Need lots of help. I think browser has been hijacked. I get lots of popups even though settings are suppose to block them. Now I'm stuck in safe mode. Rebooting just restarts OS in safe mode. I've installed Spybot S&D and it found a bunch of everything. It quarantined a lot of it but it can't get rid of some things because it's stuck in safe mode? Please help. Please use "non-techy" language to explain things please. thanks for any help...
need help with hijacker, popups and stuck in safe mode [Solved]
Started by
leahcase
, Aug 15 2014 02:34 PM
-
This topic is locked
#2
Posted 15 August 2014 - 03:02 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Hi there lets have a look see
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Select additions at the bottom
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please attach both logs generated.
#3
Posted 15 August 2014 - 03:38 PM
leahcase
- Topic Starter
-
- Member
-
- 229 posts
Member
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2014
Ran by LEAH at 2014-08-15 16:31:13
Running from C:\Users\LEAH\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-zip v9.20 (HKLM-x32\...\7-zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION
Adblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: 4.3.0.1667 - Adblocker)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60629.2348 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0630.16.41755 - ATI) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{BCC01139-903A-6FC7-3358-85B0AE332601}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0630.16.41755 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0630.16.41755 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0630.16.41755 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help English (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help French (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help German (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
ccc-utility64 (Version: 2011.0630.16.41755 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Consumer Input Update Helper (x32 Version: 1.3.25.149 - Compete Inc.) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CrossReader (HKLM-x32\...\CrossReader) (Version: 1.29.153.0 - CrossReader)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
FamilySearch Indexing 3.17.7 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.17.7 - FamilySearch)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
flash-Enhancer (HKLM-x32\...\flash-Enhancer) (Version: 2.1 - flash-Enhancer.com) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 1.0.057 - Hewlett-Packard) Hidden
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010F0}) (Version: 7.0.100 - Oracle)
Java 7 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417011FF}) (Version: 7.0.110 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045F0}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.8.00.132 - Oracle, Inc.) Hidden
Java™ 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Lightspark 0.5.3-git (HKLM-x32\...\Lightspark) (Version: 0.5.3-git - Lightspark Team)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Downloader version 1.5 (HKLM-x32\...\Media Downloader_is1) (Version: 1.5 - Media Downloader)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Download Manager (HKLM-x32\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{389F8A7A-8611-42E8-8169-20D2BAF0C595}) (Version: 8.0.6362.215 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Security Essentials Packages (HKCU\...\Microsoft Security Essentials Packages) (Version: - ) <==== ATTENTION
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Mode (HKLM-x32\...\MovieMode) (Version: 2.7.22 - GenTechnologies Apps, LLC)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.103 - Panda Security)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 - NewspaperDirect Inc.)
QuickShare (HKLM-x32\...\{063C68D3-B0B7-4FBC-AE78-A81906C11888}) (Version: 10.165.60.13189 - Linkury Inc.) <==== ATTENTION
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SO_Booster (HKLM-x32\...\S-126785670) (Version: 2.1.0.1275 - PremiumSoft) <==== ATTENTION
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
videos MediaPlay-Air (HKLM-x32\...\videos MediaPlay-Air) (Version: 1.34.7.29 - enter) <==== ATTENTION
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
weDownload Manager (HKLM-x32\...\weDownload Manager) (Version: 1.29.153.0 - weDownload) <==== ATTENTION
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2014-08-15 13:38 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {14D516CC-E36C-4F31-83EF-F2034C8BD832} - System32\Tasks\weDownload Manager-chromeinstaller => C:\Program Files (x86)\weDownload Manager\weDownload Manager-chromeinstaller.exe <==== ATTENTION
Task: {1A823934-0A1F-4D6E-8026-EE0139D295D3} - System32\Tasks\DealPly => C:\Users\LEAH\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {1BDDE5BD-2C61-4680-9CCB-E72C1FA9E081} - System32\Tasks\weDownload Manager-updater => C:\Program Files (x86)\weDownload Manager\weDownload Manager-updater.exe <==== ATTENTION
Task: {245C0898-C011-454E-A441-5A60FD4EC089} - System32\Tasks\weDownload Manager-firefoxinstaller => C:\Program Files (x86)\weDownload Manager\weDownload Manager-firefoxinstaller.exe <==== ATTENTION
Task: {2AD21F3D-C942-4C8D-BD53-6D8B13F5A5CE} - System32\Tasks\weDownload Manager-enabler => C:\Program Files (x86)\weDownload Manager\weDownload Manager-enabler.exe <==== ATTENTION
Task: {57D18101-B2DE-422D-B52D-0254717C659C} - System32\Tasks\ASP => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {5C16A154-3BDE-41CC-824D-9F08D0B1D051} - System32\Tasks\Idle-Crawler Runner => %LOCALAPPDATA%\Idle-Crawler\Idle-Crawler.exe
Task: {6090FC54-A322-44F7-941A-D934DE287DD5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {80377DE5-F986-4BA3-A9C3-C79DB8A3CF63} - System32\Tasks\weDownload Manager-codedownloader => C:\Program Files (x86)\weDownload Manager\weDownload Manager-codedownloader.exe <==== ATTENTION
Task: {8CAB1C1C-7377-4E58-94B2-46D25950788F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {937738D7-E59D-483E-B103-FF1846150A31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9F888ADB-89C9-404A-950A-CF8DB5604191} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A4B7E510-74B2-4F35-9775-AD84D46B0233} - System32\Tasks\GC_Scheduler => %LOCALAPPDATA%\GCC\Controller.exe <==== ATTENTION
Task: {A60B99E8-13F8-46BC-B670-1CA5FB234082} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {B0AAD1D6-306A-4F18-ACA5-9F6B2A498B52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {CB93E69C-981F-43DD-AA8C-F051DE3D39C9} - System32\Tasks\{E49E27E2-E1B2-4853-AFB2-0DAE1C0E4197} => C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11] (Microsoft Corporation)
Task: {DDA0C6E3-72B8-4547-BE34-ECFD14BFEC51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E0D6E5FA-C24E-45E2-9B76-C07690C15221} - System32\Tasks\Search Armor => C:\Users\LEAH\AppData\Local\searcharmor\searcharmor\1.3.10.3\searcharmor.exe
Task: {E7DD0770-5F91-4A90-981C-521697E713C6} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\11857e4d-fbf7-4343-bae4-9c2b60badcd4.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-4.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-1.job => C:\Program Files (x86)\videos MediaPlay-Air\videos MediaPlay-Air-codedownloader.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-11.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-11.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-2.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-2.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-3.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-3.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-4.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-4.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-5.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-5.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-5_user.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-5.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-6.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-6.exe/czeXVoVH='videos MediaPlay-Air' /NTKQsLzu=61799 /tyutJad='001673' /ZhPjJOLxa='verticals-ads,intext,pops,shopping' /iqJRaLB='0' /QBsotRPK=4FC88C5FB2584495B3EFD61D5D97D8CFIE /PvJtTS=5e8361d19bf362abe040b0f3e4b379b1 /zMIKjxRrN=1_34_07_29 /mqtMO=1.34.7.29 /ZTXOElFrk=1406944895 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /EiqWCRllV=http://js.infogenservice.com /aaDFWNW=ch /coNJs /iUogpmnmb=videos MediaPlay-Air /CgnmDlF38e6253d-f4d8-4896-b378-715456db5bee.dll /rPhBrxCfX5d82242d-a170-4568-88ef-1a3f7e951572.dll /hfgFCwMmqbf036171-267d-4f87-b009-23fb67207197-64.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-7.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-7.exe5/eYUadnJG /czeXVoVH='videos MediaPlay-Air' /NTKQsLzu=61799 /tyutJad='001673' /ZhPjJOLxa='verticals-ads,intext,pops,shopping' /iqJRaLB='0' /QBsotRPK=4FC88C5FB2584495B3EFD61D5D97D8CFIE /PvJtTS=5e8361d19bf362abe040b0f3e4b379b1 /zMIKjxRrN=1_34_07_29 /mqtMO=1.34.7.29 /ZTXOElFrk=1406944895 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /EiqWCRllV=http://js.infogenservice.com /aaDFWNW=ch /coNJs /iUogpmnmb=videos MediaPlay-Air /CgnmDlF38e6253d-f4d8-4896-b378-715456db5bee.dll /rPhBrxCfX5d82242d-a170-4568-88ef-1a3f7e951572.dll /hfgFCwMmqbf036171-267d-4f87-b009-23fb67207197-64.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfb0238b62a485.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4a64d98ceb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLEAH.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PC HealthFix Desktop Alert.job => C:\ProgramData\PC HealthFix\PCHealthFix.exe
Task: C:\Windows\Tasks\PC HealthFix Desktop Warning.job => C:\ProgramData\PC HealthFix\PCHealthFix.exe
Task: C:\Windows\Tasks\PC HealthFix Malware Alert.job => C:\ProgramData\PC HealthFix\PCHealthFix.exe
Task: C:\Windows\Tasks\PC HealthFix Scan Results Alert.job => C:\ProgramData\PC HealthFix\PCHealthFix.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\SO_Booster-S-126785670.job => c:\programdata\wideblue installer\so_booster\SO_Booster.exe <==== ATTENTION
Task: C:\Windows\Tasks\VStart{A37B472A-8335-449F-9568-43ECC2907F06}.job => C:\Users\LEAH\AppData\Local\Temp\nslFEC4.tmp\vstub.exe
Task: C:\Windows\Tasks\weDownload Manager-chromeinstaller.job => C:\Program Files (x86)\weDownload Manager\weDownload Manager-chromeinstaller.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-06-12 15:06 - 2014-06-05 08:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 15:11 - 2014-06-05 08:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 15:03 - 2014-06-05 08:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-08-15 13:21 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\LEAH\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-08-15 13:21 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\LEAH\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-07-11 23:15 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\LEAH\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: DW7 => "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: iYogi Support Dock => "C:\Program Files (x86)\iYogi Support Dock\iYogiSupportDock.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: lsnfd
Description: lsnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lsnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/15/2014 00:38:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17239, time stamp: 0x53d22946
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0002417c
Faulting process id: 0x204c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (08/15/2014 00:22:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PepperZip.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 14cc
Start Time: 01cfb848e25b6201
Termination Time: 5
Application Path: C:\Program Files (x86)\PepperZip\PepperZip.exe
Report Id: 2f4370c4-243c-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:38:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 4.8.0.4428 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 7e8
Start Time: 01cfb83f835f90c2
Termination Time: 31
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: 0bef562b-2436-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:38:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 630
Start Time: 01cfb83f1a3f7135
Termination Time: 62
Application Path: C:\Windows\Explorer.EXE
Report Id: f0c75bee-2435-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:15:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CursorODBCSchema.exe, version: 0.0.0.0, time stamp: 0x53da1c99
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0x1210
Faulting application start time: 0xCursorODBCSchema.exe0
Faulting application path: CursorODBCSchema.exe1
Faulting module path: CursorODBCSchema.exe2
Report Id: CursorODBCSchema.exe3
Error: (08/14/2014 09:00:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2788
Start Time: 01cfb82c96735209
Termination Time: 13
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id: f4b249be-241f-11e4-aa73-3860770f2ad2
Error: (08/14/2014 05:45:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: searcharmor.exe, version: 1.1.0.2, time stamp: 0x53d9c677
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x08000008
Faulting process id: 0x13c8
Faulting application start time: 0xsearcharmor.exe0
Faulting application path: searcharmor.exe1
Faulting module path: searcharmor.exe2
Report Id: searcharmor.exe3
Error: (08/14/2014 05:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17239, time stamp: 0x53d22946
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x757ccb49
Faulting process id: 0x46c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (08/14/2014 05:34:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17239, time stamp: 0x53d22946
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x757ccb49
Faulting process id: 0xdec
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (08/14/2014 05:07:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 16a0
Start Time: 01cfb80b95cef2ac
Termination Time: 25
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id:
System errors:
=============
Error: (08/15/2014 03:20:12 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.179.2990.0
Update Source: %NT AUTHORITY59
Update Stage: 4.5.0216.00
Source Path: 4.5.0216.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (08/15/2014 03:20:12 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (08/15/2014 03:09:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068
Error: (08/15/2014 03:09:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/15/2014 03:09:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/15/2014 03:09:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/15/2014 03:09:08 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (08/15/2014 03:09:07 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (08/15/2014 03:09:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/15/2014 03:09:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Microsoft Office Sessions:
=========================
Error: (08/15/2014 00:38:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1723953d22946ole32.dll6.1.7601.175144ce7b96fc00000050002417c204c01cfb8afb9b3bee1C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\ole32.dll0807914c-24a3-11e4-a17f-3860770f2ad2
Error: (08/15/2014 00:22:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: PepperZip.exe1.0.0.014cc01cfb848e25b62015C:\Program Files (x86)\PepperZip\PepperZip.exe2f4370c4-243c-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:38:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CCleaner64.exe4.8.0.44287e801cfb83f835f90c231C:\Program Files\CCleaner\CCleaner64.exe0bef562b-2436-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:38:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756763001cfb83f1a3f713562C:\Windows\Explorer.EXEf0c75bee-2435-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:15:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CursorODBCSchema.exe0.0.0.053da1c99ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be121001cfb83f9980dbc9C:\Windows\SysWOW64\CursorODBCSchema\CursorODBCSchema.exeC:\Windows\SysWOW64\ntdll.dlld9534488-2432-11e4-a17f-3860770f2ad2
Error: (08/14/2014 09:00:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.17239278801cfb82c9673520913C:\Program Files\Internet Explorer\iexplore.exef4b249be-241f-11e4-aa73-3860770f2ad2
Error: (08/14/2014 05:45:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: searcharmor.exe1.1.0.253d9c677unknown0.0.0.000000000c00000050800000813c801cfb79d146ba2cbC:\Users\LEAH\AppData\Local\searcharmor\searcharmor\1.3.10.3\searcharmor.exeunknownb2bc44a6-2404-11e4-aa73-3860770f2ad2
Error: (08/14/2014 05:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1723953d22946unknown0.0.0.000000000c0000005757ccb4946c01cfb8110035c0c8C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown5a85a5f2-2404-11e4-aa73-3860770f2ad2
Error: (08/14/2014 05:34:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1723953d22946unknown0.0.0.000000000c0000005757ccb49dec01cfb80c8cc8e4f3C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown264a54b0-2403-11e4-aa73-3860770f2ad2
Error: (08/14/2014 05:07:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1723916a001cfb80b95cef2ac25C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
==================== Memory info ===========================
Processor: AMD E2-3200 APU with Radeon™ HD Graphics
Percentage of memory in use: 53%
Total physical RAM: 3570.82 MB
Available physical RAM: 1676.65 MB
Total Pagefile: 7139.83 MB
Available Pagefile: 5259.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:919.68 GB) (Free:866.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.74 GB) (Free:1.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (My Book) (Fixed) (Total:232.83 GB) (Free:211.11 GB) FAT32
Drive h: () (Removable) (Total:6.94 GB) (Free:6.94 GB) FAT32
Drive i: (MISC) (Removable) (Total:1.87 GB) (Free:1.46 GB) FAT
Drive j: (RECOVER MEDIA ONLY ONCE) (Removable) (Total:29.82 GB) (Free:19.51 GB) NTFS
Drive k: (LEAH GENOLO) (Removable) (Total:3.72 GB) (Free:2.1 GB) FAT32
Drive l: (JIMS) (Removable) (Total:7.45 GB) (Free:7.38 GB) FAT32
Drive m: (BACKUP) (Removable) (Total:29.8 GB) (Free:11.47 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 7482C7C6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 233 GB) (Disk ID: 8F9C798A)
Partition 1: (Not Active) - (Size=233 GB) - (Type=0C)
========================================================
Disk: 3 (Size: 30 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 4 (Size: 30 GB) (Disk ID: 0806D320)
Partition 1: (Active) - (Size=30 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 4 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 6 (Size: 2 GB) (Disk ID: 0C6B0413)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)
========================================================
Disk: 7 (Size: 7 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 8 (Size: 7 GB) (Disk ID: 7933CD6C)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=510 MB) - (Type=82)
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2014
Ran by LEAH at 2014-08-15 16:31:13
Running from C:\Users\LEAH\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-zip v9.20 (HKLM-x32\...\7-zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION
Adblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: 4.3.0.1667 - Adblocker)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60629.2348 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0630.16.41755 - ATI) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{BCC01139-903A-6FC7-3358-85B0AE332601}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0630.16.41755 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0630.16.41755 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0630.16.41755 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help English (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help French (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help German (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
ccc-utility64 (Version: 2011.0630.16.41755 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Consumer Input Update Helper (x32 Version: 1.3.25.149 - Compete Inc.) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CrossReader (HKLM-x32\...\CrossReader) (Version: 1.29.153.0 - CrossReader)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
FamilySearch Indexing 3.17.7 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.17.7 - FamilySearch)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
flash-Enhancer (HKLM-x32\...\flash-Enhancer) (Version: 2.1 - flash-Enhancer.com) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 1.0.057 - Hewlett-Packard) Hidden
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010F0}) (Version: 7.0.100 - Oracle)
Java 7 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417011FF}) (Version: 7.0.110 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045F0}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.8.00.132 - Oracle, Inc.) Hidden
Java™ 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Lightspark 0.5.3-git (HKLM-x32\...\Lightspark) (Version: 0.5.3-git - Lightspark Team)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Downloader version 1.5 (HKLM-x32\...\Media Downloader_is1) (Version: 1.5 - Media Downloader)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Download Manager (HKLM-x32\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{389F8A7A-8611-42E8-8169-20D2BAF0C595}) (Version: 8.0.6362.215 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Security Essentials Packages (HKCU\...\Microsoft Security Essentials Packages) (Version: - ) <==== ATTENTION
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Mode (HKLM-x32\...\MovieMode) (Version: 2.7.22 - GenTechnologies Apps, LLC)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.103 - Panda Security)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 - NewspaperDirect Inc.)
QuickShare (HKLM-x32\...\{063C68D3-B0B7-4FBC-AE78-A81906C11888}) (Version: 10.165.60.13189 - Linkury Inc.) <==== ATTENTION
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SO_Booster (HKLM-x32\...\S-126785670) (Version: 2.1.0.1275 - PremiumSoft) <==== ATTENTION
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
videos MediaPlay-Air (HKLM-x32\...\videos MediaPlay-Air) (Version: 1.34.7.29 - enter) <==== ATTENTION
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
weDownload Manager (HKLM-x32\...\weDownload Manager) (Version: 1.29.153.0 - weDownload) <==== ATTENTION
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2014-08-15 13:38 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {14D516CC-E36C-4F31-83EF-F2034C8BD832} - System32\Tasks\weDownload Manager-chromeinstaller => C:\Program Files (x86)\weDownload Manager\weDownload Manager-chromeinstaller.exe <==== ATTENTION
Task: {1A823934-0A1F-4D6E-8026-EE0139D295D3} - System32\Tasks\DealPly => C:\Users\LEAH\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {1BDDE5BD-2C61-4680-9CCB-E72C1FA9E081} - System32\Tasks\weDownload Manager-updater => C:\Program Files (x86)\weDownload Manager\weDownload Manager-updater.exe <==== ATTENTION
Task: {245C0898-C011-454E-A441-5A60FD4EC089} - System32\Tasks\weDownload Manager-firefoxinstaller => C:\Program Files (x86)\weDownload Manager\weDownload Manager-firefoxinstaller.exe <==== ATTENTION
Task: {2AD21F3D-C942-4C8D-BD53-6D8B13F5A5CE} - System32\Tasks\weDownload Manager-enabler => C:\Program Files (x86)\weDownload Manager\weDownload Manager-enabler.exe <==== ATTENTION
Task: {57D18101-B2DE-422D-B52D-0254717C659C} - System32\Tasks\ASP => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {5C16A154-3BDE-41CC-824D-9F08D0B1D051} - System32\Tasks\Idle-Crawler Runner => %LOCALAPPDATA%\Idle-Crawler\Idle-Crawler.exe
Task: {6090FC54-A322-44F7-941A-D934DE287DD5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {80377DE5-F986-4BA3-A9C3-C79DB8A3CF63} - System32\Tasks\weDownload Manager-codedownloader => C:\Program Files (x86)\weDownload Manager\weDownload Manager-codedownloader.exe <==== ATTENTION
Task: {8CAB1C1C-7377-4E58-94B2-46D25950788F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {937738D7-E59D-483E-B103-FF1846150A31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9F888ADB-89C9-404A-950A-CF8DB5604191} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A4B7E510-74B2-4F35-9775-AD84D46B0233} - System32\Tasks\GC_Scheduler => %LOCALAPPDATA%\GCC\Controller.exe <==== ATTENTION
Task: {A60B99E8-13F8-46BC-B670-1CA5FB234082} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {B0AAD1D6-306A-4F18-ACA5-9F6B2A498B52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {CB93E69C-981F-43DD-AA8C-F051DE3D39C9} - System32\Tasks\{E49E27E2-E1B2-4853-AFB2-0DAE1C0E4197} => C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11] (Microsoft Corporation)
Task: {DDA0C6E3-72B8-4547-BE34-ECFD14BFEC51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E0D6E5FA-C24E-45E2-9B76-C07690C15221} - System32\Tasks\Search Armor => C:\Users\LEAH\AppData\Local\searcharmor\searcharmor\1.3.10.3\searcharmor.exe
Task: {E7DD0770-5F91-4A90-981C-521697E713C6} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\11857e4d-fbf7-4343-bae4-9c2b60badcd4.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-4.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-1.job => C:\Program Files (x86)\videos MediaPlay-Air\videos MediaPlay-Air-codedownloader.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-11.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-11.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-2.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-2.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-3.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-3.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-4.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-4.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-5.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-5.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-5_user.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-5.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-6.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-6.exe/czeXVoVH='videos MediaPlay-Air' /NTKQsLzu=61799 /tyutJad='001673' /ZhPjJOLxa='verticals-ads,intext,pops,shopping' /iqJRaLB='0' /QBsotRPK=4FC88C5FB2584495B3EFD61D5D97D8CFIE /PvJtTS=5e8361d19bf362abe040b0f3e4b379b1 /zMIKjxRrN=1_34_07_29 /mqtMO=1.34.7.29 /ZTXOElFrk=1406944895 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /EiqWCRllV=http://js.infogenservice.com /aaDFWNW=ch /coNJs /iUogpmnmb=videos MediaPlay-Air /CgnmDlF38e6253d-f4d8-4896-b378-715456db5bee.dll /rPhBrxCfX5d82242d-a170-4568-88ef-1a3f7e951572.dll /hfgFCwMmqbf036171-267d-4f87-b009-23fb67207197-64.exe
Task: C:\Windows\Tasks\bf036171-267d-4f87-b009-23fb67207197-7.job => C:\Program Files (x86)\videos MediaPlay-Air\bf036171-267d-4f87-b009-23fb67207197-7.exe5/eYUadnJG /czeXVoVH='videos MediaPlay-Air' /NTKQsLzu=61799 /tyutJad='001673' /ZhPjJOLxa='verticals-ads,intext,pops,shopping' /iqJRaLB='0' /QBsotRPK=4FC88C5FB2584495B3EFD61D5D97D8CFIE /PvJtTS=5e8361d19bf362abe040b0f3e4b379b1 /zMIKjxRrN=1_34_07_29 /mqtMO=1.34.7.29 /ZTXOElFrk=1406944895 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /EiqWCRllV=http://js.infogenservice.com /aaDFWNW=ch /coNJs /iUogpmnmb=videos MediaPlay-Air /CgnmDlF38e6253d-f4d8-4896-b378-715456db5bee.dll /rPhBrxCfX5d82242d-a170-4568-88ef-1a3f7e951572.dll /hfgFCwMmqbf036171-267d-4f87-b009-23fb67207197-64.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfb0238b62a485.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4a64d98ceb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLEAH.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PC HealthFix Desktop Alert.job => C:\ProgramData\PC HealthFix\PCHealthFix.exe
Task: C:\Windows\Tasks\PC HealthFix Desktop Warning.job => C:\ProgramData\PC HealthFix\PCHealthFix.exe
Task: C:\Windows\Tasks\PC HealthFix Malware Alert.job => C:\ProgramData\PC HealthFix\PCHealthFix.exe
Task: C:\Windows\Tasks\PC HealthFix Scan Results Alert.job => C:\ProgramData\PC HealthFix\PCHealthFix.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\SO_Booster-S-126785670.job => c:\programdata\wideblue installer\so_booster\SO_Booster.exe <==== ATTENTION
Task: C:\Windows\Tasks\VStart{A37B472A-8335-449F-9568-43ECC2907F06}.job => C:\Users\LEAH\AppData\Local\Temp\nslFEC4.tmp\vstub.exe
Task: C:\Windows\Tasks\weDownload Manager-chromeinstaller.job => C:\Program Files (x86)\weDownload Manager\weDownload Manager-chromeinstaller.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-06-12 15:06 - 2014-06-05 08:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 15:11 - 2014-06-05 08:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 15:03 - 2014-06-05 08:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-08-15 13:21 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\LEAH\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-08-15 13:21 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\LEAH\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-07-11 23:15 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\LEAH\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: DW7 => "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: iYogi Support Dock => "C:\Program Files (x86)\iYogi Support Dock\iYogiSupportDock.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: lsnfd
Description: lsnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lsnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/15/2014 00:38:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17239, time stamp: 0x53d22946
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0002417c
Faulting process id: 0x204c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (08/15/2014 00:22:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PepperZip.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 14cc
Start Time: 01cfb848e25b6201
Termination Time: 5
Application Path: C:\Program Files (x86)\PepperZip\PepperZip.exe
Report Id: 2f4370c4-243c-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:38:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 4.8.0.4428 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 7e8
Start Time: 01cfb83f835f90c2
Termination Time: 31
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: 0bef562b-2436-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:38:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 630
Start Time: 01cfb83f1a3f7135
Termination Time: 62
Application Path: C:\Windows\Explorer.EXE
Report Id: f0c75bee-2435-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:15:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CursorODBCSchema.exe, version: 0.0.0.0, time stamp: 0x53da1c99
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0x1210
Faulting application start time: 0xCursorODBCSchema.exe0
Faulting application path: CursorODBCSchema.exe1
Faulting module path: CursorODBCSchema.exe2
Report Id: CursorODBCSchema.exe3
Error: (08/14/2014 09:00:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2788
Start Time: 01cfb82c96735209
Termination Time: 13
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id: f4b249be-241f-11e4-aa73-3860770f2ad2
Error: (08/14/2014 05:45:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: searcharmor.exe, version: 1.1.0.2, time stamp: 0x53d9c677
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x08000008
Faulting process id: 0x13c8
Faulting application start time: 0xsearcharmor.exe0
Faulting application path: searcharmor.exe1
Faulting module path: searcharmor.exe2
Report Id: searcharmor.exe3
Error: (08/14/2014 05:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17239, time stamp: 0x53d22946
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x757ccb49
Faulting process id: 0x46c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (08/14/2014 05:34:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17239, time stamp: 0x53d22946
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x757ccb49
Faulting process id: 0xdec
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (08/14/2014 05:07:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 16a0
Start Time: 01cfb80b95cef2ac
Termination Time: 25
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id:
System errors:
=============
Error: (08/15/2014 03:20:12 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.179.2990.0
Update Source: %NT AUTHORITY59
Update Stage: 4.5.0216.00
Source Path: 4.5.0216.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (08/15/2014 03:20:12 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (08/15/2014 03:09:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068
Error: (08/15/2014 03:09:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/15/2014 03:09:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/15/2014 03:09:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/15/2014 03:09:08 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (08/15/2014 03:09:07 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (08/15/2014 03:09:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/15/2014 03:09:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Microsoft Office Sessions:
=========================
Error: (08/15/2014 00:38:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1723953d22946ole32.dll6.1.7601.175144ce7b96fc00000050002417c204c01cfb8afb9b3bee1C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\ole32.dll0807914c-24a3-11e4-a17f-3860770f2ad2
Error: (08/15/2014 00:22:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: PepperZip.exe1.0.0.014cc01cfb848e25b62015C:\Program Files (x86)\PepperZip\PepperZip.exe2f4370c4-243c-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:38:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CCleaner64.exe4.8.0.44287e801cfb83f835f90c231C:\Program Files\CCleaner\CCleaner64.exe0bef562b-2436-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:38:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756763001cfb83f1a3f713562C:\Windows\Explorer.EXEf0c75bee-2435-11e4-a17f-3860770f2ad2
Error: (08/14/2014 11:15:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CursorODBCSchema.exe0.0.0.053da1c99ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be121001cfb83f9980dbc9C:\Windows\SysWOW64\CursorODBCSchema\CursorODBCSchema.exeC:\Windows\SysWOW64\ntdll.dlld9534488-2432-11e4-a17f-3860770f2ad2
Error: (08/14/2014 09:00:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.17239278801cfb82c9673520913C:\Program Files\Internet Explorer\iexplore.exef4b249be-241f-11e4-aa73-3860770f2ad2
Error: (08/14/2014 05:45:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: searcharmor.exe1.1.0.253d9c677unknown0.0.0.000000000c00000050800000813c801cfb79d146ba2cbC:\Users\LEAH\AppData\Local\searcharmor\searcharmor\1.3.10.3\searcharmor.exeunknownb2bc44a6-2404-11e4-aa73-3860770f2ad2
Error: (08/14/2014 05:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1723953d22946unknown0.0.0.000000000c0000005757ccb4946c01cfb8110035c0c8C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown5a85a5f2-2404-11e4-aa73-3860770f2ad2
Error: (08/14/2014 05:34:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1723953d22946unknown0.0.0.000000000c0000005757ccb49dec01cfb80c8cc8e4f3C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown264a54b0-2403-11e4-aa73-3860770f2ad2
Error: (08/14/2014 05:07:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1723916a001cfb80b95cef2ac25C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
==================== Memory info ===========================
Processor: AMD E2-3200 APU with Radeon™ HD Graphics
Percentage of memory in use: 53%
Total physical RAM: 3570.82 MB
Available physical RAM: 1676.65 MB
Total Pagefile: 7139.83 MB
Available Pagefile: 5259.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:919.68 GB) (Free:866.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.74 GB) (Free:1.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (My Book) (Fixed) (Total:232.83 GB) (Free:211.11 GB) FAT32
Drive h: () (Removable) (Total:6.94 GB) (Free:6.94 GB) FAT32
Drive i: (MISC) (Removable) (Total:1.87 GB) (Free:1.46 GB) FAT
Drive j: (RECOVER MEDIA ONLY ONCE) (Removable) (Total:29.82 GB) (Free:19.51 GB) NTFS
Drive k: (LEAH GENOLO) (Removable) (Total:3.72 GB) (Free:2.1 GB) FAT32
Drive l: (JIMS) (Removable) (Total:7.45 GB) (Free:7.38 GB) FAT32
Drive m: (BACKUP) (Removable) (Total:29.8 GB) (Free:11.47 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 7482C7C6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 233 GB) (Disk ID: 8F9C798A)
Partition 1: (Not Active) - (Size=233 GB) - (Type=0C)
========================================================
Disk: 3 (Size: 30 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 4 (Size: 30 GB) (Disk ID: 0806D320)
Partition 1: (Active) - (Size=30 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 4 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 6 (Size: 2 GB) (Disk ID: 0C6B0413)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)
========================================================
Disk: 7 (Size: 7 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 8 (Size: 7 GB) (Disk ID: 7933CD6C)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=510 MB) - (Type=82)
==================== End Of Log ============================
#4
Posted 15 August 2014 - 03:40 PM
leahcase
- Topic Starter
-
- Member
-
- 229 posts
Member
Did I get both files copied here or dups of one?
#5
Posted 16 August 2014 - 09:08 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Could you copy the one called FRST.txt please as you did post the same one twice
#6
Posted 16 August 2014 - 11:53 AM
leahcase
- Topic Starter
-
- Member
-
- 229 posts
Member
I had a hard time sending the report again did you get it...
#7
Posted 16 August 2014 - 12:13 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
No could you attach it if necessary, as that one gives the main data and should enable me to reset the boot
#8
Posted 16 August 2014 - 01:00 PM
leahcase
- Topic Starter
-
- Member
-
- 229 posts
Member
sent in plain txt..please let me know if you get it or not ......
#9
Posted 16 August 2014 - 01:31 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
How are you sending it ? Just copy into the next post please
#10
Posted 16 August 2014 - 01:34 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK found out what you are doing. You are posting it as a report to moderator
Unfortunately that is truncated.
Could you please post in this thread as you did for the additions
Unfortunately that is truncated.
Could you please post in this thread as you did for the additions
#11
Posted 16 August 2014 - 07:44 PM
leahcase
- Topic Starter
-
- Member
-
- 229 posts
Member
when I post the results it becomes non responsive.....
#13
Posted 16 August 2014 - 08:49 PM
leahcase
- Topic Starter
-
- Member
-
- 229 posts
Member
I could only send the results as an attachment... please let me know if you have receive it or not,since I am having issues with copy and past..
#14
Posted 17 August 2014 - 04:35 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
To be honest I have never seen an infected system like this for a long time, it will take multiple runs to ensure I get it all
Download the attached fixlist.txt to the same location as FRST
fixlist.txt 424.61KB
297 downloads
Run FRST and press Fix
The fix may take several minutes to run.
After the reboot are you able to get into normal mode ?
Using either normal or safe mode do the following :
Please download AdwCleaner by Xplode onto your desktop.
Download the attached fixlist.txt to the same location as FRST
fixlist.txt 424.61KB
297 downloadsRun FRST and press Fix
The fix may take several minutes to run.
After the reboot are you able to get into normal mode ?
Using either normal or safe mode do the following :
Please download AdwCleaner by Xplode onto your desktop.
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click on Scan.
- After the scan is complete click on "Clean"
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile with your next answer.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
- Run FRST
- Select additions at the bottom
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please attach both logs generated.
#15
Posted 17 August 2014 - 02:02 PM
leahcase
- Topic Starter
-
- Member
-
- 229 posts
Member
what do you want me to run first..ad ware cleaner..
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
