Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hi Could use some help, got a bogged down computer Thanks [Solved]

Started by 67mopar , Nov 21 2015 05:20 PM

  • This topic is locked This topic is locked

#1
67mopar
Posted 21 November 2015 - 05:20 PM

67mopar

    Member

  • Member
  • PipPipPip
  • 202 posts

Vista Home premium  4 gig ram, 32 bit,  and a very full hard drive Im hoping to get rid of alot of junk, Ive had great sucess with G2G and appreciate all you do,  thanks in advance hope to hear from you soon.  Dean

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-11-2015
Ran by dad (administrator) on DAD-PC (21-11-2015 18:06:39)
Running from C:\Users\dad\Downloads
Loaded Profiles: dad (Available Profiles: dad & Admin & Administrator & Guest)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
( ) C:\Windows\System32\lxcycoms.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Akamai Technologies, Inc.) C:\Users\dad\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Akamai Technologies, Inc.) C:\Users\dad\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Farbar) C:\Users\dad\Downloads\FRST(1).exe
(Farbar) C:\Users\dad\Downloads\FRST(1).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4493312 2007-06-20] (Realtek Semiconductor)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5212584 2015-10-20] (AVG Technologies CZ, s.r.o.)
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-10-11] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\Run: [Akamai NetSession Interface] => C:\Users\dad\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53288576 2015-06-30] (Skype Technologies S.A.)
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] scecli C:\ProgramData\bewodanu\bewodanu.dll C:\ProgramData\kusawezu\kusawezu.dll C:\ProgramData\savohofu\savohofu.dll C:\ProgramData\yajosofo\yajosofo.dll C:\ProgramData\keyutova\keyutova.dll C:\ProgramData\rayepiwi\rayepiwi.dll C:\ProgramData\norozuse\norozuse.dll C:\ProgramData\yokamuye\yokamuye.dll
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-09-21] (SuperAdBlocker.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-04-13]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{71072450-D442-48B7-81A4-9E5509574C1E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP2BBAF279-7E11-4589-A396-9ADD2C5830A0&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000 -> {C2FCC1C2-AB2D-22B1-04E5-91AD1ADD53D1} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=ZUGO&form=ZGAIDF
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-28] (Oracle Corporation)
DPF: {01113300-3E00-11D2-8470-0060089874ED} hxxps://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} hxxp://utilities.pcpitstop.com/optimize2/pcpitstop2.dll

FireFox:
========
FF ProfilePath: C:\Users\dad\AppData\Roaming\Mozilla\Firefox\Profiles\7tg6az4u.default-1394062874251
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-02-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-02-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-02-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-02-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-02-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-02-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-02-27] (Apple Inc.)
FF Extension: Adblock Plus - C:\Users\dad\AppData\Roaming\Mozilla\Firefox\Profiles\7tg6az4u.default-1394062874251\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-02] [not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [adjbjkfacpgpolnpnhhckpbfhokppdng] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path\update_url>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2015-04-16] (SUPERAntiSpyware.com)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3259304 2015-10-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301896 2015-10-20] (AVG Technologies CZ, s.r.o.)
R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2015-01-27] (Verizon) [File not signed]
R2 lxcy_device; C:\Windows\system32\lxcycoms.exe [537264 2007-06-20] ( )
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
S4 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S4 o2flash; "C:\Program Files\O2Micro Oz128 Driver\o2flash.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1161888 2006-11-28] (Agere Systems) [File not signed]
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [179680 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-07-29] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [271840 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [161248 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [206304 2015-05-18] (AVG Technologies CZ, s.r.o.)
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [34576 2006-11-22] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27792 2006-11-22] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [18320 2006-11-22] (IVT Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [33936 2006-12-28] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2006-11-22] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2006-11-22] (IVT Corporation.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [552448 2007-08-15] (Ralink Technology Corp.)
S3 RTL8187; C:\Windows\System32\DRIVERS\RTL8187.sys [335872 2008-06-27] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-09-21] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [12872 2010-04-29] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [67664 2011-09-21] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1749760 2007-08-22] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2011-04-02] () [File not signed]
S3 UNINST2K; C:\Windows\system32\Drivers\UNINST2K.SYS [2204 2000-11-15] () [File not signed]
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [34448 2006-11-22] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [44304 2006-11-22] (IVT Corporation.)
U3 agpot32z; C:\Windows\system32\Drivers\agpot32z.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S3 BEHRINGER_2902; System32\Drivers\BUSB2902.sys [X]
S4 blbdrive; no ImagePath
S3 BUSB_AUDIO_WDM; system32\drivers\busbwdm.sys [X]
S3 IpInIp; no ImagePath
S3 NwlnkFlt; no ImagePath
S3 NwlnkFwd; no ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-21 18:03 - 2015-11-21 18:03 - 01716736 _____ (Farbar) C:\Users\dad\Downloads\FRST(1).exe
2015-11-17 18:56 - 2015-11-17 19:01 - 00000000 ____D C:\AdwCleaner
2015-11-17 18:45 - 2015-11-17 18:50 - 00033381 _____ C:\Users\dad\Downloads\Addition.txt
2015-11-17 18:44 - 2015-11-21 18:07 - 00027790 _____ C:\Users\dad\Downloads\FRST.txt
2015-11-17 18:44 - 2015-11-21 18:06 - 00000000 ____D C:\FRST
2015-11-17 18:39 - 2015-11-17 18:39 - 01378816 _____ (Farbar) C:\Users\dad\Downloads\FRST.exe
2015-11-17 18:35 - 2015-11-17 18:35 - 01732096 _____ C:\Users\dad\Downloads\AdwCleaner.exe
2015-11-15 05:34 - 2015-11-15 05:34 - 00236430 _____ C:\Users\dad\Desktop\2001 Mercury Mountaineer 4 Wheel Drive Front & Rear Brake Pad & Rotor Kit Semi-Metallic at 1A Auto.com.htm
2015-11-15 05:34 - 2015-11-15 05:34 - 00000000 ____D C:\Users\dad\Desktop\2001 Mercury Mountaineer 4 Wheel Drive Front & Rear Brake Pad & Rotor Kit Semi-Metallic at 1A Auto.com_files
2015-11-11 03:35 - 2015-10-17 09:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 03:17 - 2015-10-17 11:01 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 03:17 - 2015-10-13 09:31 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 03:17 - 2015-10-13 09:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 03:15 - 2015-10-14 15:22 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 03:15 - 2015-10-14 11:01 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-11 03:15 - 2015-10-14 11:01 - 03554752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 03:11 - 2015-10-10 11:02 - 00526272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 03:01 - 2015-09-26 11:05 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 03:01 - 2015-09-26 11:04 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 03:01 - 2015-09-26 08:21 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-11-11 03:01 - 2015-09-22 08:11 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-10 22:25 - 2015-10-31 13:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-10 22:25 - 2015-10-31 13:36 - 01093632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-10 22:25 - 2015-10-31 13:36 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-10 22:25 - 2015-10-31 13:36 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-10 22:25 - 2015-10-31 13:36 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-10 22:25 - 2015-10-31 13:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-10 22:25 - 2015-10-31 13:36 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-11-10 22:25 - 2015-10-31 13:36 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-11-10 22:25 - 2015-10-31 13:36 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-11-10 22:24 - 2015-10-31 13:40 - 12376576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-10 22:24 - 2015-10-31 13:38 - 09727488 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-10 22:24 - 2015-10-31 13:38 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-10 22:24 - 2015-10-31 13:37 - 01830912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-10 22:24 - 2015-10-31 13:36 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-10 22:24 - 2015-10-31 13:36 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-10 22:24 - 2015-10-31 13:36 - 01088512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-10 22:24 - 2015-10-31 13:36 - 00711168 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-10 22:24 - 2015-10-31 13:36 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-10 22:24 - 2015-10-31 13:36 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-11-10 22:24 - 2015-10-31 13:36 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-10 22:24 - 2015-10-31 13:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-10 22:24 - 2015-10-31 13:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-09 16:14 - 2015-11-09 16:15 - 00000000 ____D C:\Users\dad\Desktop\Nov 2015
2015-11-07 14:39 - 2015-11-11 03:58 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-10-29 16:51 - 2015-11-09 18:21 - 00000000 ____D C:\Users\dad\Desktop\JP   CL

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-21 17:52 - 2015-01-08 11:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-21 17:06 - 2012-08-23 13:41 - 00000000 ____D C:\ProgramData\MFAData
2015-11-21 17:03 - 2006-11-02 07:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-21 17:03 - 2006-11-02 07:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-21 13:26 - 2014-06-21 20:06 - 01739605 _____ C:\Windows\WindowsUpdate.log
2015-11-19 20:14 - 2014-02-10 17:06 - 00013312 _____ C:\Users\dad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-18 09:12 - 2011-08-07 10:51 - 00000000 ____D C:\Users\dad\AppData\Roaming\Skype
2015-11-18 09:08 - 2006-11-02 05:33 - 00588658 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-18 09:07 - 2014-12-21 03:57 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-18 09:02 - 2006-11-02 08:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-18 08:59 - 2006-11-02 08:01 - 00032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-17 19:17 - 2015-09-13 10:47 - 00000899 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-17 19:17 - 2014-12-21 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-17 19:17 - 2014-12-21 03:55 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-11-17 19:12 - 2014-11-16 18:11 - 00000000 ____D C:\Users\dad\Desktop\Master Drum pic file
2015-11-11 09:01 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\rescache
2015-11-11 08:52 - 2015-01-08 11:45 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 08:52 - 2015-01-08 11:45 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-11 08:52 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-11-11 08:46 - 2006-11-02 07:47 - 00376800 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 03:58 - 2015-09-05 06:36 - 00004014 _____ C:\Windows\PFRO.log
2015-11-11 03:58 - 2012-05-12 06:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-11 03:58 - 2009-01-17 10:13 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-11-11 03:52 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 03:34 - 2013-07-22 02:06 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 03:22 - 2009-05-13 02:00 - 143250520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 03:11 - 2015-04-13 18:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-28 18:48 - 2014-04-09 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

==================== Files in the root of some directories =======

2015-03-07 14:09 - 2015-03-07 14:43 - 0000251 _____ () C:\Users\dad\AppData\Roaming\settings.xml
2015-04-15 19:30 - 2015-04-15 19:30 - 0000600 _____ () C:\Users\dad\AppData\Roaming\winscp.rnd
2008-09-16 09:47 - 2015-04-13 17:05 - 0001356 _____ () C:\Users\dad\AppData\Local\d3d9caps.dat
2014-02-10 17:06 - 2015-11-19 20:14 - 0013312 _____ () C:\Users\dad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-31 11:42 - 2014-07-31 11:42 - 0009662 _____ () C:\Users\dad\AppData\Local\MessageCenter.ico
2014-07-31 11:42 - 2014-07-31 11:42 - 0009662 _____ () C:\Users\dad\AppData\Local\MyVerizon.ico
2015-04-15 19:30 - 2015-04-15 19:30 - 0000600 _____ () C:\Users\dad\AppData\Local\PUTTY.RND
2014-07-31 11:42 - 2014-07-31 11:42 - 0103749 _____ () C:\Users\dad\AppData\Local\VZWifiIcon.ico
2012-02-02 10:46 - 2012-10-27 12:21 - 0021864 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\ose00000.exe
C:\Users\Administrator\AppData\Local\Temp\ose00001.exe
C:\Users\Administrator\AppData\Local\Temp\ose00002.exe
C:\Users\Administrator\AppData\Local\Temp\ose00003.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-18 21:23

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:20-11-2015
Ran by dad (2015-11-21 18:08:11)
Running from C:\Users\dad\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2007-06-16 16:19:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2016988935-2323152099-3380971846-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2016988935-2323152099-3380971846-500 - Administrator - Enabled) => C:\Users\Administrator
dad (S-1-5-21-2016988935-2323152099-3380971846-1000 - Administrator - Enabled) => C:\Users\dad
Guest (S-1-5-21-2016988935-2323152099-3380971846-501 - Limited - Enabled) => C:\Users\Guest

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.0.0.1550.41613 - ABBYY Software House)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
Akamai NetSession Interface (HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AML Free Registry Cleaner 4.24 (HKLM\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version:  - AML SOFT, Inc.)
Ann Free Video Converter 4.5.1 (HKLM\...\{F599D471-6EF1-42FB-8239-8E8D51D36F13}_is1) (Version: 4.5.1 - AnnVideo International LLC.)
Ares 2.1.7 (HKLM\...\Ares) (Version: 2.1.7-Build#3041 - Ares Development Group)
Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.4 - Auslogics Software Pty Ltd)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4842 - AVG Technologies)
AVG 2014 (Version: 14.0.4447 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4842 - AVG Technologies) Hidden
Bluesoleil3.1.0.2 Release 070119 (HKLM\...\{785F267D-DC33-4404-83ED-7B0CD5E63474}) (Version: 3.1.0.2 Release 070119 - IVT Corporation)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)
CleanUp! (HKLM\...\CleanUp!) (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Driver Download Manager (HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
DocProc (Version: 12.0.0.0 - Hewlett-Packard) Hidden
dupeGuru (HKLM\...\{926F26B2-8CCD-42C2-8F5A-A3F9E682BC62}) (Version: 3.8.0 - Hardcoded Software)
Duplicate File Cleaner v2.6 (HKLM\...\Duplicate File Cleaner_is1) (Version:  - Cheese Software Ltd.)
Duplicate File Finder (HKLM\...\{1041487C-12E6-47FE-B83A-E9891782C8FE}}_is1) (Version: 6.1.1.0 - Ashisoft)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
ffdshow v1.2.4422 [2012-04-09] (HKLM\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Free VOB To AVI Converter (HKLM\...\{1EC6408F-73BE-4B10-BD19-D8F6BA4CC11E}) (Version: 1.0.0 - Convert Audio Free)
IHA_MessageCenter (HKLM\...\{56816536-29DA-4F15-901E-D055FC2E908F}) (Version: 2.0.51 - Verizon)
InstaCodecs (HKLM\...\InstaCodecs_is1) (Version: 1.0 - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
LG Intelligent Update (HKLM\...\{81717D01-32F6-449C-85E1-41AFD678E545}) (Version: 3.02.0717.01 - )
LG Smart Cam (HKLM\...\{9455E8B0-4D73-4A9D-BFA3-D2C213BFD28F}) (Version: 1.0007.0818.01 - LG Electronics Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2000 Disc 2 (HKLM\...\{00040409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
O2Micro Flash Memory Card Reader Driver Installer(x86) (HKLM\...\{48C10E3C-A04F-4ED0-82AF-609CC5DE0F5D}) (Version: 3.08 - O2Micro)
O2Micro Flash Memory Card Reader Driver Installer(x86) (HKLM\...\{78764173-3805-4916-B3CE-B433702B8870}) (Version: 3.09 - O2Micro)
OpenOffice.org 3.0 (HKLM\...\{F44DA61E-720D-4E79-871F-F6E628B33242}) (Version: 3.0.9379 - OpenOffice.org)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5436 - Realtek Semiconductor Corp.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SIW version 2009-03-17 (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2009.03.17 - Topala Software Solutions)
Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SUPERAntiSpyware Free Edition (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 3.6.0.1000 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.0.13.2 - Synaptics)
System Control Manager (HKLM\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.0107.0706.06 - LG)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4040.0 - Microsoft Corporation)
WinSCP 5.7.2 (HKLM\...\winscp3_is1) (Version: 5.7.2 - Martin Prikryl)
WinX DVD Ripper 5.5.7 (HKLM\...\WinX DVD Ripper_is1) (Version:  - Digiarty Software, Inc.)
WinX Video Converter 4.5.11 (HKLM\...\WinX Video Converter_is1) (Version:  - Digiarty Software,Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

13-11-2015 01:07:58 Scheduled Checkpoint
14-11-2015 03:36:54 Scheduled Checkpoint
15-11-2015 07:07:54 Scheduled Checkpoint
15-11-2015 20:39:29 Scheduled Checkpoint
17-11-2015 04:41:18 Scheduled Checkpoint
17-11-2015 21:34:28 Scheduled Checkpoint
18-11-2015 11:01:59 Scheduled Checkpoint
19-11-2015 11:24:45 Scheduled Checkpoint
20-11-2015 00:00:05 Scheduled Checkpoint
21-11-2015 06:01:04 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2011-11-10 06:23 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B91689D-696D-46BC-97B6-70EBEA6B6551} - System32\Tasks\{F043429C-4490-49B9-8614-C9AC441BFE22} => pcalua.exe -a D:\setup.EXE -d D:\ -c /AUTORUN
Task: {1E25D065-0AC3-4F99-9A76-DA8A07023784} - System32\Tasks\{8C1C067D-E3F6-4DAC-BB56-2C3A5CBE7ABE} => pcalua.exe -a "C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe" -c /R:faxunst
Task: {6EFAE6B5-6636-496A-9CA7-37DE47854491} - System32\Tasks\{9BDF0941-F4E0-4525-A019-B87633578CF4} => pcalua.exe -a D:\Setup.EXE -d D:\
Task: {82F548B6-C6BC-4338-8718-3C8A36C9389E} - System32\Tasks\{B76EA46B-DA26-4DEA-8D76-0DC0D2FC6EF3} => pcalua.exe -a C:\Users\dad\Desktop\uninstav.exe -d C:\Users\dad\Desktop
Task: {C82A2D45-F8D4-430B-A10B-4A2FC9C7BA1E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {DC16279A-25AF-4959-822A-59908E2CD43E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {E0AA0A69-143C-4497-BB65-D7D074E5A348} - System32\Tasks\{59F6DAFC-6006-4EA2-9F83-2D79CB82F773} => pcalua.exe -a D:\Applications\Setup.exe -d D:\Applications
Task: {E0DA4449-7F87-4D8B-8E90-ACB7FAC4A3FD} - System32\Tasks\{0E6B8E37-04F5-4368-9F89-E72D0CA91508} => pcalua.exe -a "C:\Program Files\Lexmark 3400 Series\Install\x86\Uninst.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2009-03-07 19:15 - 2006-02-02 03:12 - 00040960 _____ () C:\Windows\System32\LXPRMON.DLL
2009-04-08 02:03 - 2006-02-02 03:24 - 00012288 _____ () C:\Program Files\Lexmark Fax Solutions\FxCtrStr.dll
2009-04-08 02:03 - 2006-02-02 03:10 - 00032768 _____ () C:\Program Files\Lexmark Fax Solutions\ipcmt.dll
2012-10-27 12:16 - 2007-03-16 04:38 - 00117760 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\lxcypp5c.dll
2012-09-06 12:55 - 2012-04-08 23:39 - 00048128 _____ () C:\Windows\system32\ff_acm.acm
2011-02-26 11:26 - 2012-04-08 23:40 - 03470848 _____ () C:\Program Files\InstaCodecs\ffdshow.ax

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7551 more sites.

IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\...\1-se.com -> 1-se.com

There are 11088 more sites.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: avg8wd => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: lxcy_device => 3
MSCONFIG\Services: o2flash => 2
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: StarWindServiceAE => 2
MSCONFIG\Services: Viewpoint Manager Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^dad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk => C:\Windows\pss\OpenOffice.org 3.0.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon =>
MSCONFIG\startupreg: ares => "C:\Program Files\Ares\Ares.exe" -h
MSCONFIG\startupreg: AVG-Secure-Search-Update_1214av => C:\Users\dad\AppData\Roaming\Avg_Update_1214av\AVG-Secure-Search-Update_1214av.exe /PROMPT /mid=d4eb67c4b07bbef8a54882e9d93dc85c-f24b56c5cddabd0fa0a8aa7014161808bd1d69a8 /CMPID=1214av
MSCONFIG\startupreg: AVG_UI => "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx =>
MSCONFIG\startupreg: Etugaveleriwes =>
MSCONFIG\startupreg: EzPrint =>
MSCONFIG\startupreg: filehippo.com =>
MSCONFIG\startupreg: FlashPlayerUpdate =>
MSCONFIG\startupreg: GoogleDriveSync =>
MSCONFIG\startupreg: HP Software Update =>
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper =>
MSCONFIG\startupreg: LXCYCATS => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCYtime.dll,[email protected]
MSCONFIG\startupreg: lxcymon.exe =>
MSCONFIG\startupreg: Malwarebytes' Anti-Malware =>
MSCONFIG\startupreg: Npulivamebop =>
MSCONFIG\startupreg: QuickTime Task =>
MSCONFIG\startupreg: Speech Recognition => "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: userinit =>
MSCONFIG\startupreg: uTorrent =>
MSCONFIG\startupreg: WinampAgent =>
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [TCP Query User{A1108EED-1112-4065-8443-AC9DA49ABCD7}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe
FirewallRules: [UDP Query User{FD63667A-9D93-4874-B643-52FACAE2B9C2}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe
FirewallRules: [{56C9CBD2-149E-4AAC-BEB7-200D36354248}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{85B34B50-D21C-4D1A-ABCA-AC7CE0A52BE3}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [UDP Query User{FCB842B1-310A-4A4E-8558-3439C52F1D39}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [{A26C99A7-41AE-41DD-8CDA-7161C3AB0526}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7016D08B-7F47-4EF7-AF60-9E50E931DF1A}] => (Allow) LPort=2869
FirewallRules: [{5939D1AF-F375-4C31-95FF-F48934E2F3D0}] => (Allow) LPort=1900
FirewallRules: [{CDDECADB-DA45-4240-AA89-6F12AE89A3BF}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{E7BE0E17-B34E-4903-B443-B8288C6E33AD}] => (Allow) LPort=80
FirewallRules: [{3FABF045-13F3-4ECE-AE4D-7EFAC034AB6B}] => (Allow) LPort=80
FirewallRules: [{7704C8FD-9C83-4C71-952E-F92BC4344448}] => (Allow) LPort=80
FirewallRules: [{3E23BB9E-81E4-473C-94ED-00868BBF0C9D}] => (Allow) C:\Windows\System32\lxcycoms.exe
FirewallRules: [{7CB8280A-BD55-4375-ABC1-C1F5CBC6ACE5}] => (Allow) C:\Windows\System32\lxcycoms.exe
FirewallRules: [{60112BA6-3533-4DA8-94A3-65433642EFEB}] => (Allow) C:\Program Files\HP\Digital Imaging\{FA0F0A01-4631-4161-A6C2-948BF694382E}\setup\hpznui01.exe
FirewallRules: [{5714A4A6-27E9-405B-8954-4B9BDF5C0003}] => (Allow) C:\Windows\System32\lxcycoms.exe
FirewallRules: [{B4FD7DAC-AA5A-4ABC-AD82-362B06A4BB1E}] => (Allow) C:\Windows\System32\lxcycoms.exe
FirewallRules: [TCP Query User{393D552C-523B-4FCD-94AD-E8173CFA9046}C:\users\dad\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\dad\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0AC617CB-01F4-4C69-A55F-1B9DBC2FDFE3}C:\users\dad\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\dad\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{8212EED4-4B22-4EE5-BB7A-F3F7C74039A5}C:\users\dad\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\dad\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0442C592-FC7E-45BE-AA82-61BB792864E6}C:\users\dad\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\dad\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BF584FA6-997E-432A-99D5-A1277404FBF2}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{30F75CB8-8C74-4323-A102-C62EA5FF6506}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{10A7380A-A7A2-47D5-B34A-9FE531781987}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A88EE153-C2B4-45C4-B230-B42C223E697A}] => (Allow) LPort=50000
FirewallRules: [{BCFCC184-F65C-4187-AEF4-A0E45CA1DD0D}] => (Allow) LPort=50000
FirewallRules: [TCP Query User{146633D4-B76F-48CB-A2E9-31F405F24A1D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A058492E-F874-4E9C-AE72-D858CE595D30}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{938508F0-E22A-47A1-BBDD-C8BBD977A9EE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B5BF8436-4016-4992-8D87-E8463A074A81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9779734C-CE45-4CA3-BC7F-447E794F9BDC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{38D4281E-3F87-4372-8AC7-E1B038BFF75F}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{8ECB42F9-F966-46C9-BE1E-1A1EC5FE095E}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{6C12A554-DA55-4A44-99F4-6A92F87D0ADD}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{3833D88C-3F1D-4254-A1E1-7F09BD480DBB}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{D2B058FE-6803-4AEC-A3A8-0E73F7760CFE}] => (Allow) C:\Program Files\AVG\AVG2014\avgemcx.exe
FirewallRules: [{3F02AB13-0458-4114-81A2-E1674EE69445}] => (Allow) C:\Program Files\AVG\AVG2014\avgemcx.exe
FirewallRules: [{6D41F55B-B1BA-4CBD-8B59-E6788AE9EFA5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{446F01BE-E851-4EAC-9D9E-8FD916CF8284}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/20/2015 09:41:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 42.0.0.5780, time stamp 0x5632d0a4, faulting module mozglue.dll, version 42.0.0.5780, time stamp 0x5632ba58, exception code 0x80000003, fault offset 0x0000ed50,
process id 0x1704, application start time 0xplugin-container.exe0.

Error: (11/17/2015 07:01:31 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7TG6AZ4U.DEFAULT-1394062874251\SAFEBROWSING-TO_DELETE> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (11/17/2015 07:01:30 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7TG6AZ4U.DEFAULT-1394062874251\SAFEBROWSING-BACKUP> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (11/15/2015 07:53:10 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: File backup failed. The error is: The system cannot find the file specified. (0x80070002).

Error: (11/15/2015 05:25:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 42.0.0.5780, time stamp 0x5632d0a4, faulting module mozglue.dll, version 42.0.0.5780, time stamp 0x5632ba58, exception code 0x80000003, fault offset 0x0000ed50,
process id 0x5d8, application start time 0xplugin-container.exe0.

Error: (11/15/2015 04:49:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 42.0.0.5780 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1084
Start Time: 01d11e3e4c2ae420
Termination Time: 721

Error: (11/11/2015 03:34:13 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (11/11/2015 03:34:12 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (11/11/2015 03:05:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8cc5a, exception code 0xc0000005, fault offset 0x000098b9,
process id 0xfd8, application start time 0xExplorer.EXE0.

Error: (11/10/2015 09:52:08 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7TG6AZ4U.DEFAULT-1394062874251\SAFEBROWSING-BACKUP> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (11/20/2015 08:50:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000WerSvc

Error: (11/19/2015 07:25:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000WerSvc

Error: (11/19/2015 04:23:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000UxSms

Error: (11/18/2015 09:15:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000

Error: (11/18/2015 09:15:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000MBAMScheduler

Error: (11/18/2015 09:01:51 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (11/18/2015 09:00:52 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (11/18/2015 08:58:48 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Windows Update

Error: (11/17/2015 07:03:52 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (11/17/2015 07:02:43 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!


CodeIntegrity:
===================================
  Date: 2015-11-21 18:06:59.870
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-21 18:06:59.340
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-21 18:06:58.810
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-21 18:06:58.248
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-21 18:06:50.916
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-21 18:06:50.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-21 18:06:49.855
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-21 18:06:49.309
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-21 18:06:48.295
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-21 18:06:47.748
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T7100 @ 1.80GHz
Percentage of memory in use: 63%
Total physical RAM: 3062.39 MB
Available physical RAM: 1121.57 MB
Total Virtual: 6373.04 MB
Available Virtual: 4140.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.78 GB) (Free:1.46 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 111.8 GB) (Disk ID: 2F0618FA)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=110.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

Advertisements

#2
Valinorum
Posted 22 November 2015 - 07:02 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
You currently have an open thread in the Virus, Spyware, Malware Removal-section ergo I am closing this thread and implore you to stick to your original thread. If your issue is not malware related, please, pick a suitable section and post your thread.

Regards,
Valinorum
  • 0

#3
Valinorum
Posted 22 November 2015 - 08:30 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Thread re-opened.
  • 0

#4
Valinorum
Posted 22 November 2015 - 09:45 PM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Uninstall Spybot - Search & Destroy, SUPERAntiSpyware Free Edition, and AML Free Registry Cleaner 4.24.


 
  • Step #1 Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
RemoveProxy:
U3 agpot32z; C:\Windows\system32\Drivers\agpot32z.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
CHR HKLM\...\Chrome\Extension: [adjbjkfacpgpolnpnhhckpbfhokppdng] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path\update_url>
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} hxxp://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP2BBAF279-7E11-4589-A396-9ADD2C5830A0&q={searchTerms}&SSPV=
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM\...\Run: [] => [X]
CMD: bitsadmin /reset /allusers
End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt;
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #2 Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Option and put a tick mark on everything;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart. If not, it is located in C:\AdwCleaner\AdwCleaner[CX].txt, where X is replaced with a number;
    • Copy and Paste the contents of this log in your reply.
 
  • Step #3 Scan with Malwarebytes' Anti-Malware
    • Download Malwarebytes' Anti-Malware from the suitable link below --
    • Double-click on mbam-setup-version-number.exe to install the application.
    • Before clicking Finish perform the following actions --
      • Un-check the box beside Enable free trial of Malwarebytes Anti-Malware Premium.
      • Check the box beside Launch Malwarebytes Anti-Malware
    • Once the program has loaded, The MBAM dashboard will appear with an alert to update - click the green button Update Now;
      • Navigate to the Settings tab Detection and Protection and check all the boxes under Detection Options
    • From the Dashboard click on Scan Now;
    • If threats are detected, make sure everything is set to Quarantine and click on Apply actions. If the program asks to reboot your PC, let it do so;
    • On completion of the scan click on History > Application Log. After that click on the top Scan Log > Export, select Text File and save the log to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 
  • Required Log(s):
    • FRST Fix Log
    • AdwCleaner Log
    • Malwarebytes' Anti-Malware Log
Regards,
Valinorum
  • 0

#5
67mopar
Posted 23 November 2015 - 11:25 AM

67mopar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 202 posts

Fix result of Farbar Recovery Scan Tool (x86) Version:22-11-2015
Ran by dad (2015-11-23 10:34:29) Run:1
Running from C:\Users\dad\Desktop
Loaded Profiles: dad (Available Profiles: dad & Admin & Administrator & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
RemoveProxy:
U3 agpot32z; C:\Windows\system32\Drivers\agpot32z.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
CHR HKLM\...\Chrome\Extension: [adjbjkfacpgpolnpnhhckpbfhokppdng] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path\update_url>
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} hxxp://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2016988935-2323152099-3380971846-1000 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP2BBAF279-7E11-4589-A396-9ADD2C5830A0&q={searchTerms}&SSPV=
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM\...\Run: [] => [X]
CMD: bitsadmin /reset /allusers
End
*****************

Restore point was successfully created.
Processes closed successfully.

========= RemoveProxy: =========

"HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.


========= End of RemoveProxy: =========

agpot32z => service not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\adjbjkfacpgpolnpnhhckpbfhokppdng" => key removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FFB3A759-98B1-446F-BDA9-909C6EB18CC7}" => key removed successfully.
"HKCR\CLSID\{FFB3A759-98B1-446F-BDA9-909C6EB18CC7}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value removed successfully.
HKU\S-1-5-21-2016988935-2323152099-3380971846-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: ** <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION => restored successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.

=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.0.6001 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

0 out of 0 jobs canceled.

========= End of CMD: =========

EmptyTemp: => 401 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:36:58 ====

 

# AdwCleaner v5.022 - Logfile created 23/11/2015 at 11:03:23
# Updated 22/11/2015 by Xplode
# Database : 2015-11-22.2 [Server]
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (x86)
# Username : dad - DAD-PC
# Running from : C:\Users\dad\Downloads\AdwCleaner(1).exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
[!] Key Not Deleted : SuggestionsURL_JSON
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
[!] Key Not Deleted : DisplayName

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [914 bytes] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/23/2015
Scan Time: 11:20:49 AM
Logfile: 11.23.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.11.23.05
Rootkit Database: v2015.11.23.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: dad

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 420120
Time Elapsed: 53 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
 


  • 0

#6
Valinorum
Posted 29 November 2015 - 02:18 PM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
How is your PC performing?
  • 0

#7
67mopar
Posted 29 November 2015 - 02:34 PM

67mopar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 202 posts

Its quite a bit better , i think  I am overtaxing the poor machine,  I get a lot of (not responding messages)   but you must have fixed something ,  was gonna post toda and ask if there is anything else I should do for prevention, and that spybot does not show up in my uninsall list, and to send you a genuine thank you for helping me out I really do appreciate the fixes. 


  • 0

#8
Valinorum
Posted 30 November 2015 - 07:28 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Perform a clean boot to see if it speed things up. Your log looks good otherwise.
  • 0

#9
67mopar
Posted 01 December 2015 - 06:45 PM

67mopar

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 202 posts

think we might be ok,  Thank You


  • 0

#10
Valinorum
Posted 08 December 2015 - 10:05 PM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP