Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Keep getting popups with Shopper Master and Lucky Shopper


  • This topic is locked This topic is locked

#16
sdrspudman

sdrspudman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Anytime I switch from an existing page to one one my favorites, it will get the pop up about windows security instead of the page I tried to go to.  after a few tries it will go to the page requested. Just got the little video while typing this in the lower right corner.


  • 0

Advertisements


#17
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Reset your browser settings
1.In the top-right corner of the browser window, click the Chrome menu
2.Select Settings.
3.At the bottom, click Show advanced settings.
4.Under the section "Reset settings,” click Reset settings.
5.In the dialog that appears, click Reset.

Let me know how things are then.

Joe
  • 0

#18
sdrspudman

sdrspudman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Still getting popups that say "download and update drivers"...never saw this before but in the lower right hand corner it says Ad by Shopper Master I Close

 

Now another message in the same window says PC running slow ? click here 

 

that just was repalced by a Log and Event manager screen ????  I know they are all bogus because they all have the Ad by Shopper Master I close


  • 0

#19
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
I would like to see a new FRST.txt log please; along with the additions.txt log.
  • Right click FRST the dsektop to run as administrator. When the tool opens click Yes to disclaimer.
  • Under Optional Scan place a checkmark in the box for Addition.txt to ensure it creates that 2nd log.
  • Press Scan button.
  • Please post both logs in your next reply.
Joe
  • 0

#20
sdrspudman

sdrspudman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2015 01
Ran by lawill (administrator) on THEBIFF on 10-03-2015 20:59:22
Running from C:\Users\lawill\Desktop
Loaded Profiles: lawill (Available profiles: lawill)
Platform: Windows 8.1 Connected (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(McAfee, Inc.) C:\Program Files\mcafee\VirusScan\mcods.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-12] (Conexant Systems, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-06-11] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-06-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-06-11] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKU\S-1-5-21-2025283895-1953685814-2999071867-1001\...\Run: [CCleaner Monitoring] => C:\PROGRAM FILES\CCLEANER\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2025283895-1953685814-2999071867-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2025283895-1953685814-2999071867-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.lenovo.com
HKU\S-1-5-21-2025283895-1953685814-2999071867-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2025283895-1953685814-2999071867-1001 -> {A2E5F672-55A5-45E6-87EE-E699CA5DE3E9} URL = http://www.bing.com/...q={searchTerms}
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2015-01-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-01-13] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 216.170.153.146
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-09] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-01-11]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-01-11]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-08]
CHR Extension: (Google Drive) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-08]
CHR Extension: (YouTube) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-08]
CHR Extension: (The Fancy Pants Adventure World 1) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckcgalhncgkicdlhojcalmjcjhndldpl [2015-02-03]
CHR Extension: (Google Search) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-08]
CHR Extension: (Clipboard Sync) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapdfappilfdiljfpjcbkmkblldaemjg [2015-01-26]
CHR Extension: (SiteAdvisor) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-03-04]
CHR Extension: (Quick Block) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkpnekpomdbobkdokohimfcbgcpldfp [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-08]
CHR Extension: (Gmail) - C:\Users\lawill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-03-06]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-03-06]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [84992 2014-01-22] () [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1851192 2014-12-08] (Maxthon)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-01-13] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-01-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-06-11] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-06-11] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-06-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-09] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-13] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2982104 2013-12-26] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-23] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-10 06:49 - 2015-03-10 06:49 - 00001046 _____ () C:\Users\lawill\Desktop\MBytes.txt
2015-03-09 17:32 - 2015-03-09 17:32 - 00000020 _____ () C:\Users\lawill\AppData\Roaming\appdataFr3.bin
2015-03-09 17:27 - 2015-03-09 17:28 - 00015863 _____ () C:\Users\lawill\Desktop\Addition.txt
2015-03-09 17:23 - 2015-03-10 21:00 - 00016008 _____ () C:\Users\lawill\Desktop\FRST.txt
2015-03-09 17:22 - 2015-03-09 17:22 - 00000000 ____D () C:\Users\lawill\Desktop\FRST-OlderVersion
2015-03-09 17:11 - 2015-03-10 20:59 - 00000000 ____D () C:\FRST
2015-03-09 17:09 - 2015-03-09 17:09 - 02095104 _____ (Farbar) C:\Users\lawill\Downloads\FRST64 (1).exe
2015-03-08 23:03 - 2015-03-08 23:03 - 00000633 _____ () C:\Users\lawill\Desktop\JRT.txt
2015-03-08 22:55 - 2015-03-08 22:55 - 01388333 _____ (Thisisu) C:\Users\lawill\Downloads\JRT.exe
2015-03-08 22:35 - 2015-03-08 22:35 - 00000332 _____ () C:\windows\PFRO.log
2015-03-08 22:24 - 2015-03-08 22:24 - 02126848 _____ () C:\Users\lawill\Downloads\adwcleaner_4.111.exe
2015-03-07 18:03 - 2015-03-07 18:07 - 00025866 _____ () C:\Users\lawill\Downloads\Addition.txt
2015-03-07 17:57 - 2015-03-09 17:17 - 00030030 _____ () C:\Users\lawill\Downloads\FRST.txt
2015-03-07 17:56 - 2015-03-07 18:07 - 00000000 ____D () C:\Users\lawill\Desktop\FRST
2015-03-07 17:55 - 2015-03-09 17:22 - 02095104 _____ (Farbar) C:\Users\lawill\Desktop\FRST64.exe
2015-03-07 17:54 - 2015-03-10 11:29 - 00001242 _____ () C:\windows\setupact.log
2015-03-07 17:54 - 2015-03-07 17:54 - 00000000 _____ () C:\windows\setuperr.log
2015-03-06 18:55 - 2015-03-06 18:55 - 00102474 _____ () C:\Users\lawill\Downloads\OTL.Txt 3-6-15.txt
2015-03-06 17:57 - 2015-03-06 17:57 - 00602112 _____ (OldTimer Tools) C:\Users\lawill\Downloads\OTL (2).exe
2015-03-06 17:36 - 2015-01-15 18:43 - 00563504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-06 17:36 - 2015-01-15 18:43 - 00177984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-06 17:36 - 2015-01-14 00:22 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-03-06 17:36 - 2015-01-13 23:53 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-03-06 17:36 - 2015-01-13 18:11 - 01762840 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-06 17:36 - 2015-01-13 18:04 - 01489072 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-06 17:36 - 2015-01-11 23:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-06 17:36 - 2015-01-11 22:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-06 17:36 - 2015-01-11 22:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-06 17:36 - 2015-01-11 22:34 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-03-06 17:36 - 2015-01-11 22:32 - 06041088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-06 17:36 - 2015-01-11 22:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-06 17:36 - 2015-01-11 22:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-06 17:36 - 2015-01-11 22:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-06 17:36 - 2015-01-11 22:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-06 17:36 - 2015-01-11 21:55 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-03-06 17:36 - 2015-01-11 21:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-06 17:36 - 2015-01-11 21:48 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-06 17:36 - 2015-01-11 21:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-06 17:36 - 2015-01-11 21:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-06 17:36 - 2015-01-11 21:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-06 17:36 - 2015-01-11 21:29 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-06 17:36 - 2015-01-11 21:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-06 17:36 - 2015-01-11 21:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-06 17:36 - 2015-01-11 21:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-06 17:36 - 2015-01-11 21:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-06 17:36 - 2015-01-11 20:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-06 17:36 - 2015-01-10 05:10 - 07472960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-06 17:36 - 2015-01-10 05:10 - 01733440 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-03-06 17:36 - 2015-01-10 04:28 - 01498360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-03-06 17:36 - 2015-01-10 03:00 - 00430080 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-06 17:36 - 2015-01-10 02:38 - 00359424 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-06 17:36 - 2014-12-08 23:45 - 00393728 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-03-06 17:36 - 2014-12-08 21:56 - 00538624 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-03-06 17:36 - 2014-10-28 22:51 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-06 17:36 - 2014-10-28 22:50 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-06 17:36 - 2014-10-28 22:06 - 00736768 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-06 17:36 - 2014-10-28 22:06 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-06 17:36 - 2014-10-28 22:02 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-03-06 17:36 - 2014-10-28 22:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-03-06 17:36 - 2014-10-28 21:57 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-03-06 17:36 - 2014-10-28 21:31 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-06 17:36 - 2014-10-28 21:15 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-03-06 17:36 - 2014-10-28 21:15 - 00005632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-03-06 17:36 - 2014-10-28 21:14 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-03-06 17:36 - 2014-10-28 21:13 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-03-06 17:36 - 2014-10-28 21:13 - 00008704 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-03-06 17:35 - 2015-01-11 22:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-06 17:35 - 2015-01-11 22:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-06 17:35 - 2015-01-11 22:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-06 17:35 - 2015-01-11 21:58 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-03-06 17:35 - 2015-01-11 21:51 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-03-06 17:35 - 2015-01-11 21:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-06 17:35 - 2015-01-11 21:34 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-03-06 17:35 - 2015-01-11 21:30 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-03-06 17:35 - 2015-01-11 21:27 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-03-06 17:35 - 2015-01-11 21:25 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-03-06 17:35 - 2015-01-11 21:23 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-06 17:35 - 2015-01-11 21:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-06 17:35 - 2015-01-11 21:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-06 17:35 - 2015-01-11 21:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-06 17:35 - 2015-01-11 20:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-06 17:35 - 2015-01-10 04:22 - 04175872 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-06 17:20 - 2013-09-23 14:49 - 00197704 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys
2015-03-06 14:56 - 2015-03-10 20:55 - 00752713 _____ () C:\windows\WindowsUpdate.log
2015-03-06 13:19 - 2015-03-06 13:19 - 00057348 _____ () C:\Users\lawill\Downloads\Extras.Txt
2015-03-06 12:30 - 2015-03-06 18:54 - 00102474 _____ () C:\Users\lawill\Downloads\OTL.Txt
2015-03-06 10:39 - 2015-03-06 10:39 - 00602112 _____ (OldTimer Tools) C:\Users\lawill\Downloads\OTL.exe
2015-03-04 19:04 - 2015-03-04 19:04 - 00003098 _____ () C:\windows\System32\Tasks\{EE3271BE-FF68-4268-B9B8-FCAB070DE8B8}
2015-03-04 18:07 - 2015-03-04 18:07 - 00000000 ____D () C:\Users\lawill\AppData\Roaming\Maxthon3
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-10 21:00 - 2014-12-08 14:01 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2025283895-1953685814-2999071867-1001
2015-03-10 21:00 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\sru
2015-03-10 20:55 - 2014-12-08 14:39 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-10 20:55 - 2014-12-08 13:55 - 00576321 _____ () C:\Users\lawill\AppData\Local\BTServer.log
2015-03-10 20:19 - 2014-06-11 15:30 - 01716844 _____ () C:\Users\Public\CAFADEBUG.log
2015-03-10 06:39 - 2014-12-08 14:39 - 00000922 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-10 06:27 - 2014-12-09 13:31 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-09 17:37 - 2014-03-18 05:53 - 00863592 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-09 17:34 - 2014-12-08 14:39 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-09 17:34 - 2014-12-08 14:39 - 00003658 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-09 17:31 - 2013-08-22 10:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-09 17:31 - 2013-08-22 09:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-09 17:28 - 2014-06-11 16:17 - 00002560 _____ () C:\windows\system32\VfService.trf
2015-03-08 23:02 - 2013-08-22 11:20 - 00000000 ____D () C:\windows\CbsTemp
2015-03-08 22:39 - 2013-08-22 10:44 - 00346744 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-08 22:37 - 2014-06-11 16:04 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-03-08 22:33 - 2015-02-02 21:25 - 00000000 ____D () C:\AdwCleaner
2015-03-07 17:54 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\AppReadiness
2015-03-06 19:05 - 2014-12-08 13:55 - 00000000 ____D () C:\Users\lawill\AppData\Local\Pokki
2015-03-06 19:05 - 2014-12-08 13:54 - 00000000 ____D () C:\Users\lawill
2015-03-06 17:20 - 2015-01-11 22:12 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-03-06 17:19 - 2013-08-22 11:36 - 00000000 ___HD () C:\windows\ELAMBKUP
2015-03-06 17:18 - 2014-06-11 16:04 - 00000000 ____D () C:\ProgramData\McAfee
2015-03-06 14:29 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\Vss
2015-03-04 19:01 - 2015-02-03 12:37 - 00000000 ____D () C:\Program Files (x86)\The Fancy Pants Adventure World 1
2015-03-04 17:33 - 2013-08-22 09:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
 
==================== Files in the root of some directories =======
 
2015-03-09 17:32 - 2015-03-09 17:32 - 0000020 _____ () C:\Users\lawill\AppData\Roaming\appdataFr3.bin
2014-12-08 13:55 - 2015-03-10 20:55 - 0576321 _____ () C:\Users\lawill\AppData\Local\BTServer.log
2014-06-11 15:30 - 2014-06-11 15:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-27 08:33
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2015 01
Ran by lawill at 2015-03-10 21:01:49
Running from C:\Users\lawill\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo)
Energy Manager (x32 Version: 1.5.0.17 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.0 - Lenovo) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.5 - Stoneware, Inc.)
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-2025283895-1953685814-2999071867-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.3.5000 - Maxthon International Limited)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 13.6.1529 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.194 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.806.012214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.)
Start Menu (HKU\S-1-5-21-2025283895-1953685814-2999071867-1001\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2025283895-1953685814-2999071867-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
16-01-2015 10:13:28 Windows Update
02-02-2015 18:28:52 Removed Nitro Pro 9
03-02-2015 11:35:16 Restore Operation
04-03-2015 17:23:47 Windows Update
06-03-2015 14:37:47 Removed PowerDirector.
09-03-2015 17:29:02 Restore Point Created by FRST
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2015-03-09 17:29 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {127A8B67-570F-46E3-AB30-1E697A7C23DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-08] (Google Inc.)
Task: {2F981AC6-A603-4595-B7A3-1B98F4F17C7C} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {3CDFB379-E4C0-4E0F-BAFA-46C0B5FA1227} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {5EE0751E-AA3C-4712-809B-3FE643316F9B} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-10-14] (Maxthon International ltd.)
Task: {6375C7CE-03A2-47B9-B097-7C522F379641} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {65D425EF-EF8E-4E3C-B47B-A004FA365008} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: {814DDB08-1658-489A-B994-9AF3716B3C88} - System32\Tasks\{EE3271BE-FF68-4268-B9B8-FCAB070DE8B8} => pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe"
Task: {889776D6-5E25-4381-938E-D16B8770881E} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-10-16] ()
Task: {9D75B641-BE13-4EFA-90F2-7276A2AA30D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-08] (Google Inc.)
Task: {A05659C9-EEA2-4A1D-A593-8B352EFEC3DF} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-23] (Synaptics Incorporated)
Task: {E2EB359A-5F5F-48F5-833A-DF67F36FA01E} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [2014-11-21] (Piriform Ltd)
Task: {ED6DB43E-E3E4-456E-8C4E-DBF95F904D30} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {F109A2DE-FCD1-481B-9084-A64CA1479174} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-06-11 15:34 - 2014-01-22 17:04 - 00084992 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-06-11 16:10 - 2012-04-24 22:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-06-11 16:17 - 2014-06-11 16:17 - 00067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-06-11 16:17 - 2014-06-11 16:17 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-06-11 15:30 - 2010-10-26 00:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-12 04:37 - 2014-03-07 12:21 - 00080312 _____ () C:\windows\system32\igfxexps.dll
2014-12-08 14:41 - 2014-11-25 02:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-08 14:41 - 2014-11-25 02:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-12-08 14:41 - 2014-11-25 02:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-12-08 14:41 - 2014-11-25 02:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2025283895-1953685814-2999071867-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1 - 216.170.153.146
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run: => "Lenovo Utility"
HKU\S-1-5-21-2025283895-1953685814-2999071867-1001\...\StartupApproved\Run: => "Pokki"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2025283895-1953685814-2999071867-500 - Administrator - Disabled)
Guest (S-1-5-21-2025283895-1953685814-2999071867-501 - Limited - Disabled)
lawill (S-1-5-21-2025283895-1953685814-2999071867-1001 - Administrator - Enabled) => C:\Users\lawill
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/09/2015 05:29:01 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {caafff99-e238-406d-a755-cdccb53fb70e}
 
 
System errors:
=============
Error: (03/09/2015 05:31:30 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
 
Error: (03/09/2015 05:30:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\windows\system32\Rtlihvs.dll
 
Error: (03/09/2015 05:30:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\windows\system32\Rtlihvs.dll
 
Error: (03/09/2015 05:30:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\windows\system32\Rtlihvs.dll
 
Error: (03/09/2015 05:28:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Maxthon Core Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/09/2015 05:28:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BTDevManager service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/09/2015 05:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (03/09/2015 05:28:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VeriFaceSrv service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/09/2015 05:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (03/09/2015 05:28:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Conexant SmartAudio service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (03/09/2015 05:29:01 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {caafff99-e238-406d-a755-cdccb53fb70e}
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU N2830 @ 2.16GHz
Percentage of memory in use: 67%
Total physical RAM: 1931.21 MB
Available physical RAM: 626.29 MB
Total Pagefile: 3275.21 MB
Available Pagefile: 1710.62 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:257.15 GB) (Free:226.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.9 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 9A32C9E9)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
 
PS..... No pop-ups this time around

  • 0

#21
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
OK,

Run it for a while tonite ,and see how it goes. I'll review the log, may not get back to you tonite.

Thanks for following instructions so clearly !!!

Joe
  • 0

#22
sdrspudman

sdrspudman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Joe, So far so good....I can't thank you enough for all the help and patience with me helping me out on this issue.. I used to work with computers a little at my job but I have forgotten so much since I retired but I did remember Geekstogo.com......thank god

 

 

Thanks again joe.    Even if we aren't done yet I still want to express my appreciation.


Edited by sdrspudman, 11 March 2015 - 02:41 PM.

  • 0

#23
sdrspudman

sdrspudman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Joe,  it's back again......darn it...I went about 25 minutes without the issue. It is now Ads by SuperManCoupon


  • 0

#24
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
That's in Google Chrome correct ?
  • 0

#25
sdrspudman

sdrspudman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

yes sir


  • 0

Advertisements


#26
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hello,

Lets uninstall /& Reinstall Chrome... Save your bookmarks if you need to, and run another fix with FRST.

If you have Bookmarks that you want to save, you want to do that first.
Export / Import Bookmarks. See Here
Or
Back up bookmarks same thing just a different way to do it. See Here

To uninstall Chrome:
Close all Chrome windows and tabs.
Go to the Start menu > Control Panel. (Windows 8 users: Learn how to access the Control Panel
Click Programs and Features.
Double-click Google Chrome.
Click Uninstall from the confirmation dialog. Delete your user profile information, like your browser preferences, bookmarks, and history, by selecting the "Also delete your browsing data" checkbox.

Reinstall Chrome from this download link Here.

Next
A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
 
start
CloseProcesses:
CreateRestorePoint:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
2015-03-04 19:04 - 2015-03-04 19:04 - 00003098 _____ () C:\windows\System32\Tasks\{EE3271BE-FF68-4268-B9B8-FCAB070DE8B8}
2015-03-06 19:05 - 2014-12-08 13:55 - 00000000 ____D () C:\Users\lawill\AppData\Local\Pokki
2014-06-11 15:30 - 2014-06-11 15:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-08 13:55 - 2015-03-10 20:55 - 0576321 _____ () C:\Users\lawill\AppData\Local\BTServer.log
Task: {814DDB08-1658-489A-B994-9AF3716B3C88} - System32\Tasks\{EE3271BE-FF68-4268-B9B8-FCAB070DE8B8} => pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe"
C:\Program Files\Reimage\Reimage Repair\uninst.exe
CMD: ipconfig /flushdns
hosts:
Emptytemp:
end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
  • 0

#27
sdrspudman

sdrspudman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Joe, the Scan stopped and said there was a problem after I hit the fix button and it was "fixing".  I'll use Explorer until I see your reply so we don't lose what we have. After I reloaded Chrome the PC Speed has picked up quite a bit.


Edited by sdrspudman, 12 March 2015 - 08:27 AM.

  • 0

#28
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Not sure what the problem was. I'd reboot and try the fix once more.

Joe
  • 0

#29
sdrspudman

sdrspudman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by lawill at 2015-03-12 23:03:42 Run:4
Running from C:\Users\lawill\Desktop
Loaded Profiles: lawill (Available profiles: lawill)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
CloseProcesses:
CreateRestorePoint:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
2015-03-04 19:04 - 2015-03-04 19:04 - 00003098 _____ () C:\windows\System32\Tasks\{EE3271BE-FF68-4268-B9B8-FCAB070DE8B8}
2015-03-06 19:05 - 2014-12-08 13:55 - 00000000 ____D () C:\Users\lawill\AppData\Local\Pokki
2014-06-11 15:30 - 2014-06-11 15:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-08 13:55 - 2015-03-10 20:55 - 0576321 _____ () C:\Users\lawill\AppData\Local\BTServer.log
Task: {814DDB08-1658-489A-B994-9AF3716B3C88} - System32\Tasks\{EE3271BE-FF68-4268-B9B8-FCAB070DE8B8} => pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe"
C:\Program Files\Reimage\Reimage Repair\uninst.exe
CMD: ipconfig /flushdns
hosts:
Emptytemp:
end
*****************
 
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"C:\windows\System32\Tasks\{EE3271BE-FF68-4268-B9B8-FCAB070DE8B8}" => File/Directory not found.
"C:\Users\lawill\AppData\Local\Pokki" => File/Directory not found.
C:\ProgramData\DP45977C.lfl => Moved successfully.
C:\Users\lawill\AppData\Local\BTServer.log => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{814DDB08-1658-489A-B994-9AF3716B3C88} => Key not found. 
C:\Windows\System32\Tasks\{EE3271BE-FF68-4268-B9B8-FCAB070DE8B8} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EE3271BE-FF68-4268-B9B8-FCAB070DE8B8} => Key not found. 
"C:\Program Files\Reimage\Reimage Repair\uninst.exe" => File/Directory not found.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 42.3 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 23:04:36 ====
 
 
 
 
 

  • 0

#30
sdrspudman

sdrspudman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Joe,  I think you nailed it that time....I've had multiple pages open at once which would have triggered the adware.   I'll keep going.......Thanks again.  


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP