[ruggie_uk]

Can you attach the file?

 

Instructions can be found here http://www.geekstogo...topic-or-reply/

[Advertisements]

Did it

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-01-2015
Ran by Maria at 2015-01-18 10:54:47 Run:4
Running from C:\Users\Maria\Downloads
Loaded Profiles: UpdatusUser & Maria (Available profiles: UpdatusUser & Maria)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
createrestorepoint:
HKLM-x32\...\Run: [CStart8] => C:\Program Files (x86)\CStart8\CStart8Tray64.exe [3138656 2013-10-03] (Crawler.com)
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\...\MountPoints2: {02b14fb8-ff0e-11e3-beaa-606c66cf9526} - "E:\VZW_Software_upgrade_assistant.exe"
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...ntoolbarforpogo
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie10
URLSearchHook: [S-1-5-21-1695502234-2404808496-3934146252-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM-x32 -> {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL = http://search.tb.ask...r={searchTerms}
SearchScopes: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002 -> DefaultScope {8BE5AC9C-4486-4365-BA02-78DE8951EB3E} URL =
SearchScopes: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002 -> Yahoo URL = http://search.yahoo....ntoolbarforpogo
SearchScopes: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002 -> {5E051F48-EA24-4BCA-8E4A-D5EAF950D9E5} URL = http://search.yahoo....-8&fr=chr-yie10
SearchScopes: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002 -> {8BE5AC9C-4486-4365-BA02-78DE8951EB3E} URL =
SearchScopes: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002 -> {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL = http://search.tb.ask...r={searchTerms}
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
2015-01-17 21:01 - 2015-01-17 21:01 - 00004278 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2015-01-17 21:01 - 2015-01-17 21:01 - 00003438 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2015-01-17 21:01 - 2015-01-17 21:01 - 00001903 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2015-01-17 21:01 - 2015-01-17 21:01 - 00000000 ____D () C:\ProgramData\Reimage Protector
2015-01-17 21:01 - 2015-01-17 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2015-01-17 21:01 - 2015-01-17 21:01 - 00000000 ____D () C:\Program Files\Reimage
Task: {34FF3F05-55D5-4798-B735-9CCCF6B3BCC8} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2014-12-12] () <==== ATTENTION
2015-01-17 21:00 - 2015-01-17 21:02 - 00000000 ____D () C:\rei
2015-01-17 20:59 - 2015-01-17 21:02 - 00000156 _____ () C:\Windows\Reimage.ini
2015-01-17 20:59 - 2015-01-17 20:59 - 00775968 _____ (Reimage®) C:\Users\Maria\Downloads\ReimageRepair.exe
2015-01-11 11:13 - 2015-01-11 11:13 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\Pogo Games
2015-01-11 11:10 - 2015-01-11 11:19 - 00000000 ____D () C:\ProgramData\PogoDGC
2015-01-01 09:09 - 2015-01-01 09:09 - 00001147 _____ () C:\Users\Maria\Desktop\Continue Adobe Flash Player Installation.lnk
2013-07-31 04:20 - 2013-07-31 04:21 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-07-31 04:16 - 2013-07-31 04:17 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-07-31 04:17 - 2013-07-31 04:19 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-07-31 04:16 - 2013-07-31 04:16 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-07-31 04:19 - 2013-07-31 04:20 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - \Microsoft\Windows\Live\Roaming\SynchronizeWithStorage No Task File <==== ATTENTION
Task: {5BCB7F6E-C92A-4B28-8405-F0F4363FA6B4} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe
Task: {9C759B76-7455-444A-B538-3BB8FD38E07E} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION
Task: {A800277E-E202-4492-AD38-3312641CBC04} - \Microsoft\Windows\Live\Roaming\MaintenanceTask No Task File <==== ATTENTION
2015-01-14 05:07 - 2015-01-14 05:07 - 06757728 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
AlternateDataStreams: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_0favicon-2079221766
AlternateDataStreams: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_1favicon1313128964
AlternateDataStreams: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_2favicon-2092717923
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Reimage Repair.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (Reimage®)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Run in safe mode.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageSafeMode.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Website.lnk -> C:\Program Files\Reimage\Reimage Repair\Reimage Repair.url ()
Shortcut: C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (Reimage®)
C:\Users\Public\AlexaNSISPlugin.7512.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Change Reimage Repair Language.lnk -> C:\Program Files\Reimage\Reimage Repair\LanguageSelect.exe (Reimage®) -> /Branch=Reimage /Product=Reimage_Repair
emptytemp:
end

*****************

Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CStart8 => Value not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02b14fb8-ff0e-11e3-beaa-606c66cf9526} => Key not found.
HKCR\CLSID\{02b14fb8-ff0e-11e3-beaa-606c66cf9526} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DBARFileBackuped => Key not found.
HKCR\CLSID\{831cebdd-6baf-4432-be76-9e0989c14aef} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DBARFileNotBackuped => Key not found.
HKCR\CLSID\{275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => Key not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
Error setting Default URLSearchHook.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
HKCR\Wow6432Node\CLSID\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Yahoo => Key not found.
HKCR\CLSID\Yahoo => Key not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5E051F48-EA24-4BCA-8E4A-D5EAF950D9E5} => Key not found.
HKCR\CLSID\{5E051F48-EA24-4BCA-8E4A-D5EAF950D9E5} => Key not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8BE5AC9C-4486-4365-BA02-78DE8951EB3E} => Key not found.
HKCR\CLSID\{8BE5AC9C-4486-4365-BA02-78DE8951EB3E} => Key not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
HKCR\CLSID\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
ReimageRealTimeProtector => Service not found.
"C:\Windows\System32\Tasks\ReimageUpdater" => File/Directory not found.
"C:\Windows\System32\Tasks\Reimage Reminder" => File/Directory not found.
"C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk" => File/Directory not found.
"C:\ProgramData\Reimage Protector" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair" => File/Directory not found.
"C:\Program Files\Reimage" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34FF3F05-55D5-4798-B735-9CCCF6B3BCC8} => Key not found.
C:\Windows\System32\Tasks\Reimage Reminder not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Reimage Reminder => Key not found.
"C:\rei" => File/Directory not found.
"C:\Windows\Reimage.ini" => File/Directory not found.
"C:\Users\Maria\Downloads\ReimageRepair.exe" => File/Directory not found.
"C:\Users\Maria\AppData\Roaming\Pogo Games" => File/Directory not found.
"C:\ProgramData\PogoDGC" => File/Directory not found.
"C:\Users\Maria\Desktop\Continue Adobe Flash Player Installation.lnk" => File/Directory not found.
"C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log" => File/Directory not found.
"C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log" => File/Directory not found.
"C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log" => File/Directory not found.
"C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log" => File/Directory not found.
"C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44B3F1B8-5943-4072-8D8C-A9484676AC44} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BCB7F6E-C92A-4B28-8405-F0F4363FA6B4} => Key not found.
C:\Windows\System32\Tasks\RunAsStdUser Task not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser Task => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C759B76-7455-444A-B538-3BB8FD38E07E} => Key not found.
C:\Windows\System32\Tasks\ReimageUpdater not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A800277E-E202-4492-AD38-3312641CBC04} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Live\Roaming\MaintenanceTask => Key not found.
"C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe" => File/Directory not found.
"C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website" => ":TASKICON_0favicon-2079221766" ADS not found.
"C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website" => ":TASKICON_1favicon1313128964" ADS not found.
"C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website" => ":TASKICON_2favicon-2092717923" ADS not found.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Reimage Repair.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (Reimage®) => Error: No automatic fix found for this entry.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Run in safe mode.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageSafeMode.exe () => Error: No automatic fix found for this entry.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Website.lnk -> C:\Program Files\Reimage\Reimage Repair\Reimage Repair.url () => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (Reimage®) => Error: No automatic fix found for this entry.
"C:\Users\Public\AlexaNSISPlugin.7512.dll" => File/Directory not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Change Reimage Repair Language.lnk => File not found.
EmptyTemp: => Removed 10.7 MB temporary data.

The system needed a reboot.

==== End of Fixlog 10:55:11 ====

[rubymars]

Did it

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-01-2015
Ran by Maria at 2015-01-18 10:54:47 Run:4
Running from C:\Users\Maria\Downloads
Loaded Profiles: UpdatusUser & Maria (Available profiles: UpdatusUser & Maria)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
createrestorepoint:
HKLM-x32\...\Run: [CStart8] => C:\Program Files (x86)\CStart8\CStart8Tray64.exe [3138656 2013-10-03] (Crawler.com)
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\...\MountPoints2: {02b14fb8-ff0e-11e3-beaa-606c66cf9526} - "E:\VZW_Software_upgrade_assistant.exe"
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...ntoolbarforpogo
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie10
URLSearchHook: [S-1-5-21-1695502234-2404808496-3934146252-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM-x32 -> {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL = http://search.tb.ask...r={searchTerms}
SearchScopes: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002 -> DefaultScope {8BE5AC9C-4486-4365-BA02-78DE8951EB3E} URL =
SearchScopes: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002 -> Yahoo URL = http://search.yahoo....ntoolbarforpogo
SearchScopes: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002 -> {5E051F48-EA24-4BCA-8E4A-D5EAF950D9E5} URL = http://search.yahoo....-8&fr=chr-yie10
SearchScopes: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002 -> {8BE5AC9C-4486-4365-BA02-78DE8951EB3E} URL =
SearchScopes: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002 -> {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL = http://search.tb.ask...r={searchTerms}
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
2015-01-17 21:01 - 2015-01-17 21:01 - 00004278 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2015-01-17 21:01 - 2015-01-17 21:01 - 00003438 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2015-01-17 21:01 - 2015-01-17 21:01 - 00001903 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2015-01-17 21:01 - 2015-01-17 21:01 - 00000000 ____D () C:\ProgramData\Reimage Protector
2015-01-17 21:01 - 2015-01-17 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2015-01-17 21:01 - 2015-01-17 21:01 - 00000000 ____D () C:\Program Files\Reimage
Task: {34FF3F05-55D5-4798-B735-9CCCF6B3BCC8} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2014-12-12] () <==== ATTENTION
2015-01-17 21:00 - 2015-01-17 21:02 - 00000000 ____D () C:\rei
2015-01-17 20:59 - 2015-01-17 21:02 - 00000156 _____ () C:\Windows\Reimage.ini
2015-01-17 20:59 - 2015-01-17 20:59 - 00775968 _____ (Reimage®) C:\Users\Maria\Downloads\ReimageRepair.exe
2015-01-11 11:13 - 2015-01-11 11:13 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\Pogo Games
2015-01-11 11:10 - 2015-01-11 11:19 - 00000000 ____D () C:\ProgramData\PogoDGC
2015-01-01 09:09 - 2015-01-01 09:09 - 00001147 _____ () C:\Users\Maria\Desktop\Continue Adobe Flash Player Installation.lnk
2013-07-31 04:20 - 2013-07-31 04:21 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-07-31 04:16 - 2013-07-31 04:17 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-07-31 04:17 - 2013-07-31 04:19 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-07-31 04:16 - 2013-07-31 04:16 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-07-31 04:19 - 2013-07-31 04:20 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - \Microsoft\Windows\Live\Roaming\SynchronizeWithStorage No Task File <==== ATTENTION
Task: {5BCB7F6E-C92A-4B28-8405-F0F4363FA6B4} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe
Task: {9C759B76-7455-444A-B538-3BB8FD38E07E} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION
Task: {A800277E-E202-4492-AD38-3312641CBC04} - \Microsoft\Windows\Live\Roaming\MaintenanceTask No Task File <==== ATTENTION
2015-01-14 05:07 - 2015-01-14 05:07 - 06757728 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
AlternateDataStreams: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_0favicon-2079221766
AlternateDataStreams: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_1favicon1313128964
AlternateDataStreams: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_2favicon-2092717923
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Reimage Repair.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (Reimage®)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Run in safe mode.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageSafeMode.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Website.lnk -> C:\Program Files\Reimage\Reimage Repair\Reimage Repair.url ()
Shortcut: C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (Reimage®)
C:\Users\Public\AlexaNSISPlugin.7512.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Change Reimage Repair Language.lnk -> C:\Program Files\Reimage\Reimage Repair\LanguageSelect.exe (Reimage®) -> /Branch=Reimage /Product=Reimage_Repair
emptytemp:
end

*****************

Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CStart8 => Value not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02b14fb8-ff0e-11e3-beaa-606c66cf9526} => Key not found.
HKCR\CLSID\{02b14fb8-ff0e-11e3-beaa-606c66cf9526} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DBARFileBackuped => Key not found.
HKCR\CLSID\{831cebdd-6baf-4432-be76-9e0989c14aef} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DBARFileNotBackuped => Key not found.
HKCR\CLSID\{275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => Key not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
Error setting Default URLSearchHook.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
HKCR\Wow6432Node\CLSID\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Yahoo => Key not found.
HKCR\CLSID\Yahoo => Key not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5E051F48-EA24-4BCA-8E4A-D5EAF950D9E5} => Key not found.
HKCR\CLSID\{5E051F48-EA24-4BCA-8E4A-D5EAF950D9E5} => Key not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8BE5AC9C-4486-4365-BA02-78DE8951EB3E} => Key not found.
HKCR\CLSID\{8BE5AC9C-4486-4365-BA02-78DE8951EB3E} => Key not found.
HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
HKCR\CLSID\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} => Key not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
ReimageRealTimeProtector => Service not found.
"C:\Windows\System32\Tasks\ReimageUpdater" => File/Directory not found.
"C:\Windows\System32\Tasks\Reimage Reminder" => File/Directory not found.
"C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk" => File/Directory not found.
"C:\ProgramData\Reimage Protector" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair" => File/Directory not found.
"C:\Program Files\Reimage" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34FF3F05-55D5-4798-B735-9CCCF6B3BCC8} => Key not found.
C:\Windows\System32\Tasks\Reimage Reminder not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Reimage Reminder => Key not found.
"C:\rei" => File/Directory not found.
"C:\Windows\Reimage.ini" => File/Directory not found.
"C:\Users\Maria\Downloads\ReimageRepair.exe" => File/Directory not found.
"C:\Users\Maria\AppData\Roaming\Pogo Games" => File/Directory not found.
"C:\ProgramData\PogoDGC" => File/Directory not found.
"C:\Users\Maria\Desktop\Continue Adobe Flash Player Installation.lnk" => File/Directory not found.
"C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log" => File/Directory not found.
"C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log" => File/Directory not found.
"C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log" => File/Directory not found.
"C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log" => File/Directory not found.
"C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44B3F1B8-5943-4072-8D8C-A9484676AC44} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BCB7F6E-C92A-4B28-8405-F0F4363FA6B4} => Key not found.
C:\Windows\System32\Tasks\RunAsStdUser Task not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser Task => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C759B76-7455-444A-B538-3BB8FD38E07E} => Key not found.
C:\Windows\System32\Tasks\ReimageUpdater not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A800277E-E202-4492-AD38-3312641CBC04} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Live\Roaming\MaintenanceTask => Key not found.
"C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe" => File/Directory not found.
"C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website" => ":TASKICON_0favicon-2079221766" ADS not found.
"C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website" => ":TASKICON_1favicon1313128964" ADS not found.
"C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website" => ":TASKICON_2favicon-2092717923" ADS not found.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Reimage Repair.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (Reimage®) => Error: No automatic fix found for this entry.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Run in safe mode.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageSafeMode.exe () => Error: No automatic fix found for this entry.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Website.lnk -> C:\Program Files\Reimage\Reimage Repair\Reimage Repair.url () => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (Reimage®) => Error: No automatic fix found for this entry.
"C:\Users\Public\AlexaNSISPlugin.7512.dll" => File/Directory not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Change Reimage Repair Language.lnk => File not found.
EmptyTemp: => Removed 10.7 MB temporary data.

The system needed a reboot.

==== End of Fixlog 10:55:11 ====

[ruggie_uk]

That's great. This was a newer version than the original but I can see that most of what we want to remove has already gone.
 
Now we need to sort out JRT and get it running for you. Let's try again.
 
 Junkware Removal Tool
Please download Junkware Removal Tool to your desktop. << Important
Ensure that any security software is temporarily disabled for the duration of the scan. Don't forget to re-enable it afterwards.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by right-clicking and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

[rubymars]

I assume the download is in progress.  If I can't find it like the last one,  I know to do the search.  Also this never happens for me:  Run the tool by right-clicking and select "Run as Administrator".  I hope this doesn't hurt anything.

[rubymars]

trouble pasting

[rubymars]

not letting me paste.  says it's a long running script.  It looks like a code

 

trying again

[rubymars]

Can I paste in 3 or 4 parts/posts...  Long running script freezes process

[ruggie_uk]

Yes that's absolutely fine

[rubymars]

Finally

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8 x64
Ran by Maria on Mon 01/19/2015 at  8:44:25.76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FromDocToPDF_65.ToolbarProtector.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

 

~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Maria\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\Maria\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Maria\appdata\local\iac"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/19/2015 at  8:46:11.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[ruggie_uk]

That's good

Let's do the next step.

AdwCleaner by Xplode

Download AdwCleaner from here or from here. Save the file to the desktop.


NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

• Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
  You will see the following console:
  
  
• Click the Scan button and wait for the scan to finish.
• After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove. Please Do Not delete anything at this time.
• Click the Report button to get the log.
• Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
• Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.

Optional:

NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.

[rubymars]

Are we almost done?

[rubymars]

Here

 

# AdwCleaner v4.108 - Report created 19/01/2015 at 14:55:11
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 8  (64 bits)
# Username : Maria - BEDROOM-PC
# Running from : C:\Users\Maria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2F08729K\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : YahooAUService

***** [ Files / Folders ] *****

File Found : C:\Users\Maria\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage
Folder Found : C:\ProgramData\Yahoo! Companion
Folder Found : C:\Users\Maria\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
Folder Found : C:\Users\Maria\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Found : C:\Users\Maria\AppData\LocalLow\Yahoo! Companion

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Reimage
Key Found : [x64] HKCU\Software\Reimage
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE84501A-2CB6-41D6-B3A7-9679BDBDFA0B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D8AEB1D-4ED4-44AC-A039-4775B2575DB0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Found : HKLM\SOFTWARE\systweak
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Found : [x64] HKLM\SOFTWARE\Reimage
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183

-\\ Google Chrome v39.0.2171.99

[C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

-\\ Comodo Dragon v

[C:\Users\Maria\AppData\Local\Comodo\Dragon\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Maria\AppData\Local\Comodo\Dragon\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-06-05&apn_dtid=%5ECMD147%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\Maria\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Found [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\Maria\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Found [Extension] : aaaalipaokhkccgmgkdglfinfnfhflko

*************************

AdwCleaner[R0].txt - [4611 octets] - [19/01/2015 14:47:46]
AdwCleaner[R1].txt - [4583 octets] - [19/01/2015 14:55:11]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [4643 octets] ##########

[ruggie_uk]

Not far off - here are a few more steps to make sure your computer is clean.

[rubymars]

ADW wont close. 

 

BTW  when I try to enter laptop message says:

 

This app can't open

IE can't open while File Explorer is running with administrator privileges

restart file explorer normally and start again

 

 

Don't understand this.  Please me fix before we conclude.  TY

[ruggie_uk]

1. Press Ctrl + Shift + Esc. This opens the task manager.

2. Scroll down and right-click on Windows Explorer.

3. Click on Restart.