[OfficerBooty]

This has been going on for a long time now and things need to become fixed. A while ago, my keyboard and mouse functions were accidentally deleted by a friend using my computer. When I brought it up to Staples, they attempted to redownload them but it wouldn't allow them to. They used their personal antivirus software and it said that there were about 56 viruses just on a quick scan, but it was much too expensive to fix. The entire time this has been happening, my computer has had trouble downloading various things. It seems to be alright with Steam games, but other software it has a problem with. For example, I have issues downloading League of Legends as well as Paint Tool Sai. I can't even download my printer disk information or even my drawing tabled disk. I have trouble downloading other antivirus software as well. I currently use Norton internet security and have ran several full computer scans. They never seem to pick up the viruses Staples seemed to have picked up.

 

Earlier today I downloaded Rkill and ran it through my computer. The following information came through a Notepad after running Rkill:

 

Rkill 2.6.6 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2014 BleepingComputer.com

More Information about Rkill can be found at this link:

 http://www.bleepingc...opic308364.html

 

Program started at: 05/27/2014 03:38:34 PM in x64 mode.

Windows Version: Windows 7 Home Premium Service Pack 1

 

Checking for Windows services to stop:

 

 * No malware services found to stop.

 

Checking for processes to terminate:

 

 * C:\Windows\System32\Drivers\WTSRV.EXE (PID: 3032) [WD-HEUR]

 * C:\ProgramData\lyricsgizm\lyricsgizm.exe (PID: 4220) [AU-HEUR]

 * C:\ProgramData\lyricsgizm\lyricsgizm.exe (PID: 5292) [AU-HEUR]

 * C:\Windows\SysWOW64\WTClient.exe (PID: 1560) [WD-HEUR]

 

4 proccesses terminated!

 

Checking Registry for malware related settings:

 

 * No issues found in the Registry.

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaneous checks:

 

 * No issues found.

 

Checking Windows Service Integrity: 

 

 * Windows Update (wuauserv) is not Running.

   Startup Type set to: Automatic (Delayed Start)

 

Searching for Missing Digital Signatures: 

 

 * No issues found.

 

Checking HOSTS File: 

 

 * No issues found.

 

 

After running this, it told me that I should be able to run my usual antivirus. I attempted to and no other risks were shown. I then tried to download League of Legends again and I got the same error saying that the file did not exist or that it wasn't able to load. It usually says the same information for most other things I try to download.

 

I've also attempted to run all OTLs given in the section and when the notepad opens up I get a notification/warning that says: "The filename, directory name, or volume label syntax is incorrect" and gives me a blank notepad.

 

EDIT:

 

I added the three notepad files that Essexboy told me to add after running Farbar Recovery Scan Tool! c:

 

I also forgot to add that, on occasion, any tabs I have open in Chrome tend to lag terribly. If I don't close Chrome quickly enough, the computer will either blue-screen or go black but recover with a pop-up saying that the Display Drive has been recovered.

Attached Files

•  Addition.txt   51.74KB   126 downloads
•  FRST.txt   65.49KB   105 downloads
•  Shortcut.txt   81KB   177 downloads

Edited by OfficerBooty, 28 May 2014 - 12:55 PM.

[Advertisements]

Hi there, lets try a different programme initially

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• Select both shortcut and additions at the bottom
• Press Scan button.
  
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please attach all 3 logs generated.

[Essexboy]

Hi there, lets try a different programme initially

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• Select both shortcut and additions at the bottom
• Press Scan button.
  
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please attach all 3 logs generated.

[OfficerBooty]

Hi there, lets try a different programme initially

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• Select both shortcut and additions at the bottom
• Press Scan button.
  
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please attach all 3 logs generated.

 

I added the three logs generated from Farbar into the original post above. If one appears missing, I'll be happy to copy and paste the information for you to look at directly.

 

Edit: I also added some more information I forgot to add in the original post.

Edited by OfficerBooty, 28 May 2014 - 12:56 PM.

[Essexboy]

OK we have a lot of stuff that should not be running, so we will need to take several runs at this

Download the attached Fixlist.txt to the same location as FRST

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click on Scan.
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

FINALY

Download OTL to your Desktop
Secondary link

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
  
• Select All Users
• Select LOP and Purity
• Under the Custom Scan box paste this in
  
  netsvcs
  BASESERVICES
  %SYSTEMDRIVE%\*.exe
  c:\program files (x86)\Google\Desktop
  c:\program files\Google\Desktop
  dir "%systemdrive%\*" /S /A:L /C
  /md5start
  rpcss.dll
  /md5stop
  CREATERESTOREPOINT
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Attach both logs

[OfficerBooty]

 

 

I ran FRST with the fixlist and fixed the problems there. This was the output:

 Fixlog.txt   6.7KB   122 downloads

 

I then downloaded AdwCleaner and followed the instructions given. This was the output:

 

# AdwCleaner v3.211 - Report created 28/05/2014 at 17:32:04

# Updated 26/05/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : ?Axel? - KRISTINA-HP

# Running from : C:\Users\?Axel?\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\SearchProtect

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\BitGuard

Folder Deleted : C:\ProgramData\DSearchLink

Folder Deleted : C:\ProgramData\IBUpdaterService

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\file scout

Folder Deleted : C:\Program Files (x86)\Playbryte

Folder Deleted : C:\Users\Axel\AppData\Roaming\SpecialSavings

Folder Deleted : C:\Users\?Axel?\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\?Axel?\AppData\LocalLow\Playbryte

Folder Deleted : C:\Users\?Axel?\AppData\Roaming\Babylon

Folder Deleted : C:\Users\?Axel?\AppData\Roaming\pccustubinstaller

Folder Deleted : C:\Users\?Axel?\AppData\Roaming\SpeedAnalysis2

Folder Deleted : C:\Users\?Axel?\AppData\Roaming\Mozilla\Firefox\Profiles\qegx1lb8.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

Folder Deleted : C:\Users\?Axel?\AppData\Roaming\Mozilla\Firefox\Profiles\qegx1lb8.default\Extensions\[email protected]

Folder Deleted : C:\Users\?Axel?\AppData\Roaming\Mozilla\Firefox\Profiles\qegx1lb8.default\Extensions\{b571bef6-1442-4313-a253-a2f637d4cdfb}

File Deleted : C:\Users\?Axel?\AppData\Roaming\Mozilla\Firefox\Profiles\qegx1lb8.default\Extensions\[email protected]

File Deleted : C:\END

File Deleted : C:\Users\?Axel?\AppData\Roaming\speedanalysis.ico

File Deleted : C:\Users\?Axel?\AppData\Roaming\Mozilla\Firefox\Profiles\qegx1lb8.default\bprotector_extensions.sqlite

File Deleted : C:\Users\?Axel?\AppData\Roaming\Mozilla\Firefox\Profiles\qegx1lb8.default\bprotector_prefs.js

File Deleted : C:\Users\?Axel?\AppData\Roaming\Mozilla\Firefox\Profiles\qegx1lb8.default\searchplugins\BrowserProtect.xml

File Deleted : C:\Users\?Axel?\AppData\Roaming\Mozilla\Firefox\Profiles\qegx1lb8.default\user.js

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aidbbndgjnlaclnmhkdimcdjiebjpdel

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Key Deleted : HKCU\Software\d57dcdbb06aec46

Key Deleted : HKLM\SOFTWARE\d57dcdbb06aec46

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279413

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_amnesia-the-dark-descent_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_amnesia-the-dark-descent_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_imvu_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_imvu_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai (1)_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai (1)_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai (2)_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai (2)_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\Claro LTD

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DataMngr

Key Deleted : HKCU\Software\Delta

Key Deleted : HKCU\Software\filescout

Key Deleted : HKCU\Software\IGearSettings

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\iVIDI Plugin

Key Deleted : HKCU\Software\SkillBrains

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\AppDataLow\Software

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Delta

Key Deleted : HKLM\Software\Playbryte

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DA399FC-350F-41AC-8CA6-B9F8496753BE}_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Playbryte

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service

Key Deleted : [x64] HKLM\SOFTWARE\DataMngr

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17041

 

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

 

-\\ Mozilla Firefox v28.0 (en-US)

 

[ File : C:\Users\?Axel?\AppData\Roaming\Mozilla\Firefox\Profiles\qegx1lb8.default\prefs.js ]

 

Line Deleted : user_pref("CT3279413.FF19Solved", "true");

Line Deleted : user_pref("CT3279413.UserID", "UN86970775189232921");

Line Deleted : user_pref("CT3279413.installDate", "16/5/2013 17:56:05");

Line Deleted : user_pref("CT3279413.installSessionId", "{0B8C1DF6-5FF8-4EBD-8862-BC40359DB636}");

Line Deleted : user_pref("CT3279413.installSp", "TRUE");

Line Deleted : user_pref("CT3279413.installerVersion", "1.4.2.3");

Line Deleted : user_pref("CT3279413.keyword", "true");

Line Deleted : user_pref("CT3279413.originalSearchAddressUrl", "hxxp://dts.search-results.com/sr?src=ffb&appid=139&systemid=406&sr=0&q=");

Line Deleted : user_pref("CT3279413.searchRevert", "false");

Line Deleted : user_pref("CT3279413.searchUserMode", "2");

Line Deleted : user_pref("CT3279413.versionFromInstaller", "10.16.1.21");

Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://dts.search-results.com/sr?src=ffb&appid=139&systemid=406&sr=0&q=");

Line Deleted : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=116143&tt=0413_1&babsrc=HP_clro&mntrId=fa224f0700000000000020107a2a7b18");

Line Deleted : user_pref("avg.install.userSPSettings", "Claro Search");

Line Deleted : user_pref("browser.search.defaultenginename", "Claro Search");

Line Deleted : user_pref("browser.search.order.1", "Search Results");

Line Deleted : user_pref("browser.search.selectedEngine", "Claro Search");

Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);

Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=120133&babsrc=NT_ss&mntrId=fa224f0700000000000020107a2a7b18");

Line Deleted : user_pref("myqna.searchquotes", "Y");

Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3279413");

Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279413&SearchSource=2&CUI=UN86970775189232921&UM=2&q=");

 

*************************

 

AdwCleaner[R0].txt - [14768 octets] - [28/05/2014 17:31:21]

AdwCleaner[S0].txt - [13531 octets] - [28/05/2014 17:32:04]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13592 octets] ##########

 

Then I went to download OTL and run it once more from both links only to get this warning/notification/pop-up:

 

It directly stopped the scan here with the following words. This is a screenshot of what came up. I'm not sure what the issue is with OTL and my computer, but I got no notepad files.

Edited by OfficerBooty, 28 May 2014 - 04:11 PM.

[Essexboy]

Hmmm there is something I am not seeing, time for the big boy

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

• Double click on ComboFix.exe & follow the prompts.
• Accept the disclaimer and allow to update if it asks
  
  
  
  
• When finished, it shall produce a log for you.
• Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

[OfficerBooty]

 

 

I did the same exact thing and I clicked on it. I also turned off Norton Internet Security. It ended up giving me this notification:

 

I actually get this notification on a lot of things I try to download and install.

[Essexboy]

I think we are looking at a system problem here
 
Download Windows All In One Repair from  Tweaking.com to your desktop, select the portable version

Run the programme

Select step 4 : Run System File Checker
 


Select Step 5 :  Back up your registry and create a system restore point



Then select the Start repairs tab and click Start



Select the following repair number items :

1
2
5
10
21
Once it has completed then reboot the system.
This may take a while as it has a lot of work to do

[OfficerBooty]

 

 

And here we come to yet another problem... I download it and it asks me to extract files. I extract them, try to run the repair application and I get:

 

 

This is a screenshot of the files shown and what pops up when I try to run the application.

 

I'm really sorry this is giving you so much trouble.

 

**EDIT: I've also tried redownloading it about four or five times and I continued to get the same problem.

Edited by OfficerBooty, 29 May 2014 - 12:24 PM.

[Essexboy]

OK lets do a partial fix using windows itself

Go Start > All programs > Accessories
Right click Command prompt  and select run as administrator
In the black box that opens type the following command and press enter:

sfc /scannow

 

Once it has completed then reboot and try windows all in one repair again

[OfficerBooty]

 

I did the command prompt and these were the results:

 

 

When I rebooted and attempted to run Windows All in One Repair again, I got the same message as before.

Edited by OfficerBooty, 29 May 2014 - 01:05 PM.

[Essexboy]

OK next trick could you reboot to safe mode :

 

Reboot the computer and press and hold F8

On the menu select Safe mode with networking

Once it has loaded then try combofix from there..

 

How long has the system been like this ?

[OfficerBooty]

OK next trick could you reboot to safe mode :

 

Reboot the computer and press and hold F8

On the menu select Safe mode with networking

Once it has loaded then try combofix from there..

 

How long has the system been like this ?

I rebooted to Safe Mode with Networking and tried to run Combofix. I got the same error message as before saying it couldn't load the installer.

 

As for how long the system has been like this, I'm not entirely sure. Perhaps a year or so, possibly more? I had hard drive problems about two years ago and had to replace the entire hard drive. The issues I have now happened a year or so later. These are just estimates, however. I'm not sure on the exact time.

[Essexboy]

I feel that at this stage it would probably be best to back up your personal data and initially try a repair of windows,  If that fails then a re-install would probably be best 

 

What are your thoughts on this ?

[OfficerBooty]

I feel that at this stage it would probably be best to back up your personal data and initially try a repair of windows,  If that fails then a re-install would probably be best 

 

What are your thoughts on this ?

I wouldn't mind trying that sort of thing. c: I'd prefer to not have to delete everything and start over again, but if I have to I will.