Jump to content

Computer issues. Sometimes my computer seems almost crippled


gaboyde88
 Share

Recommended Posts

Ok, for a few months my computer goes through periods to where it will barely function and virus scans will freeze and such. I downloaded hijackthis, but I'm getting error messages. First I get this:

 

 

 

For some reason your system denied write access to the Hosts fire. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.

 

If that happens, you need to edit the file yourself. To do this, click Start,

 

notepad C:\Windows\System32\drivers\etc\hosts

 

and press Enter. Fine the lines (s) Hijackthis reports and delete theme.

Save the file as 'hosts' (with quotes), and reboot.

 

For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose 'Run as administrator'.

 

And then I get this message:

 

 

 

Cannot find the C:\Program Files (x86)\Trend Micro\HiJackThis\hijackthis.log file.

 

Do you want to create a new file?

 

So I can't seem to get the results of my hijackthis scan.

Link to comment
Share on other sites

Let's try this:

 

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)

There are 6 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Admin

You only need to get one of them to run, not all of them.

  • rkill.exe
  • rkill.com
  • rkill.scr
  • rkill.pif
  • WiNlOgOn.exe
  • uSeRiNiT.exe
  • ~~~~~~~~~~~~~~~~~~~~~~~~~~~

     

    Please download Farbar Recovery Scan Tool

     

    (use correct version for your system.....Which system am I using?)

    and Tutorial http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

     

     

     

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Link to comment
Share on other sites

rkill scan:

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/07/2014 11:04:11 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 03/07/2014 11:06:13 PM
Execution time: 0 hours(s), 2 minute(s), and 1 seconds(s)

 

 

FRST.txt log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014 01
Ran by rhonda (administrator) on RHONDA-PC on 07-03-2014 23:10:13
Running from C:\Users\rhonda\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Systweak Software, (www.systweak.com)) C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe
(Storage Appliance Corp.) C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
(ThreatTrack Security, Inc.) C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(ThreatTrack Security, Inc.) C:\Program Files (x86)\VIPRE\SBAMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Storage Appliance Corp.) C:\ProgramData\Clickfree\cfagent.exe
(Storage Appliance Corp.) C:\ProgramData\Clickfree\kooboodle\Kooboodle.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(ThreatTrack Security, Inc.) C:\Program Files (x86)\VIPRE\SBAMTray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [iMSS] - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [111640 2009-09-30] ()
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [sDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
HKLM-x32\...\Run: [sBAMTray] - C:\Program Files (x86)\VIPRE\SBAMTray.exe [3216272 2013-08-30] (ThreatTrack Security, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [iObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1573184 2013-12-13] (IObit)
HKLM-x32\...\Run: [] - [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)
HKU\S-1-5-21-1852485107-1149319046-1402754336-1000\...\Run: [sUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-16] (SUPERAntiSpyware)
HKU\S-1-5-21-1852485107-1149319046-1402754336-1000\...\Run: [ClickfreeMonitor] - c:\programdata\Clickfree\cfagent.exe [354632 2013-11-29] (Storage Appliance Corp.)
HKU\S-1-5-21-1852485107-1149319046-1402754336-1000\...\Run: [Kooboodle] - C:\ProgramData\Clickfree\kooboodle\Kooboodle.exe [1030472 2013-07-19] (Storage Appliance Corp.)
HKU\S-1-5-21-1852485107-1149319046-1402754336-1000\...\Run: [spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x38CAC0B77EB7CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=198484&fr=spigot-yhp-ie
URLSearchHook: HKCU - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll (Spigot, Inc.)
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
SearchScopes: HKCU - DefaultScope {7F4598CA-B41A-4542-A398-27C1D7BD2D49} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {1C62AF5F-7774-4071-B6B2-36754841D103} URL = http://search.xfinity.com/?cat=web&con=toolbar&cid=xfstart_tech_search&q={searchTerms}
SearchScopes: HKCU - {7F4598CA-B41A-4542-A398-27C1D7BD2D49} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {A1F860D2-0945-43FC-8697-A5A1EC1DAB67} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {EAB463C7-096B-4811-A99C-E20DA6F63503} URL = http://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000030&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000
BHO: Slick Savings - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\rhonda\AppData\Roaming\Slick Savings\Coupons64.dll (Spigot, Inc.)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx64.dll ()
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO-x32: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll (Spigot, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Slick Savings - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\rhonda\AppData\Roaming\Slick Savings\Coupons.dll (Spigot, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: AccelerateTab - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
BHO-x32: XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: VIPRE Search Guard Helper - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSGN.dll ()
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO-x32: Constant Guard Protection Suite - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.1211.1\NativeBHO.dll (WhiteSky)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx64.dll ()
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSGN.dll ()
Toolbar: HKLM-x32 - XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll (Spigot, Inc.)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKCU - No Name - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No File
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype-ie-addon-data - No CLSID Value -
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - No File
Handler-x32: skype-ie-addon-data - No CLSID Value -
Handler-x32: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{43144CFA-A79C-4D17-A07B-DF5CDC2E9069}: [NameServer]75.75.75.75,75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default
FF user.js: detected! => C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\user.js
FF DefaultSearchEngine: Yahoo!
FF SearchEngineOrder.1: Ask.com Search
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://search.yahoo.com/?type=198484&fr=spigot-yhp-ff
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\searchplugins\askcomsearch.xml
FF SearchPlugin: C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\searchplugins\yahoo_ff.xml
FF Extension: Ads Removal - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\adsremoval@adsremoval.net [2014-02-27]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\ascsurfingprotection@iobit.com [2014-01-17]
FF Extension: XFINITY Constant Guard Protection Suite - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\idvaultaddon@whitesky [2014-01-09]
FF Extension: My Web Search - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\m3ffxtbr@mywebsearch.com [2012-01-22]
FF Extension: AD Block - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\searchads@instair.net [2014-02-28]
FF Extension: AccelerateTab - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\speeddial@instair.net [2014-03-05]
FF Extension: No Name - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\temp [2014-01-09]
FF Extension: XFINITY Toolbar - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\{4b9bcce8-a70b-402a-a7e1-db96831ee26f} [2014-01-09]
FF Extension: Start Page - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} [2014-01-17]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-20]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-14]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-01-09]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []

Chrome:
=======
CHR RestoreOnStartup: "hxxp://search.yahoo.com/?type=198484&fr=spigot-yhp-ch"
CHR DefaultSearchKeyword: yahoo.com search
CHR DefaultSearchProvider: Yahoo
CHR DefaultSearchURL: http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=198484&p={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2013-09-05]
CHR Extension: (Ads Removal) - C:\Users\rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-26]
CHR Extension: (Zynga) - C:\Users\rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcgmidjhhnnjikpigolabhacfngibde [2013-06-22]
CHR Extension: (AccelerateTab) - C:\Users\rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjafhkemfjfgdmjcmhofijphjmaanak [2014-03-05]
CHR Extension: (AD Block) - C:\Users\rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfgjbmhakaffflkjecineeaadpidgikb [2014-02-28]
CHR Extension: (Norton Identity Protection) - C:\Users\rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-01-09]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-15]
CHR Extension: (Google Wallet) - C:\Users\rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [ihcgmidjhhnnjikpigolabhacfngibde] - C:\Users\rhonda\AppData\Local\CRE\ihcgmidjhhnnjikpigolabhacfngibde.crx [2012-07-26]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [ihcgmidjhhnnjikpigolabhacfngibde] - C:\Users\rhonda\AppData\Local\CRE\ihcgmidjhhnnjikpigolabhacfngibde.crx [2012-07-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-07-26]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-28]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2013-11-19]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2013-11-19]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)
R2 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [264488 2013-09-18] (Systweak Software, (www.systweak.com))
R2 CFUACProxy_hddv2usb3; C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe [84296 2013-05-16] (Storage Appliance Corp.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 gfi_lanss11_attservice; C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe [133496 2012-11-23] (GFI Software Development Ltd.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe [264360 2013-10-18] (Symantec Corporation)
R2 SBAMSvc; C:\Program Files (x86)\VIPRE\SBAMSvc.exe [3937472 2013-08-30] (ThreatTrack Security, Inc.)
R2 SBPIMSvc; C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [176016 2013-08-30] (ThreatTrack Security, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S2 SecureUpdateSvc; C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [2503504 2014-03-04] ()
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]

==================== Drivers (Whitelisted) ====================

R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49240 2014-01-09] (Zemana Ltd.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-09] (Symantec Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140307.001\IDSvia64.sys [524504 2014-03-05] (Symantec Corporation)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [18456 2011-07-07] (HandSet Incorporated)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140307.023\ENG64.SYS [126040 2014-03-01] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140307.023\EX64.SYS [2099288 2014-03-01] (Symantec Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [88928 2013-06-18] (ThreatTrack Security, Inc.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R1 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [129432 2011-08-22] (ZTE Incorporated)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 TMAgent;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-07 23:10 - 2014-03-07 23:10 - 00028511 _____ () C:\Users\rhonda\Desktop\FRST.txt
2014-03-07 23:10 - 2014-03-07 23:10 - 00000000 ____D () C:\FRST
2014-03-07 23:08 - 2014-03-07 23:08 - 02156544 _____ (Farbar) C:\Users\rhonda\Desktop\FRST64.exe
2014-03-07 23:04 - 2014-03-07 23:06 - 00002784 _____ () C:\Users\rhonda\Desktop\Rkill.txt
2014-03-07 23:02 - 2014-03-07 23:02 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\rhonda\Desktop\rkill.exe
2014-03-07 14:35 - 2014-03-07 14:35 - 00046322 _____ () C:\Users\rhonda\Downloads\Mad Vapes - Reward Program.htm
2014-03-07 14:35 - 2014-03-07 14:35 - 00000000 ____D () C:\Users\rhonda\Downloads\Mad Vapes - Reward Program_files
2014-03-07 14:34 - 2014-03-07 14:34 - 00045775 _____ () C:\Users\rhonda\Downloads\e juice.htm
2014-03-07 14:34 - 2014-03-07 14:34 - 00000000 ____D () C:\Users\rhonda\Downloads\e juice_files
2014-03-07 12:52 - 2014-03-07 12:52 - 00000316 _____ () C:\Windows\PFRO.log
2014-03-06 10:02 - 2014-03-07 12:52 - 00000056 _____ () C:\Windows\setupact.log
2014-03-06 10:02 - 2014-03-06 10:02 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-05 17:14 - 2014-03-05 17:14 - 00002941 _____ () C:\Users\rhonda\Desktop\HiJackThis.lnk
2014-03-05 17:14 - 2014-03-05 17:14 - 00000000 ____D () C:\Users\rhonda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-05 17:11 - 2014-03-05 17:12 - 01402880 _____ () C:\Users\rhonda\Desktop\HijackThis.msi
2014-03-04 11:28 - 2014-03-07 13:00 - 00003158 _____ () C:\Windows\System32\Tasks\Advanced System Optimizer
2014-02-17 10:40 - 2014-02-17 10:40 - 00002205 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-02-17 10:40 - 2014-02-17 10:40 - 00000000 ____D () C:\Users\Default\AppData\Local\WinZip
2014-02-17 10:40 - 2014-02-17 10:40 - 00000000 ____D () C:\Users\Default User\AppData\Local\WinZip
2014-02-17 10:40 - 2014-02-17 10:40 - 00000000 ____D () C:\ProgramData\WinZip
2014-02-17 10:40 - 2014-02-17 10:40 - 00000000 ____D () C:\Program Files\WinZip
2014-02-17 10:07 - 2014-02-17 10:14 - 00000000 ____D () C:\9481374f8c049f51497b20cbb3
2014-02-14 22:28 - 2014-02-14 22:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 00:24 - 2014-02-14 00:24 - 00000208 _____ () C:\Windows\SysWOW64\lanss_v111_lnsscomm.csv
2014-02-13 00:02 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 00:02 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 00:01 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 00:01 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 00:01 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 00:01 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 00:01 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 00:01 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 00:01 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 00:01 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 00:01 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 00:01 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 00:01 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 00:01 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 00:01 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 00:01 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 00:01 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 00:01 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 00:01 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 00:01 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 00:01 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 00:01 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 00:01 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 00:01 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 00:01 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 00:01 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 00:01 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 00:01 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 00:01 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 00:01 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 00:01 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 00:01 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 00:01 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 00:01 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 00:01 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 00:00 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 00:00 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 00:00 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 00:00 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 00:00 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 00:00 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 12:33 - 2014-02-12 08:10 - 00001194 _____ () C:\Users\rhonda\Desktop\Norton Installation Files - Copy.lnk
2014-02-12 08:27 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 08:27 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 08:27 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 08:27 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 08:27 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 08:27 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 08:27 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 08:27 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 08:27 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 08:27 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 08:27 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 08:27 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 08:26 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 08:26 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 08:26 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 08:26 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 08:26 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 08:26 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 08:26 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 08:26 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 08:26 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 08:26 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 08:26 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 08:26 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 08:26 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 08:26 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 08:26 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 08:26 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-07 23:10 - 2014-03-07 23:10 - 00028511 _____ () C:\Users\rhonda\Desktop\FRST.txt
2014-03-07 23:10 - 2014-03-07 23:10 - 00000000 ____D () C:\FRST
2014-03-07 23:10 - 2011-09-19 18:54 - 01795093 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 23:08 - 2014-03-07 23:08 - 02156544 _____ (Farbar) C:\Users\rhonda\Desktop\FRST64.exe
2014-03-07 23:06 - 2014-03-07 23:04 - 00002784 _____ () C:\Users\rhonda\Desktop\Rkill.txt
2014-03-07 23:02 - 2014-03-07 23:02 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\rhonda\Desktop\rkill.exe
2014-03-07 22:59 - 2012-04-19 16:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 22:54 - 2013-06-22 14:30 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 22:22 - 2014-01-09 20:53 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2014-03-07 17:23 - 2014-01-09 20:54 - 00000000 ____D () C:\Users\rhonda\AppData\Roaming\ID Vault
2014-03-07 15:01 - 2013-12-04 10:21 - 00000278 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-03-07 14:35 - 2014-03-07 14:35 - 00046322 _____ () C:\Users\rhonda\Downloads\Mad Vapes - Reward Program.htm
2014-03-07 14:35 - 2014-03-07 14:35 - 00000000 ____D () C:\Users\rhonda\Downloads\Mad Vapes - Reward Program_files
2014-03-07 14:34 - 2014-03-07 14:34 - 00045775 _____ () C:\Users\rhonda\Downloads\e juice.htm
2014-03-07 14:34 - 2014-03-07 14:34 - 00000000 ____D () C:\Users\rhonda\Downloads\e juice_files
2014-03-07 13:01 - 2009-07-13 23:45 - 00015328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-07 13:00 - 2014-03-04 11:28 - 00003158 _____ () C:\Windows\System32\Tasks\Advanced System Optimizer
2014-03-07 13:00 - 2013-10-11 12:51 - 00000286 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-03-07 13:00 - 2009-07-13 23:45 - 00015328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-07 12:59 - 2013-06-22 14:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 12:53 - 2011-09-20 00:59 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-03-07 12:52 - 2014-03-07 12:52 - 00000316 _____ () C:\Windows\PFRO.log
2014-03-07 12:52 - 2014-03-06 10:02 - 00000056 _____ () C:\Windows\setupact.log
2014-03-07 12:52 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 10:13 - 2013-05-28 14:06 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-03-07 09:23 - 2013-11-01 13:49 - 00000000 ____D () C:\Program Files (x86)\VIPRE
2014-03-07 06:11 - 2011-09-19 19:01 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3AE09C85-92B7-4BAF-B46B-2E550FDECFCF}
2014-03-07 02:00 - 2013-09-17 10:53 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 3534355d-0df4-4e5e-9608-bd04a11b3060.job
2014-03-06 10:02 - 2014-03-06 10:02 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-06 05:11 - 2013-11-19 19:38 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-06 05:08 - 2013-02-14 03:23 - 00001058 _____ () C:\Windows\SysWOW64\CountScans.XML
2014-03-05 19:46 - 2013-12-04 10:44 - 00000000 ____D () C:\Program Files (x86)\Advanced System Optimizer 3
2014-03-05 17:15 - 2011-09-19 18:54 - 00000000 ____D () C:\Users\rhonda\AppData\Local\VirtualStore
2014-03-05 17:14 - 2014-03-05 17:14 - 00002941 _____ () C:\Users\rhonda\Desktop\HiJackThis.lnk
2014-03-05 17:14 - 2014-03-05 17:14 - 00000000 ____D () C:\Users\rhonda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-05 17:14 - 2011-09-21 10:01 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-03-05 17:12 - 2014-03-05 17:11 - 01402880 _____ () C:\Users\rhonda\Desktop\HijackThis.msi
2014-03-05 13:12 - 2013-08-26 19:17 - 00000000 ____D () C:\Program Files (x86)\Secure Speed Dial
2014-03-05 13:06 - 2013-12-04 10:45 - 00000460 _____ () C:\Windows\Tasks\ASOService.job
2014-03-05 11:47 - 2013-12-04 10:45 - 00000462 _____ () C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job
2014-03-05 11:47 - 2013-12-04 10:21 - 00000286 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-03-05 09:01 - 2013-08-26 17:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-04 11:28 - 2013-12-04 10:45 - 00002982 _____ () C:\Windows\System32\Tasks\ASOService
2014-03-04 10:03 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing
2014-03-04 02:57 - 2013-12-09 16:08 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-03 14:04 - 2012-01-23 20:18 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-03-02 01:03 - 2013-12-16 14:01 - 00000000 ____D () C:\Users\rhonda\Documents\ppeanutt_files
2014-03-02 01:03 - 2013-12-16 14:01 - 00000000 ____D () C:\Users\rhonda\Documents\brooke20_files
2014-03-02 01:03 - 2013-12-13 19:16 - 00000000 ____D () C:\Users\rhonda\Documents\hhunter_files
2014-03-02 01:03 - 2013-12-11 18:34 - 00000000 ____D () C:\Users\rhonda\Documents\Fisher & Paykel SleepStyle 200 Series CPAP Machine_files
2014-03-02 01:03 - 2013-10-25 14:03 - 00000000 ____D () C:\Users\rhonda\Documents\FastTech - Gadgets and Electronics_files
2014-03-02 01:03 - 2013-10-25 14:00 - 00000000 ____D () C:\Users\rhonda\Documents\$45.16 INNOKIN iTaste MVP 5-in-1 Voltage Adjustable Rechargeable 2600mAh Mechanical LCD Electronic Cigarettes Set - black with iClear 16 atomizers at FastTech - Worldwide Free Shipping_files
2014-03-02 01:03 - 2013-10-20 16:30 - 00000000 ____D () C:\Users\rhonda\Documents\BookVIP.com - Cheapest Vacation Packages To The Most Popular Destinations_files
2014-03-02 01:03 - 2013-10-16 12:24 - 00000000 ____D () C:\Users\rhonda\Documents\Big and Tall Jersey Knit Shorts Top Sellers for Men KingSizeDirect_files
2014-03-02 01:03 - 2013-10-08 13:02 - 00000000 ____D () C:\Users\rhonda\Documents\Hunting lease for deer season 30 ac. Haralson Co._files
2014-03-02 01:03 - 2013-10-04 17:13 - 00000000 ____D () C:\Users\rhonda\Documents\High-quality 128MB 128 MB Memory Card for Wii GameCube Game White New items in GainGame-Outlet store on eBay!_files
2014-03-02 01:03 - 2013-10-03 10:14 - 00000000 ____D () C:\Users\rhonda\Documents\AT&T Factory Unlocked iPhone 4 16GB_files
2014-03-02 01:03 - 2013-09-15 12:07 - 00000000 ____D () C:\Users\rhonda\Documents\Advanced Mobile Care Android Security for Mobile_files
2014-03-02 01:03 - 2013-09-08 13:01 - 00000000 ____D () C:\Users\rhonda\Documents\electronic cigarette eBay_files
2014-03-02 01:03 - 2013-09-05 09:25 - 00000000 ____D () C:\Users\rhonda\Documents\Home - Kooboodle Photos_files
2014-03-02 01:03 - 2013-02-16 16:37 - 00000000 ____D () C:\Users\rhonda\Documents\Wellness 101 - Optimal Health Through Wellness Wellness Mama_files
2014-03-02 01:03 - 2013-02-06 14:28 - 00000000 ____D () C:\Users\rhonda\Documents\Aguila SuperExtra Ammo 22 Long Rifle Subsonic 38 Grain Lead Hollow_files
2014-03-02 01:03 - 2013-02-05 19:01 - 00000000 ____D () C:\Users\rhonda\Documents\(13) Bobby Brantley_files
2014-03-02 01:03 - 2013-01-31 15:18 - 00000000 ____D () C:\Users\rhonda\Documents\Ammunition Cheap Ammo Reload Affordable Custom Ammo Gun_files
2014-03-02 01:03 - 2013-01-21 20:36 - 00000000 ____D () C:\Users\rhonda\Documents\Woman Within®_files
2014-03-02 01:03 - 2013-01-21 18:41 - 00000000 ____D () C:\Users\rhonda\Documents\Ammo To Go_files
2014-03-02 01:03 - 2013-01-20 23:27 - 00000000 ____D () C:\Users\rhonda\Documents\d and m vapes_files
2014-03-02 01:03 - 2013-01-19 14:58 - 00000000 ____D () C:\Users\rhonda\Documents\.357 Magnum 158gr Plated Semi-Wadcutter 100pk_files
2014-03-02 01:03 - 2013-01-19 14:33 - 00000000 ____D () C:\Users\rhonda\Documents\Advanced Bullets - Temple, GA_files
2014-03-02 01:03 - 2013-01-19 12:21 - 00000000 ____D () C:\Users\rhonda\Documents\justins scope_files
2014-03-02 01:03 - 2013-01-13 18:57 - 00000000 ____D () C:\Users\rhonda\Documents\RHONDAS PICTURES DO NOT TOUCH_files
2014-03-02 01:03 - 2013-01-13 18:55 - 00000000 ____D () C:\Users\rhonda\Documents\RHONDAS PICTURES DONT TOUCH_files
2014-03-02 01:03 - 2012-12-26 03:25 - 00000000 ____D () C:\Users\rhonda\Documents\christmas at justins 2012_files
2014-03-02 01:03 - 2012-12-05 23:40 - 00000000 ____D () C:\Users\rhonda\Documents\Specials Vaperite.com_files
2014-03-02 01:03 - 2012-12-05 23:34 - 00000000 ____D () C:\Users\rhonda\Documents\115ml HC Unflavored E-liquid [Z8 HC Unflavored 115ml] - $17.99 Healthcabin Electronic Cigarettes - Wholesale and Retail_files
2014-03-02 01:03 - 2012-12-05 23:28 - 00000000 ____D () C:\Users\rhonda\Documents\Anodized Pawn CE4 Drip Tip Drip Tips Vaperite.com_files
2014-03-02 01:03 - 2012-12-05 07:31 - 00000000 ____D () C:\Users\rhonda\Documents\Create a Custom T-Shirt - Vistaprint - Business Cards - Full Color Printing - Digital Printing Company Vistaprint_files
2014-03-02 01:03 - 2012-12-04 19:24 - 00000000 ____D () C:\Users\rhonda\Documents\(15) Facebook_files
2014-03-02 01:03 - 2012-09-07 19:18 - 00000000 ____D () C:\Users\rhonda\Documents\(78) Rhonda Hurley Pickel Cw_files
2014-03-02 01:03 - 2012-09-06 11:24 - 00000000 ____D () C:\Users\rhonda\Documents\Electronic Cigarettes E Cigarettes E Liquid Site - Electronic Cigarette Video_files
2014-03-02 01:03 - 2012-08-29 17:10 - 00000000 ____D () C:\Users\rhonda\Documents\Opry Member Trace Adkins - Opry.com_files
2014-03-02 01:03 - 2012-07-19 22:42 - 00000000 ____D () C:\Users\rhonda\Documents\e cig_files
2014-03-02 01:03 - 2012-07-18 13:44 - 00000000 ____D () C:\Users\rhonda\Documents\(39) Facebook_files
2014-03-02 01:03 - 2012-05-24 20:20 - 00000000 ____D () C:\Users\rhonda\Documents\cameras_files
2014-02-28 20:32 - 2009-07-14 00:13 - 00726444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 14:38 - 2013-12-04 10:45 - 00000432 _____ () C:\Windows\Tasks\ASO-OneClickCare.job
2014-02-27 14:35 - 2014-01-24 22:58 - 00000000 ____D () C:\Users\rhonda\AppData\Local\CrashDumps
2014-02-22 09:34 - 2013-12-10 00:05 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-21 13:00 - 2012-04-19 16:24 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 12:59 - 2012-04-19 16:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 12:59 - 2011-09-20 19:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-20 11:25 - 2013-05-28 14:06 - 00000000 ____D () C:\Program Files\My Dell
2014-02-20 11:25 - 2011-09-20 18:43 - 00000000 ____D () C:\ProgramData\PCDr
2014-02-17 10:40 - 2014-02-17 10:40 - 00002205 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-02-17 10:40 - 2014-02-17 10:40 - 00000000 ____D () C:\Users\Default\AppData\Local\WinZip
2014-02-17 10:40 - 2014-02-17 10:40 - 00000000 ____D () C:\Users\Default User\AppData\Local\WinZip
2014-02-17 10:40 - 2014-02-17 10:40 - 00000000 ____D () C:\ProgramData\WinZip
2014-02-17 10:40 - 2014-02-17 10:40 - 00000000 ____D () C:\Program Files\WinZip
2014-02-17 10:40 - 2013-01-17 03:38 - 00000000 ____D () C:\Windows\Patches
2014-02-17 10:14 - 2014-02-17 10:07 - 00000000 ____D () C:\9481374f8c049f51497b20cbb3
2014-02-17 10:14 - 2013-08-13 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 10:07 - 2011-09-20 00:02 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 12:19 - 2013-08-01 12:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 03:49 - 2013-06-22 14:30 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 03:48 - 2013-06-22 14:30 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-14 22:28 - 2014-02-14 22:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 00:24 - 2014-02-14 00:24 - 00000208 _____ () C:\Windows\SysWOW64\lanss_v111_lnsscomm.csv
2014-02-12 08:10 - 2014-02-12 12:33 - 00001194 _____ () C:\Users\rhonda\Desktop\Norton Installation Files - Copy.lnk
2014-02-12 08:10 - 2014-01-09 21:02 - 00001194 _____ () C:\Users\rhonda\Desktop\Norton Installation Files.lnk
2014-02-12 08:10 - 2014-01-09 21:02 - 00000000 ____D () C:\Users\rhonda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-02-12 08:10 - 2014-01-09 21:01 - 00000000 ____D () C:\ProgramData\Norton
2014-02-08 13:19 - 2013-04-03 12:35 - 00000000 ____D () C:\Users\rhonda\another madd face_files
2014-02-08 13:16 - 2011-09-19 18:54 - 00000000 ____D () C:\Users\rhonda
2014-02-06 14:43 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-02-06 07:16 - 2014-02-13 00:01 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-13 00:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-13 00:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-13 00:01 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-13 00:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-13 00:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-13 00:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-13 00:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-13 00:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-13 00:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-13 00:01 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-13 00:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-13 00:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-13 00:01 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-13 00:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-13 00:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-13 00:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-13 00:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-13 00:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-13 00:01 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-13 00:01 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-13 00:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-13 00:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-13 00:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-13 00:01 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-13 00:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-13 00:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-13 00:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:25 - 2014-02-13 00:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:24 - 2014-02-13 00:01 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-13 00:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-13 00:01 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-13 00:01 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-13 00:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-13 00:01 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-13 00:01 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-13 00:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-13 00:01 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-13 00:01 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 00:59

==================== End Of Log ============================

 

 

Additional:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2014 01
Ran by rhonda at 2014-03-07 23:11:02
Running from C:\Users\rhonda\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Security Suite (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: ThreatTrack Security VIPRE (Enabled - Up to date) {FFE93D16-FD09-0282-C7D3-8B1731B6A051}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: ThreatTrack Security VIPRE (Enabled - Up to date) {4488DCF2-DB33-0D0C-FD63-B0654A31EAEC}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: Norton Security Suite (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: ThreatTrack Security VIPRE (Enabled) {C7D2BC33-B766-03DA-EC8C-2222CF65E72A}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
AccelerateTab (HKLM-x32\...\AccelerateTab_is1) (Version: 2.0 - AccelerateTab)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced System Optimizer (HKLM-x32\...\{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1) (Version: 3.5.1000.15564 - Systweak Software)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.1.0 - IObit)
AntiLogger SDK version 1.6.6.296 (HKLM-x32\...\{4D46DE30-49FE-4043-99F7-D7E8C06175E0}_is1) (Version: 1.6.6.296 - Zemana Ltd.)
AVG 2014 (Version: 14.0.3629 - AVG Technologies) Hidden
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{D6E46FC2-B513-4B7D-8C8C-352F4735C541}) (Version: 12.54.02 - Broadcom Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version: - ‭Canon Inc.)
Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navig

Link to comment
Share on other sites

The last part of the log was cut off but we can continue.

 

Theres a lot going on here.

 

AdvancedSystemCareService7

Norton Security Suite

Sunbelt VIPRE Antivirus Service

IObit

 

You are running two antivirus and possibly two firewalls.

Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.

 

If you choose to install more than one Anti-Virus program on your computer, then only one of them should be active in memory at a time.

 

There are basically two types of these programs:

On-Access and On-Demand

 

On-Access Scanners

As the name implies, are scanners that run in the background all the time the PC is turned on and running. The main function of an On-Access scanner is to monitor activity on your machine.

 

On-Demand Scanners

As the name implies, are scanners that only run when you ask them to.

Such as: Online Scans and scanners that run on your machine but are not actively scanning your machine.

 

 

We DO NOT recommend the use of registry cleaners/optimizers for several reasons:

Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.

 

Advanced System Optimizer both contain a registry cleaner and so called System Optimizers - best to uninstall them and not use them.

 

~~~~~~~~~~~~~~~

Please try to uninstall

MyPC Backup

 

***********************

 

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.

Paste this into the open notepad. save it to the Desktop as fixlist.txt

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

 

start

SearchScopes: HKCU - {1C62AF5F-7774-4071-B6B2-36754841D103} URL = http://search.xfinit...q={searchTerms}

BHO: Slick Savings - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\rhonda\AppData\Roaming\Slick Savings\Coupons64.dll (Spigot, Inc.)

BHO: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File

BHO-x32: Slick Savings - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\rhonda\AppData\Roaming\Slick Savings\Coupons.dll (Spigot, Inc.)

BHO-x32: AccelerateTab - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)

BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File

FF user.js: detected! => C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\user.js

FF SearchEngineOrder.1: Ask.com Search

FF Homepage: hxxp://search.yahoo.com/?type=198484&fr=spigot-yhp-ff

FF SearchPlugin: C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\searchplugins\askcomsearch.xml

FF Extension: My Web Search - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\m3ffxtbr@mywebsearch.com [2012-01-22]

FF Extension: No Name - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\temp [2014-01-09]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-14]

CHR RestoreOnStartup: "hxxp://search.yahoo.com/?type=198484&fr=spigot-yhp-ch"

CHR HKCU\...\Chrome\Extension: [ihcgmidjhhnnjikpigolabhacfngibde] - C:\Users\rhonda\AppData\Local\CRE\ihcgmidjhhnnjikpigolabhacfngibde.crx [2012-07-26]

CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-20]

CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2014-02-20]

CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2014-02-20]

CHR HKLM-x32\...\Chrome\Extension: [ihcgmidjhhnnjikpigolabhacfngibde] - C:\Users\rhonda\AppData\Local\CRE\ihcgmidjhhnnjikpigolabhacfngibde.crx [2012-07-26]

CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2013-11-19]

S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe

Reboot:

end

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

-AdwCleaner-by Xplode

 

Click on this link to download : ADWCleaner

Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

 

Do not click on any links in the top Advertisment.

 

 

adwcleaner_download.png

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

thisisujrt.gif

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please post:

Fixlog.txt

C:\AdwCleaner.txt

JRT.txt

Link to comment
Share on other sites

No, thats not going to work. You placed it next to the RKill icon.

 

I didn't see the Farbar Recovery Scan Tool Icon?

I saw txt files from the tool but it appears it's either been deleted or moved?

 

Let's see if we ca find it.

 

Go to the Microsoft Orb/Start button

in the little window that opens at the bottom, copy and paste or type in Farbar Recovery Scan Most likely will find the txt files and thats OK.

If it's been located we need to move it to desktop.

If it's not found we'll download it to desktop again.

 

Please download Farbar Recovery Scan Tool

 

(use correct version for your system.....Which system am I using?)

Now, is there a Farbar Recovery Scan Tool Icon on your desktop?

Locate the Fixlog.txt (It's on your desktop I saw it)and slide it over next to the Farbar Recovery Scan Tool Icon.

Open Farbar Recovery Scan Tool and click on Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Link to comment
Share on other sites

No, thats not going to work. You placed it next to the RKill icon.

 

I didn't see the Farbar Recovery Scan Tool Icon?

I saw txt files from the tool but it appears it's either been deleted or moved?

 

Let's see if we ca find it.

 

Go to the Microsoft Orb/Start button

in the little window that opens at the bottom, copy and paste or type in Farbar Recovery Scan Most likely will find the txt files and thats OK.

If it's been located we need to move it to desktop.

If it's not found we'll download it to desktop again.

 

Please download Farbar Recovery Scan Tool

 

(use correct version for your system.....Which system am I using?)

Now, is there a Farbar Recovery Scan Tool Icon on your desktop?

Locate the Fixlog.txt (It's on your desktop I saw it)and slide it over next to the Farbar Recovery Scan Tool Icon.

Open Farbar Recovery Scan Tool and click on Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

desktop2.jpg

 

I just downloaded the Farbar again and it's the icon that you see right beside the rkill file. The file is called "FRST64". I have it circled. That's what I get when I download the file that you linked.

Link to comment
Share on other sites

ok good

now slide the fixlist.txt next to it.

Open FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Please also download and run the two other tools mentioned in my previous post with logs.

Link to comment
Share on other sites

fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-03-2014
Ran by rhonda at 2014-03-11 20:29:30 Run:1
Running from C:\Users\rhonda\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
SearchScopes: HKCU - {1C62AF5F-7774-4071-B6B2-36754841D103} URL = http://search.xfinit...q={searchTerms}
BHO: Slick Savings - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\rhonda\AppData\Roaming\Slick Savings\Coupons64.dll (Spigot, Inc.)
BHO: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO-x32: Slick Savings - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\rhonda\AppData\Roaming\Slick Savings\Coupons.dll (Spigot, Inc.)
BHO-x32: AccelerateTab - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
FF user.js: detected! => C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\user.js
FF SearchEngineOrder.1: Ask.com Search
FF Homepage: hxxp://search.yahoo.com/?type=198484&fr=spigot-yhp-ff
FF SearchPlugin: C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\searchplugins\askcomsearch.xml
FF Extension: My Web Search - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\m3ffxtbr@mywebsearch.com [2012-01-22]
FF Extension: No Name - C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\temp [2014-01-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-14]
CHR RestoreOnStartup: "hxxp://search.yahoo.com/?type=198484&fr=spigot-yhp-ch"
CHR HKCU\...\Chrome\Extension: [ihcgmidjhhnnjikpigolabhacfngibde] - C:\Users\rhonda\AppData\Local\CRE\ihcgmidjhhnnjikpigolabhacfngibde.crx [2012-07-26]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [ihcgmidjhhnnjikpigolabhacfngibde] - C:\Users\rhonda\AppData\Local\CRE\ihcgmidjhhnnjikpigolabhacfngibde.crx [2012-07-26]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2013-11-19]
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe
Reboot:
end
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1C62AF5F-7774-4071-B6B2-36754841D103} => Key deleted successfully.
HKCR\CLSID\{1C62AF5F-7774-4071-B6B2-36754841D103} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} => Key deleted successfully.
HKCR\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\user.js => Moved successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox homepage deleted successfully.
C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\searchplugins\askcomsearch.xml => Moved successfully.
C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\m3ffxtbr@mywebsearch.com => Moved successfully.
C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\temp => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => Moved successfully.
CHR RestoreOnStartup: "hxxp://search.yahoo.com/?type=198484&fr=spigot-yhp-ch" ==> The Chrome "Settings" can be used to fix the entry.
HKCU\SOFTWARE\Google\Chrome\Extensions\ihcgmidjhhnnjikpigolabhacfngibde => Key deleted successfully.
C:\Users\rhonda\AppData\Local\CRE\ihcgmidjhhnnjikpigolabhacfngibde.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh => Key deleted successfully.
C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj => Key deleted successfully.
"C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj => Key deleted successfully.
"C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihcgmidjhhnnjikpigolabhacfngibde => Key deleted successfully.
"C:\Users\rhonda\AppData\Local\CRE\ihcgmidjhhnnjikpigolabhacfngibde.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp => Key deleted successfully.
"C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx" => File/Directory not found.
BackupStack => Service deleted successfully.


The system needed a reboot.

==== End of Fixlog ====

 

Adwcleaner log:

 

# AdwCleaner v3.021 - Report created 11/03/2014 at 20:49:16
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : rhonda - RHONDA-PC
# Running from : C:\Users\rhonda\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\IObit Apps Toolbar
Folder Deleted : C:\Program Files (x86)\Secure Speed Dial
Folder Deleted : C:\Program Files (x86)\xfin_portal
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\rhonda\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\rhonda\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\rhonda\AppData\Local\OpenCandy
Folder Deleted : C:\Users\rhonda\AppData\Local\Temp\apn
Folder Deleted : C:\Users\rhonda\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\rhonda\AppData\LocalLow\comcasttb
Folder Deleted : C:\Users\rhonda\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\rhonda\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\rhonda\AppData\LocalLow\xfin_portal
Folder Deleted : C:\Users\rhonda\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\rhonda\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\rhonda\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\rhonda\AppData\Roaming\Slick Savings
Folder Deleted : C:\Users\rhonda\AppData\Roaming\Systweak
Folder Deleted : C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\xfin_portal
Folder Deleted : C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Folder Deleted : C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\adsremoval@adsremoval.net
Folder Deleted : C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\Extensions\speeddial@instair.net
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\searchplugins\bingp.xml
File Deleted : C:\Windows\Tasks\Driver Booster Update.job
File Deleted : C:\Windows\System32\Tasks\Driver Booster Update
File Deleted : C:\Windows\System32\Tasks\LaunchApp
File Deleted : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
File Deleted : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
File Deleted : C:\Windows\Tasks\RegClean Pro_UPDATES.job
File Deleted : C:\Windows\System32\Tasks\RegClean Pro_UPDATES

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08635077-8829-49E2-B338-C968817EB460}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20A3F109-F7C1-47B4-8098-8E654B264B1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C7478AB-3155-463E-936F-55F91F0F10D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9E1B65EE-A131-42B4-94CA-847505E2F611}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A11A6BD-7880-49BD-92D4-6F09D0BD3250}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{41564952-412D-5637-00A7-7A786E7484D7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\xfin_portal
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\xfin_portal
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\08awarrn.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com Search");
Line Deleted : user_pref("dom.ipc.plugins.enabled.npmywebs.dll", false);
Line Deleted : user_pref("extensions.AVIRA-V7.AUC_clientCache", "{\"AUC_CACHE\":{\"avira.com\":{\"c\":[1],\"ttl\":1393129572},\"msn.com\":{\"c\":[1],\"ttl\":1389982786},\"bing.com\":{\"c\":[1],\"ttl\":1387210527},\"[...]
Line Deleted : user_pref("extensions.AVIRA-V7.apn.tldcache", "{\"date\":1392368832342,\"domainList\":[\"ac\",\"com.ac\",\"edu.ac\",\"gov.ac\",\"net.ac\",\"mil.ac\",\"org.ac\",\"ad\",\"nom.ad\",\"ae\",\"co.ae\",\"net[...]
Line Deleted : user_pref("extensions.AVIRA-V7.com.avira.dnt.rules", "\"{\\\"Version\\\":39,\\\"Companies\\\":[{\\\"company\\\":\\\"Google Inc\\\",\\\"rules\\\":[{\\\"name\\\":\\\"Google Analytics\\\",\\\"category\\\[...]
Line Deleted : user_pref("extensions.AVIRA-V7.domain", "\"avira.search.ask.com\"");
Line Deleted : user_pref("extensions.AVIRA-V7.hpr_cr", "\"hxxp://avira.search.ask.com/?tpid=AVIRA-V7&o=APN11079&pf=&trgb=ALL&p2=%5EB0X%5EYYYYYY%5EYY%5EUS&gct=hp&apn_ptnrs=%5EB0X&apn_dtid=%5EYYYYYY%5EYY%5EUS&apn_dbr=[...]
Line Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.lastSearchProtectAction", "hxxp://www.msn.com/?pc=Z192&install_date=20110921|hxxp://www.msn.com/?pc=Z192&install_date=20110921||Ask.com");
Line Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar");
Line Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.startpage", "lf.startnow.com");

-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\rhonda\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [13967 octets] - [11/03/2014 20:44:50]
AdwCleaner[s0].txt - [13951 octets] - [11/03/2014 20:49:16]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [14012 octets] ##########

 

JRT log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by rhonda on Tue 03/11/2014 at 21:14:59.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EAB463C7-096B-4811-A99C-E20DA6F63503}
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\rhonda\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\rhonda\appdata\local\cre"



~~~ FireFox

Successfully deleted: [File] C:\Users\rhonda\AppData\Roaming\mozilla\firefox\profiles\08awarrn.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
Successfully deleted the following from C:\Users\rhonda\AppData\Roaming\mozilla\firefox\profiles\08awarrn.default\prefs.js

user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.update_url", "hxxp://tbupdate.zugo.com/ztb/update?partner_id={partner_id}&product_id={product_id}&affiliate_id={affiliate_id}
Emptied folder: C:\Users\rhonda\AppData\Roaming\mozilla\firefox\profiles\08awarrn.default\minidumps [199 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 03/11/2014 at 21:38:13.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Link to comment
Share on other sites

Good that worked very well.

 

Resetting Google Extensions

 

Open Google Chrome

Please type the command below into the Address Box

 

chrome:extensions

 

A new Tab will open in Google Chrome

I want you to look for anything that has the name "Spigot"

please click on that to remove the extension from your Browser

A confirmation dialog appears, click Remove.

 

~~~~~~~~~~~~~~~~~~~~~~

 

Please Run TFC by OldTimer to clear temporary files:

 

Download TFC from here http://oldtimer.geekstogo.com/TFC.exe

and save it to your desktop.

 

Close any open programs and Internet browsers.

Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.

Please be patient as clearing out temp files may take a while.

Once it completes you may be prompted to restart your computer, please do so.

Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

bf_new.gif Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

 

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

 

 

Please post this log in your next reply.

How is your computer now?

Link to comment
Share on other sites

Google will not function properly now. When I try and load it, I will get a message that says adblock and several other functions have crashed and Cherome is basically blank and will not load any page:

 

google.jpg

Edited by gaboyde88
Link to comment
Share on other sites

Can you remove adblock?

Uninstall an extension to remove it completely from the browser:

Click the Chrome menu (chrome://flags/) Chrome menu on the browser toolbar.
Click Tools.
Select Extensions.
Click the trash can icon Remove an extension from Chrome by the extension you'd like to completely remove.
A confirmation dialog appears, click Remove.



Accelelerate Tab has crashed
disabling Chrome's GPU Acceleration
1: Go to- chrome://flags/
2: Set "GPU compositing on all pages" to "Disabled"
http://www.sevenforums.com/tutorials/271264-chrome-gpu-hardware-acceleration-turn-off.html

 

 

 

Did this happen after you ran Malwarebytes' Anti-Malware?

Edited by Juliet
Link to comment
Share on other sites

can you try to boot into safe mode and see if the program will open long enough to make changes?

 

Of course you can uninstall, then reinstall.

 

Have you been able to run Malwarebytes' Anti-Malware?

Link to comment
Share on other sites

I was able to get rid of adblock under "safe mode". But I was unable to do the GPU thing as you requested because the option is not there to do so:

 

googlegpu.jpg

 

 

 

I tried to uninstall and reinstall google, but it did the samething. Also, my sister uses this computer most of the time and she said that she thinks it did happen after she ran Malwarebytes.

Edited by gaboyde88
Link to comment
Share on other sites

I might be wrong but was thinking that MBAM would go after extensions and addons.....so I have no idea what it did if the fact MBAM is even guilty. Don't uninstall Malwarebytes we may need it.

 

Let's try this:

 

It appears this Google Chrome user profile is corrupt, why, I don't know but let's create a new one.

create a new chrome profile

https://support.google.com/chrome/answer/2364824?hl=en

 

This is a troubleshooting page

Reset browser settings

https://support.google.com/chrome/answer/3296214?hl=en&ref_topic=1678460

 

Let's try the above before we attempt removing items from MBAM quarantine.

Link to comment
Share on other sites

Are all the below still installed on the computer?

 

AVG 2014

Constant Guard Protection Suite

Norton Security Suite

IObit\Advanced SystemCare

ThreatTrack Security VIPRE Antivirus?

 

Please check your add/remove programs list.

We need only 1 antivirus on the computer.

 

1. Click the wrench icon in the upper right corner of Google Chrome.

2. Options

3. Select the "Under the Hood" tab.

4. Clear browsing data

5. Select the "Empty the cache" check-box and uncheck the others (unless you want to remove that stuff too).

5. Click "Clear browsing data"

 

reboot and try to open Google Chrome again.

 

Next, if it still wont display, try rebooting your computer into safe mode with networking to check if it will load from here?

 

Next, let's try to locate the log from the last MBAM scan to check and see what it might have removed that would had caused this.

 

Open Malwarebytes' Anti-Malware

click the Logs tab

Highlight/click on the log file, at the bottom select open, copy and paste that log here for me to look at.

Link to comment
Share on other sites

Are all the below still installed on the computer?

 

AVG 2014

Constant Guard Protection Suite

Norton Security Suite

IObit\Advanced SystemCare

ThreatTrack Security VIPRE Antivirus?

 

Please check your add/remove programs list.

We need only 1 antivirus on the computer.

 

1. Click the wrench icon in the upper right corner of Google Chrome.

2. Options

3. Select the "Under the Hood" tab.

4. Clear browsing data

5. Select the "Empty the cache" check-box and uncheck the others (unless you want to remove that stuff too).

5. Click "Clear browsing data"

 

reboot and try to open Google Chrome again.

 

Next, if it still wont display, try rebooting your computer into safe mode with networking to check if it will load from here?

 

Next, let's try to locate the log from the last MBAM scan to check and see what it might have removed that would had caused this.

 

Open Malwarebytes' Anti-Malware

click the Logs tab

Highlight/click on the log file, at the bottom select open, copy and paste that log here for me to look at.

 

It appears my sister has removed Malwarebytes so I'm out of luck with that. But it's not overly important now anyway since mozilla is what is used most of the time. I've kept your attention for long enough anyway, so if we have any other steps go through as far as spyware removal goes it's fine if we move on to taking care of that.

Link to comment
Share on other sites

I would prefer now you do an online scan for remnants, this can take quite a bit of time depending how large your hard drive is.

 

Up to you.

 

Go here to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish
Link to comment
Share on other sites

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe.vir a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\SO.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\SO.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\VNT\vntldr.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\IObit Apps Toolbar\FF\components\iobitappsToolbarFF.dll.vir a variant of Win32/Toolbar.Widgi potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll.vir a variant of Win32/Toolbar.Widgi potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE64.dll.vir Win64/Toolbar.Widgi.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\xfin_portal\comcastdx.dll.vir a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\xfin_portal\comcasttb.dll.vir a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\xfin_portal\dtuser.exe.vir a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\rhonda\AppData\LocalLow\xfin_portal\comcastdx.dll.vir a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\rhonda\AppData\LocalLow\xfin_portal\comcasttb.dll.vir a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\rhonda\AppData\Roaming\Slick Savings\Coupons.dll.vir a variant of Win32/Toolbar.Widgi.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\rhonda\AppData\Roaming\Slick Savings\Coupons64.dll.vir Win64/Toolbar.Widgi.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\rhonda\AppData\Roaming\Slick Savings\CouponsHelper.exe.vir a variant of Win32/Toolbar.Widgi.F potentially unwanted application
C:\ProgramData\IObit\ASCDownloader\Advanced SystemCare.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\Users\All Users\IObit\ASCDownloader\Advanced SystemCare.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\Users\rhonda\Documents\ArcadeFrontierGames (1).exe Win32/OpenCandy potentially unsafe application
C:\Users\rhonda\Documents\ArcadeFrontierGames.exe Win32/OpenCandy potentially unsafe application
C:\Users\rhonda\Documents\rcpsetup5_dcomnew_util_300_dcomnew_util_300.exe Win32/Toolbar.Conduit.S potentially unwanted application
C:\Users\rhonda\Documents\rcpsetup9_dcomnew_util_300_dcomnew_util_300 (1).exe Win32/MyPCBackup.A potentially unwanted application
C:\Users\rhonda\Documents\rcpsetup9_dcomnew_util_300_dcomnew_util_300.exe Win32/MyPCBackup.A potentially unwanted application
C:\Users\rhonda\Documents\rcpsetup_dcnew_300_new (1).exe Win32/MyPCBackup.A potentially unwanted application
C:\Users\rhonda\Documents\rcpsetup_dcnew_300_new.exe Win32/MyPCBackup.A potentially unwanted application
C:\Users\rhonda\Downloads\advanced-systemcare-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\Users\rhonda\Downloads\asc-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\Users\rhonda\Downloads\chromeinstall-6u31.exe Win32/SpeedUpMyPC potentially unwanted application
C:\Users\rhonda\Downloads\CNET_TechTracker_2_0_4_Setup.exe Win32/OpenCandy potentially unsafe application
C:\Users\rhonda\Downloads\gtk2144-setup (1).exe probably a variant of Win32/1AntiVirus potentially unwanted application
C:\Users\rhonda\Downloads\gtk2144-setup.exe probably a variant of Win32/1AntiVirus potentially unwanted application
C:\Users\rhonda\Downloads\PhotoScape_V3.6.5.exe Win32/OpenCandy potentially unsafe application
C:\Users\rhonda\Downloads\rcpsetup2_dcomnew_sec_300_dcomnew_sec_300 (1).exe Win32/Systweak.B potentially unwanted application
C:\Users\rhonda\Downloads\rcpsetup2_dcomnew_sec_300_dcomnew_sec_300 (2).exe Win32/Systweak.B potentially unwanted application
C:\Users\rhonda\Downloads\rcpsetup2_dcomnew_sec_300_dcomnew_sec_300.exe Win32/Systweak.B potentially unwanted application
C:\Users\rhonda\Downloads\rcpsetup_dcomnew_sec_300_pd_dcomnew_sec_300_pd.exe Win32/Systweak.B potentially unwanted application
C:\Users\rhonda\Downloads\speedupmypc(1).exe Win32/SpeedUpMyPC potentially unwanted application
C:\Users\rhonda\Downloads\speedupmypc.exe Win32/SpeedUpMyPC potentially unwanted application
C:\Users\rhonda\Downloads\speedupmypc_lax1CKS06Zvtu4e3EBACGMTb06OsqcnTQyINNTAuMTUwLjM5LjIxMigB_ (1).exe Win32/SpeedUpMyPC potentially unwanted application
C:\Users\rhonda\Downloads\speedupmypc_lax1CKS06Zvtu4e3EBACGMTb06OsqcnTQyINNTAuMTUwLjM5LjIxMigB_.exe Win32/SpeedUpMyPC potentially unwanted application
C:\Users\rhonda\Downloads\trojen killer.exe probably a variant of Win32/1AntiVirus potentially unwanted application
C:\Users\rhonda\Downloads\winzip155.exe Win32/OpenCandy potentially unsafe application
C:\Users\rhonda\Downloads\WinZip175.exe a variant of Win32/OpenInstall potentially unwanted application
C:\Users\rhonda\Downloads\WinZipSystemUtilitiesSuite (1).exe a variant of Win32/OpenInstall potentially unwanted application
C:\Users\rhonda\Downloads\WinZipSystemUtilitiesSuite.exe a variant of Win32/OpenInstall potentially unwanted application
C:\Users\rhonda\Pictures\2013-11-10\asc-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\Users\rhonda\Pictures\2013-11-10\avg_avct_stb_all_2014_4116_cm10.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[2].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[3].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[2].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[3].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

Link to comment
Share on other sites

I also want to say that it seems like something might be wrong with the hard drive. It seems like my drive keeps running low on disk space, but no matter how much stuff I take off my computer the hard drive space keeps draining. I took over 100 gigs worth pictures off about two weeks ago and now my hard drive space is back down to 39 gigs. Do you suppose a virus could be doing that?

Edited by gaboyde88
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...