Sponsored By

Sign in to follow this  
sandi.freeman6

blue screen flash dump

Recommended Posts

it has happened 4 times now where a blue screen appears after I have clicked a few things. Last night I exited two screens and it came up saying flash dump. if this is the first time please restart computer if this has happened more then once please remove newly installed hardwear.  I did both things. and it keeps happening. My computer is running slow. If we are watching hulu on the computer it goes to a flashing screen and turns green so there is no picture but there is sound still. and when I was listening to Pandora it made a grinding type sound then the blue screen popped up again.

Share this post


Link to post
Share on other sites

Howdy and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  


===================================


AdwCleaner
       
Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the Clean button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.



NEXT

thisisujrt-1.gif
    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!


NEXT


MALWAREBYTES with Pics:

Please download Malwarebytes' Anti-Malware to your desktop.


    * Double-click  mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to  Update Malwarebytes' Anti-Malware and  Launch Malwarebytes' Anti-Malware, then click  Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select  Perform quick scan, then click Scan.

mbam-1.jpg


When the scan is complete, click  OK, then  Show Results to view the results.

scan-finished.jpg

    *  Then click  Remove Selected .
    * When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    * Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    Or via the Logs tab when the application is started.



Please don't attach the scans / logs, use "copy/paste".


Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes log
Thanks
Chuck

Share this post


Link to post
Share on other sites

Here is the log you sent me !!

 

# AdwCleaner v3.015 - Report created 16/12/2013 at 09:38:40 # Updated 10/12/2013 by Xplode # Operating System :
Windows 7 Home Premium Service Pack 1 (64 bits) #
Username : Owner - OWNER-HP # Running from :
C:\Users\Owner\Desktop\adwcleaner.exe # Option :
Clean ***** [ Services ] ***** Service Deleted :
BringMeSports_1cService ***** [ Files / Folders ] ***** Folder Deleted :
C:\ProgramData\AVG Secure Search Folder Deleted :
C:\ProgramData\Conduit Folder Deleted :
C:\ProgramData\IBUpdaterService Folder Deleted :
C:\Program Files (x86)\AVG Secure Search Folder Deleted :
C:\Program Files (x86)\BringMeSports_1c Folder Deleted :
C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\MyPC Backup Folder Deleted :
C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted :
C:\Users\Owner\AppData\Local\AVG Secure Search Folder Deleted :
C:\Users\Owner\AppData\Local\Conduit Folder Deleted :
C:\Users\Owner\AppData\Local\Wajam Folder Deleted :
C:\Users\Owner\AppData\Local\Temp\AirInstaller Folder Deleted :
C:\Users\Owner\AppData\Local\Temp\CT3289663 Folder Deleted :
C:\Users\Owner\AppData\Local\Temp\CT3279412 Folder Deleted :
C:\Users\Owner\AppData\LocalLow\AVG Secure Search Folder Deleted :
C:\Users\Owner\AppData\LocalLow\BringMeSports_1c Folder Deleted :
C:\Users\Owner\AppData\LocalLow\Conduit Folder Deleted :
C:\Users\Owner\AppData\LocalLow\PriceGong Folder Deleted :
C:\Users\Owner\AppData\Roaming\DefaultTab Folder Deleted :
C:\Users\Owner\AppData\Roaming\file scout Folder Deleted :
C:\Users\Owner\AppData\Roaming\PerformerSoft Folder Deleted :
C:\Users\Owner\AppData\Roaming\SpeedAnalysis3 Folder Deleted :
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\CT3289663 Folder Deleted :
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\CT3279412 Folder Deleted :
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\Extensions\[email protected]_1c.com Folder Deleted :
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\Extensions\{07cbf788-1359-421b-a4e3-5a8d041b90a3} Folder Deleted :
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\Extensions\{976cd962-e0ca-4337-aea7-d93fae63a79c} File Deleted :
C:\END File Deleted : C:\Windows\System32\roboot64.exe File Deleted :
C:\Users\Owner\AppData\Roaming\speedanalysis.ico File Deleted :
C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted :
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml File Deleted :
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\searchplugins\Conduit.xml File Deleted :
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted :
HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]] Key Deleted :
HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Key Deleted :
HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL Key Deleted :
HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted :
HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted :
HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted :
HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted :
HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted :
HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.DynamicBarButton Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.DynamicBarButton.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.FeedManager Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.FeedManager.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.HTMLMenu Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.HTMLMenu.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.HTMLPanel Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.HTMLPanel.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.MultipleButton Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.MultipleButton.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.PseudoTransparentPlugin Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.PseudoTransparentPlugin.1 Key Deleted
: HKLM\SOFTWARE\Classes\BringMeSports_1c.Radio Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.Radio.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.RadioSettings Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.RadioSettings.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.ScriptButton Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.ScriptButton.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.SettingsPlugin Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.SettingsPlugin.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.SkinLauncher Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.SkinLauncher.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.ThirdPartyInstaller Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.ThirdPartyInstaller.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.UrlAlertButton Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.UrlAlertButton.1 Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.XMLSessionPlugin Key Deleted :
HKLM\SOFTWARE\Classes\BringMeSports_1c.XMLSessionPlugin.1 Key Deleted :
HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser Key Deleted :
HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1 Key Deleted :
HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX Key Deleted :
HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1 Key Deleted :
HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted :
HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted :
HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted :
HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted :
HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Value Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted :
HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted :
HKLM\SOFTWARE\MozillaPlugins\@BringMeSports_1c.com/Plugin Key Deleted :
HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted :
HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted :
HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085} Key Deleted :
HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} Key Deleted :
HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted :
HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{0A8CC25D-66FF-41DF-B3B4-416079EF8F87} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{1856A7BD-DE8C-488B-AA7A-5682D13166FC} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{39AE4193-9636-4786-A7E8-D0BED697CDF3} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{5489857C-D16B-4F23-A322-9F3D3423DC6D} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{5DC6445C-89CE-4895-9EEE-79449A453700} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{6285C254-4465-4F8B-A009-5F42AB02C291} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{716F0A7A-66F8-4C51-9EF2-BE22E0EA2F00} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{74CEF9D2-506A-4BC6-B577-4F6505317FBA} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{779A6469-E20C-4517-9D59-394EE65E216C} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{82C7004A-078E-468C-9C0F-2243618FF7CB} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{8E74A826-02AC-4EDF-8827-7CFDE086FB48} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{A1912AF6-DFE3-48B1-BDFE-9A65259AC702} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{B299D84A-69A5-4433-9A79-51EF2BB7841F} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{B8CBCB5A-9192-4122-B3DE-BD139320EC09} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{BC61CA7A-6B81-47EC-B62D-AE1A236CADB9} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{CC53BD19-7B23-43B0-AB7C-0E06C708CCED} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{D31FF80A-322D-4343-99BD-158557C460B2} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{D424710B-AF83-49A6-9F26-033E0CF794B1} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{F0C8CCC2-BAAA-4236-AD0A-22B5A401B9EF} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991} Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{3436BC13-C898-4775-B1EA-BA224587010D} Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{89B7AE32-9C52-41D6-A64D-14D7BDEC9C58} Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{0F2C9A6B-A0ED-4189-B086-C0E76D80EB91} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{1265AE6E-5141-468B-AB11-67ECE832F5E8} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{256B342B-85A7-4E4E-AA2E-101CDDEF5EFD} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{4CD73219-4D3F-46EE-AC3E-768E2A2AB056} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{6A751D61-7A6B-4999-BFD0-ADF01A40F6F2} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{71E326B6-2DC3-40B7-93D8-3CEDA9C83F53} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{92364364-56B2-4C54-AAE3-A7D03A30C023} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{A50C4254-A6A2-48CB-A2D0-C5E0A53FD965} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{A66EEC44-AA6D-4AF2-BF75-490E2CA17AE9} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{BDFCF196-0622-41CF-BDA6-D1CDB44AB5E9} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{F6C482A5-17AE-43D3-A6AC-52A70674283C} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2F4D7835-42B0-4BA7-9587-1B01393F78EE} Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82C7004A-078E-468C-9C0F-2243618FF7CB} Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC53BD19-7B23-43B0-AB7C-0E06C708CCED} Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC53BD19-7B23-43B0-AB7C-0E06C708CCED} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0A8CC25D-66FF-41DF-B3B4-416079EF8F87} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2F4D7835-42B0-4BA7-9587-1B01393F78EE} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6285C254-4465-4F8B-A009-5F42AB02C291} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{82C7004A-078E-468C-9C0F-2243618FF7CB} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B8CBCB5A-9192-4122-B3DE-BD139320EC09} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC61CA7A-6B81-47EC-B62D-AE1A236CADB9} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0C8CCC2-BAAA-4236-AD0A-22B5A401B9EF} Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted :
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1856A7BD-DE8C-488B-AA7A-5682D13166FC} Key Deleted :
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3436BC13-C898-4775-B1EA-BA224587010D} Key Deleted :
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted :
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted :
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted :
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted :
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted :
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted :
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted :
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted :
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted :
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Value Deleted :
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted :
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Key Deleted :
[x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{30CBDB40-5B21-481B-A09B-F87CEF73F020} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{3436BC13-C898-4775-B1EA-BA224587010D} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{89B7AE32-9C52-41D6-A64D-14D7BDEC9C58} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{952EEDFD-A98B-4670-9BDD-3634C8846FC1} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted :
[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted :
[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted :
[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted :
[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted :
[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted :
HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\BringMeSports_1c Key Deleted : HKCU\Software\Conduit Key Deleted :
HKCU\Software\AppDataLow\Software\BringMeSports_1c Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted :
HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted :
HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKLM\Software\AVG Secure Search Key Deleted :
HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\BringMeSports_1c Key Deleted : HKLM\Software\Conduit Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 Setting Restored :
HKCU\Software\Microsoft\Internet Explorer\Main [start Page] Setting Restored :
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] -\\ Mozilla Firefox v24.0 (en-US) [ File :
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\prefs.js ] Line Deleted :
user_pref("CT3279412.FF19Solved", "true"); Line Deleted : user_pref("CT3279412.UserID", "UN27947861468931624"); Line Deleted :
user_pref("CT3279412.browser.search.defaultthis.engineName", "true"); Line Deleted :
user_pref("CT3279412.fullUserID", "UN27947861468931624.IN.20131020180550"); Line Deleted :
user_pref("CT3279412.installDate", "20/10/2013 18:06:38"); Line Deleted :
user_pref("CT3279412.installSessionId", "{C9A7AFC6-5370-4B30-9B6B-5EDA6F17D4F3}"); Line Deleted :
user_pref("CT3279412.installSp", "TRUE"); Line Deleted : user_pref("CT3279412.installerVersion", "1.8.0.14"); Line Deleted :
user_pref("CT3279412.keyword", "true"); Line Deleted :

user_pref("CT3279412.originalSearchAddressUrl", ""); Line Deleted :
user_pref("CT3279412.originalSearchEngine", ""); Line Deleted :
user_pref("CT3279412.originalSearchEngineName", ""); Line Deleted :
user_pref("CT3279412.searchRevert", "false"); Line Deleted :
user_pref("CT3279412.searchUserMode", "2"); Line Deleted :
user_pref("CT3279412.smartbar.homepage", "true"); Line Deleted :
user_pref("CT3279412.toolbarInstallDate", "20-10-2013 18:05:52"); Line Deleted :
user_pref("CT3279412.versionFromInstaller", "10.21.1.7"); Line Deleted :
user_pref("CT3279412.xpeMode", "0"); Line Deleted :

user_pref("Smartbar.SearchFromAddressBarSavedUrl", ""); Line Deleted :
user_pref("browser.search.defaultenginename", "appbario13 Customized Web Search"); Line Deleted :
user_pref("browser.search.defaultthis.engineName", "appbario13 Customized Web Search"); Line Deleted :

user_pref("smartbar.addressBarOwnerCTID", "CT3279412"); Line Deleted :


user_pref("smartbar.defaultSearchOwnerCTID", "CT3279412"); Line Deleted :
user_pref("smartbar.homePageOwnerCTID", "CT3279412"); Line Deleted :

 ************************* AdwCleaner[R0].txt - [22873 octets] - [16/12/2013 09:37:29]
AdwCleaner[s0].txt - [22281 octets] - [16/12/2013 09:38:40] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [22342 octets] ##########

Share this post


Link to post
Share on other sites

Here is your Junkware log !!

 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Windows 7 Home Premium x64 Ran by Owner on Mon 12/16/2013 at 10:28:20.20 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~
Services Successfully stopped:
[service] bringmesports_1cservice Successfully deleted:
[service] bringmesports_1cservice ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired:
[Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired:
[Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired:
[Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired:
[Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired:
[Registry Value] HKEY_USERS\S-1-5-21-1806851586-2614345129-3506796550-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired:
[Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs ~~~ Registry Keys Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser.1 Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex.1 Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{13119113-0854-469D-807A-171568457991} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{33119133-0854-469D-807A-171568457991} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\Interface\{23119123-0854-469D-807A-171568457991} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\TypeLib\{03119103-0854-469D-807A-171568457991} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Successfully deleted:
[Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\performersoft Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\conduit Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\performersoft Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.dynamicbarbutton Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.dynamicbarbutton.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.feedmanager Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.feedmanager.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.htmlmenu Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.htmlmenu.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.htmlpanel Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.htmlpanel.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.multiplebutton Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.multiplebutton.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.pseudotransparentplugin Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.pseudotransparentplugin.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.radio Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.radio.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.radiosettings Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.radiosettings.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.scriptbutton Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.scriptbutton.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.settingsplugin Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.settingsplugin.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.skinlauncher Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.skinlauncher.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.thirdpartyinstaller Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.thirdpartyinstaller.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.urlalertbutton Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.urlalertbutton.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.xmlsessionplugin Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bringmesports_1c.xmlsessionplugin.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1 Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\pc performer_is1 Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{817000AC-6017-401F-99CA-8E60896E5159} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A195C577-4E26-4327-AEA3-CE76B29C425C} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DB9918C4-6746-4F67-A208-DB633C30543B} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{A195C577-4E26-4327-AEA3-CE76B29C425C} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Successfully deleted:
[Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Successfully deleted:
[Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} ~~~ Files ~~~ Folders Successfully deleted:
[Folder] "C:\ProgramData\conduit" Successfully deleted:
[Folder] "C:\Users\Owner\AppData\Roaming\defaulttab" Successfully deleted:
[Folder] "C:\Users\Owner\AppData\Roaming\file scout" Successfully deleted:
[Folder] "C:\Users\Owner\AppData\Roaming\performersoft" Successfully deleted:
[Folder] "C:\Users\Owner\appdata\locallow\conduit" Successfully deleted:
[Folder] "C:\Program Files (x86)\bringmesports_1c" Successfully deleted:
[Folder] "C:\Program Files (x86)\conduit" Successfully deleted:
[Folder] "C:\Program Files (x86)\mypc backup" Successfully deleted:
[Folder] "C:\Program Files (x86)\pc performer" Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{2A34F131-8306-44FE-AF69-26E8C71C2A73} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{2D242E64-CC10-46DE-A277-48190B63A699} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{3354ED84-2C3F-4A36-8C14-44664BD388CA} Successfully deleted:
 [Empty Folder] C:\Users\Owner\appdata\local\{37DAE03F-F8EB-4549-A9F7-F7E6F5B1EB17} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{3F14E4BF-D35F-4273-9C29-025B97ED8F8F} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{5AD58468-320A-4561-8CB3-D05523AC8A4C} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{68CF68E1-8CF4-401F-A110-BBBFC4364FE0} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{6AEBE12C-CF03-4153-AFFA-6713CEA0B74F} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{6E51A8A9-8C9B-4531-997C-5AE90A573DBA} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{9615437B-5B98-4F10-B0FD-984C9D3EF39C} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{A30942D9-D897-4816-A8A8-186E25CB0EC2} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{C86D6455-E092-4D04-8BD2-22320F921CC6} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{D3F35398-6FEC-4431-8DBC-B7F536512354} Successfully deleted:
[Empty Folder] C:\Users\Owner\appdata\local\{F5D0F2E4-7F1C-4422-95F5-18E6C916C1B4} ~~~ FireFox Successfully deleted:
[File] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\tyzjw39z.default\user.js Successfully deleted:
[Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]"
Successfully deleted the following from C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\tyzjw39z.default\prefs.js user_pref("CT3279412.originalHomepage",

"true"); user_pref("Smartbar.ConduitHomepagesList",

("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("browser.search.defaultenginename", "appbario13 Customized Web Search");
user_pref("browser.search.defaultthis.engineName", "appbario13 Customized Web Search");



user_pref("smartbar.defaultSearchOwnerCTID", "CT3279412");
user_pref("smartbar.homePageOwnerCTID", "CT3279412");

Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\tyzjw39z.default\minidumps [18 files]
~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Mon 12/16/2013 at 10:38:46.53 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Share this post


Link to post
Share on other sites

Hi Sandi,  see if this helps with crashes !!

Download the removal tool from:
http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe
2. Click Save and save the file to a folder on your computer.
3. Navigate to the folder where the file was saved.
4. Double-click MCPR.exe to run the removal tool.
Vista Note: Right click MCPR.EXE and choose "Run as administrator"
Your McAfee product will be fully removed when the system is restarted.
 

You will need to reboot  the computer  then run the Malwarebytes posted above !!

 

Thanks

Chuck

Share this post


Link to post
Share on other sites

Can you post the log Sandi so i can see what all it found & cleaned !!

 

Thanks

Chuck

Share this post


Link to post
Share on other sites

Sandi see if this program will run !!

 

Download DDS and save it to your Desktop.  >>> DDS


    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.


Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.

 

 

Chuck

Share this post


Link to post
Share on other sites

It will do that sometimes when it restarts or goes into that blue screen of death you are getting !


 


When you open Malwarebytes look in the Logs tab, the log should be there !


If there copy & paste !


 


Sandi, since you are having problems copying & pasting, try doing it with anything on this page for me !!!


 


 


Also run the DDS scan above for me !


 


Chuck


Share this post


Link to post
Share on other sites

Sandi's DDS log, because for some reason she can't post here ! Gonna ask Jeff why !!

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by Owner at 7:28:46 on 2013-12-19
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8140.5659 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Users\Owner\Desktop\leap frog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Owner\Desktop\leap frog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - <orphaned>
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Monitor] "C:\Users\Owner\Desktop\leap frog\LeapFrog Connect\Monitor.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204



TCP: NameServer = 192.168.1.1
TCP: Interfaces\{CC84CC69-B64A-4DA6-B6EE-DDED047ADEE9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CF3CFD94-5468-400A-B9A8-31558A655B7C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CF3CFD94-5468-400A-B9A8-31558A655B7C}\84F627E656276416D696C697D27657563747 : DHCPNameServer = 67.215.21.202 72.21.70.3
TCP: Interfaces\{CF3CFD94-5468-400A-B9A8-31558A655B7C}\D6F6C6C656E6262796E6B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CF3CFD94-5468-400A-B9A8-31558A655B7C}\E4544574541425 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - LocalServer32 - <no file>
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [intelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - LocalServer32 - <no file>
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll



x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\NP1cStub.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-10-20 15:32; [email protected]_1c.com; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\extensions\[email protected]_1c.com
FF - ExtSQL: 2013-10-20 16:02; {07cbf788-1359-421b-a4e3-5a8d041b90a3}; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\extensions\{07cbf788-1359-421b-a4e3-5a8d041b90a3}
FF - ExtSQL: 2013-10-20 18:06; {976cd962-e0ca-4337-aea7-d93fae63a79c}; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\tyzjw39z.default\extensions\{976cd962-e0ca-4337-aea7-d93fae63a79c}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-8-8 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-8-8 203776]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-1-30 499200]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-17 265544]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-8 13336]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-16 701512]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 134944]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-30 2099000]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-8 2656280]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-1-30 885248]
R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\Windows\System32\drivers\bpenum.sys [2011-1-18 75264]
R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2011-1-18 173568]
R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\Windows\System32\drivers\bpusb.sys [2011-1-18 81920]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-8 317440]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2011-3-25 12262336]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-16 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-8-8 333928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-8 428136]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-9-18 14112]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2011-2-16 42392]
S2 BringMeSports_1cService;BringMeSportsService;C:\PROGRA~2\BRINGM~2\bar\1.bin\1cbarsvc.exe --> C:\PROGRA~2\BRINGM~2\bar\1.bin\1cbarsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2011-9-13 35840]
S3 FlyUsb;FLY Fusion;C:\Windows\System32\drivers\FlyUsb.sys [2011-11-12 24576]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-14 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-2-21 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-7 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-12-19 00:53:25    10315576    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0D1A8E6D-CBB4-4210-ABF9-076CB7F541F4}\mpengine.dll
2013-12-17 21:57:35    10315576    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-16 19:43:05    --------    d-s---w-    C:\Windows\SysWow64\Microsoft
2013-12-16 19:33:02    --------    d-----w-    C:\Users\Owner\AppData\Roaming\Malwarebytes
2013-12-16 19:32:46    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-12-16 18:25:44    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-12-16 18:25:41    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 16:37:11    --------    d-----w-    C:\AdwCleaner
2013-12-14 14:42:55    167424    ----a-w-    C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-14 14:42:55    164864    ----a-w-    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-14 14:42:55    12625920    ----a-w-    C:\Windows\System32\wmploc.DLL
2013-12-14 14:42:54    12625408    ----a-w-    C:\Windows\SysWow64\wmploc.DLL
2013-12-14 14:40:00    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-12-14 14:40:00    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-12-11 12:18:58    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-12-06 20:23:36    965000    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5565F90D-9DBB-4880-B3B7-7330762E510D}\gapaengine.dll
2013-12-04 14:44:36    29496    ----a-w-    C:\Windows\System32\authuitu.dll
2013-12-04 14:44:36    25400    ----a-w-    C:\Windows\SysWow64\authuitu.dll
2013-12-04 14:44:30    42808    ----a-w-    C:\Windows\System32\uxtuneup.dll
2013-12-04 14:44:30    35640    ----a-w-    C:\Windows\SysWow64\uxtuneup.dll
2013-12-04 14:39:56    40248    ----a-w-    C:\Windows\System32\TURegOpt.exe
2013-12-04 14:39:24    --------    d-----w-    C:\Users\Owner\AppData\Roaming\AVG
2013-12-04 14:37:41    --------    d-----w-    C:\ProgramData\AVG
2013-12-04 14:37:32    --------    d-sh--w-    C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-11-25 08:48:36    246072    ----a-w-    C:\Windows\System32\drivers\avgidsdrivera.sys
.
==================== Find3M  ====================
.
2013-12-11 18:48:04    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 18:48:04    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-11-19 10:21:41    267936    ------w-    C:\Windows\System32\MpSigStub.exe
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-10-30 02:32:01    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31    3155968    ----a-w-    C:\Windows\System32\win32k.sys
2013-10-23 08:05:08    45880    ----a-w-    C:\Windows\System32\drivers\avgrkx64.sys
2013-10-19 01:36:59    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04    150016    ----a-w-    C:\Windows\System32\wshom.ocx
2013-10-12 02:31:04    202752    ----a-w-    C:\Windows\System32\scrrun.dll
2013-10-12 02:30:42    830464    ----a-w-    C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21    859648    ----a-w-    C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08    324096    ----a-w-    C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36    121856    ----a-w-    C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31    163840    ----a-w-    C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08    656896    ----a-w-    C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25    216576    ----a-w-    C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39    156160    ----a-w-    C:\Windows\System32\cscript.exe
2013-10-12 01:33:26    168960    ----a-w-    C:\Windows\System32\wscript.exe
2013-10-12 01:15:48    141824    ----a-w-    C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48    126976    ----a-w-    C:\Windows\SysWow64\cscript.exe
2013-10-05 20:25:35    1474048    ----a-w-    C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25    1168384    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31    190464    ----a-w-    C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17    197120    ----a-w-    C:\Windows\System32\credui.dll
2013-10-04 02:24:49    1930752    ----a-w-    C:\Windows\System32\authui.dll
2013-10-04 02:16:30    116736    ----a-w-    C:\Windows\System32\drivers\drmk.sys
2013-10-04 01:58:50    152576    ----a-w-    C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25    168960    ----a-w-    C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00    1796096    ----a-w-    C:\Windows\SysWow64\authui.dll
2013-10-04 01:36:04    230400    ----a-w-    C:\Windows\System32\drivers\portcls.sys
2013-10-03 02:23:48    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
2013-09-27 16:53:06    248240    ----a-w-    C:\Windows\System32\drivers\MpFilter.sys
2013-09-27 16:53:06    134944    ----a-w-    C:\Windows\System32\drivers\NisDrvWFP.sys
2013-09-25 02:26:40    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40    154560    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33    28672    ----a-w-    C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33    135680    ----a-w-    C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01    28160    ----a-w-    C:\Windows\System32\secur32.dll
2013-09-25 02:22:59    340992    ----a-w-    C:\Windows\System32\schannel.dll
2013-09-25 02:21:50    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07    1447936    ----a-w-    C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24    30720    ----a-w-    C:\Windows\System32\lsass.exe
.
============= FINISH:  7:30:00.88 ===============
 

Share this post


Link to post
Share on other sites

Sandi, lets run OTL scan !!

 

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   
 

 

Thanks

Chuck

Share this post


Link to post
Share on other sites

No response with in 5 days so i will lock this topic ! If you need it re-opened please PM me or another Mod !

 

Thanks

Chuck

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this