeleted : user_pref("gm-notifier.ui.counter.showInbox", true);Deleted : user_pref("surfcanyon.added_to_searchbar", true);Deleted : user_pref("surfcanyon.hourly_code", "scGetDocument = function() {nreturn scIsFF ? content.document [...]Deleted : user_pref("surfcanyon.hourly_code2", "scGetSearchStringFromGoogleSerp_hourly = function() {nvar aTa[...]Deleted : user_pref("surfcanyon.hourly_code_timestamp", "1270651568477");Deleted : user_pref("surfcanyon.inst_id", "71155479847051085973376148124155");Deleted : user_pref("surfcanyon.inst_timestamp", "1264890608557");Deleted : user_pref("surfcanyon.last_notification_displayed", 1);Deleted : user_pref("surfcanyon.last_seen_splash", "304");Deleted : user_pref("surfcanyon.num_recs_clicked", "2");Deleted : user_pref("surfcanyon.num_results_clicked", "116");Deleted : user_pref("surfcanyon.num_results_clicked_when_recs_available", "35");Deleted : user_pref("surfcanyon.num_searches", "91");Deleted : user_pref("surfcanyon.partner_code", "SC");File : C:UsersdhumpalAppDataRoamingMozillaFirefoxProfilesoun6wmpd.defaultprefs.js[OK] File is clean.- Google Chrome v26.0.1410.43File : C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultPreferences[OK] File is clean.*************************AdwCleaner[s1].txt - [22341 octets] - [01/04/2013 20:23:47]########## EOF - C:AdwCleaner[s1].txt - [22402 octets] ##########

Share this post


Link to post
Share on other sites

Good gravy!! :woot:

 

Update Java:

  • Download the latest version of Java Runtime Environment (JRE) 7u 17.
    http://www.oracle.com/technetwork/java/javase/downloads/index.html
  • Scroll over to the right (JRE)

  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u17-windows-i586-p.exe to install the newest version.

 

Do this, if applies to your settings:

Disable the proxy settings in Internet Explorer:

 

1) Under “Tools” in the browser tool bar select “Internet Options”.
2) In the “Internet Options” window that pops up, click the “Connections” tab at the top.
3) Click “LAN Settings” near the bottom of the “Connections” section.
4) If the “Proxy server” checkbox is marked with a check, click it to deselect/uncheck it.
5) Click “Ok” to close the “Local Area Network (LAN) Settings” window.
6) Click “Ok” to close the “Internet Options” window.

Reboot

 

Make sure "Proxy server" is still disabled under your LAN Settings.

Test whether internet connectivity is restored.

 

Next,

 

Let me know if you can get MBam to perform a full scan now.

Share this post


Link to post
Share on other sites

Jacee: Thanks for your help on this issue. Do the files I uploaded indicate anything? I will not reinstall Malwarebytes until I hear back from you.

Share this post


Link to post
Share on other sites

Did as instructed and ran Malwarebytes and it worked perfectly. Interestingly, when Mbam was working properly (I guess it has been about two weeks since I last used it) it found no adware and the online scans I did (Housecall and Eset) found no malware either. In any event, thank you for all of your help. By the way, after installing the latest Java in the future, should I go in and remove the old Java update? I assume I should but want to be sure. Thanks again for all the time you spent on this. All of you at PC Pitstop forums are great. Over the years you the forum advisers have solved a number of problems I have had. Thanks again.

Share this post


Link to post
Share on other sites

Yes, uninstall old Java.

 

This 'adware' comes bundled with other programs you download and install. Anti-virus and anti-malware don't usually pick this crap up, because it's not considered as malware. It is, however "foistware". Be sure to uncheck all prechecked boxes when installing programs and other applications.

 

Save TFC and use it! :yup: Set a new restore point now, so you don't go back to a dirty one.

Share this post


Link to post
Share on other sites
Sign in to follow this  

×
×
  • Create New...