Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC freezing and pop ups


  • Please log in to reply
5 replies to this topic

#1 ebonienicole

ebonienicole

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 28 July 2013 - 06:46 PM

My computer is freezing and I'm getting random pop ups as well. 

 

Computer

Windows 7 Home Premium 

64 Bit Operating System

Premium® Dual Processor CPU

 

Speed Fan Temp

CORE 41 C

3.00 GB RAM

 

 

I tried attaching my autoruns txt but it's too big so I copied and pasted

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "7/13/2009 10:49 PM"
+ "rdpclip" "" "" "File not found: rdpclip" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "4/5/2013 10:05 PM"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe" "10/8/2009 8:52 AM"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe" "10/8/2009 8:53 AM"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe" "10/8/2009 8:52 AM"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe" "2/9/2010 1:34 AM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "7/28/2013 4:39 PM"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe" "4/16/2013 9:13 PM"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe" "3/13/2010 3:54 PM"
+ "Hotkey Utility" "Hotkey Utility" "" "c:\program files (x86)\emachines\hotkey utility\hotkeyutility.exe" "1/18/2011 6:52 PM"
+ "LifeCam" "LifeExp.exe" "Microsoft Corporation" "c:\program files (x86)\microsoft lifecam\lifeexp.exe" "5/19/2010 5:02 PM"
+ "PCFixSpeed" "PC Fix Speed Tray" "Crawler.com" "c:\program files (x86)\pcfixspeed\pcfixtray.exe" "12/7/2012 8:50 AM"
+ "SearchProtectAll" "Search Protect by Conduit" "Conduit" "c:\program files (x86)\searchprotect\bin\cltmng.exe" "6/2/2013 1:27 AM"
+ "vProt" "VProtect Application" "" "c:\program files (x86)\avg safeguard toolbar\vprot.exe" "6/12/2013 4:53 AM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" "" "7/28/2013 4:39 PM"
+ "Del503836" "" "" "File not found: del" ""
"C:\Users\Ebonie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" "" "7/19/2013 11:32 AM"
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropbox.exe" "4/5/2013 2:44 PM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "3/28/2011 1:52 AM"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "7/13/2009 5:58 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "3/28/2011 1:52 AM"
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\27.0.1453.110\installer\chrmstp.exe" "5/28/2013 8:24 PM"
+ "Internet Explorer" "" "" "File not found: C:\Windows\system32\ie4uinit.exe" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe" "7/13/2009 5:42 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" "" "7/28/2013 4:48 PM"
+ "ApplePhotoStreams" "ApplePhotoStreams.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\applephotostreams.exe" "11/15/2012 8:18 PM"
+ "Browser Infrastructure Helper" "" "" "File not found: C:\Users\Ebonie\AppData\Local\Smartbar\Application\QuickShare.exe startup" ""
+ "com.apple.dav.bookmarks.daemon" "BookmarkDAV_client.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\bookmarkdav_client.exe" "11/15/2012 8:18 PM"
+ "ConduitFloatingPlugin_dnmlhhbehhdmajijfenoldcajelckpmn" "Conduit Toolbar Verifier" "Conduit Ltd." "c:\program files (x86)\conduit\ct3291327\plugins\tbverifier.dll" "7/8/2013 4:28 AM"
+ "ConduitFloatingPlugin_nemfjadlboooiffmcelkafilagddogim" "Conduit Toolbar Verifier" "Conduit Ltd." "c:\program files (x86)\conduit\ct3289663\plugins\tbverifier.dll" "7/8/2013 4:28 AM"
+ "ConduitFloatingPlugin_njljkdinboobkmkihgcohanchjnjpgjk" "Conduit Toolbar Verifier" "Conduit Ltd." "c:\program files (x86)\conduit\ct3291326\plugins\tbverifier.dll" "7/8/2013 4:28 AM"
+ "Exetender" "EXETender Player" "Exent Technologies Ltd." "c:\program files (x86)\free ride games\gplayer.exe" "7/11/2013 5:29 AM"
+ "Google Update" "" "" "File not found: C:\Users\flynn\AppData\Local\Google\Update\GoogleUpdate.exe" ""
+ "GoogleChromeAutoLaunch_049DD3BE85BA75A6FE9CB58731BD6459" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\chrome.exe" "5/28/2013 8:23 PM"
+ "GoogleChromeAutoLaunch_95EB92403218CF391C92EB728D352DE1" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\chrome.exe" "5/28/2013 8:23 PM"
+ "GoogleDriveSync" "Google Drive" "Google" "c:\program files (x86)\google\drive\googledrivesync.exe" "11/2/2012 1:03 PM"
+ "HP Officejet 4620 series (NET)" "ScanToPCActivationApp" "Hewlett-Packard Co." "c:\program files\hp\hp officejet 4620 series\bin\scantopcactivationapp.exe" "12/18/2011 8:19 PM"
+ "iCloudServices" "iCloud" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\icloudservices.exe" "11/15/2012 8:18 PM"
+ "Microsoft Location Finder" "Microsoft Location Finder" "Microsoft Corporation" "c:\program files (x86)\microsoft location finder\locationfinder.exe" "8/24/2005 4:39 PM"
+ "NTRedirect" "" "" "c:\users\ebonie\appdata\roaming\babsolution\shared\ntredirect.dll" "7/18/2013 3:26 AM"
+ "ooVoo.exe" "ooVoo" "ooVoo LLC" "c:\program files (x86)\oovoo\oovoo.exe" "5/1/2013 12:32 AM"
+ "Optimizer Pro" "Fix, clean, optimize your PC!" "PC Utilities Pro" "c:\program files (x86)\optimizer pro\optprolauncher.exe" "6/19/1992 4:22 PM"
+ "PC Health Kit" "Fix PC problems and optimize performance" "PC Health Labs" "c:\program files (x86)\pc health kit\pchklauncher.exe" "6/19/1992 4:22 PM"
+ "SDP" "" "" "File not found: C:\Users\Ebonie\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto" ""
+ "SearchProtect" "Search Protect by Conduit" "Conduit" "c:\users\ebonie\appdata\roaming\searchprotect\bin\cltmng.exe" "6/2/2013 1:27 AM"
+ "SearchProtection" "" "" "File not found: C:\Users\flynn\AppData\Roaming\Search Protection\SearchProtection.EXE" ""
+ "WebCake Desktop" "" "" "File not found: C:\Users\flynn\AppData\Roaming\WebCake\WebCakeDesktop.exe" ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" "" "" "" "7/28/2013 4:48 PM"
+ "Del503836" "" "" "File not found: del" ""
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" "" "7/13/2009 10:53 PM"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll" "2/28/2010 3:24 AM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" "" "7/24/2013 2:46 PM"
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" "" "7/28/2013 4:39 PM"
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/19/2013 11:31 AM"
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropboxext64.19.dll" "3/28/2013 1:43 PM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "GDContextMenu" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\contextmenu64.dll" "3/7/2013 6:30 PM"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll" "3/20/2013 12:51 PM"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2013\sdshelex-x64.dll" "11/29/2012 9:28 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll" "1/18/2011 7:18 AM"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll" "3/20/2013 1:17 PM"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2013\sdshelex-win32.dll" "11/29/2012 9:28 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Wow6432Node\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll" "1/18/2011 7:18 AM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/19/2013 11:31 AM"
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropboxext64.19.dll" "3/28/2013 1:43 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "GDContextMenu" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\contextmenu64.dll" "3/7/2013 6:30 PM"
+ "TuneUp Disk Space Explorer Shell Extension" "TuneUp Disk Space Explorer Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2013\dseshext-x64.dll" "11/29/2012 9:28 AM"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2013\sdshelex-x64.dll" "11/29/2012 9:28 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll" "1/18/2011 7:18 AM"
+ "TuneUp Disk Space Explorer Shell Extension" "TuneUp Disk Space Explorer Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2013\dseshext-x86.dll" "11/29/2012 9:28 AM"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2013\sdshelex-win32.dll" "11/29/2012 9:28 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/19/2013 11:31 AM"
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropboxext64.19.dll" "3/28/2013 1:43 PM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "7/13/2009 7:32 PM"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll" "10/8/2009 8:52 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll" "7/13/2009 7:09 PM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "12/21/2012 10:45 AM"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll" "5/11/2013 3:34 AM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "12/21/2012 10:45 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "12/21/2012 10:45 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "7/24/2013 2:46 PM"
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropboxext64.19.dll" "3/28/2013 1:43 PM"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropboxext64.19.dll" "3/28/2013 1:43 PM"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropboxext64.19.dll" "3/28/2013 1:43 PM"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropboxext64.19.dll" "3/28/2013 1:43 PM"
+ "GDriveBlacklistedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll" "4/16/2013 5:08 PM"
+ "GDriveSharedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll" "4/16/2013 5:08 PM"
+ "GDriveSyncedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll" "4/16/2013 5:08 PM"
+ "GDriveSyncingOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll" "4/16/2013 5:08 PM"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "7/28/2013 4:39 PM"
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropboxext.19.dll" "3/28/2013 1:43 PM"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropboxext.19.dll" "3/28/2013 1:43 PM"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\ebonie\appdata\roaming\dropbox\bin\dropboxext.19.dll" "3/28/2013 1:43 PM"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "7/24/2013 2:46 PM"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll" "12/20/2010 9:48 PM"
+ "Updater By SweetPacks" "" "" "c:\program files\updater by sweetpacks\extension64.dll" "5/16/2013 2:11 AM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll" "9/21/2010 3:47 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "7/28/2013 4:39 PM"
+ "AVG SafeGuard toolbar" "toolbar.dll" "AVG Secure Search" "c:\program files (x86)\avg safeguard toolbar\15.3.0.11\avg safeguard toolbar_toolbar.dll" "6/12/2013 4:53 AM"
+ "Deals Plugin Extension" "Deals Plugin Extension BHO" "Innovative Apps" "c:\program files (x86)\deals plugin extension\deals plugin extension.dll" "4/3/2013 2:20 AM"
+ "DefaultTab Browser Helper" "Search Results" "Search Results LLC." "c:\users\ebonie\appdata\roaming\defaulttab\defaulttab\defaulttabbho.dll" "2/1/2013 11:02 AM"
+ "delta Helper Object" "" "Delta-search.com" "c:\program files (x86)\delta\delta\1.8.22.0\bh\delta.dll" "7/22/2013 8:39 PM"
+ "Fast Free Converter 4.1" "Fast Free Converter" "Fast Free Converter" "c:\program files (x86)\fast free converter\fastfreeconverter\fastfreeconverter.dll" "4/29/2013 5:44 AM"
+ "Flash Player" "ScriptHost" "Search Enhancement Tool" "c:\program files (x86)\flash player\scripthost.dll" "4/23/2013 1:30 AM"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
+ "InternetHelper3.1 Toolbar" "Conduit Toolbar" "Conduit Ltd." "c:\program files (x86)\internethelper3.1\prxtbinte.dll" "7/9/2013 1:22 AM"
+ "JollyWallet" "JollyWallet BHO" "JollyWallet" "c:\program files (x86)\jollywallet\jollywallet.dll" "2/11/2013 8:07 AM"
+ "KeyBar 1.14 Toolbar" "Conduit Toolbar" "Conduit Ltd." "c:\program files (x86)\keybar_1.14\prxtbkeyb.dll" "7/9/2013 1:22 AM"
+ "LessTabs" "LessTabs IE Client" "LessTabs" "c:\program files (x86)\lesstabs\ie32\lesstabsclientie.dll" "7/9/2013 12:35 PM"
+ "Lyrics-Pal" "Lyrics-Pal" "LyricsPal Soft. LTD" "c:\program files (x86)\lyricspal\125.dll" "7/23/2013 6:10 AM"
+ "LyricsSing" "LyricsSing" "DNMard LTD" "c:\program files (x86)\lyricsing\125.dll" "7/23/2013 6:08 AM"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll" "12/20/2010 7:04 PM"
+ "Plus-HD-2.2" "Plus-HD-2.2 BHO" "Plus HD" "c:\program files (x86)\plus-hd-2.2\plus-hd-2.2-bho.dll" "6/10/2013 7:06 AM"
+ "Safe Saver" "Safe Saver BHO" "Safe Saver" "c:\program files (x86)\safe saver\safe saver-bho.dll" "6/10/2013 7:06 AM"
+ "Secure Web" "" "Creative Island Media, LLC" "c:\program files (x86)\secureweb\ie\common.dll" "5/29/2013 8:53 PM"
+ "SelectionLinks" "Select Words: Get Links" "SelectionLinks" "c:\program files (x86)\oapps\selectionlinks.dll" "4/19/2013 2:51 PM"
+ "SweetPacks Browser Helper" "SweetPacks Toolbar module for Internet Explorer" "SweetIM Technologies Ltd." "c:\program files (x86)\sweetim\toolbars\internet explorer\mgtoolbarie.dll" "3/18/2013 8:06 AM"
+ "TBSB07898 Class" "Internet Explorer Toolbar Engine" "" "c:\program files (x86)\coupons.com couponbar\tbcore3.dll" "5/25/2012 4:26 AM"
+ "Trusted Saver" "Trusted Saver BHO" "Trusted Saver" "c:\program files (x86)\trusted saver\trusted saver-bho.dll" "5/21/2013 6:55 AM"
+ "Updater By SweetPacks" "" "" "c:\program files\updater by sweetpacks\extension32.dll" "5/16/2013 2:10 AM"
+ "WebCake" "WebCake Runtime" "WebCake LLC" "c:\program files (x86)\webcake\webcakeieclient.dll" "5/31/2013 11:32 AM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll" "9/21/2010 3:01 PM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" "" "7/24/2013 2:39 PM"
+ "AVG SafeGuard toolbar" "toolbar.dll" "AVG Secure Search" "c:\program files (x86)\avg safeguard toolbar\15.3.0.11\avg safeguard toolbar_toolbar.dll" "6/12/2013 4:53 AM"
+ "Coupons.com CouponBar" "Internet Explorer Toolbar Engine" "" "c:\program files (x86)\coupons.com couponbar\tbcore3.dll" "5/25/2012 4:26 AM"
+ "Delta Toolbar" "" "Delta-search.com" "c:\program files (x86)\delta\delta\1.8.22.0\deltatlbr.dll" "7/22/2013 8:39 PM"
+ "InternetHelper3.1 Toolbar" "Conduit Toolbar" "Conduit Ltd." "c:\program files (x86)\internethelper3.1\prxtbinte.dll" "7/9/2013 1:22 AM"
+ "KeyBar 1.14 Toolbar" "Conduit Toolbar" "Conduit Ltd." "c:\program files (x86)\keybar_1.14\prxtbkeyb.dll" "7/9/2013 1:22 AM"
+ "SweetPacks Toolbar for Internet Explorer" "SweetPacks Toolbar module for Internet Explorer" "SweetIM Technologies Ltd." "c:\program files (x86)\sweetim\toolbars\internet explorer\mgtoolbarie.dll" "3/18/2013 8:06 AM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "7/19/2013 11:32 AM"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll" "12/20/2010 11:56 PM"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll" "1/18/2012 1:52 AM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" "" "7/24/2013 2:39 PM"
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll" "11/10/2010 4:03 AM"
+ "HP Smart Print" "HP Smart Print Setup" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\smartprint\smartprintsetup.exe" "11/10/2011 12:19 AM"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll" "12/20/2010 9:05 PM"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll" "1/18/2012 12:20 AM"
"Task Scheduler" "" "" "" ""
+ "\Adobe online update program" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe" "4/4/2013 3:05 PM"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe" "6/1/2011 6:46 PM"
+ "\DigitalSite" "" "" "c:\users\ebonie\appdata\roaming\digitalsite\updateproc\updatetask.exe" "6/19/1992 4:22 PM"
+ "\EPUpdater" "" "" "c:\users\ebonie\appdata\roaming\babsolution\shared\babmaint.exe" "6/6/2013 3:23 AM"
+ "\HP online update program" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe" "4/27/2010 2:58 AM"
+ "\HPCustParticipation HP Officejet 4620 series" "HP Customer Participation." "Hewlett-Packard Co." "c:\program files\hp\hp officejet 4620 series\bin\hpcustpartic.exe" "12/18/2011 8:20 PM"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll" "11/10/2010 4:02 AM"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "6/10/2009 2:36 PM"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "7/13/2009 6:24 PM"
+ "\Norton Security Scan for Ebonie" "Norton Security Scan" "Symantec Corporation" "c:\program files (x86)\norton security scan\engine\4.0.1.16\nss.exe" "5/7/2013 6:54 AM"
+ "\{A5E55929-723D-4099-B56A-7FB269699346}" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\chrome.exe" "5/28/2013 8:23 PM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "12/24/2012 12:18 PM"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe" "4/4/2013 3:05 PM"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "6/21/2013 4:51 PM"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe" "5/17/2012 9:06 PM"
+ "aspnet_state" "Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start." "" "File not found: C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe" ""
+ "BackupStack" "Backup Stack" "Just Develop It" "c:\program files (x86)\mypc backup\backupstack.exe" "5/31/2013 5:12 AM"
+ "BasicServe Service" "Update and control for BasicServe" "" "c:\program files (x86)\basicserve\basicserve.exe" "7/22/2013 12:05 PM"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe" "8/30/2011 11:52 PM"
+ "BrowserDefendert" "Your browser protector service" "PerformerSoft LLC" "c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserdefender.exe" "5/23/2013 3:09 AM"
+ "CltMngSvc" "This service enables auto-updates of Search Protect by Conduit, which maintains your selected Search settings." "Conduit" "c:\program files (x86)\searchprotect\bin\cltmngsvc.exe" "5/8/2013 12:17 AM"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe" "1/4/2012 8:15 AM"
+ "DefaultTabSearch" "" "" "c:\program files (x86)\defaulttab\defaulttabsearch.exe" "2/6/2013 6:04 AM"
+ "DefaultTabUpdate" "DefaultTab Update Service" "Search Results, LLC" "c:\users\ebonie\appdata\roaming\defaulttab\defaulttab\dtupdate.exe" "3/22/2012 7:57 AM"
+ "FastFreeConverterUpdt" "" "" "c:\program files (x86)\fast free converter\fastfreeconverterupdt.exe" "11/26/2012 7:30 AM"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "2/15/2012 8:43 PM"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "2/15/2012 8:43 PM"
+ "IBUpdaterService" "" "" "c:\windows\system32\dmwu.exe" "5/27/2013 2:57 AM"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe" "5/31/2013 12:27 PM"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe" "9/20/2012 7:18 AM"
+ "MSCamSvc" "MsCamSvc.exe" "Microsoft Corporation" "c:\program files\microsoft lifecam\mscams64.exe" "5/19/2010 5:06 PM"
+ "NAUpdate" "Provides access to Nero application updates and manages Nero applications." "Nero AG" "c:\program files (x86)\nero\update\nasvc.exe" "5/4/2010 4:06 AM"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe" "1/9/2010 10:16 PM"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe" "8/11/2009 8:00 PM"
+ "PCSUService" "PC Speed Up service." "" "c:\program files (x86)\pc speed up\pcsuservice.exe" "12/14/2012 7:11 AM"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe" "9/30/2011 8:21 AM"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe" "9/30/2011 8:19 AM"
+ "TuneUp.UtilitiesSvc" "This service analyzes the usage of your computer in the background, enabling automatic usage-dependent optimizations. All of its functions can be set in TuneUp Utilities. If you stop or disable this service, parts of TuneUp Utilities will not work anymore." "TuneUp Software" "c:\program files (x86)\tuneup utilities 2013\tuneuputilitiesservice64.exe" "11/29/2012 9:30 AM"
+ "Updater By SweetPacks" "" "" "c:\program files\updater by sweetpacks\extensionupdaterservice.exe" "5/16/2013 2:11 AM"
+ "vToolbarUpdater15.3.0" "ToolbarU Application" "AVG Secure Search" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\15.3.0\toolbarupdater.exe" "6/12/2013 4:54 AM"
+ "WebCake Desktop Updater" "Provides limited updating assistance for WebCake Desktop" "WebCake LLC" "c:\program files (x86)\webcake\webcakedesktop.updater.exe" "4/18/2013 6:35 PM"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll" "5/26/2013 11:51 PM"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "9/21/2010 3:46 PM"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "11/20/2010 5:18 AM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "12/24/2012 12:18 PM"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "12/5/2008 5:54 PM"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "5/1/2007 11:30 AM"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "2/27/2007 6:04 PM"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "7/13/2009 5:19 PM"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "3/18/2010 6:45 PM"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "3/20/2009 12:36 PM"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "3/19/2010 10:18 AM"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "5/24/2007 3:27 PM"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "1/14/2009 1:27 PM"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys" "5/28/2013 8:57 AM"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys" "2/13/2009 4:18 PM"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys" "4/26/2009 5:14 AM"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "8/6/2006 7:51 PM"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "8/6/2006 7:51 PM"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "8/6/2006 7:51 PM"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "8/6/2006 7:51 PM"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "8/6/2006 7:51 PM"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "8/9/2006 6:11 AM"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "7/13/2009 5:19 PM"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys" "12/31/2008 10:29 AM"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "2/3/2009 4:52 PM"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys" "5/3/2012 1:56 PM"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "5/11/2009 2:26 AM"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "4/20/2010 12:32 PM"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "6/10/2010 6:46 PM"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys" "10/8/2009 9:37 AM"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "12/13/2005 3:47 PM"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys" "2/9/2010 9:28 AM"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "12/9/2008 4:46 PM"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "5/18/2009 6:20 PM"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "5/18/2009 6:31 PM"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "4/16/2009 4:13 PM"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "5/18/2009 7:09 PM"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "5/18/2009 7:25 PM"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "6/6/2006 3:11 PM"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "3/19/2010 2:59 PM"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "3/19/2010 2:45 PM"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "1/22/2009 5:05 PM"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "5/18/2009 7:18 PM"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys" "11/5/2009 8:15 AM"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys" "9/13/2006 7:18 AM"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "9/24/2008 12:28 PM"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "10/1/2008 3:56 PM"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "2/17/2009 5:03 PM"
+ "TuneUpUtilitiesDrv" "TuneUp Utilities Driver" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2013\tuneuputilitiesdriver64.sys" "5/25/2012 4:28 AM"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys" "11/27/2012 5:38 PM"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "7/13/2009 5:19 PM"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "1/30/2009 7:18 PM"
+ "X5XSEx_Pr143" "X5XSEx Kernel Mode Driver" "Exent Technologies Ltd." "c:\program files (x86)\free ride games\x5xsex_pr143.sys" "8/2/2012 6:51 AM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "4/10/2013 7:19 AM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "7/13/2009 7:28 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "7/28/2013 4:39 PM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm" "7/13/2009 7:06 PM"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll" "11/20/2010 5:59 AM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 10:53 PM"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 4:21 AM"
+ "GPL MPEG-1/2 Decoder" "GPL MPEG-1/2 Decoder Filter for DirectShow" "Peter Wimmer, Gabest" "c:\program files (x86)\tiny media player\gplmpgdec.ax" "1/10/2004 10:02 AM"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 4:21 AM"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 4:21 AM"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 4:21 AM"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 4:21 AM"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 4:21 AM"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 4:21 AM"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "11/10/2010 4:21 AM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" "" "7/17/2013 2:12 PM"
+ "" "" "" "File not found: C:\PROGRA~2\SEARCH~1\Datamngr\x64\mgrldr.dll " ""
+ "" "" "" "File not found: C:\PROGRA~2\SEARCH~1\Datamngr\x64\mgrldr.dll " ""
+ "C:\PROGRA~2\SEARCH~1\Datamngr\x64\mgrldr.dll " "" "" "File not found: C:\PROGRA~2\SEARCH~1\Datamngr\x64\mgrldr.dll " ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" "" "7/17/2013 2:12 PM"
+ "" "Protector" "PerformerSoft LLC" "c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browse~1.dll  " "5/23/2013 3:08 AM"
+ "" "Protector" "PerformerSoft LLC" "c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browse~1.dll  " "5/23/2013 3:08 AM"
+ "c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll   c:\progra~2\search~1\datamngr\mgrldr.dll  c:\progra~2\optimi~1\optpro~1.dll" "Protector" "PerformerSoft LLC" "c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browse~1.dll  " "5/23/2013 3:08 AM"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "7/13/2009 10:53 PM"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll" "9/21/2010 3:47 PM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" "" "7/28/2013 4:39 PM"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll" "10/8/2009 8:51 AM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "3/26/2013 9:22 AM"
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll" "8/30/2011 11:44 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "9/21/2010 3:00 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "9/21/2010 3:00 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" "" "3/26/2013 9:22 AM"
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll" "8/30/2011 11:53 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "9/21/2010 3:45 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "9/21/2010 3:45 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "7/28/2013 4:39 PM"
+ "HP 6412 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts6412lm.dll" "10/18/2011 3:10 AM"
+ "HP Discovery Port Monitor (HP Officejet 4620 series)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopm6412.dll" "12/18/2011 8:12 PM"

Edited by hamluis, 29 July 2013 - 07:36 AM.
Moved from Win 7 to Am I Infected - Hamluis


BC AdBot (Login to Remove)

 


#2 jhayz

jhayz

  • BC Advisor
  • 5,987 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:45 PM

Posted 28 July 2013 - 08:24 PM

Before unchecking any items under autoruns...

 

Download Adwcleaner by Xplode : http://www.bleepingcomputer.com/download/adwcleaner/
Click on Adwcleaner and hit the Delete button. Copy and paste the result on your next reply.

 

Scan for Malware using free Malwarebytes
Install then run a quick scan only after updating to the latest definition. Uncheck the trial pro version and remove found threats.Please post also the result.
Download and install freeSuperantispyware- follow the prompts and complete the update then run a quick scan and remove threats. Post the logs after completed.

Download JRT by thisisu http://www.bleepingcomputer.com/download/junkware-removal-tool/
Make sure to disable your antivirus or any running protection softwares before running JRT to avoid interferences.
For Vista and Windows 7, right-click and Run as Administrator. In XP, double click JRT icon.
Please be patient and let the program finish scanning.
Once finish, a text document will open then copy-paste it on your next reply.


Tekken
 


#3 ebonienicole

ebonienicole
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 29 July 2013 - 08:08 PM

Adwcleaner text

 

# AdwCleaner v2.306 - Logfile created 07/29/2013 at 19:02:48
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Ebonie - FLYNN-PC
# Boot Mode : Normal
# Running from : C:\Users\Ebonie\Downloads\AdwCleaner (2).exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted on reboot : C:\Program Files (x86)\Conduit
Deleted on reboot : C:\Program Files (x86)\optimizer pro
Deleted on reboot : C:\ProgramData\BrowserDefender
Deleted on reboot : C:\Users\Ebonie\AppData\Roaming\BabSolution
Deleted on reboot : C:\Users\Ebonie\AppData\Roaming\SearchProtect
Deleted on reboot : C:\Users\JFlynn\AppData\Roaming\SearchProtect
Deleted on reboot : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Users\Ebonie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo
 
***** [Registry] *****
 
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C8FBE488-BAF5-4019-A7F7-C888045987D3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKU\S-1-5-21-2513817051-1301348026-1369586563-1007\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16635
 
[OK] Registry is clean.
 
-\\ Google Chrome v27.0.1453.110
 
File : C:\Users\flynn\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\Juan Flynn\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\Ebonie\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
Deleted [l.34] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Deleted [l.37] : keyword = "delta-search.com",
Deleted [l.41] : search_url = "hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F430C89CDC3B8[...]
Deleted [l.2610] : homepage = "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F430C89CDC3B8D95&affID=119351&tsp=[...]
 
File : C:\Users\JFlynn\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [55532 octets] - [29/07/2013 18:05:18]
AdwCleaner[S1].txt - [55469 octets] - [29/07/2013 18:06:24]
AdwCleaner[S2].txt - [326 octets] - [29/07/2013 18:58:28]
AdwCleaner[S3].txt - [4591 octets] - [29/07/2013 19:02:48]
 
########## EOF - C:\AdwCleaner[S3].txt - [4651 octets] ##########


#4 ebonienicole

ebonienicole
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 29 July 2013 - 08:32 PM

Free Malware Bytes

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.07.29.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Ebonie :: FLYNN-PC [administrator]
 
7/29/2013 7:12:04 PM
mbam-log-2013-07-29 (19-12-04).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 326610
Time elapsed: 12 minute(s), 29 second(s)
 
Memory Processes Detected: 2
C:\Program Files (x86)\BasicServe\basicserve.exe (PUP.Zwangi) -> 1452 -> Delete on reboot.
C:\Program Files (x86)\BasicServe\basicserve.exe (PUP.Zwangi) -> 2528 -> Delete on reboot.
 
Memory Modules Detected: 2
C:\Program Files (x86)\BasicServe\basicserve.dll (Adware.OneStep) -> Delete on reboot.
C:\Users\Ebonie\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (PUP.Optional.A.BabSolution) -> Delete on reboot.
 
Registry Keys Detected: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} (PUP.Zwangi) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\BasicServe Service (PUP.Zwangi) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Health Kit_is1 (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BASICSERVE (PUP.Zwangi) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BASICSERVE (PUP.Zwangi) -> Quarantined and deleted successfully.
 
Registry Values Detected: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|PC Health Kit (Rogue.PCHealthKit) -> Data: C:\Program Files (x86)\PC Health Kit\PCHKLauncher.exe -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|NTRedirect (PUP.Optional.A.BabSolution) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Ebonie\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BasicServe|DllPath (PUP.Zwangi) -> Data: C:\Program Files (x86)\BasicServe\basicserve.dll -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BasicServe|DisplayName (PUP.Zwangi) -> Data: BasicServe 1.0 build 111 -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 7
C:\Program Files (x86)\PC Health Kit (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\Users\Ebonie\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Delete on reboot.
C:\Users\Ebonie\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Delete on reboot.
 
Files Detected: 65
C:\Program Files (x86)\BasicServe\basicserve.dll (Adware.OneStep) -> Delete on reboot.
C:\Users\flynn\AppData\Local\Temp\LSUp.exe (PUP.LyricsAd) -> Quarantined and deleted successfully.
C:\Users\flynn\AppData\Local\Temp\ly.exe (PUP.LyricsAD) -> Quarantined and deleted successfully.
C:\Users\flynn\AppData\Local\Temp\lyricsPaltmp.exe (PUP.LyricsAd) -> Quarantined and deleted successfully.
C:\Users\flynn\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\flynn\AppData\Local\Temp\Updater.exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.
C:\Users\Ebonie\AppData\Local\Temp\3D1EFD21-BAB0-7891-905D-EA3ED41A2D28\Latest\ccp.exe (PUP.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Ebonie\AppData\Local\Temp\3D1EFD21-BAB0-7891-905D-EA3ED41A2D28\Latest\MyDeltaTB.exe (PUP.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Ebonie\AppData\Local\Temp\3D1EFD21-BAB0-7891-905D-EA3ED41A2D28\Latest\Setup.exe (PUP.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Ebonie\AppData\Local\Temp\74AA7975-BAB0-7891-9855-D93A2F02A952\Latest\ccp.exe (PUP.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Ebonie\AppData\Local\Temp\74AA7975-BAB0-7891-9855-D93A2F02A952\Latest\MyDeltaTB.exe (PUP.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Ebonie\AppData\Local\Temp\74AA7975-BAB0-7891-9855-D93A2F02A952\Latest\Setup.exe (PUP.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\flynn\AppData\Local\Temp\ct3289663\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\flynn\AppData\Local\Temp\ct3291327\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\flynn\Downloads\Download (1).exe (PUP.Optional.Installex) -> Quarantined and deleted successfully.
C:\Users\flynn\Downloads\Download (2).exe (PUP.Optional.Installex) -> Quarantined and deleted successfully.
C:\Users\flynn\Downloads\Download.exe (PUP.Optional.Installex) -> Quarantined and deleted successfully.
C:\Users\flynn\Downloads\FlashPlayerSetup__2343_i26767857.exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.
C:\Users\flynn\Downloads\FlashPlayerSetup__2343_i26767930.exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.
C:\Users\flynn\Downloads\superoneclick_v1_6_5_downloader_us_99370.exe (PUP.Optional.YourFileDownloader) -> Quarantined and deleted successfully.
C:\Users\JFlynn\Downloads\Full_Speed_v3_3_pro_internet_speed_booster_rar.exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.
C:\Users\JFlynn\Downloads\Setup (1).exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.
C:\Users\JFlynn\Downloads\Setup (2).exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.
C:\Users\JFlynn\Downloads\Setup.exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.
C:\Users\JFlynn\Downloads\Video-Player-v-2.0.exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.
C:\Users\Juan Flynn\Downloads\FlashPlayer_V.7356708c.exe (PUP.DomaIQ) -> Quarantined and deleted successfully.
C:\Users\Ebonie\Local Settings\Temporary Internet Files\Content.IE5\SVK87066\pack[2].7z (PUP.Browser.Defender.A) -> Quarantined and deleted successfully.
C:\Users\flynn\Local Settings\Temporary Internet Files\Content.IE5\2W24GO6O\InternetHelper3.1[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\flynn\Local Settings\Temporary Internet Files\Content.IE5\2W24GO6O\KeyBar_1.14[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\flynn\Local Settings\Temporary Internet Files\Content.IE5\5E43Z8AH\QuickShare1[1] (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully.
C:\Users\flynn\Local Settings\Temporary Internet Files\Content.IE5\IGT35KV2\basicserve_bscsrvlink3[1].exe (Adware.OneStep) -> Quarantined and deleted successfully.
C:\Users\flynn\Local Settings\Temporary Internet Files\Content.IE5\M0PFRKJE\Setup-D502DD2B71B5[1].exe (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
C:\Users\flynn\Local Settings\Temporary Internet Files\Content.IE5\RJ0QYRU9\LyricsSing_1060-3050_v122[1] (PUP.LyricsAd) -> Quarantined and deleted successfully.
C:\Users\flynn\Local Settings\Temporary Internet Files\Content.IE5\UC8QM4U4\LyricsPal_1060-8101_v122[1] (PUP.LyricsAd) -> Quarantined and deleted successfully.
C:\Users\flynn\Local Settings\Temporary Internet Files\Content.IE5\V6GJMVJ1\LyricsPal_1060-8101_v116[1] (PUP.LyricsAd) -> Quarantined and deleted successfully.
C:\Users\JFlynn\Local Settings\Temporary Internet Files\Content.IE5\6E1XWSLK\QuickShare1_20130718[1] (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully.
C:\Users\JFlynn\Local Settings\Temporary Internet Files\Content.IE5\71F5G6C8\setup__155[1].exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.
C:\Users\Juan Flynn\Local Settings\Temporary Internet Files\Content.IE5\C2IK7P2J\Solid-SavingsUS[1].exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Windows\Installer\3ac586.msi (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
C:\ProgramData\BasicServe\basicserve111.exe (PUP.Zwangi) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BasicServe\basicserve.exe (PUP.Zwangi) -> Delete on reboot.
C:\Program Files (x86)\BasicServe\basicserve.dll (PUP.Zwangi) -> Delete on reboot.
C:\Program Files (x86)\PC Health Kit\PCHealthKit.chm (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\English.ini (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\file_id.diz (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\HomePage.url (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHealthKit.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKGuard.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKLauncher.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKReminder.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKSchedule.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKSmartScan.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKUninstaller.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\scan.gif (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\sqlite3.dll (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\StartupList.txt (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\unins000.dat (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\unins000.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Users\Ebonie\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (PUP.Optional.A.BabSolution) -> Delete on reboot.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
 
(end)


#5 jhayz

jhayz

  • BC Advisor
  • 5,987 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:45 PM

Posted 29 July 2013 - 11:47 PM

2 more logs needed, SAS and JRT. :thumbup2:


Tekken
 


#6 ebonienicole

ebonienicole
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 18 August 2013 - 11:40 AM

JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.9 (08.17.2013:3)
OS: Windows 7 Home Premium x64
Ran by Ebonie on Sun 08/18/2013 at 10:25:40.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully stopped: [Service] backupstack 
Successfully deleted: [Service] backupstack 
Failed to stop: [Service] cltmngsvc 
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\pcfixspeed
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotect
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotectall
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotection
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricsing
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricspal
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wondershare
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220122252255}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220222182206}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550155255555}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550255185506}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660166256655}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660266186606}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440144254455}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220122252255}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220222182206}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550155255555}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550255185506}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660166256655}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660266186606}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440144254455}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3298581
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550155255555}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550255185506}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660166256655}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660266186606}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440144254455}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110111251155}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181106}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311551178}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551178}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\prompt_installer-conduit_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\prompt_installer-conduit_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550155255555}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550255185506}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660166256655}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660266186606}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440144254455}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\prompt_installer-conduit_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\prompt_installer-conduit_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{62EBB9AE-3095-4F99-8635-4C3C41CA1EE2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3178A392-8963-471E-B7A2-969CB58D6496}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB9778AB-BAEF-49B9-96EE-D6E4BD0BCE68}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3178A392-8963-471E-B7A2-969CB58D6496}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3178A392-8963-471E-B7A2-969CB58D6496}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3178A392-8963-471E-B7A2-969CB58D6496}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77e880b5-cae7-4928-8507-ec2e5007e73e}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{77e880b5-cae7-4928-8507-ec2e5007e73e}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7d55d814-c458-440c-a053-f1a2cb052c17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7d55d814-c458-440c-a053-f1a2cb052c17}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2cf9842-af95-48cd-b873-bfbb48cd7f5e}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{d2cf9842-af95-48cd-b873-bfbb48cd7f5e}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\Tasks\LyricsContainer Update.job
Successfully deleted: [File] C:\Windows\Tasks\LyricsSing Update.job
Successfully deleted: [File] C:\Windows\Tasks\digitalsite.job
Successfully deleted: [File] C:\Windows\Tasks\toparcadehits.job
Successfully deleted: [File] "C:\end"
Successfully deleted: [File] "C:\Windows\syswow64\authuitu.dll"
Successfully deleted: [File] "C:\Windows\couponprinter.ocx"
Successfully deleted: [File] "C:\Windows\wininit.ini"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\browserdefender"
Successfully deleted: [Folder] "C:\ProgramData\pcfixspeed"
Successfully deleted: [Folder] "C:\Users\Ebonie\AppData\Roaming\digitalsite"
Successfully deleted: [Folder] "C:\Users\Ebonie\AppData\Roaming\pcfixspeed"
Successfully deleted: [Folder] "C:\Users\Ebonie\AppData\Roaming\searchprotect"
Successfully deleted: [Folder] "C:\Users\Ebonie\AppData\Roaming\zip opener packages"
Successfully deleted: [Folder] "C:\Users\Ebonie\appdata\local\cre"
Failed to delete: [Folder] "C:\Users\Ebonie\appdata\locallow\fast free converter"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons.com couponbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\fast free converter"
Successfully deleted: [Folder] "C:\Program Files (x86)\jollywallet"
Successfully deleted: [Folder] "C:\Program Files (x86)\lesstabs"
Successfully deleted: [Folder] "C:\Program Files (x86)\lyricscontainer"
Successfully deleted: [Folder] "C:\Program Files (x86)\lyricsing"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\openit"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\pc speed up"
Successfully deleted: [Folder] "C:\Program Files (x86)\pcfixspeed"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Folder] "C:\Program Files (x86)\trusted saver"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc fix speed"
Successfully deleted: [Folder] "C:\Windows\syswow64\jmdp"
 
 
 
~~~ FireFox
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
Successfully deleted the following from C:\Users\Ebonie\AppData\Roaming\mozilla\firefox\profiles\r73a7ni3.default\prefs.js
 
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.backgroundjs", "\n\n/****************************************************
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.js", "\n\n  /************************************************************
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBack
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQu
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],regi
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"
user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037bf86b99379dbcom33254.33254.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.backgroundjs", "\n\n/****************************************************
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.js", "\n\n  /************************************************************
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBack
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQu
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],regi
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"
user_pref("extensions.a9b7182cf08474d178a3fc850f8c4a23e51bca2a9a5e94d988d7740c0e8212d2acom33332.33332.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.crossrider.bic", "1405c877af298b58bd25e15b256c3184");
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Ebonie\appdata\local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 08/18/2013 at 10:36:15.52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users