Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

cpu runs flat out and overheat ? [Closed]

Started by lurch 56 , Nov 20 2013 01:42 PM

  • This topic is locked This topic is locked

#16
lurch 56
Posted 02 December 2013 - 08:31 AM

lurch 56

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
hi been trying to do as asked but do not get pasted start> all programs > accessories right click command prompt and click administrator snip shot if required of stall point tried all i can think of to get past this cannot get to run ??? have left it over a hour as well to see if anything going on in background a1.JPG the laptop running allot better on home page fb tick over not clicking on anything 1 to 7 % cpu on game poker 65% + - 10% playable now at peaking at 85% cpu ram average at 45% can happily live with it like this please say if there is a important bit left to do a big thanks for your help
  • 0

Advertisements

#17
emeraldnzl
Posted 02 December 2013 - 01:16 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
From the screen shot it doesn't look like you followed the instruction to type:

sfc /scannow

and then press enter?

Note: see the gap in sfc /scannow... it should be there.
  • 0

#18
lurch 56
Posted 03 December 2013 - 01:43 PM

lurch 56

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
might of got it right this time hope this is the log you needed ====seem to run allot better now thanks for all the help =============== ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7e1d4b714698bf45a954243b9ca4d4c7
# engine=16117
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-03 06:23:16
# local_time=2013-12-03 06:23:16 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 32023 223627724 0 0
# scanned=178993
# found=22
# cleaned=22
# scan_time=13596
sh=419716F712489099B040AB846B565D808119B5E8 ft=1 fh=562d50baf79e8eca vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\ConduitEngin0.dll"
sh=419716F712489099B040AB846B565D808119B5E8 ft=1 fh=562d50baf79e8eca vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\tbSea2.dll"
sh=5F1274BB228892131502528652B6D1A10CBE90F5 ft=0 fh=0000000000000000 vn="Win32/DealPly.E application (deleted - quarantined)" ac=C fn="C:\Program Files\DealPly\DealPly.crx"
sh=AC5FF20D276340CF87044B6A9D603BE9B6520460 ft=0 fh=0000000000000000 vn="Win32/DealPly.J application (deleted - quarantined)" ac=C fn="C:\Program Files\DealPly\DealPly.xpi"
sh=FDB602244FD58944A8BDB2B4AA1C80F7D461EC44 ft=1 fh=d3b08b490a156516 vn="a variant of Win32/DealPly.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\DealPly\DealPlyIE.dll"
sh=D6E3758123FA1C4B9945BBF3359584ABA79C90F3 ft=1 fh=1253b0cb81c9b1bd vn="Win32/DealPly.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\DealPly\DealPlyUpdate.exe"
sh=D511C85A94649134C7BA8ECFD7876125A4C2F832 ft=1 fh=bdced5e2a18ee905 vn="a variant of Win32/DealPly.C application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\DealPly\DealPlyUpdateRun.exe"
sh=143416AAC4F6000C3A3235EB4EC955B4D0B6955E ft=1 fh=b68409d87b15670c vn="Win32/DealPly.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\DealPly\DealPlyUpdateVer.exe"
sh=CE87EDC0C5583B0B982AD7C423695AB0A58EFD85 ft=0 fh=0000000000000000 vn="Win32/DealPly.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcgaoafcmbadjkfdippkdddgkeaipbn\3.5.0.0_0\background.html"
sh=69CCDA651AC75BFC68BDB24812463FEB2045222E ft=1 fh=a5999594f3704ad4 vn="a variant of Win32/DomaIQ.AN application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ER8D2ZZ7\PngMxrdB[1].exe"
sh=69CCDA651AC75BFC68BDB24812463FEB2045222E ft=1 fh=a5999594f3704ad4 vn="a variant of Win32/DomaIQ.AN application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2XSG40HE\eset-online-scanner[1].exe"
sh=F39250B64A425EB4A5B0E1CC6A44C6895738C893 ft=1 fh=538b4eba877d7a40 vn="a variant of MSIL/DomaIQ.J application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\AppData\Local\temp\DM\installer.exe"
sh=69CCDA651AC75BFC68BDB24812463FEB2045222E ft=1 fh=a5999594f3704ad4 vn="a variant of Win32/DomaIQ.AN application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\AppData\Local\temp\DM\parent.txt"
sh=D2EAFFAD45CC86DE6E07E9D8E42440CD25DA5754 ft=1 fh=855d8e396d7ffddb vn="Win32/MyPCBackup.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\AppData\Local\temp\DM\software\Cloud_Backup_Setup.exe"
sh=3F7FB4678AB70D7B1AE86EF7001920862DF2B504 ft=1 fh=ece89d0abb04edde vn="a variant of Win32/DealPly.I application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\AppData\Local\temp\DM\software\Dealply.exe"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\AppData\Local\temp\DM\software\sp-downloader.exe"
sh=EA922DE5024BF384CB7A0FA4C46903851FAF4FA3 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Conduit.B application (deleted - quarantined)" ac=C fn="C:\Users\Paul\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\120529100635326.rsc"
sh=143416AAC4F6000C3A3235EB4EC955B4D0B6955E ft=1 fh=b68409d87b15670c vn="Win32/DealPly.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe"
sh=AF92D1D4DE9C0EE2D810A8DA2DABFEE1B7883B1B ft=1 fh=09e0ed20804ffd03 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\Downloads\Google Earth.exe"
sh=7F759C76B80339F63F659F8F70E1348F1CAA2767 ft=1 fh=c8110ac013175ed9 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\Downloads\YontooClientSetup.exe"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="a variant of Win32/Distromatic.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECKN3TYV\distro-search-protect-fix-3[1]"
sh=E4333469F3070D049E4FDA053756B96B9F59569B ft=1 fh=5e9b3d881266bb41 vn="Win32/Distromatic application (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0JR16MY\distro-search-protect-fix-2[1]"

Edited by lurch 56, 03 December 2013 - 02:09 PM.

  • 0

#19
emeraldnzl
Posted 03 December 2013 - 02:36 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again lurch 56,

seem to run allot better now thanks for all the help


Excellent news. :thumbsup:

Unless you have any other issues then I think you are good to go.

We have a couple of last steps to perform and then you're all set.Posted Image

Follow these steps to uninstall Combofix and some tools used in the removal of malware. This will also clean out and reset your Restore Points

  • Click START then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

    Posted Image
After that please go here to download OTC.

Run this program to remove the remaining tools we have been using.

If you are asked to reboot the machine to finish the Cleanup process choose Yes.

Any other tools remaining may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
----------------------------------------------------------------------------------------------------------------------
CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

* Click Start > Control Panel > System and Security > Windows Update
* Under Windows Update click on Turn automatic updating on or off
* Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
  • 0

#20
lurch 56
Posted 06 December 2013 - 12:25 AM

lurch 56

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
hi great was missing a uninstall link for one bit but not a problem somehow or something got in putting dam adds on snip shot of prob trying to log on here a1.JPG every time i click a add for something pop up on new page laptop running great cleared history etc can i run a restore to a pre prob to get rid of it
  • 0

#21
emeraldnzl
Posted 06 December 2013 - 12:45 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hmm... let's have a look.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#22
lurch 56
Posted 06 December 2013 - 03:17 AM

lurch 56

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
hi trying to get this right first time thanks for the help -----------------Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-12-2013
Ran by Paul (administrator) on USER-PC on 06-12-2013 09:00:37
Running from C:\Users\Paul\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
( ) C:\Windows\System32\lxeacoms.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Sage (UK) Limited) C:\Program Files\Common Files\Sage SData\Sage.SData.Service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
() C:\Program Files\albrechto\updatealbrechto.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPStart.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
(Yahoo! Inc) C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHAE.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHAE.EXE
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\Paul\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPStart] - C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-08-15] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-08-09] (Realtek Semiconductor)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [topi] - C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [411192 2007-03-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-05-22] (TOSHIBA Corporation)
HKLM\...\Run: [BlackBerryAutoUpdate] - C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [623960 2009-11-19] (Research In Motion Limited)
HKLM\...\Run: [RoxWatchTray] - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [236016 2009-07-08] (Sonic Solutions)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [YSearchProtection] - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKCU\...\Run: [igndlm.exe] - C:\Program Files\Download Manager\DLM.exe [1103216 2009-05-15] (IGN Entertainment)
HKCU\...\Run: [ISUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [206112 2008-10-24] (Macrovision Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHAE.EXE [249440 2013-09-15] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHAE.EXE [249440 2013-09-15] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Google Update] - C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-24] (Google Inc.)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe -update activex [351904 2013-07-04] (Adobe Systems Incorporated)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2007-06-27] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2007-06-27] ()
HKU\Guest\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Guest\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2007-06-27] ()
HKU\Guest\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2009-09-21] (Google Inc.)
HKU\Guest\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1000 J110 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1000 J110 series.lnk -> C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...439D111BE&SSPV=
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM - DefaultScope {6736FCF0-A792-4775-8859-257F76702CCA} URL = http://www.google.co...}&sourceid=ie7;
SearchScopes: HKLM - {6736FCF0-A792-4775-8859-257F76702CCA} URL = http://www.google.co...}&sourceid=ie7;
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {6736FCF0-A792-4775-8859-257F76702CCA} URL = http://www.google.co...1I7WZPC_enGB346
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://uk.search.yah...p={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: albrechto - {1881a451-f7fb-44bc-85b2-fcea4b1403e3} - C:\Program Files\albrechto\albrechtoBHO.dll (albrechto)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: PETN - {CE01C8B0-6401-45EF-AE02-97A3A65670FC} - C:\Users\Paul\AppData\Local\TidyNetwork\petn.dll ()
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP5F0C59BF-2356-4A94-B02F-7E2439D111BE&SSPV=", "hxxp://search.conduit.com/?ctid=CT3297986&SearchSource=48&CUI=UN45073175220672524&UM=2", "hxxp://search.conduit.com/?ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP5F0C59BF-2356-4A94-B02F-7E2439D111BE&SSPV="
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Paul\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Paul\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Paul\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (AVG Internet Security) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U24) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll No File
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Web Player\npdivx32.dll No File
CHR Plugin: (IGN Download Manager Plug-in) - C:\Program Files\Download Manager\npfpdlm.dll (IGN Entertainment)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Unity Player) - C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Paul\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (TidyNetwork ) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpipfmieopclkkpenkkcgdeoeilkdgkc\5.0.0.0_0
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd\3.1.1021_0
CHR Extension: (Safe Money) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0
CHR Extension: (Virtual Keyboard) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4794_0
CHR Extension: (albrechto) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkopijddpkmggacdghppacglggodkcod\1.0.0_0
CHR Extension: (Google Wallet) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (Anti-Banner) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx
CHR HKLM\...\Chrome\Extension: [ecdnkeodklpalhjkgeigeckkonbnddpi] - C:\Users\Paul\AppData\Local\CRE\ecdnkeodklpalhjkgeigeckkonbnddpi.crx
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx
CHR HKLM\...\Chrome\Extension: [nkopijddpkmggacdghppacglggodkcod] - C:\Program Files\albrechto\nkopijddpkmggacdghppacglggodkcod.crx
CHR HKLM\...\Chrome\Extension: [ojcgaoafcmbadjkfdippkdddgkeaipbn] - C:\Program Files\DealPly\DealPly.crx
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Jamie\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-10] (Kaspersky Lab ZAO)
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [598696 2010-04-14] ( )
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [233344 2012-06-28] ()
R2 Sage SData Service; C:\Program Files\Common Files\Sage SData\Sage.SData.Service.exe [49152 2009-08-21] (Sage (UK) Limited)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
R2 Update albrechto; C:\Program Files\albrechto\updatealbrechto.exe [66848 2013-11-13] ()
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC)
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo)
S2 TOSHIBA Bluetooth Service;

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17920 2008-04-25] (ArcSoft, Inc.)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-11-07] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [575584 2013-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-10] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145120 2013-06-06] (Kaspersky Lab ZAO)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [252416 2007-06-01] (Realtek Semiconductor Corporation )
R0 speedfan; C:\Windows\System32\speedfan.sys [5248 2006-09-24] (Windows ® 2000 DDK provider)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13024 2012-11-13] ()
S2 adfs; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; No ImagePath
S3 catchme; \??\C:\Users\Paul\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; No ImagePath
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2013-06-08] (Kaspersky Lab ZAO)
S3 LgBttPort; No ImagePath
S3 lgbusenum; No ImagePath
S3 LGVMODEM; No ImagePath
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; No ImagePath
S3 NwlnkFwd; No ImagePath
S3 RimUsb; No ImagePath
S3 Tosrfcom; No ImagePath
S3 usbbus; No ImagePath
S3 UsbDiag; No ImagePath
S3 USBModem; No ImagePath
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-06 09:00 - 2013-12-06 09:01 - 00023711 _____ C:\Users\Paul\Downloads\FRST.txt
2013-12-06 08:59 - 2013-12-06 08:59 - 01405939 _____ (Farbar) C:\Users\Paul\Downloads\FRST.exe
2013-12-06 01:34 - 2013-12-06 01:34 - 00000850 _____ C:\Users\Paul\.recently-used.xbel
2013-12-06 01:34 - 2013-12-06 01:34 - 00000000 ____D C:\Users\Paul\AppData\Roaming\gtk-2.0
2013-12-06 01:33 - 2013-12-06 01:33 - 00000000 ____D C:\Users\Paul\.thumbnails
2013-12-06 01:22 - 2013-12-06 03:25 - 00000000 ____D C:\Users\Paul\.gimp-2.6
2013-12-06 01:22 - 2013-12-06 01:22 - 00000000 ____D C:\Users\Paul\Documents\gegl-0.0
2013-12-06 01:20 - 2013-12-06 01:20 - 00000000 ____D C:\Users\Paul\AppData\Local\TidyNetwork
2013-12-06 01:19 - 2013-12-06 01:20 - 00000000 ____D C:\Program Files\albrechto
2013-12-06 01:18 - 2013-12-06 01:18 - 00000000 ____D C:\Users\Paul\AppData\Local\TNT2
2013-12-06 01:16 - 2013-12-06 01:16 - 79447248 _____ C:\Users\Paul\Downloads\gimp-setup.exe
2013-12-04 19:25 - 2013-12-04 19:26 - 06346448 _____ (PC Cleaners) C:\Users\Paul\Downloads\PC_Cleaner_Pro_Installer_a3.exe
2013-12-04 00:53 - 2013-12-04 00:55 - 00000000 ___SD C:\ComboFix
2013-12-03 19:31 - 2013-02-07 12:35 - 03574704 _____ (ESET) C:\Users\Paul\OnlineScanner64.ocx
2013-12-03 14:29 - 2013-12-04 11:27 - 00000000 ____D C:\Program Files\MyPC Backup
2013-12-03 14:29 - 2013-12-03 14:29 - 00000889 _____ C:\Users\Paul\Desktop\MyPC Backup.lnk
2013-12-03 14:29 - 2013-12-03 14:29 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-03 14:27 - 2013-12-03 17:54 - 00000000 ____D C:\Program Files\DealPly
2013-12-03 14:27 - 2013-12-03 14:27 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-12-03 14:27 - 2013-12-03 14:27 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DealPly
2013-12-03 13:51 - 2013-12-03 13:51 - 00000000 __SHD C:\found.002
2013-11-30 19:12 - 2011-06-26 06:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-30 19:12 - 2010-11-07 17:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-30 19:12 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-30 19:12 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-30 19:12 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-30 19:12 - 2000-08-31 00:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-30 19:12 - 2000-08-31 00:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-30 19:12 - 2000-08-31 00:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-30 19:09 - 2013-12-04 00:53 - 00000000 ____D C:\Qoobox
2013-11-30 19:08 - 2013-11-30 19:27 - 00000000 ____D C:\Windows\erdnt
2013-11-30 19:02 - 2013-11-30 19:03 - 05150163 ____R (Swearware) C:\Users\Paul\Downloads\ComboFix.exe
2013-11-30 03:28 - 2013-11-30 03:29 - 00170432 _____ C:\Windows\Minidump\Mini113013-01.dmp
2013-11-30 03:28 - 2013-11-30 03:28 - 195225146 _____ C:\Windows\MEMORY.DMP
2013-11-29 18:58 - 2013-11-29 18:58 - 00006213 _____ C:\Users\Paul\Downloads\JRT.txt
2013-11-29 18:50 - 2013-11-29 18:57 - 00023398 _____ C:\Users\Paul\Downloads\Addition.txt
2013-11-29 18:46 - 2013-12-03 19:19 - 00000000 ____D C:\FRST
2013-11-29 18:43 - 2013-11-29 18:44 - 01959024 _____ (Farbar) C:\Users\Paul\Downloads\FRST64.exe
2013-11-29 18:36 - 2013-11-29 18:36 - 00006213 _____ C:\Users\Paul\Desktop\JRT.txt
2013-11-29 18:26 - 2013-11-29 18:26 - 00000000 ____D C:\Windows\ERUNT
2013-11-29 18:10 - 2013-11-29 18:10 - 01034531 _____ (Thisisu) C:\Users\Paul\Downloads\JRT.exe
2013-11-23 23:44 - 2013-11-23 23:44 - 00915368 _____ (Oracle Corporation) C:\Users\Paul\Downloads\chromeinstall-7u45.exe
2013-11-22 23:30 - 2013-11-22 23:30 - 00000809 _____ C:\Users\Paul\Desktop\SpeedFan.lnk
2013-11-22 23:30 - 2013-11-22 23:30 - 00000809 _____ C:\Users\Guest\Desktop\SpeedFan.lnk
2013-11-22 23:30 - 2013-11-22 23:30 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2013-11-22 23:30 - 2013-11-22 23:30 - 00000000 ____D C:\Program Files\SpeedFan
2013-11-22 23:29 - 2013-11-22 23:30 - 00000045 _____ C:\Windows\system32\initdebug.nfo
2013-11-22 23:26 - 2013-11-22 23:27 - 01891864 _____ C:\Users\Paul\Downloads\installspeedfan440.exe
2013-11-20 15:01 - 2013-11-20 19:02 - 00060582 _____ C:\Users\Paul\Downloads\Extras.Txt
2013-11-20 14:58 - 2013-11-20 18:59 - 00095156 _____ C:\Users\Paul\Downloads\OTL.Txt
2013-11-20 14:38 - 2013-11-20 14:38 - 00602112 _____ (OldTimer Tools) C:\Users\Paul\Downloads\OTL.exe
2013-11-20 13:58 - 2013-11-20 13:58 - 02799296 _____ (Sysinternals - www.sysinternals.com) C:\Users\Paul\Downloads\procexp.exe
2013-11-14 14:00 - 2013-10-13 11:55 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 14:00 - 2013-10-13 11:55 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 14:00 - 2013-10-13 11:55 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-14 14:00 - 2013-10-13 11:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-14 14:00 - 2013-10-13 11:51 - 06018048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 14:00 - 2013-10-13 11:51 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 14:00 - 2013-10-13 11:51 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-11-14 14:00 - 2013-10-13 11:51 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-14 14:00 - 2013-10-13 11:51 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-14 14:00 - 2013-10-13 11:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-14 14:00 - 2013-10-13 11:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 14:00 - 2013-10-13 11:49 - 11111936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 14:00 - 2013-10-13 11:49 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 14:00 - 2013-10-13 11:49 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-14 14:00 - 2013-10-13 11:49 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-14 14:00 - 2013-10-13 11:49 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-14 14:00 - 2013-10-13 11:49 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 14:00 - 2013-10-13 11:49 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 14:00 - 2013-10-13 11:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 14:00 - 2013-10-13 11:49 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 14:00 - 2013-10-13 11:47 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2013-11-14 14:00 - 2013-10-13 10:09 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-14 14:00 - 2013-10-13 08:28 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-14 14:00 - 2013-10-13 08:27 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 14:00 - 2013-10-13 08:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-14 14:00 - 2013-10-13 08:25 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 14:00 - 2013-10-11 02:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 14:00 - 2013-10-11 02:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 14:00 - 2013-10-11 00:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-14 14:00 - 2013-10-03 12:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 14:00 - 2013-10-03 12:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

==================== One Month Modified Files and Folders =======

2013-12-06 09:01 - 2013-12-06 09:00 - 00023711 _____ C:\Users\Paul\Downloads\FRST.txt
2013-12-06 08:59 - 2013-12-06 08:59 - 01405939 _____ (Farbar) C:\Users\Paul\Downloads\FRST.exe
2013-12-06 08:50 - 2012-05-29 13:30 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005UA.job
2013-12-06 08:38 - 2010-02-03 22:36 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-06 08:30 - 2013-07-04 01:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-06 08:05 - 2013-10-10 16:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-06 07:47 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\tracing
2013-12-06 07:42 - 2006-11-02 12:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-06 07:42 - 2006-11-02 12:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-06 06:50 - 2012-05-29 13:30 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005Core.job
2013-12-06 06:43 - 2012-07-08 20:32 - 00000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005UA.job
2013-12-06 05:50 - 2010-05-16 09:50 - 00005708 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-06 05:50 - 2009-06-17 12:45 - 01575664 _____ C:\Windows\WindowsUpdate.log
2013-12-06 05:42 - 2012-06-04 21:28 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-12-06 05:42 - 2010-02-03 22:36 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-06 05:42 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-06 04:30 - 2006-11-02 13:01 - 00032610 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-06 03:25 - 2013-12-06 01:22 - 00000000 ____D C:\Users\Paul\.gimp-2.6
2013-12-06 01:34 - 2013-12-06 01:34 - 00000850 _____ C:\Users\Paul\.recently-used.xbel
2013-12-06 01:34 - 2013-12-06 01:34 - 00000000 ____D C:\Users\Paul\AppData\Roaming\gtk-2.0
2013-12-06 01:34 - 2010-12-11 16:15 - 00000000 ____D C:\Users\Paul
2013-12-06 01:33 - 2013-12-06 01:33 - 00000000 ____D C:\Users\Paul\.thumbnails
2013-12-06 01:22 - 2013-12-06 01:22 - 00000000 ____D C:\Users\Paul\Documents\gegl-0.0
2013-12-06 01:20 - 2013-12-06 01:20 - 00000000 ____D C:\Users\Paul\AppData\Local\TidyNetwork
2013-12-06 01:20 - 2013-12-06 01:19 - 00000000 ____D C:\Program Files\albrechto
2013-12-06 01:18 - 2013-12-06 01:18 - 00000000 ____D C:\Users\Paul\AppData\Local\TNT2
2013-12-06 01:17 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\Resources
2013-12-06 01:16 - 2013-12-06 01:16 - 79447248 _____ C:\Users\Paul\Downloads\gimp-setup.exe
2013-12-05 21:43 - 2012-07-08 20:32 - 00000900 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005Core.job
2013-12-05 19:58 - 2010-12-13 19:48 - 00000416 ____H C:\Windows\Tasks\User_Feed_Synchronization-{5B3F6DD2-6757-4ECD-A96C-3046CF43A301}.job
2013-12-04 19:26 - 2013-12-04 19:25 - 06346448 _____ (PC Cleaners) C:\Users\Paul\Downloads\PC_Cleaner_Pro_Installer_a3.exe
2013-12-04 11:27 - 2013-12-03 14:29 - 00000000 ____D C:\Program Files\MyPC Backup
2013-12-04 11:26 - 2007-09-13 17:07 - 00127138 _____ C:\Windows\PFRO.log
2013-12-04 01:06 - 2010-03-15 11:10 - 00065845 _____ C:\Windows\setupact.log
2013-12-04 00:55 - 2013-12-04 00:53 - 00000000 ___SD C:\ComboFix
2013-12-04 00:53 - 2013-11-30 19:09 - 00000000 ____D C:\Qoobox
2013-12-03 19:19 - 2013-11-29 18:46 - 00000000 ____D C:\FRST
2013-12-03 17:54 - 2013-12-03 14:27 - 00000000 ____D C:\Program Files\DealPly
2013-12-03 14:29 - 2013-12-03 14:29 - 00000889 _____ C:\Users\Paul\Desktop\MyPC Backup.lnk
2013-12-03 14:29 - 2013-12-03 14:29 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-03 14:27 - 2013-12-03 14:27 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-12-03 14:27 - 2013-12-03 14:27 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DealPly
2013-12-03 13:51 - 2013-12-03 13:51 - 00000000 __SHD C:\found.002
2013-11-30 19:29 - 2006-11-02 11:18 - 00000000 __RHD C:\Users\Default
2013-11-30 19:29 - 2006-11-02 11:18 - 00000000 ___RD C:\Users\Public
2013-11-30 19:27 - 2013-11-30 19:08 - 00000000 ____D C:\Windows\erdnt
2013-11-30 19:26 - 2006-11-02 10:23 - 00000215 _____ C:\Windows\system.ini
2013-11-30 19:03 - 2013-11-30 19:02 - 05150163 ____R (Swearware) C:\Users\Paul\Downloads\ComboFix.exe
2013-11-30 03:29 - 2013-11-30 03:28 - 00170432 _____ C:\Windows\Minidump\Mini113013-01.dmp
2013-11-30 03:28 - 2013-11-30 03:28 - 195225146 _____ C:\Windows\MEMORY.DMP
2013-11-30 03:28 - 2009-09-30 19:11 - 00000000 ____D C:\Windows\Minidump
2013-11-29 23:12 - 2012-10-02 18:13 - 00318265 _____ C:\Users\Paul\Downloads\Attachments_2012_10_2.zip
2013-11-29 18:58 - 2013-11-29 18:58 - 00006213 _____ C:\Users\Paul\Downloads\JRT.txt
2013-11-29 18:57 - 2013-11-29 18:50 - 00023398 _____ C:\Users\Paul\Downloads\Addition.txt
2013-11-29 18:44 - 2013-11-29 18:43 - 01959024 _____ (Farbar) C:\Users\Paul\Downloads\FRST64.exe
2013-11-29 18:36 - 2013-11-29 18:36 - 00006213 _____ C:\Users\Paul\Desktop\JRT.txt
2013-11-29 18:26 - 2013-11-29 18:26 - 00000000 ____D C:\Windows\ERUNT
2013-11-29 18:10 - 2013-11-29 18:10 - 01034531 _____ (Thisisu) C:\Users\Paul\Downloads\JRT.exe
2013-11-23 23:44 - 2013-11-23 23:44 - 00915368 _____ (Oracle Corporation) C:\Users\Paul\Downloads\chromeinstall-7u45.exe
2013-11-22 23:30 - 2013-11-22 23:30 - 00000809 _____ C:\Users\Paul\Desktop\SpeedFan.lnk
2013-11-22 23:30 - 2013-11-22 23:30 - 00000809 _____ C:\Users\Guest\Desktop\SpeedFan.lnk
2013-11-22 23:30 - 2013-11-22 23:30 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2013-11-22 23:30 - 2013-11-22 23:30 - 00000000 ____D C:\Program Files\SpeedFan
2013-11-22 23:30 - 2013-11-22 23:29 - 00000045 _____ C:\Windows\system32\initdebug.nfo
2013-11-22 23:27 - 2013-11-22 23:26 - 01891864 _____ C:\Users\Paul\Downloads\installspeedfan440.exe
2013-11-20 19:02 - 2013-11-20 15:01 - 00060582 _____ C:\Users\Paul\Downloads\Extras.Txt
2013-11-20 18:59 - 2013-11-20 14:58 - 00095156 _____ C:\Users\Paul\Downloads\OTL.Txt
2013-11-20 14:38 - 2013-11-20 14:38 - 00602112 _____ (OldTimer Tools) C:\Users\Paul\Downloads\OTL.exe
2013-11-20 13:58 - 2013-11-20 13:58 - 02799296 _____ (Sysinternals - www.sysinternals.com) C:\Users\Paul\Downloads\procexp.exe
2013-11-19 20:44 - 2009-09-02 15:15 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-18 17:50 - 2010-12-17 16:52 - 00000000 ____D C:\Users\Paul\Documents\WebCam Media
2013-11-15 20:23 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache
2013-11-15 11:27 - 2013-07-19 21:10 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 11:26 - 2006-11-02 10:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-11-11 05:50 - 2009-11-25 06:56 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-07 09:25 - 2013-10-10 16:40 - 00575584 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-11-07 09:25 - 2013-05-06 08:22 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys

Files to move or delete:
====================
C:\Users\Paul\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\Paul\AppData\Local\temp\BackupSetup.exe
C:\Users\Paul\AppData\Local\temp\nsl406D.exe
C:\Users\Paul\AppData\Local\temp\nsm4494.exe
C:\Users\Paul\AppData\Local\temp\nsmC9C8.exe
C:\Users\Paul\AppData\Local\temp\nswD1F3.exe
C:\Users\Paul\AppData\Local\temp\nsx4B88.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-06 05:52

==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-11-2013
Ran by Paul at 2013-11-29 18:50:49
Running from C:\Users\Paul\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Accounts (Version: 16.0.14.147)
Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Reader 8 (Version: 8.0.0)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
Apple Mobile Device Support (Version: 3.1.0.62)
Apple Software Update (Version: 2.1.2.120)
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.2.66)
ArcSoft WebCam Companion 3 (Version: )
ATI Catalyst Install Manager (Version: 3.0.641.0)
Basic Operation Guide EPSON SX430 Series
BlackBerry Desktop Software 5.0.1 (Version: 5.0.1.28)
BlackBerry Theme Studio 5.0 (Version: 5.0.0.0)
Bluetooth Stack for Windows by Toshiba (Version: v5.10.14(T))
Camera RAW Plug-In for EPSON Creativity Suite (Version: 2.1.0.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2007.0727.2307.39475)
Catalyst Control Center Graphics Full Existing (Version: 2007.0727.2307.39475)
Catalyst Control Center Graphics Full New (Version: 2007.0727.2307.39475)
Catalyst Control Center Graphics Light (Version: 2007.0727.2307.39475)
Catalyst Control Center Graphics Previews Vista (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Chinese Standard (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Chinese Traditional (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Czech (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Danish (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Dutch (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Finnish (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization French (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization German (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Greek (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Hungarian (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Italian (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Japanese (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Korean (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Norwegian (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Polish (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Portuguese (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Russian (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Spanish (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Swedish (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Thai (Version: 2007.0727.2307.39475)
Catalyst Control Center Localization Turkish (Version: 2007.0727.2307.39475)
CCC Help Chinese Standard (Version: 2007.0727.2306.39475)
CCC Help Chinese Traditional (Version: 2007.0727.2306.39475)
CCC Help Czech (Version: 2007.0727.2306.39475)
CCC Help Danish (Version: 2007.0727.2306.39475)
CCC Help Dutch (Version: 2007.0727.2306.39475)
CCC Help English (Version: 2007.0727.2306.39475)
CCC Help Finnish (Version: 2007.0727.2306.39475)
CCC Help French (Version: 2007.0727.2306.39475)
CCC Help German (Version: 2007.0727.2306.39475)
CCC Help Greek (Version: 2007.0727.2306.39475)
CCC Help Hungarian (Version: 2007.0727.2306.39475)
CCC Help Italian (Version: 2007.0727.2306.39475)
CCC Help Japanese (Version: 2007.0727.2306.39475)
CCC Help Korean (Version: 2007.0727.2306.39475)
CCC Help Norwegian (Version: 2007.0727.2306.39475)
CCC Help Polish (Version: 2007.0727.2306.39475)
CCC Help Portuguese (Version: 2007.0727.2306.39475)
CCC Help Russian (Version: 2007.0727.2306.39475)
CCC Help Spanish (Version: 2007.0727.2306.39475)
CCC Help Swedish (Version: 2007.0727.2306.39475)
CCC Help Thai (Version: 2007.0727.2306.39475)
CCC Help Turkish (Version: 2007.0727.2306.39475)
ccc-core-static (Version: 2007.0727.2307.39475)
ccc-utility (Version: 2007.0727.2307.39475)
CD/DVD Drive Acoustic Silencer (Version: 2.01.03)
Download Manager 2.3.9 (Version: 2.3.9)
DVD MovieFactory for TOSHIBA (Version: 5.3)
EPSON Attach To Email (Version: 1.01.0000)
EPSON Copy Utility 3 (Version: 3.2.0.0)
Epson Easy Photo Print 2 (Version: 2.2.4.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Event Manager (Version: 2.50.0000)
EPSON File Manager (Version: 1.3.0.0)
EPSON SX430 Series Printer Uninstall
EPSON-Drucker-Software
EpsonNet Print (Version: 2.5.00)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Google Chrome (HKCU Version: 31.0.1650.57)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.22.3)
GTK2-Runtime (Version: 2.22.0-2010-10-21-ash)
HP Deskjet 1000 J110 series Basic Device Software (Version: 28.0.1313.0)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 2 (Version: 1.6.0.20)
Java™ 6 Update 24 (Version: 6.0.240)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
Junk Mail filter update (Version: 14.0.8089.726)
Kaspersky Internet Security (Version: 14.0.0.4651)
LG MC USB U330 driver (Version: 1.0.0.0000)
LG USB Modem Drivers (Version: 4.9.4)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.20.8730.4)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Mobile Broadband HL Service (Version: 22.001.16.00.03)
MobileMe Control Panel (Version: 3.0.0.101)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network Guide EPSON SX430 Series
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Picasa 3 (Version: 3.9)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5464)
REALTEK RTL8187B Wireless LAN Driver (Version: Package:1.00.0008 Driver:6.1089.601.2007)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (Version: 3.51.01)
Roxio Media Manager (Version: 9.4.067)
Sage 50 Accounts 2010 (Version: 16.0.14.147)
Skins (Version: 2007.0727.2307.39475)
Sky Broadband (Version: 1.0.0)
Sky Broadband Browser Branding (Version: 1.0.0)
SpeedFan (remove only)
Synaptics Pointing Device Driver (Version: 10.0.11.1)
TOSHIBA Assist (Version: 2.01.04)
TOSHIBA ConfigFree (Version: 7.00.32)
TOSHIBA Disc Creator (Version: 2.0.0.8)
TOSHIBA DVD PLAYER (Version: 1.10.08)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Hardware Setup (Version: 2.00.06)
TOSHIBA Manuals (Version: 7.30)
Toshiba Online Product Information (Version: 1.00.0012)
TOSHIBA SD Memory Utilities (Version: 1.8.1.1)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD04))
TOSHIBA Supervisor Password (Version: 2.00.02)
TOSHIBA Value Added Package (Version: 1.0.30)
Unity Web Player (Version: 2.5.1f5_24931)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User's Guide EPSON SX430 Series
WD SmartWare (Version: 1.2.0.8)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Family Safety (Version: 14.0.8093.805)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

==================== Restore Points =========================

22-11-2013 11:12:50 Windows Update
23-11-2013 03:00:17 Windows Update
24-11-2013 03:00:16 Windows Update
25-11-2013 03:00:17 Windows Update
28-11-2013 11:19:12 Windows Update
29-11-2013 03:00:14 Windows Update

==================== Hosts content: ==========================

2006-11-02 10:23 - 2006-09-18 21:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {08664883-6C85-49C8-B7C6-E2A2E85FFF32} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005Core => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {08AA77BB-73DF-406B-A1C2-2E4472848426} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-Jamie => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {140E8AFB-BE8C-4B1C-A151-F812A9AB3F6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-03] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {37C84F3B-96FF-4E5E-BAAE-AFA6A5FA28EC} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4D861DAB-C46B-4618-B0FA-31D34E1BE334} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005UA => C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-24] (Google Inc.)
Task: {51BBCF98-FFFC-46C1-8D91-762672EA3CE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-04] (Adobe Systems Incorporated)
Task: {599EDB68-8D77-4F5B-9AA1-BA7459DD5E4D} - System32\Tasks\Microsoft\Windows\RestartManager\{2FC145CB-4B57-4c62-9B94-AD371B0932FB} => C:\Windows\System32\RmClient.exe [2006-11-02] (Microsoft Corporation)
Task: {9779E1C7-423A-4C44-B973-80E75C64FF06} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005UA => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {9EE4D3A7-0C84-4BBB-AE75-2B6FB171B25B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-03] (Google Inc.)
Task: {C61CF633-5B1C-42D9-85C4-F57DBFD78DFC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005Core => C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-24] (Google Inc.)
Task: {D7C6D4A7-3A8D-465D-B214-77E29BCDE105} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22] (Apple Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2009-11-25] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005Core.job => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005UA.job => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005Core.job => C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1954790308-1874760727-124245015-1005UA.job => C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{5B3F6DD2-6757-4ECD-A96C-3046CF43A301}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2007-09-13 15:16 - 2007-07-27 21:26 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2006-11-09 17:27 - 2006-11-09 17:27 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2007-09-13 16:59 - 2006-10-10 10:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2006-11-08 18:08 - 2006-11-08 18:08 - 00009216 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-10-07 11:57 - 2006-10-07 11:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2006-12-01 17:55 - 2006-12-01 17:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2011-01-08 15:49 - 2012-05-25 03:25 - 00921600 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-11-15 00:54 - 2013-11-14 11:29 - 04055504 _____ () C:\Users\Paul\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-15 00:54 - 2013-11-14 11:29 - 00399312 _____ () C:\Users\Paul\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-15 00:54 - 2013-11-14 11:28 - 01619408 _____ () C:\Users\Paul\AppData\Local\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-11-15 00:54 - 2013-11-14 11:29 - 13582800 _____ () C:\Users\Paul\AppData\Local\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft 6to4 Adapter #4
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/29/2013 06:40:50 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (11/29/2013 06:40:50 PM) (Source: LoadPerf) (User: )
Description: Performance16


System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-11-29 18:48:16.793
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 18:48:16.403
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 18:48:16.029
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 18:48:15.639
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 18:48:15.233
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kl1.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 18:48:14.827
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kl1.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 18:48:14.453
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kl1.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 18:48:14.079
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kl1.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 18:47:43.035
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 18:47:42.660
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 67%
Total physical RAM: 1917.32 MB
Available physical RAM: 617.02 MB
Total Pagefile: 4082.96 MB
Available Pagefile: 2147.6 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.62 MB

==================== Drives ================================

Drive c: (Vista) (Fixed) (Total:74.22 GB) (Free:24.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:73.36 GB) (Free:73.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 75B8CC3D)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=74 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=73 GB) - (Type=07 NTFS)

==================== End Of Log ============================ great looks like i got it right just noticed got a ghosting over your buttons will take pick

Edited by lurch 56, 06 December 2013 - 03:24 AM.

  • 0

#23
lurch 56
Posted 06 December 2013 - 03:29 AM

lurch 56

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
pick of a box over right hand lower corner of screen a1.JPG not clicking inside this box
  • 0

#24
emeraldnzl
Posted 06 December 2013 - 12:44 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hell lurch 56,

I don't know what you are indicating in that last post.

Moving on

It looks like you did not follow the instructions at post #19 to remove the tools we have been using. It's not good to leave old tools on your machine. Firstly, they become out of date almost immediately and are of little use and secondly, because during the removal process actions that the tool undertook to enable the cleaning process but might prevent your computer from working efficiently, are reversed.

It's not much point me helping if you don't follow the instructions.

Now

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

When your return please post
  • Fixlog.txt
  • AdwCleaner report
  • 0

#25
lurch 56
Posted 11 December 2013 - 08:15 AM

lurch 56

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
sorry about the slow reply lost net connection road works cut the cable now on dongle re running all as asked will post results asap
  • 0

Advertisements

#26
emeraldnzl
Posted 11 December 2013 - 01:03 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
:thumbsup:
  • 0

#27
emeraldnzl
Posted 04 April 2014 - 03:23 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP