Sponsored By

MissMary

Members
  • Content count

    11
  • Joined

  • Last visited

About MissMary

  • Rank
    Member
  1. # DelFix v1.012 - Logfile created 23/03/2016 at 14:13:00 # Updated 04/03/2015 by Xplode # Username : Mary - MARY-PC # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\_OTL Deleted : C:\Users\Mary\Desktop\dds.txt Deleted : C:\Users\Mary\Desktop\Extras.Txt Deleted : C:\Users\Mary\Desktop\JRT.txt Deleted : C:\Users\Mary\Desktop\OTL.Txt Deleted : C:\Users\Mary\Downloads\adwcleaner_5.102(1).exe Deleted : C:\Users\Mary\Downloads\adwcleaner_5.102.exe Deleted : C:\Users\Mary\Downloads\dds.scr Deleted : C:\Users\Mary\Downloads\Extras.Txt Deleted : C:\Users\Mary\Downloads\JRT.exe Deleted : C:\Users\Mary\Downloads\OTL.Txt Deleted : C:\Users\Mary\Downloads\OTL.exe Deleted : C:\Users\Mary\Downloads\SecurityCheck.exe Deleted : HKLM\SOFTWARE\OldTimer Tools ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #215 [Scheduled Checkpoint | 03/05/2016 19:13:48] Deleted : RP #216 [Windows Update | 03/10/2016 09:00:48] Deleted : RP #217 [Windows Update | 03/14/2016 08:00:33] Deleted : RP #218 [JRT Pre-Junkware Removal | 03/16/2016 19:08:11] Deleted : RP #219 [OTL Restore Point - 3/21/2016 2:21:41 PM | 03/21/2016 19:21:45] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  2. OTL.Txt Extras.Txt
  3. Results of screen317's Security Check version 1.014 --- 12/23/15 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! ZoneAlarm Extreme Security Antivirus AVG AntiVirus 2015 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 45 Java version 32-bit out of Date! Adobe Flash Player 21.0.0.182 Adobe Reader XI Mozilla Firefox (45.0.1) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbam.exe AVG avgwdsvc.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe Malwarebytes Anti-Malware mbamscheduler.exe CheckPoint ZoneAlarm vsmon.exe CheckPoint ZoneAlarm zatray.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````
  4. AVG Tuneup is uninstalled.
  5. Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 3/4/2014 3:27:56 PM System Uptime: 3/17/2016 11:21:07 AM (2 hours ago) . Motherboard: Dell Inc. | | 0MJNYC Processor: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz | U3E1 | 1683/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 444 GiB total, 366.996 GiB free. D: is CDROM () Y: is FIXED (NTFS) - 22 GiB total, 11.587 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{13B67E97-545B-41DC-AC44-6FEDE5FE6087}_LOCALMFG&0000\8&1EB887E6&0&000000000000_00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{13B67E97-545B-41DC-AC44-6FEDE5FE6087}_LOCALMFG&0000\8&1EB887E6&0&000000000000_00000000 Service: . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{CBECAB40-A2C8-4AB3-ADC1-DE0FE95D8600}_LOCALMFG&0000\8&1EB887E6&0&000000000000_00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{CBECAB40-A2C8-4AB3-ADC1-DE0FE95D8600}_LOCALMFG&0000\8&1EB887E6&0&000000000000_00000000 Service: . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{61118058-486C-4BB0-B4B8-ACE4DCADEC44}_LOCALMFG&0000\8&1EB887E6&0&000000000000_00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{61118058-486C-4BB0-B4B8-ACE4DCADEC44}_LOCALMFG&0000\8&1EB887E6&0&000000000000_00000000 Service: . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{DD533152-01F4-435C-ABFE-984BC21A2A65}_LOCALMFG&0000\8&1EB887E6&0&000000000000_00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{DD533152-01F4-435C-ABFE-984BC21A2A65}_LOCALMFG&0000\8&1EB887E6&0&000000000000_00000000 Service: . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{8855C1D2-9BFE-4B96-BCBF-CBB9682C76BD}_LOCALMFG&0000\8&1EB887E6&0&000000000000_00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{8855C1D2-9BFE-4B96-BCBF-CBB9682C76BD}_LOCALMFG&0000\8&1EB887E6&0&000000000000_00000000 Service: . ==== System Restore Points =================== . RP214: 2/26/2016 3:00:26 AM - Windows Update RP215: 3/5/2016 1:13:48 PM - Scheduled Checkpoint RP216: 3/10/2016 3:00:48 AM - Windows Update RP217: 3/14/2016 3:00:33 AM - Windows Update RP218: 3/16/2016 2:08:11 PM - JRT Pre-Junkware Removal . ==== Installed Programs ====================== . Adobe Flash Player 21 ActiveX Adobe Flash Player 21 NPAPI Adobe Reader XI (11.0.06) MUI Adobe Reader XI (11.0.15) Adobe Refresh Manager Amped Wireless High Power Wireless-N Pro USB Adapter Driver AVG 2015 AVG PC TuneUp Business Contact Manager for Microsoft Outlook 2010 Canon MG2100 series MP Drivers Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module D3DX10 Definition Update for Microsoft Office 2010 (KB3114887) 32-Bit Edition Dell Backup and Recovery Dell Backup and Recovery - Support Software Dell Edoc Viewer Dell Touchpad Dell WLAN and Bluetooth Client Installation FMW 1 Google Update Helper Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) USB 3.0 eXtensible Host Controller Driver Intel® Trusted Connect Service Client Java 8 Update 45 Java Auto Updater Junk Mail filter update Malwarebytes Anti-Malware version 2.2.0.1024 Microsoft .NET Framework 4.6.1 Microsoft Application Error Reporting Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) Microsoft Office Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010) Movie Maker Mozilla Firefox 44.0.2 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 Photo Common Photo Gallery Qualcomm Atheros Bluetooth Suite (64) Realtek Ethernet Controller All-In-One Windows Driver Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4.6.1 (KB3122661) Security Update for Microsoft .NET Framework 4.6.1 (KB3127233) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000) Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition Security Update for Microsoft Excel 2010 (KB3114759) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2965310) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3114396) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3114402) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3114878) 32-Bit Edition Service Pack 1 for SQL Server 2008 (KB968369) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shared C Run-time for x64 Smilebox Sql Server Customer Experience Improvement Program Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VisualRoute Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ZoneAlarm Find My Laptop ZoneAlarm Security . ==== Event Viewer Messages From Past Week ======== . 3/17/2016 4:08:00 AM, Error: Service Control Manager [7000] - The ZoneAlarm AntiTheft service failed to start due to the following error: The system cannot find the file specified. 3/17/2016 11:40:37 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 3/16/2016 3:07:42 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect. 3/16/2016 3:07:42 PM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/16/2016 3:07:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 3/16/2016 11:53:36 AM, Error: Microsoft-Windows-WHEA-Logger [18] - A fatal hardware error has occurred. Reported by component: Processor Core Error Source: Machine Check Exception Error Type: Cache Hierarchy Error Processor ID: 0 The details view of this entry contains further information. 3/16/2016 1:36:17 PM, Error: Service Control Manager [7038] - The Spooler service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 3/16/2016 1:36:17 PM, Error: Service Control Manager [7000] - The Print Spooler service failed to start due to the following error: The service did not start due to a logon failure. 3/16/2016 1:36:14 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\system32\athihvs.dll 3/16/2016 1:35:50 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 3/16/2016 1:35:21 PM, Error: Service Control Manager [7034] - The Office Software Protection Platform service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:21 PM, Error: Service Control Manager [7034] - The Office Source Engine service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:20 PM, Error: Service Control Manager [7034] - The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:20 PM, Error: Service Control Manager [7034] - The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:20 PM, Error: Service Control Manager [7034] - The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:20 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 3/16/2016 1:35:20 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 3/16/2016 1:35:19 PM, Error: Service Control Manager [7034] - The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:19 PM, Error: Service Control Manager [7034] - The Business Contact Manager SQL Server Startup Service service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:19 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 3/16/2016 1:35:19 PM, Error: Service Control Manager [7031] - The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 3/16/2016 1:35:19 PM, Error: Service Control Manager [7031] - The AVG PC TuneUp Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 250 milliseconds: Restart the service. 3/16/2016 1:35:18 PM, Error: Service Control Manager [7034] - The AtherosSvc service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:18 PM, Error: Service Control Manager [7034] - The Andrea RT Filters Service service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:18 PM, Error: Service Control Manager [7031] - The AVG Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 3/16/2016 1:35:17 PM, Error: Service Control Manager [7034] - The TrueVector Internet Monitor service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:17 PM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). 3/16/2016 1:35:17 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 3/15/2016 1:48:11 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DeleteFlag with the following error: Access is denied. 3/10/2016 12:49:18 PM, Error: Service Control Manager [7043] - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control. 3/10/2016 1:15:14 PM, Error: Service Control Manager [7024] - The TrueVector Internet Monitor service terminated with service-specific error The operation completed successfully.. . ==== End Of File ===========================
  6. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.18231 BrowserJavaVersion: 11.45.2 Run by Mary at 13:12:28 on 2016-03-17 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3984.1348 [GMT -5:00] . AV: ZoneAlarm Extreme Security Antivirus *Enabled/Outdated* {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9} AV: AVG AntiVirus 2015 *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413} SP: ZoneAlarm Extreme Security Anti-Spyware *Enabled/Outdated* {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus 2015 *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE} FW: ZoneAlarm Extreme Security Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2} . ============== Running Processes =============== . c:\PROGRA~2\AVG\AVG2015\avgrsa.exe C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Users\Mary\AppData\Roaming\Smilebox\SmileboxTray.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\AVG\AVG2015\avgscanx.exe C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Windows\System32\svchost.exe -k utcsvc c:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe C:\Program Files (x86)\AVG\AVG2015\avgemca.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\SysWOW64\ctfmon.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe C:\Windows\system32\GWX\GWX.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll uRun: [SmileboxTray] "C:\Users\Mary\AppData\Roaming\Smilebox\SmileboxTray.exe" mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avuirunnerx.exe" C:\Program Files (x86)\AVG\AVG2015\avgui.exe mRun: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw mExplorerRun: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: DisableCAD = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.2.1 TCP: Interfaces\{15D3FC4B-69AF-4811-9D01-DEE7B168B3D9} : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{15D3FC4B-69AF-4811-9D01-DEE7B168B3D9}\2656C6B696E6E2168356E2765756374737 : DHCPNameServer = 192.168.169.1 TCP: Interfaces\{15D3FC4B-69AF-4811-9D01-DEE7B168B3D9}\2656C6B696E6E2733383E2765756374737 : DHCPNameServer = 192.168.169.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1 x64-Run: [RtHDVBg_PushButton] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe" x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe" x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Mary\AppData\Roaming\Mozilla\Firefox\Profiles\v2bmvnc9.default-1456672828127\ FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2016-1-13 299440] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2015-5-7 378336] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2016-1-22 255920] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2015-3-20 40928] R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-1-14 644968] R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-1-14 28008] R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-1-14 20464] R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2015-3-11 162784] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2015-12-16 315312] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2015-12-16 296368] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2015-8-4 300464] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-1-14 98208] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2014-10-28 322176] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2016-2-4 3646888] R2 avgsvc;AVG Service;C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-2-18 1045928] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2016-2-4 335656] R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-30 15720] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-1-14 169432] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-3-16 1513784] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-3-16 1135416] R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-1-14 246488] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2014-1-14 1911312] R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2016-2-15 4364200] R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-1-14 368624] R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-1-14 790000] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2016-3-16 25816] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-3-16 192216] R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2016-3-16 63704] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2014-1-14 326368] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-14 872152] R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2014-1-14 34544] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2016-2-15 32304] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112] S2 ZoneAlarm AntiTheft;ZoneAlarm AntiTheft;"C:\Program Files (x86)\CheckPoint\AntiTheft\Antitheft.exe" --> C:\Program Files (x86)\CheckPoint\AntiTheft\Antitheft.exe [?] S3 DDDriver;DDDriver;C:\Windows\System32\drivers\DDDriver64Dcsa.sys [2015-1-30 23760] S3 DellProf;DellProf;C:\Windows\System32\drivers\DellProf.sys [2015-1-30 23312] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2014-1-14 57856] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-3-9 114688] S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-1-14 452088] S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232] S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2014-1-14 30448] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-9 1255736] S4 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [?] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-30 47128] S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936] . =============== Created Last 30 ================ . 2016-03-16 19:26:35 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2016-03-16 19:24:51 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2016-03-16 19:24:51 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2016-03-16 19:24:51 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2016-03-16 19:24:51 -------- d-----w- C:\ProgramData\Malwarebytes 2016-03-16 19:24:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-03-16 18:28:08 -------- d-----w- C:\Program Files (x86)\AdwCleaner 2016-03-09 18:43:34 5572032 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-03-09 18:42:55 381440 ----a-w- C:\Windows\System32\mfds.dll 2016-02-21 05:13:09 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDBX.DLL 2016-02-21 05:13:09 101888 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPBX.DLL 2016-02-21 05:12:58 391168 ----a-w- C:\Windows\System32\CNMLMBX.DLL 2016-02-21 05:11:27 367104 ----a-w- C:\Windows\System32\CNC_BXL.dll 2016-02-21 05:11:27 282624 ----a-w- C:\Windows\System32\CNC_BXC.dll 2016-02-21 05:11:27 106496 ----a-w- C:\Windows\System32\CNC_BXI.dll 2016-02-21 04:59:18 98816 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPAQ.DLL 2016-02-21 04:59:18 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDAQ.DLL 2016-02-21 04:59:02 385536 ----a-w- C:\Windows\System32\CNMLMAQ.DLL 2016-02-21 04:47:19 373248 ----a-w- C:\Windows\System32\CNC_AQL.dll 2016-02-21 04:47:19 323584 ----a-w- C:\Windows\SysWow64\CNC_AQL.dll 2016-02-21 04:47:19 302080 ----a-w- C:\Windows\System32\CNC_AQC.dll 2016-02-21 04:47:19 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll 2016-02-21 04:47:19 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll 2016-02-21 04:47:19 114688 ----a-w- C:\Windows\SysWow64\CNC_AQU.dll 2016-02-21 04:47:19 112128 ----a-w- C:\Windows\System32\CNC_AQI.dll 2016-02-17 05:34:05 37288 ----a-w- C:\Windows\System32\authuitu.dll 2016-02-17 05:34:05 32680 ----a-w- C:\Windows\SysWow64\authuitu.dll 2016-02-17 05:34:02 48552 ----a-w- C:\Windows\System32\uxtuneup.dll 2016-02-17 05:34:02 42408 ----a-w- C:\Windows\SysWow64\uxtuneup.dll . ==================== Find3M ==================== . 2016-03-10 20:24:17 797376 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2016-03-10 20:24:17 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2016-02-19 19:02:43 38336 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2016-02-19 18:54:11 1168896 ----a-w- C:\Windows\System32\aeinv.dll 2016-02-19 14:07:35 1373184 ----a-w- C:\Windows\System32\appraiser.dll 2016-02-15 16:36:22 45992 ----a-w- C:\Windows\System32\TURegOpt.exe 2016-02-12 18:52:23 98816 ----a-w- C:\Windows\System32\wudriver.dll 2016-02-12 18:52:23 3169792 ----a-w- C:\Windows\System32\wucltux.dll 2016-02-12 18:52:23 192512 ----a-w- C:\Windows\System32\wuwebv.dll 2016-02-12 18:44:43 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll 2016-02-12 18:39:55 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2016-02-12 18:18:22 37888 ----a-w- C:\Windows\System32\wuapp.exe 2016-02-12 18:18:05 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll 2016-02-12 18:05:17 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll 2016-02-12 18:05:13 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe 2016-02-11 18:56:26 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2016-02-11 18:56:26 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-02-11 18:52:52 1733592 ----a-w- C:\Windows\System32\ntdll.dll 2016-02-11 18:49:42 362496 ----a-w- C:\Windows\System32\wow64win.dll 2016-02-11 18:49:42 243712 ----a-w- C:\Windows\System32\wow64.dll 2016-02-11 18:49:42 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2016-02-11 18:49:24 215040 ----a-w- C:\Windows\System32\winsrv.dll 2016-02-11 18:49:19 210432 ----a-w- C:\Windows\System32\wdigest.dll 2016-02-11 18:49:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll 2016-02-11 18:49:00 28672 ----a-w- C:\Windows\System32\sspisrv.dll 2016-02-11 18:49:00 135680 ----a-w- C:\Windows\System32\sspicli.dll 2016-02-11 18:48:58 503808 ----a-w- C:\Windows\System32\srcore.dll 2016-02-11 18:48:58 50176 ----a-w- C:\Windows\System32\srclient.dll 2016-02-11 18:48:16 28160 ----a-w- C:\Windows\System32\secur32.dll 2016-02-11 18:48:14 344064 ----a-w- C:\Windows\System32\schannel.dll 2016-02-11 18:48:12 1214464 ----a-w- C:\Windows\System32\rpcrt4.dll 2016-02-11 18:47:33 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2016-02-11 18:45:59 312320 ----a-w- C:\Windows\System32\ncrypt.dll 2016-02-11 18:45:56 315392 ----a-w- C:\Windows\System32\msv1_0.dll 2016-02-11 18:45:51 60416 ----a-w- C:\Windows\System32\msobjs.dll 2016-02-11 18:45:35 146432 ----a-w- C:\Windows\System32\msaudite.dll 2016-02-11 18:44:45 3994560 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2016-02-11 18:44:45 3938240 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2016-02-11 18:44:42 1461248 ----a-w- C:\Windows\System32\lsasrv.dll 2016-02-11 18:44:34 730112 ----a-w- C:\Windows\System32\kerberos.dll 2016-02-11 18:44:34 422400 ----a-w- C:\Windows\System32\KernelBase.dll 2016-02-11 18:42:25 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2016-02-11 18:42:24 43520 ----a-w- C:\Windows\System32\cryptbase.dll 2016-02-11 18:42:24 22016 ----a-w- C:\Windows\System32\credssp.dll 2016-02-11 18:38:24 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2016-02-11 18:38:24 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2016-02-11 18:38:24 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2016-02-11 18:38:23 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2016-02-11 18:38:07 171520 ----a-w- C:\Windows\SysWow64\wdigest.dll 2016-02-11 18:38:00 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll 2016-02-11 18:37:53 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2016-02-11 18:37:11 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2016-02-11 18:37:09 251392 ----a-w- C:\Windows\SysWow64\schannel.dll 2016-02-11 18:35:14 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2016-02-11 18:35:09 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll 2016-02-11 18:35:06 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll 2016-02-11 18:34:26 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll 2016-02-11 18:33:30 553472 ----a-w- C:\Windows\SysWow64\kerberos.dll 2016-02-11 18:31:25 17408 ----a-w- C:\Windows\SysWow64\credssp.dll 2016-02-11 17:48:11 64000 ----a-w- C:\Windows\System32\auditpol.exe 2016-02-11 17:43:48 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe 2016-02-11 17:41:42 338432 ----a-w- C:\Windows\System32\conhost.exe 2016-02-11 17:40:09 296960 ----a-w- C:\Windows\System32\rstrui.exe 2016-02-11 17:34:45 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-02-11 17:34:01 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-02-11 17:33:54 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2016-02-11 17:32:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2016-02-11 17:32:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2016-02-11 17:32:45 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2016-02-11 17:32:43 2048 ----a-w- C:\Windows\SysWow64\user.exe 2016-02-11 17:32:25 30720 ----a-w- C:\Windows\System32\lsass.exe 2016-02-11 17:32:18 112640 ----a-w- C:\Windows\System32\smss.exe 2016-02-11 17:31:01 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll 2016-02-11 17:30:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2016-02-11 17:30:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-11 17:30:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2016-02-11 17:30:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2016-02-11 14:07:46 689152 ----a-w- C:\Windows\System32\generaltel.dll 2016-02-09 09:57:08 12625920 ----a-w- C:\Windows\System32\wmploc.DLL 2016-02-09 09:56:09 5120 ----a-w- C:\Windows\System32\msdxm.ocx 2016-02-09 09:56:09 5120 ----a-w- C:\Windows\System32\dxmasf.dll 2016-02-09 09:55:34 30720 ----a-w- C:\Windows\System32\seclogon.dll 2016-02-09 09:54:38 9728 ----a-w- C:\Windows\System32\spwmp.dll 2016-02-09 09:51:32 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL 2016-02-09 09:13:14 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx 2016-02-09 09:13:14 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll 2016-02-09 09:13:10 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll 2016-02-08 20:51:13 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2016-02-08 20:39:06 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll 2016-02-08 20:39:06 496640 ----a-w- C:\Windows\SysWow64\vbscript.dll 2016-02-08 20:38:29 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2016-02-08 20:38:20 341504 ----a-w- C:\Windows\SysWow64\html.iec 2016-02-08 20:37:31 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll 2016-02-08 20:28:52 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2016-02-08 20:28:32 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2016-02-08 20:16:21 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll 2016-02-08 20:10:37 4611072 ----a-w- C:\Windows\SysWow64\jscript9.dll 2016-02-08 20:01:48 2050560 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2016-02-08 20:01:43 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll 2016-02-08 19:43:04 2121216 ----a-w- C:\Windows\SysWow64\wininet.dll . ============= FINISH: 13:13:31.40 =============== DDS.txt
  7. unkware Removal Tool (JRT) by Malwarebytes Version: 8.0.4 (03.14.2016) Operating System: Windows 7 Home Premium x64 Ran by Mary (Administrator) on Wed 03/16/2016 at 14:08:06.75 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 23 Successfully deleted: C:\Windows\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 (Task) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5E5M1O6E (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\94JRLHGI (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWH8KXLT (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MB6J0K9U (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TJPQ5BOK (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V5MN4JZA (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XI6MZ3VN (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5E5M1O6E (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\94JRLHGI (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWH8KXLT (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MB6J0K9U (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TJPQ5BOK (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V5MN4JZA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XI6MZ3VN (Temporary Internet Files Folder) Registry: 3 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3B6B9E73-24EA-45EF-A963-BE15C41F8379} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 03/16/2016 at 14:10:07.72 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  8. I believe I have a virus as it has slowed down so much and I am not able to do updates of my virus protection. This is what it did when infected a little over a year ago.
  9. kware Removal Tool (JRT) by Malwarebytes Version: 8.0.4 (03.14.2016) Operating System: Windows 7 Home Premium x64 Ran by Mary (Administrator) on Wed 03/16/2016 at 14:08:06.75 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 23 Successfully deleted: C:\Windows\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 (Task) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5E5M1O6E (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\94JRLHGI (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWH8KXLT (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MB6J0K9U (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TJPQ5BOK (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V5MN4JZA (Temporary Internet Files Folder) Successfully deleted: C:\Users\Mary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XI6MZ3VN (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5E5M1O6E (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\94JRLHGI (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWH8KXLT (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MB6J0K9U (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TJPQ5BOK (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V5MN4JZA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XI6MZ3VN (Temporary Internet Files Folder) Registry: 3 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3B6B9E73-24EA-45EF-A963-BE15C41F8379} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 03/16/2016 at 14:10:07.72 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  10. AdwCleaner v5.102 - Logfile created 16/03/2016 at 13:35:21 # Updated 13/03/2016 by Xplode # Database : 2016-03-14.1 [Server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : Mary - MARY-PC # Running from : C:\Users\Mary\Downloads\adwcleaner_5.102(1).exe # Option : Clean # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder Deleted : C:\ProgramData\apn ***** [ Files ] ***** ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000} [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}] [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} [-] Key Deleted : HKCU\Software\DesktopDockApp [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\ApnTBMon ***** [ Web browsers ] ***** ************************* :: "Tracing" keys removed :: Winsock settings cleared ************************* C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [2945 bytes] - [16/03/2016 13:35:21] C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [2982 bytes] - [16/03/2016 13:28:40] ########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [3131 bytes] ##########
  11. Computer running very slow, need to restart frequently to make computer work. Unable to install updates from virus protection I have purchased.