Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SpeedyPC pro screwed up things


  • Please log in to reply
14 replies to this topic

#1 Christy A

Christy A

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 03 December 2012 - 01:23 AM

I fell prey to one of the most rookie mistakes there is. My computer has been acting up lately. My initial issue was that on booting my computer would take way too long. During starting my computer it's slow and a black screen will come up every time. It sits there for a bit and then finally starts up correctly. In addition it's just laggy and my IE shuts itself down a lot. I thought Id be "smart" and use something Ive seen advertised on tv. Well, this didn't work out so well for me! I downloaded SpeedyPC Pro and ran it. I then let the program "fix" my problems. After doing this I noticed that a lot of text is now gibberish. Heres a link to what it looks like: http://christyaerrorpics.shutterfly.com/pictures/10#10. I uninstalled it using it's own uninstall feature but the text was still wrong. I tried using Revo Uninstaller and same deal. I used a restore point and here's what I got from that: http://christyaerrorpics.shutterfly.com/pictures/9 . Not sure where to go from here. i really need help here!
thanks in advance for your help!

Christy
__________________________________________________________________________

Always look beyond the obvious.... Posted Image

BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:45 PM

Posted 03 December 2012 - 04:04 AM

Hello Christy -
First visit this page for some details on the extra methds required to remove this Scam - Uninstall Speedypc
NEXT -
Download and install Malwarebytes Anti-Malware Free and SuperantiSpyware Free
Update the programs and run Full Scans with both programs and post the Scan Logs back here -
NEXT -
Please download AdwCleaner by Xplode onto your desktop.
If your Antivirus complains, information on A/V control (temp disable) HERE if needed
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Delete.
Confirm each time with OK
This will also remove most Add-On Tool bars that are not required.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Thank You -

#3 Christy A

Christy A
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 03 December 2012 - 05:45 PM

Thanks Noknojon, working on that now. I really appreciate your help!
thanks in advance for your help!

Christy
__________________________________________________________________________

Always look beyond the obvious.... Posted Image

#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:45 PM

Posted 03 December 2012 - 06:26 PM

No problem Christy -
Thanks for the reply

Please take your time, and ask if you have any problems :)

Regards -

#5 Christy A

Christy A
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 04 December 2012 - 04:21 PM

I ran the programs and am attaching the files. I'm also attaching another screen shoto of the font problem that is still there. (SUPERAntiSpyware found problems and fixed them)

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/04/2012 at 00:50 AM

Application Version : 5.6.1014

Core Rules Database Version : 9678
Trace Rules Database Version: 7490

Scan type : Complete Scan
Total Scan Time : 01:21:49

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 794
Memory threats detected : 0
Registry items scanned : 77079
Registry threats detected : 0
File items scanned : 104913
File threats detected : 14

Adware.Tracking Cookie
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\AUSJ196C.txt [ /atdmt.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\IO9O45AZ.txt [ /pcworldcommunication.122.2o7.net ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\SAV2SMBL.txt [ /c1.atdmt.com ]
C:\USERS\ADMINISTRATOR\Cookies\AUSJ196C.txt [ Cookie:administrator@atdmt.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\IO9O45AZ.txt [ Cookie:administrator@pcworldcommunication.122.2o7.net/ ]
C:\USERS\ADMINISTRATOR\Cookies\SAV2SMBL.txt [ Cookie:administrator@c1.atdmt.com/ ]
C:\USERS\ANTES\AppData\Roaming\Microsoft\Windows\Cookies\Low\6GM6NIW8.txt [ Cookie:antes@at.atwola.com/ ]

Heur.Agent/Gen-WhiteBox
C:\PROGRAM FILES (X86)\FGICON\RES\FANTASTICINST.EXE
C:\USERS\ANTES\DESKTOP\PLAY GAMES.LNK

Trojan.Agent/Gen-FakeAV
C:\PROGRAM FILES (X86)\FREE MEDIA PLAYER\UNINSTALL.EXE
C:\USERS\ANTES\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\FREE MEDIA PLAYER\FREE MEDIA PLAYER UNINSTALL.LNK

PUP.CNETInstaller
C:\USERS\ANTES\DOCUMENTS\DOWNLOADS\PROGRAMS\CNET2_PSPX4_TBYB30_EXE.EXE
C:\USERS\ANTES\DOCUMENTS\DOWNLOADS\PROGRAMS\CNET2_SCREENSHOTSETUP1_1_MSI.EXE

Rogue.Agent/Gen-Nullo[DLL]
C:\WINDOWS\VMOPTVER.DLL


-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.03.14

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Administrator :: CA616 [administrator]

12/3/2012 8:52:23 PM
mbam-log-2012-12-03 (20-52-23).txt

Scan type: Full scan (C:\|D:\|E:\|G:\|H:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 680951
Time elapsed: 2 hour(s), 18 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------


# AdwCleaner v2.011 - Logfile created 12/04/2012 at 14:38:13
# Updated 02/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Administrator - CA616
# Boot Mode : Normal
# Running from : C:\Users\Administrator\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg
File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\FantastiGames Toolbar
Folder Deleted : C:\Program Files (x86)\Ilivid
Folder Deleted : C:\Program Files (x86)\Trymedia
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Antes\AppData\Local\Conduit
Folder Deleted : C:\Users\Antes\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Antes\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Antes\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Antes\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Antes\AppData\Roaming\iWin
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\FANTAS~1\Datamngr\datamngr.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\FANTAS~1\Datamngr\IEBHO.dll
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@funwebproducts.com/Plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [12494 octets] - [04/12/2012 14:37:28]
AdwCleaner[S2].txt - [12614 octets] - [04/12/2012 14:38:13]

########## EOF - C:\AdwCleaner[S2].txt - [12675 octets] ##########


-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Posted Image

Edited by Christy A, 04 December 2012 - 05:06 PM.

thanks in advance for your help!

Christy
__________________________________________________________________________

Always look beyond the obvious.... Posted Image

#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:45 PM

Posted 04 December 2012 - 05:31 PM

Hi again Christy -
Rogue.Agent/Gen-Nullo spreads via hacked websites. Some experts have reported that it may be connected to PCPitstop but it hasn't been verified yet.
Trojan.Agent/Gen-FakeAV - This has been reported at S.A.S. site as an infection to be removed
Heur.Agent/Gen-WhiteBox - Do any of you use UTORRENT ? Related known infection -
EXTRA - Please Rescan with SUPERAntiSpyware to be sure these are removed and Reboot after the scan

The below are all recognised as minor infections / adware that needed removal -
FantastiGames Toolbar - Ilivid - Yontoo - Tarma Installer - AskToolbar - PriceGong
Next -
I'd like us to scan your machine with ESET OnlineScan
Click on the following link to open ESET OnlineScan
You may be prompted to disable any antivirus programs for this to run - Download ESET online Scanner this will take a while to load the base program and then the updated definitions
Copy any results found and post them back here -
Next -
Follow this with download Junkware Removal Tool to your desktop
Junkware Removal Tool by thisisu
Shut down your protection software now to avoid potential conflicts.
•Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete depending on your system's specifications.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Post the contents of JRT.txt into your next message.
Next -
Follow this with, download Security Check by Screen317 from HERE or HERE, and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

After this please let me look at a few settings etc. with this program -
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
List devices >>(Problem only)<<
•List Users, Partitions and Memory size.
•List Minidump Files

Click Go and copy / paste the result (Result.txt) in your next reply -

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Thanks -

Edited by noknojon, 04 December 2012 - 05:33 PM.


#7 Christy A

Christy A
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 05 December 2012 - 10:50 AM

Im getting to work on this now. As for Utorrent, I don't remember the last time anyone used it on this system. It's not something I do.
thanks in advance for your help!

Christy
__________________________________________________________________________

Always look beyond the obvious.... Posted Image

#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:45 PM

Posted 05 December 2012 - 03:50 PM

Thanks Christy. for staying, and for your updates -

Please do it at your own pace and ask if there are other questions -



#9 Christy A

Christy A
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 05 December 2012 - 09:05 PM

Hey Noknojon-

I hope I got it all right. And again, I can't tell you how much I appreciate your help with this!

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/05/2012 at 12:27 PM

Application Version : 5.6.1014

Core Rules Database Version : 9687
Trace Rules Database Version: 7499

Scan type : Complete Scan
Total Scan Time : 01:23:55

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 729
Memory threats detected : 0
Registry items scanned : 77072
Registry threats detected : 0
File items scanned : 104564
File threats detected : 4

Adware.Tracking Cookie
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\FEMLWKGZ.txt [ /atdmt.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\B0P9DE2L.txt [ /generalelectric.112.2o7.net ]
C:\USERS\ADMINISTRATOR\Cookies\FEMLWKGZ.txt [ Cookie:administrator@atdmt.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\B0P9DE2L.txt [ Cookie:administrator@generalelectric.112.2o7.net/ ]


----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


C:\Users\All Users\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT.zip Win32/Bagle.gen.zip worm unable to clean
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT1.zip Win32/Bagle.gen.zip worm unable to clean
C:\$RECYCLE.BIN\S-1-5-21-1719504641-4281115936-1006895277-1000\$RRR75N9\KEYGEN\Mystery Case Files 13th Skull Collector's Edition_Keymaker.exe a variant of Win32/Keygen.DU application cleaned by deleting - quarantined
C:\Program Files (x86)\Fisher's Family Farm v2\KEYGEN-FFF\Fishers Family Farm KG.exe a variant of Win32/Keygen.DU application cleaned by deleting - quarantined
C:\Program Files (x86)\FoxTabAudioConverter\AudioConverter.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Program Files (x86)\FreeApps\FreeApps.exe probably a variant of Win32/FreeNew application cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Temp\is1705941228\jollywallet_silence_106_2.exe Win32/Toolbar.CrossRider.B application cleaned by deleting - quarantined
C:\Users\Administrator\Downloads\Programs\ad-aware_Free-Antivirus-10.0.185.3207_setup.exe a variant of Win32/InstallCore.AT application cleaned by deleting - quarantined
C:\Users\Antes\AppData\Local\PrivitizeVPNInstaller\Secure Download\setup_freetwittube.exe multiple threats cleaned by deleting - quarantined
C:\Users\Antes\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\10341ffc-44905527 multiple threats deleted - quarantined
C:\Users\Antes\AppData\Roaming\Mozilla\Firefox\Profiles\4v4j0vpq.default\extensions\plugin@yontoo.com\content\overlay.js Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Users\Antes\Desktop\Downloads\Shadow Wolf Mysteries- Curse of the Full Moon CE V2\K3YG3N\Shadow Wolf Mysteries Curse of the Full Moon CE-key-maker.exe a variant of Win32/Keygen.DU application cleaned by deleting - quarantined
C:\Users\Antes\Desktop\Utilities\FreeFileViewer2010Setup.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Antes\Desktop\Utilities\freefileviewer_490.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\asc-setup_2.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\asc-setup_3.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\asc-setup_5.exe multiple threats cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\cdbxp_setup_4.3.7.2423.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\freefileviewer_518.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\iLividSetupV1.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\imf-setup_2.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\is360setup.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\sd2-setup220.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\SoftonicDownloader_for_epub-maker.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\Users\Antes\Documents\Downloads\Programs\WinZip145_2.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined


-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.8.9 (12.05.2012:5)
OS: Windows 7 Home Premium x64
Ran by Administrator on Wed 12/05/2012 at 20:03:56.39
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0055c089-8582-441b-a0bf-17b458c2a3a8}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{0055c089-8582-441b-a0bf-17b458c2a3a8}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/05/2012 at 20:08:40.31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
STOPzilla!
Lavasoft Ad-Aware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
MVPS Hosts File
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 26
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 10.1.2 Adobe Reader out of Date!
Mozilla Firefox (3.6.6) Firefox out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Spybot Teatimer.exe is disabled!
Ad-Aware Antivirus SBAMSvc.exe
IObit IObit Malware Fighter IMFsrv.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Trend Micro RUBotted RUBotSrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````


-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


MiniToolBox by Farbar Version: 25-11-2012
Ran by Administrator (administrator) on 05-12-2012 at 20:26:39
Running from "C:\Users\Administrator\Downloads\Programs"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
::1 localhost



127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net 127.0.0.1 am1.activemeter.com

There are 12376 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ca616
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-26-82-4B-6D-D3
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : 00-26-82-4B-6D-D2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b41c:e9e:de92:c924%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, December 05, 2012 7:29:22 PM
Lease Expires . . . . . . . . . . : Thursday, December 06, 2012 7:29:22 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 335554178
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-C8-25-A1-E0-CB-4E-31-81-8D
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : E0-CB-4E-31-81-8D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5A7D9B55-2D96-4E83-8E64-88EC521FED97}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9B4E2A01-76F9-4A62-988D-01C41D68D62A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:802::1003
74.125.226.199
74.125.226.206
74.125.226.196
74.125.226.192
74.125.226.197
74.125.226.198
74.125.226.200
74.125.226.201
74.125.226.195
74.125.226.194
74.125.226.193


Pinging google.com [173.194.43.5] with 32 bytes of data:
Reply from 173.194.43.5: bytes=32 time=51ms TTL=52
Reply from 173.194.43.5: bytes=32 time=66ms TTL=52

Ping statistics for 173.194.43.5:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 51ms, Maximum = 66ms, Average = 58ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=223ms TTL=46
Reply from 98.139.183.24: bytes=32 time=100ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 100ms, Maximum = 223ms, Average = 161ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...00 26 82 4b 6d d3 ......Microsoft Virtual WiFi Miniport Adapter
15...00 26 82 4b 6d d2 ......802.11n Wireless LAN Card
10...e0 cb 4e 31 81 8d ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
15 281 fe80::/64 On-link
15 281 fe80::b41c:e9e:de92:c924/128
On-link
1 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2011-03-01 20:35:57.003
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Antes\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-03-01 20:35:56.987
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Antes\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-03-01 19:48:53.663
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Antes\AppData\Local\Temp\{E2FD1BF3-7AA7-4A7E-A5D6-8BFC921897FC}\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-03-01 19:48:53.648
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Antes\AppData\Local\Temp\{E2FD1BF3-7AA7-4A7E-A5D6-8BFC921897FC}\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-03-01 12:43:32.447
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Antes\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-03-01 12:43:32.433
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Antes\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-03-01 12:15:11.839
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Antes\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-03-01 12:15:11.825
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Antes\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-03-01 12:06:17.764
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Antes\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-03-01 12:06:17.749
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Antes\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
7 Wonders II
A Gnome's Home - The Great Crystal Crusade (Version: 1.0.0.2)
ABC Amber PDF Converter
ABC Birthday Reminder version 2.6 (Version: 2.6)
Ad-Aware Antivirus (Version: 10.2.21.3698)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Adobe AIR (Version: 2.7.1.19610)
Adobe Digital Editions
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.2.161.23)
Adobe Flash Player 10 Plugin (Version: 10.1.53.64)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.110)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Advanced SystemCare 6 (Version: 6.0)
Age of Adventure - Playing the Hero (Version: 1.0.0)
Algodoo Phun edition v5.28
AllMedia Grabber (Version: 6.0)
Amazon Browser Bar (Version: 3.0.0.0)
AMD USB Filter Driver (Version: 1.0.11.86)
AnVir Task Manager
Art of Murder - Deadly Secrets (Version: 1.0.0)
Ashampoo Burning Studio Elements 10.0.9 (Version: 3.1.1)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Audio Editing Tools v2.7.FREE (Version: 02.07.0000)
Balloon Buddy 2.2 - Pogo Version
Botanica - Into the Unknown Collectors Edition (Version: 1.0.0)
BufferChm (Version: 140.0.212.000)
Build-a-lot Fairy Tales
Building the Great Wall of China (Version: 1.0.0)
Bus Driver
Buttons & OSDs control application gen3 (Version: 1.0.0.5)
C4700 (Version: 140.0.690.000)
calibre (Version: 0.8.63)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Full Existing (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Full New (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Light (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0614.2131.36800)
Catalyst Control Center InstallProxy (Version: 2009.0614.2131.36800)
Catalyst Control Center Localization All (Version: 2009.0614.2131.36800)
ccc-core-static (Version: 2009.0614.2131.36800)
ccc-utility64 (Version: 2009.0614.2131.36800)
CCC Help Chinese Standard (Version: 2009.0614.2130.36800)
CCC Help Chinese Traditional (Version: 2009.0614.2130.36800)
CCC Help Czech (Version: 2009.0614.2130.36800)
CCC Help Danish (Version: 2009.0614.2130.36800)
CCC Help Dutch (Version: 2009.0614.2130.36800)
CCC Help English (Version: 2009.0614.2130.36800)
CCC Help Finnish (Version: 2009.0614.2130.36800)
CCC Help French (Version: 2009.0614.2130.36800)
CCC Help German (Version: 2009.0614.2130.36800)
CCC Help Greek (Version: 2009.0614.2130.36800)
CCC Help Hungarian (Version: 2009.0614.2130.36800)
CCC Help Italian (Version: 2009.0614.2130.36800)
CCC Help Japanese (Version: 2009.0614.2130.36800)
CCC Help Korean (Version: 2009.0614.2130.36800)
CCC Help Norwegian (Version: 2009.0614.2130.36800)
CCC Help Polish (Version: 2009.0614.2130.36800)
CCC Help Portuguese (Version: 2009.0614.2130.36800)
CCC Help Russian (Version: 2009.0614.2130.36800)
CCC Help Spanish (Version: 2009.0614.2130.36800)
CCC Help Swedish (Version: 2009.0614.2130.36800)
CCC Help Thai (Version: 2009.0614.2130.36800)
CCC Help Turkish (Version: 2009.0614.2130.36800)
CCleaner (Version: 3.03)
CDBurnerXP (Version: 4.3.7.2423)
Chameleon Startup Manager 3.4.0.766 (Version: 3.4.0.766)
Citrix online plug-in - web (Version: 12.1.44.1)
Citrix online plug-in (DV) (Version: 12.1.44.1)
Citrix online plug-in (HDX) (Version: 12.1.44.1)
Citrix online plug-in (USB) (Version: 12.1.44.1)
Citrix online plug-in (Web) (Version: 12.1.44.1)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Paint Shop Pro X (Version: 10.0)
CyberLink DVD Suite Deluxe (Version: 6.0.3101)
D3DX10 (Version: 15.4.2368.0902)
DealCabby (Version: 1.0921.1509)
Definition update for Microsoft Office 2010 (KB982726)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
EASEUS Todo Backup Professional 2.5 (Version: 2.5.0.1)
EasyInfo (Version: 1.0.22)
Emily Archer and the Curse of Tutankhamun (Version: 1.0.0)
Entwined - Strings of Deception (Version: 1.0.0)
ESET Online Scanner v3
Fairy Tales - Iridescence Village (Version: 1.0.0)
Farm Mystery - The Horror of Orchardville (Version: 1.1.0)
Farm Tribe 2 (Version: 1.0.0)
Folder Marker Home v 3.2 GAOTD Edition (Version: 3.2)
Foxit Reader (Version: 4.1.1.805)
Foxit Reader 5.1 (Version: 5.1.0.1021)
Fraps
Free Easy Burner V 4.1 (Version: 4.1.0.0)
Free File Viewer 2010
Free Media Player 0.1 (Version: 0.1)
Free PDF to Word Doc Converter v1.1 (Version: 1.1)
FreeApps (Version: 1.4.1)
Funky Bee (Version: 3.4.2.2)
Game Booster (Version: 2.2.0.0)
GIMP 2.6.12-2 (Version: 2.6.12)
Glary Utilities Pro 2.41.0.1358 (Version: 2.41.0.1358)
Golden Trails 3 - The Guardians Creed (Version: 1.0.0)
Google Chrome (Version: 23.0.1271.95)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 140.0.211.000)
Gravely Silent - House of Deadlock Collectors Edition (Version: 1.0.0)
Hardware Diagnostic Tools (Version: 6.0.5205.31)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Hidden Object Studios - I'll Believe You - Special Edition (Version: 1.0.0)
Howlville - The Dark Past (Version: 3.5.3)
HP Advisor (Version: 3.3.12286.3436)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Desktop Keyboard (Version: 1.0.0.8)
HP Games (Version: 1.0.0.71)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP MediaSmart DVD (Version: 3.0.3123)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Product Detection (Version: 11.14.0001)
HP Remote Solution (Version: 1.1.9.0)
HP Setup (Version: 1.2.3220.3079)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Support Assistant (Version: 6.1.12.1)
HP TouchSmart (Version: 3.0.35.0)
HP TouchSmart Browser (Version: 3.0.0007)
HP TouchSmart Calendar (Version: 3.0.3476.32189)
HP TouchSmart Canvas (Version: 1.0.3492.26962)
HP TouchSmart Clock (Version: 3.0.3441.42630)
HP TouchSmart Movie Themes (Version: 3.0.3102)
HP TouchSmart Music/Photo/Video (Version: 3.0.3205)
HP TouchSmart Notes (Version: 3.0.3462.28879)
HP TouchSmart RecipeBox (Version: 1.0.3507.27745)
HP TouchSmart RSS (Version: 3.0.0005)
HP TouchSmart Tutorials (Version: 3.0.5.2)
HP TouchSmart Twitter (Version: 1.0.3485.33023)
HP TouchSmart Weather (Version: 3.0.0.1)
HP TouchSmart Webcam (Version: 3.0.1903)
HP Update (Version: 5.002.002.002)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Hulu Desktop (Version: 0.9.7)
Internet Download Manager
Intrigue Inc - Raven's Flight (Version: 1.5.0)
IObit Malware Fighter (Version: 1.0)
Island Realms (Version: 1.0.0)
Island Tribe 2 (Version: 2.0.0)
Island Tribe 4 (Version: 1.0.0)
Jasc Paint Shop Pro 8 (Version: 8.00.0000)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 26 (Version: 6.0.260)
Junk Mail filter update (Version: 15.4.3502.0922)
LG USB Modem driver
Luxury Liner Tycoon (Version: 1.0.0.2)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 140.0.212.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Micro Flight 5.2
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Touch Pack for Windows 7 (Version: 1.0.40517.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft XML Parser (Version: 8.0.7820.0)
Microsoft XML Parser (Version: 8.70.1104.04)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
Mihov Image Resizer 1.2 (remove only)
Mini Golf Buddy - Pogo Version 2.2
Mozilla Firefox (3.6.6) (Version: 3.6.6 (en-US))
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Murder Island - Secret of Tantalus (Version: 1.0.1.120)
Muse (Version: 1.0.0)
Mystical Island (Version: 1.0.0)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
New Yankee in King Arthurs Court (Version: 1.1.0)
NVIDIA PhysX (Version: 9.10.0129)
OpenAL
OpenOffice.org 3.1 (Version: 3.1.9399)
Origin (Version: 8.3.7.3619)
Paintslate (Version: 1.1.1)
Paintslate By Bendigo Design (Version: 1.1.1)
PDF to ePub Converter 2.2.1
PDF To JPG 2.0
PDFZilla V1.2.9
Perfect Uninstaller v6.3.3.8
Phantasmat Collectors Edition (Version: 1.08)
Phlinx Buddy - Pogo Version 1.2
Photopus 1.1
Pioneer Lands (Version: 1.0.0)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerISO (Version: 4.7)
PowerRecover (Version: 5.5.1923)
Protected Folder
PS_AIO_06_C4700_SW_Min (Version: 140.0.690.000)
QuickTransfer (Version: 140.0.98.000)
Raxx - The Painted Dog (Version: 1.0.1)
Reader Library by Sony (Version: 3.3.00.07130)
Reading the Dead (Version: 1.0.4)
Recordzilla 1.0
Rescue Team 2 (Version: 1.0.0)
Revo Uninstaller 1.92 (Version: 1.92)
Rita James and the Race to Shangri La (Version: 1.0.1.1)
Roads of Rome
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
Scan (Version: 140.0.80.000)
Sci Fi Buddy 2.1 - Pogo Version
ScreenShot V1.1.0.0 (Version: 1.1.0)
Secret Mission 2 - The Forgotten Island (Version: 1.0.0)
Ship Simulator 2008 Demo
Ship Simulator Extremes Demo
Shop for HP Supplies (Version: 14.0)
Sigil (Version: 0.2.4)
Smart Defrag 2 (Version: 2.6)
SmartWebPrinting (Version: 140.0.186.000)
Soda PDF (Version: 1.2.89.533)
SoftSkin Photo Makeup 1.0 (Version: 1.0)
SolutionCenter (Version: 140.0.213.000)
SoundMAX (Version: 6.10.2.7260)
SPORE™ Creature Creator Trial Edition (Version: 1.00.0000)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 140.0.212.000)
STOPzilla (Version: 6.0.3.61)
Summer Resort Mogul (Version: 1.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
swMSM (Version: 12.0.0.1)
Text To PDF Converter v1.5
The Beast of Lycan Isle Collectors Edition (Version: 1.0.0)
The Curse of the Ring (Version: 1.35)
The Curse of the Werewolves Collectors Edition (Version: 1.0.0)
The Island - Castaway (Version: 1.30)
The Promised Land (Version: 1.1.0)
The Secret Legacy - A Kate Brooks Adventure (Version: 1.5.2.6)
The Stroke of Midnight (Version: 1.0.0)
The Treasures of Montezuma
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Treasure Hunters (Version: 1.0.0)
Tree Notes 2.56 (Version: 2.56)
Trend Micro RUBotted 2.0 Beta (Version: 2.0.0.1030)
UltraISO Premium V9.36
Unlikely Suspects
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Vehicle Simulator
Verizon Mobile Broadband Drivers (Version: 3.02.002.002)
Virtual Sailor 7
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VZAccess Manager (Version: 7.3.13.1)
War In A Box - Paper Tanks (Version: 1.0.3)
WebReg (Version: 140.0.212.017)
WildTangent Games App (Version: 4.0.9.7)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live OneCare safety scanner
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinPcap 4.1.1 (Version: 4.1.0.1753)
WinUtilities 9.96 Professional Edition
WinZip 14.5 (Version: 14.5.9095)
Wisdom-soft ScreenHunter 6.0 Free
Wizard101 (Version: 1.0.0)
WolfQuest (Version: 2.0.3)
Xilisoft PDF to EPUB Converter (Version: 1.0.1.0701)
Xvid Video Codec (Version: 1.3.2)
Yahoo! Mail Advisor
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zooloretto (Version: 1.0.0)

========================= Devices: ================================

Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: F-Secure Vista Support Driver
Description: F-Secure Vista Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fsvista
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 3839.24 MB
Available physical RAM: 2376.46 MB
Total Pagefile: 7676.68 MB
Available Pagefile: 6178.3 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.76 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:452.91 GB) (Free:237.52 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:12.76 GB) (Free:1.84 GB) NTFS

========================= Users: ========================================

User accounts for \\CA616

Administrator Antes Guest

========================= Minidump Files ==================================

No minidump file found


**** End of log ****


-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


Please let me know if I missed anything. Thanks!
Christy

Edited by Christy A, 05 December 2012 - 09:17 PM.

thanks in advance for your help!

Christy
__________________________________________________________________________

Always look beyond the obvious.... Posted Image

#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:45 PM

Posted 05 December 2012 - 10:58 PM

I'd like us to scan your machine with ESET OnlineScan

Hi -
Did you miss this from the last posting, or was there just nothing found ??

"Photosmart C4700 series" << Is this your Printer or Copier that is not working, or has been removed ??

There are a few items to update or remove still, so if you can post me the ESET scan results, it can take a while, about 2 hours, I will go back over these items

NEXT -
We need to run another quick item -
Click Start > Programs > Accessories > Find Command Prompt and Right click on it > Select Run as Administrator > Agree to any prompt > Type sfc /scannow > Enter
Note the space between the c and / .
This will check your installed System Files against your installed master files . About 15 minutes to run on average.
Please note any results at the end -

Do you normally use Chrome as your internet browser, or Firefox or Internet Explorer ??

Thanks -

#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:45 PM

Posted 06 December 2012 - 01:37 AM

Hi Christy -
Can you please tell me which of these program(s) that you consider to be your active Antivirus program(s)

You have / STOPzilla (Version: 6.0.3.61) / Ad-Aware Antivirus (Version: 10.2.21.3698) / Advanced SystemCare 6 (Version: 6.0) / AnVir Task Manager / Spybot - Search & Destroy (Version: 1.6.2) / Trend Micro RUBotted 2.0 Beta (Version: 2.0.0.1030) and a few minor useless programs also.
We need to fully revise this menagerie of programs -

A few programs to be removed from Control Panel > Programs and Features. If we have problems, some have their own removal tools.

Please see this page for details on AnVir Task Manager, it seems to also be another Fix All program - It should be removed
Internet Download Manager < This is another Speed Up MyPC / Registry Cleaner program and needs to be removed
Glary Utilities Pro 2.41.0.1358 (Version: 2.41.0.1358) < Another Speed Up MyPC program to be deleted
Hardware Diagnostic Tools (Version: 6.0.5205.31) < Did you pay for this program or was it installed by someone ??
Smart Defrag 2 (Version: 2.6) < Part of IObit program and not needed
IObit IObit Malware Fighter IMFsrv.exe << This was ? installed, but is no longer listed in your programs. We can remove it fully
Game Booster (Version: 2.2.0.0) < Usually another IObit program that will not increase speed < It should be removed
Perfect Uninstaller v6.3.3.8 < This is usually installed from Torrent downloads, so remove it - We can use Revo to uninstall things if needed

Now, do you have Windows Updates set to install on a regular basis, and do you install them monthly ??

Internet Explorer 8 Out of date! This should be I.E. 9 now. Visit Internet Explorer 9 and download it
Java™ 6 Update 26 - Java version out of Date! Go to Control Panel and if you have a Java Icon (looks like coffee cup) click on this, the second tab is Update - Follow any instructions for your x64 computer and update it to Version 7 Update 9 then Uninstall all other versions of Java from Programs and Features

Adobe Flash Player 10 Flash Player out of Date! - Go to HERE to update to Adobe Flash Player 11.5.502.110 and be sure to Untick the Google Chrome toolbar add-on
Adobe Reader 10.1.2 Adobe Reader out of Date! - Go to HERE and update to Adobe Reader XI (11.0) again Untick the Google toolbar add-on

Check for Firefox updates HERE

You have a good solid Hosts file that should block many minor problems, but it is still allowing too many Tracking cookies in.
EDIT - Once you tell me the main browser you use, I will try to set some Ad Blocking for you -

I think these are the main basic updates and deletions we need to start with for now.
There are a few more minor things, but I will wait to hear back from you -

Please note that my reply will be very early or very late as I am going away for a day -

Thank You -

Edited by noknojon, 06 December 2012 - 05:35 AM.


#12 Christy A

Christy A
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 08 December 2012 - 12:22 AM

Hey Noknojon-

Yeah, after time all these security programs seemed to add up on me. I would have to say that my main anti-virus prog is Malwarebytes; it's the one thats always running. I use Advanced System Care for general maintenance. Its not running at all until I start doing a clean up. I don't know how you feel about it but its been a good utility for me so far. The only drawback was some of the "extra" programs that came with it (like the game booster one.) I tried deleting any that were installed but I missed that one. Lets see... I've used Ad-Aware and Spybot for years now. These too are not running all the time. I use them as I do ASC. Those have been my tried and true "clean-up" programs.

I think the only others I use on a regular basis are Revo and Internet Download Manager. IDM is only used for downloading. None of the other features are ever used. So I prefer to keep IDM too.
I don't have unlimited Internet access. (Man do I ever miss it tho!!) We moved to an area where our only Internet connection options are dial-up (which I'll never go back to...self explainable!), satellite (which we had for years after we first moved here but changed about a year ago to cellular wireless Internet cards Neither of these have unlimited access. So my downloads have to be regulated and for the bigger downloads, planned. This is also the reason my IE is out of date and some other programs aren't updated yet. Long story short, this is where IDM comes in handy. I can pause downloads and restart them at a later date if I need to.

But anyway...I think the last thing I wanted say in regards to one of your questions is that despite problems people have with IE it is still the browser I prefer.


So, this is my plan unless you see problems with it. Everything else you mentioned and whatever else we might find can be uninstalled.

I'll watch for your reply. Take your time, believe me, I have no notion that you are at my beck and call. lol I just appreciate your help!
thanks in advance for your help!

Christy
__________________________________________________________________________

Always look beyond the obvious.... Posted Image

#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:45 PM

Posted 09 December 2012 - 05:56 AM

Hi Christy -
Sorry I did not get back earlier, but my 1 day trip turned into a minor disaster . By the time I got home my Internet was out, and I have just started posting again and trying to catch up with you -

Advanced System Care << This is just another Registry Cleaner, and you will find in the posts from experts to remove it -
- This relates to all IObit programs in general ............
I have left a Removal Tool below as EXTRA Below to delete all IObit program installers - This was designed by Fred DeVries, a Dutch programmer friend of mine

Internet Download Manager << I have used / tested this program as I had slow Internet, and showed it did not "help" over-all. But I will let you make your own final decision on this program ...........

my main anti-virus prog is Malwarebytes << Please note that Malwarebytes is not an Antivirus, but it is meant to run with any Antivirus -
Even if you have the Pro Malwarebytes (paid) version, as I do, you still need an Antivirus program (even a free one) ..........

This Post by screen317 (Chris Fistonich) and it may be helpful to you in to regards Antivirus programs -

Re: STOPzilla - SCAM.COM have a long file on this, and as it has now been over taken by others, ( is3.com ) it is useless - OUT -

despite problems people have with IE it is still the browser I prefer << I always use and prefer I.E as my main browser.
However, you must keep it updated to I.E 9, as this is now your current version, and will protect you much better -

I've used Ad-Aware and Spybot for years now. These too are not running all the time << These are just scanners and SUPERAntiSpyware is much better, and a more modern version -

EXTRA >> IObit Remover - IObit > Info > Tool (Note: Cleans left-overs after a normal uninstall) (non-vendor) (Note: A program I co-designed myself).


Thank You -

#14 Christy A

Christy A
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 10 December 2012 - 01:49 AM

Thanks for the reply. I'll work on what you suggest in your post but had another problem come up. I've been working for the past couple of days on getting my Internet working again. I upgraded my IE to 9, which I downloaded from Microsoft, and after I did that every time I opened the browser the page was solid black and I couldn't do anything with it. I had restore points saved but every time I tried a restore it acted like it was working but on restart I got a message saying it didn't work. So apparently my restore points are worthless right now. I've had late nights and fustrating days trying to get my browser back working and FINALLY I tried Fixit by Microsoft which did the trick for me. I still have all the same problems I had before but at least I can access my internet again on my desktop.

Needless to say, I am EXTREMELY fustrated! I'm not sure right now if it's worth trying to save anything I have on my system. I keep thinking of doing a system recovery. I don't really want to and have tried avoiding the thought, without much luck. Also, apparently my firewall isn't working either. I tried turning it back on but nothing happens.

I AM gonna work on your advice still and will let you know what happens. Thank you very much again! You have no idea how much I appreciate your trying to help.
thanks in advance for your help!

Christy
__________________________________________________________________________

Always look beyond the obvious.... Posted Image

#15 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:45 PM

Posted 10 December 2012 - 04:30 AM

Hi Christy -

As your computer seems to be acting in a strange manner - Please do these 2 internal computer scans : Internet is not required for these
Just Copy the directions to Notepad (or similar) and save them -

First -
Go - Start -> type this in Search Box -> COMMAND, find at top and RIGHT CLICK -> Select > RUN AS ADMIN

Type in this at the prompt -> sfc /scannow > Now Press Enter.
This will take (on average) 15 to 20 minutes -

Next -
Also; now run a Disk Check on your computer -
Run a Disk Check on your C: drive in Windows :

•Click Start and open Computer
Right-click on C: and select Properties
•Click on the Tools tab
•Under Error-checking click the Check Now... button
•Mark the 2 boxes next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
•Click on the Start button
•When the message box pops up, click the Schedule disk check button and then >>Restart<< your computer
•Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so
This may take 1 hour or more depending on your system, so please let all 5 stages run fully - - - - - -
Your computer will reboot back to Normal Mode once finished -

We need to also be sure that you are installing Windows Updates every month -

Thank You -




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users