Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Chrome crashes computer.


  • This topic is locked This topic is locked
39 replies to this topic

#1 shortmicheal

shortmicheal

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:47 PM

Posted 12 March 2013 - 09:56 PM

Mod Edit: Moved to Virus, Trojan, Spyware, and Malware Removal Logs ~~boopme

 

Two days ago google chrome started giving me Aw Snap error message on every website I would load, was also getting message about shockwave flash crashing. Well today when I try to open chrome my display distorts the image on it and the computer freezes and the only thing I can do is reset the computer using the power switch. The weird thing is that when I start my computer in Safe Mode with Networking google chrome works just fine. I am including a HijackThis log. I have scanned with AVG and spybot search&destroy.

 

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:44:48 PM, on 3/12/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Safe mode with network support
 
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?PC=BNHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file)
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O1 - Hosts: 206.191.62.34 www.binaryfortress.com
O1 - Hosts: 206.191.62.34 binaryfortress.com
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RivalGaming Games - {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Download and Sa - {D1305C99-A45A-9189-689C-457512DAB510} - C:\ProgramData\Download and Sa\509c96527c49c.ocx
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [SansaDispatch] C:\Users\Micheal\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Micheal\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files\Logitech Gaming Software\EReg\eReg.exe
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm
O8 - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O13 - Gopher Prefix: 
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - (no file)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
O23 - Service: webcamXP Service (wxpSvc) - Moonware Studios - C:\Program Files\webcamXP 5\wService.exe
 
--
End of file - 12863 bytes

Edited by boopme, 12 March 2013 - 10:28 PM.


BC AdBot (Login to Remove)

 


#2 shortmicheal

shortmicheal
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:47 PM

Posted 14 March 2013 - 09:14 PM

Before clicking Chrome20130314_205313_LLS.jpg

After 2x Clicking Chrome20130314_205451_LLS.jpg


Edited by shortmicheal, 14 March 2013 - 09:56 PM.


#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:47 PM

Posted 15 March 2013 - 09:10 AM

Greetings shortmicheal and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

In addition to running the below, can you tell me what, if anything you experience with other browsers?

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps are a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and let me know.
  • When you post your reply, do not use the StartNewTopic.gif button but use the AddReply.gif button instead.
  • In the upper right hand corner of the topic you will see the WatchTopic.gif button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Helping me Help You

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

===================================================

Additional Information
  • If you have since resolved the original problem you were having, I would appreciate you letting me know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and I will guide you.
    • Explain as best you can what happens with your computer, i.e. it beeps three times, the the black screen starts then goes blank, etc
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below I will review your topic an do my best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.
===================================================

Create DDS.txt and Attach.txt

I would like to see some information about what is happening in your machine. Please perform the following scan (again):
  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.

DDS.com
DDS.pif

  • Double click on the icon and allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Please copy and paste the contents of both results in your post.
  • Close the program window, and delete the program from your desktop.
You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • DDS.txt
  • Attach.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 shortmicheal

shortmicheal
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:47 PM

Posted 15 March 2013 - 10:32 AM

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.17.2
Run by Micheal at 10:25:21 on 2013-03-15
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3584.1998 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
C:\Program Files\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Garage\Mouse without Borders\DDHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Users\Micheal\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DisplayFusion\DisplayFusion.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Micheal\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\14.2.0\ScriptHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\AVG\AVG2013\avgmfapx.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/?PC=BNHP
uURLSearchHooks: {9565115d-c7d6-46d3-bd63-b67b481a4368} - <orphaned>
uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - <orphaned>
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\program files\amd\steadyvideo\SteadyVideo.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [SansaDispatch] c:\users\micheal\appdata\roaming\sandisk\sansa updater\SansaDispatch.exe
uRun: [PlayNC Launcher] <no file>
mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
mRun: [Start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Launch LCore] c:\program files\logitech gaming software\LCore.exe /minimized
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\micheal\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\micheal\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\micheal\appdata\roaming\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech gaming software\ereg\eReg.exe
StartupFolder: c:\users\micheal\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: DisableCAD = dword:1
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Open Client to monitor &1 - c:\windows\web\AOpenClient.htm
IE: Open Client to monitor &2 - c:\windows\web\AOpenClient.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{01B2D504-2FD1-4C5B-A823-D815AD922C43} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{9C830366-79B0-4702-A56F-B04C360E08B5} : DHCPNameServer = 66.175.131.21 66.175.131.20
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\program files\amd\steadyvideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\program files\amd\steadyvideo\VideoMIMEFilter.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
STS: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.160\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 206.191.62.34 www.binaryfortress.com
Hosts: 206.191.62.34 binaryfortress.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\micheal\appdata\roaming\mozilla\firefox\profiles\90f1yf9q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.dressupgames.com/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bbcd06d84-2a34-458b-922f-93d4d118cca3%7D&mid=023968af4e0f129bf3da2ad726ec773c-093692b65f3c31e2b1b723d9242eff927baffc0e&ds=AVG&v=13.2.0.5&lang=en&pr=fr&d=2012-06-23%2000%3A58%3A04&sap=ku&q=
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\users\micheal\appdata\roaming\mozilla\firefox\profiles\90f1yf9q.default\extensions\piclens@cooliris.com\components\cooliris.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\webzen\browserextension\NPWZCmnCtrl.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\users\micheal\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\micheal\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\micheal\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\micheal\appdata\roaming\mozilla\firefox\profiles\90f1yf9q.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
FF - ExtSQL: !HIDDEN! 2010-07-30 23:10; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(extentions.y2layers.installId, 66fcb406-a064-45cc-9b19-dbc8dcb75c25
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-11-16 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-11-9 33112]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 219136]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-12-19 291840]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-16 5814904]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-3-12 21992]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2012-3-16 37944]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-11-6 84992]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\drivers\LGSHidFilt.Sys [2012-10-2 42040]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\drivers\mcvidrv.sys [2012-10-10 34432]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2012-10-10 25088]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2013-1-10 27136]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 DVDRIVER;DVDRIVER;c:\windows\system32\drivers\dvdriver.sys [2011-8-18 35016]
S3 AODDriver4.0;AODDriver4.0;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-4-9 48256]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-1-20 83168]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-8-23 20032]
S3 libusb0;libusb-win32 - Kernel Driver 10/02/2010 1.2.2.0;c:\windows\system32\drivers\libusb0.sys [2011-7-23 35392]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-3-7 40776]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-1-20 181344]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-25 52224]
S3 usbUDisc;usbUDisc;c:\windows\system32\drivers\USBDrv.sys [2012-11-9 13824]
.
=============== Created Last 30 ================
.
2013-03-15 04:08:59 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-03-15 04:08:58 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-03-15 02:53:45 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-13 05:06:46 -------- d-----w- c:\users\micheal\appdata\roaming\SUPERAntiSpyware.com
2013-03-13 05:06:40 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-03-13 05:06:40 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-03-13 04:27:50 181808 ----a-w- c:\windows\RegBootClean.exe
2013-03-13 02:51:24 -------- d-----w- c:\program files\Trend Micro
2013-03-13 02:25:36 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-13 01:49:53 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-13 01:49:53 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-11 04:45:38 -------- d-----w- c:\program files\NirSoft
2013-03-08 19:34:45 -------- d-sh--w- C:\found.001
2013-03-08 01:31:58 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-03-01 06:11:47 -------- d-----w- c:\users\micheal\appdata\local\{DFCD66BE-CB4F-42AE-A6D3-E634BBBD94E9}
2013-02-24 05:12:50 -------- d-----w- c:\program files\AMD AVT
2013-02-24 05:12:43 -------- d-----w- c:\program files\AMD APP
2013-02-16 01:58:12 106088 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-02-16 01:58:12 106088 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2013-03-13 02:25:18 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-13 02:25:18 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-28 13:37:29 981504 ----a-w- c:\windows\system32\wininet.dll
2013-02-28 11:38:43 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-19 06:27:57 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-02-12 04:48:31 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-05 05:00:15 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 04:50:52 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 03:00:29 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-01-03 05:05:20 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 05:04:43 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-12-31 19:14:39 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-19 21:45:04 180224 ----a-w- c:\windows\system32\clinfo.exe
2012-12-19 21:44:42 65536 ----a-w- c:\windows\system32\OpenVideo.dll
2012-12-19 21:44:32 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-12-19 21:38:48 28732928 ----a-w- c:\windows\system32\amdocl.dll
2012-12-19 21:34:38 50176 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-19 20:50:10 5630200 ----a-w- c:\windows\system32\atiumdag.dll
2012-12-19 20:47:46 9647104 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-12-19 20:22:48 58880 ----a-w- c:\windows\system32\coinst_9.012.dll
2012-12-19 20:19:46 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-12-19 20:18:02 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-12-19 20:17:52 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-12-19 20:13:24 13703168 ----a-w- c:\windows\system32\aticaldd.dll
2012-12-19 20:12:44 18982400 ----a-w- c:\windows\system32\atioglxx.dll
2012-12-19 20:09:52 960512 ----a-w- c:\windows\system32\aticfx32.dll
2012-12-19 20:06:00 6681088 ----a-w- c:\windows\system32\atidxx32.dll
2012-12-19 19:57:00 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-12-19 19:56:24 482304 ----a-w- c:\windows\system32\atieclxx.exe
2012-12-19 19:55:48 219136 ----a-w- c:\windows\system32\atiesrxx.exe
2012-12-19 19:54:30 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-12-19 19:54:20 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-12-19 19:54:12 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-12-19 19:44:28 4162048 ----a-w- c:\windows\system32\atiumdva.dll
2012-12-19 19:33:40 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-12-19 19:33:40 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-12-19 19:33:30 421888 ----a-w- c:\windows\system32\atiadlxx.dll
2012-12-19 19:33:14 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-12-19 19:33:04 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-12-19 19:32:06 442368 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-12-19 19:31:08 109568 ----a-w- c:\windows\system32\atiuxpag.dll
2012-12-19 19:30:52 83968 ----a-w- c:\windows\system32\atiu9pag.dll
2012-12-19 19:30:16 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
.
============= FINISH: 10:28:20.92 ===============
 

 

 

 

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/17/2010 3:14:30 PM
System Uptime: 3/15/2013 10:18:51 AM (0 hours ago)
.
Motherboard: Acer |  | EM61SM/EM61PM        
Processor: AMD Athlon™ 64 X2 Dual Core Processor 4400+ | Socket M2  | 2300/201mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 163.39 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
G: is Removable
H: is Removable
I: is CDROM ()
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: USB Device(VID_1f3a_PID_efe8)
Device ID: ROOT\USB\0000
Manufacturer: USB Devices
Name: USB Device(VID_1f3a_PID_efe8)
PNP Device ID: ROOT\USB\0000
Service: usbUDisc
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Photosmart D110 series
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Photosmart D110 series
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
==== System Restore Points ===================
.
RP361: 3/1/2013 12:12:13 AM - Configured Splashtop Streamer
RP362: 3/6/2013 12:28:27 AM - Installed Java 7 Update 17
RP363: 3/12/2013 9:15:02 PM - Windows Update
RP364: 3/12/2013 9:24:55 PM - Installed Java 7 Update 17
RP365: 3/14/2013 11:03:40 PM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
32 Bit HP CIO Components Installer
7-Zip 4.65
AC3Filter (remove only)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.4
Adobe Shockwave Player 12.0
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD Steady Video Plug-In
AMD VISION Engine Control Center
AoCClient
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArchLord
ArmA 2 Free Uninstall
ATI AVIVO Codecs
ATITool Overclocking Utility
AVG 2013
AVG Security Toolbar
Axife Mouse Recorder DEMO 5.01
Bonjour
Borderlands 2
Browser Plugin
BufferChm
Call of Duty Black Ops 2
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cisco Connect
CleVR Stitcher
ComicRack v0.9.153
ConvertXtoDVD 3.0.0.9
Core Temp 1.0 RC3
Coupon Printer for Windows
CPUID CPU-Z 1.60
D110
DayZ Commander
Debut Video Capture Software
Destinations
DeviceDiscovery
Diablo III
DisplayFusion 4.3
Download and Sa
Draft IT
Dream Aquarium
Dropbox
Emicsoft Video Converter
EverQuest II
Express Burn
Express Zip
Facebook Plug-In
Facebook Video Calling 1.2.0.287
Free Alarm Clock 2.3.3
Google Chrome
Google Earth Plug-in
Google Update Helper
GPBaseService2
GTA San Andreas
Haali Media Splitter
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPAppStudio
HPPhotoGadget
HPProductAssistant
HydraVision
ImgBurn
ISO Recorder
iTunes
Java 7 Update 17
Java Auto Updater
Java™ 6 Update 31
JavaFX 2.1.1
Kies mini
Kingdoms of Amalur Reckoning
LeapFrog Connect
LeapFrog LeapPad Explorer Plugin
Logitech Gaming Software
Logitech Gaming Software 5.09
Logitech Gaming Software 8.40
LogMeIn Hamachi
Malwarebytes Anti-Malware version 1.70.0.1100
ManyCam 3.1.21
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Garage Mouse without Borders
Microsoft IntelliPoint 8.1
Microsoft IntelliType Pro 8.2
Microsoft Silverlight
Microsoft Virtual PC 2007 SP1
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Xbox 360 Accessories 1.2
Microsoft XNA Framework Redistributable 4.0
Mouse Recorder Pro 2
Mozilla Firefox 9.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mud Master 2000 version 4.0
MyFreeCodec
NCsoft Launcher
Network
Nexon Game Manager
NirSoft BlueScreenView
OGA Notifier 2.0.0048.0
OpenOffice.org 3.2
Oracle VM VirtualBox 4.1.0
Paint.NET v3.5.10
Pando Media Booster
PeerBlock 1.1 (r518)
Pepakura Viewer 3
Picasa 3
Portal 2
PS_AIO_07_D110_SW_Min
PunkBuster Services
QuickTime
QuickTransfer
R.A.W Realms of Ancient War © Focus Home Interactive version 1
RuneScape Launcher 1.2
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Sansa Updater
Sarmsoft Web Camera
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Skype Click to Call
Skype™ 5.10
Sleeping Dogs
SmartWebPrinting
SolutionCenter
Splashtop Software Updater
Splashtop Streamer
Spybot - Search & Destroy
Status
Steam
SUPERAntiSpyware
swMSM
Terraria
The Elder Scrolls V Skyrim Dragonborn © Bethesda Softworks version 1
Toolbox
Torchlight II © Runic Games version 1
TrayApp
Tunngle beta
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
VLC media player 2.0.1
WebReg
WEBZEN Browser Extension
Windows 7 USB/DVD Download Tool
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)
Windows Media Player Firefox Plugin
Windows Mobile Device Updater Component
WinX DVD Ripper Platinum 6.0.2
World of Tanks
Yontoo Layers Runtime 1.10.01
Youtorial Player
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
3/9/2013 7:12:43 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:  An instance of the service is already running.
3/9/2013 7:12:43 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error:  An instance of the service is already running.
3/9/2013 7:11:43 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:  An instance of the service is already running.
3/9/2013 7:04:33 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000000a (0xa0b2991c, 0x00000000, 0x00000000, 0x830bddae). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 030913-27580-01.
3/9/2013 3:04:36 PM, Error: Service Control Manager [7024]  - The AVGIDSAgent service terminated with service-specific error %%-536753637.
3/9/2013 3:03:08 PM, Error: Service Control Manager [7000]  - The AVG AVI Loader Driver service failed to start due to the following error:  %%-536768764
3/8/2013 9:16:59 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DHCP Client service, but this action failed with the following error:  An instance of the service is already running.
3/8/2013 9:16:11 PM, Error: Service Control Manager [7034]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 9 time(s).
3/8/2013 9:16:11 PM, Error: Service Control Manager [7034]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 10 time(s).
3/8/2013 9:16:11 PM, Error: Service Control Manager [7034]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 9 time(s).
3/8/2013 9:16:11 PM, Error: Service Control Manager [7034]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 10 time(s).
3/8/2013 9:16:11 PM, Error: Service Control Manager [7001]  - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:  The operation completed successfully.
3/8/2013 9:16:00 PM, Error: Service Control Manager [7034]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 8 time(s).
3/8/2013 9:16:00 PM, Error: Service Control Manager [7034]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 8 time(s).
3/8/2013 9:14:59 PM, Error: Service Control Manager [7031]  - The Windows Event Log service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/8/2013 9:14:59 PM, Error: Service Control Manager [7031]  - The Windows Audio service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/8/2013 9:14:59 PM, Error: Service Control Manager [7031]  - The TCP/IP NetBIOS Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
3/8/2013 9:14:59 PM, Error: Service Control Manager [7031]  - The Security Center service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/8/2013 9:14:59 PM, Error: Service Control Manager [7031]  - The HomeGroup Provider service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/8/2013 9:14:59 PM, Error: Service Control Manager [7031]  - The DHCP Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/8/2013 8:39:13 PM, Error: Service Control Manager [7034]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 7 time(s).
3/8/2013 8:39:13 PM, Error: Service Control Manager [7034]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 7 time(s).
3/8/2013 8:39:13 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Peer Networking Identity Manager service, but this action failed with the following error:  An instance of the service is already running.
3/8/2013 8:39:08 PM, Error: Service Control Manager [7034]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 6 time(s).
3/8/2013 8:39:08 PM, Error: Service Control Manager [7034]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 6 time(s).
3/8/2013 8:34:15 PM, Error: Service Control Manager [7034]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 5 time(s).
3/8/2013 8:34:15 PM, Error: Service Control Manager [7034]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 5 time(s).
3/8/2013 8:34:14 PM, Error: Service Control Manager [7034]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 4 time(s).
3/8/2013 8:34:14 PM, Error: Service Control Manager [7034]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 3 time(s).
3/8/2013 8:34:14 PM, Error: Service Control Manager [7034]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 4 time(s).
3/8/2013 8:34:14 PM, Error: Service Control Manager [7034]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 3 time(s).
3/8/2013 8:34:13 PM, Error: Service Control Manager [7031]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/8/2013 8:34:13 PM, Error: Service Control Manager [7031]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/8/2013 8:34:08 PM, Error: Service Control Manager [7031]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/8/2013 8:34:08 PM, Error: Service Control Manager [7031]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/8/2013 8:33:28 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\System Volume Information\Syscache.hve' was corrupted and it has been recovered. Some data might have been lost.
3/8/2013 1:37:20 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001a (0x00041790, 0xc080209a, 0x0000ffff, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 030813-45879-01.
3/15/2013 10:19:30 AM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.
3/15/2013 10:19:30 AM, Error: Service Control Manager [7000]  - The DVDRIVER service failed to start due to the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/14/2013 11:10:37 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7.
3/14/2013 1:39:47 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
3/13/2013 8:43:14 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
3/13/2013 8:43:10 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/13/2013 8:43:10 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/13/2013 8:43:09 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/13/2013 8:43:04 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/13/2013 8:40:44 PM, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
3/13/2013 8:38:51 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
3/13/2013 8:38:44 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  ATITool AVGIDSDriver AVGIDSShim Avgldx86 discache SASDIFSV SASKUTIL spldr sptd VBoxDrv VBoxUSBMon vmm Wanarpv6
3/13/2013 8:38:43 PM, Error: Service Control Manager [7001]  - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
3/13/2013 8:38:43 PM, Error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.
3/13/2013 8:38:20 PM, Error: sptd [4]  - Driver detected an internal error in its data structures for .
3/12/2013 9:43:29 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  ATITool AVGIDSDriver AVGIDSShim Avgldx86 discache spldr sptd VBoxDrv VBoxUSBMon vmm Wanarpv6
3/11/2013 1:58:35 AM, Error: VDS Basic Provider [1]  - Unexpected failure. Error code: 490@01010004
3/11/2013 1:38:59 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
3/11/2013 1:38:59 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
3/11/2013 1:18:13 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
3/10/2013 4:07:35 AM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/10/2013 4:07:33 AM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Secondary Logon service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Remote Desktop Configuration service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The IP Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Group Policy Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Computer Browser service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Certificate Propagation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Background Intelligent Transfer Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/10/2013 4:07:31 AM, Error: Service Control Manager [7031]  - The Application Experience service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/10/2013 4:05:11 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000019 (0x00000003, 0x85cc0e48, 0x85cc0ed8, 0x85cc0e48). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031013-38641-01.
3/10/2013 2:45:58 AM, Error: Service Control Manager [7031]  - The Spybot-S&D 2 Security Center Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/10/2013 12:48:34 AM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
3/10/2013 11:55:02 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Avgldx86
3/10/2013 11:54:53 PM, Error: Service Control Manager [7024]  - The AVGIDSAgent service terminated with service-specific error %%-536805256.
3/10/2013 11:41:23 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
3/10/2013 11:41:23 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
3/10/2013 11:38:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000008e (0xc0000005, 0x9b7cdf6d, 0x8e7b6a8c, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031013-32760-01.
.
==== End Of File ===========================
 



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:47 PM

Posted 15 March 2013 - 11:33 AM

Greetings,

You are most welcome for the help, it is my pleasure.

From my first post:

In addition to running the below, can you tell me what, if anything you experience with other browsers?

I have some information for you to consider then I would like you to run the listed programs for me. I will be better equipped to provide further steps once I know if this issue is just with Chrome.

===================================================

Spybot S&D No Longer Recommended

--------------------

MVPS.org is no longer recommending Spybot S&D due to poor testing results. (scroll down on the web site and read under Freeware Antispyware Products)

I strongly recommend uninstalling Spybot Search & Destroy. The presence of this program can make cleaning your computer more difficult.

If you choose to uninstall please go to Start, Control Panel, Add/Remove Programs (or Programs and Features) and uninstall the program.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Delete
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[S1].txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Does the launching of other browsers cause the same issue?
  • AdwCleaner log
  • Junkware log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 shortmicheal

shortmicheal
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:47 PM

Posted 15 March 2013 - 01:35 PM

I only have internet explorer on this computer and it seems to be working fine. Its very weird when I am in safe mode chrome opens just fine and so does internet explorer but in normal mode only internet explorer will open without my computer freezing and crashing. I am iincluding the 2 logs you asked for as follows:

 

# AdwCleaner v2.114 - Logfile created 03/15/2013 at 13:19:04
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Micheal - MICHEAL-PC
# Boot Mode : Normal
# Running from : C:\Users\Micheal\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Windows\system32\conduitEngine.tmp
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Search Toolbar
Folder Deleted : C:\Program Files\Yontoo Layers Runtime
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Download and Sa
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download and Sa
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Kids\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Kids\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Kids\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Kids\AppData\LocalLow\Download and Sa
Folder Deleted : C:\Users\Micheal\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Micheal\AppData\Local\Conduit
Folder Deleted : C:\Users\Micheal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci
Folder Deleted : C:\Users\Micheal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Folder Deleted : C:\Users\Micheal\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Micheal\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Micheal\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Micheal\AppData\LocalLow\Download and Sa
Folder Deleted : C:\Users\Micheal\AppData\Roaming\Mozilla\Firefox\Profiles\90f1yf9q.default\ConduitCommon
Folder Deleted : C:\Users\Micheal\AppData\Roaming\Mozilla\Firefox\Profiles\90f1yf9q.default\CT2418376
Folder Deleted : C:\Users\Micheal\AppData\Roaming\Mozilla\Firefox\Profiles\90f1yf9q.default\CT3072253
Folder Deleted : C:\Users\Micheal\AppData\Roaming\Mozilla\Firefox\Profiles\90f1yf9q.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Deleted : C:\Users\Micheal\AppData\Roaming\Mozilla\Firefox\Profiles\90f1yf9q.default\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}
Folder Deleted : C:\Users\Micheal\AppData\Roaming\Mozilla\Firefox\Profiles\90f1yf9q.default\extensions\plugin@yontoo.com
Folder Deleted : C:\Users\Micheal\AppData\Roaming\Mozilla\Firefox\Profiles\90f1yf9q.default\extensions\staged
Folder Deleted : C:\Users\Micheal\AppData\Roaming\Mozilla\Firefox\Profiles\90f1yf9q.default\FCTB

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GamePlayLabs
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2418376
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20E7BC40-33F6-4A81-9D52-B58349326206}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={1F1B1C2B-E52E-45F8-BC61-D41E3F11D855}&mid=023968af4e0f129bf3da2ad726ec773c-093692b65f3c31e2b1b723d9242eff927baffc0e&lang=en&ds=AVG&pr=fr&d=2012-06-23 00:58:04&pid=avg&sg=&v=14.2.0.1&sap=nt --> hxxp://www.google.com

-\\ Mozilla Firefox v9.0.1 (en-US)

File : C:\Users\Micheal\AppData\Roaming\Mozilla\Firefox\Profiles\90f1yf9q.default\prefs.js

C:\Users\Micheal\AppData\Roaming\Mozilla\Firefox\Profiles\90f1yf9q.default\user.js ... Deleted !

Deleted : user_pref("CT2418376..clientLogIsEnabled", false);
Deleted : user_pref("CT2418376..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2418376..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2418376.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2418376.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2418376.CTID", "ct2418376");
Deleted : user_pref("CT2418376.CurrentServerDate", "27-12-2012");
Deleted : user_pref("CT2418376.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2418376.DialogsGetterLastCheckTime", "Wed Dec 26 2012 20:16:36 GMT-0600 (Central Standa[...]
Deleted : user_pref("CT2418376.DownloadReferralCookieData", "");
Deleted : user_pref("CT2418376.ExternalComponentPollDate5694225620172914022", "Fri Aug 12 2011 20:53:02 GMT-05[...]
Deleted : user_pref("CT2418376.FirstServerDate", "2-8-2011");
Deleted : user_pref("CT2418376.FirstTime", true);
Deleted : user_pref("CT2418376.FirstTimeFF3", true);
Deleted : user_pref("CT2418376.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2418376.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2418376.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2418376.HasUserGlobalKeys", true);
Deleted : user_pref("CT2418376.Initialize", true);
Deleted : user_pref("CT2418376.InitializeCommonPrefs", true);
Deleted : user_pref("CT2418376.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2418376.InstallationId", "ConduitStubGeneric");
Deleted : user_pref("CT2418376.InstallationType", "ConduitStubIntegration");
Deleted : user_pref("CT2418376.InstalledDate", "Tue Aug 02 2011 10:00:18 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2418376.IsAlertDBUpdated", true);
Deleted : user_pref("CT2418376.IsGrouping", false);
Deleted : user_pref("CT2418376.IsInitSetupIni", true);
Deleted : user_pref("CT2418376.IsMulticommunity", false);
Deleted : user_pref("CT2418376.IsOpenThankYouPage", false);
Deleted : user_pref("CT2418376.IsOpenUninstallPage", true);
Deleted : user_pref("CT2418376.LanguagePackLastCheckTime", "Tue Aug 02 2011 10:00:21 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT2418376.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2418376.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2418376.LastLogin_3.12.2.3", "Wed Dec 26 2012 20:16:44 GMT-0600 (Central Standard Time)[...]
Deleted : user_pref("CT2418376.LastLogin_3.5.0.12", "Fri Aug 12 2011 20:53:06 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2418376.LatestVersion", "3.16.0.3");
Deleted : user_pref("CT2418376.Locale", "en");
Deleted : user_pref("CT2418376.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2418376.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2418376.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2418376.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2418376.OriginalFirstVersion", "3.5.0.12");
Deleted : user_pref("CT2418376.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2418376.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT241[...]
Deleted : user_pref("CT2418376.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2418376.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2418376.SearchInNewTabLastCheckTime", "Tue Aug 02 2011 10:00:19 GMT-0500 (Central Dayli[...]
Deleted : user_pref("CT2418376.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2418376.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2418376.ServiceMapLastCheckTime", "Wed Dec 26 2012 20:16:19 GMT-0600 (Central Standard [...]
Deleted : user_pref("CT2418376.SettingsLastCheckTime", "Tue Aug 02 2011 10:00:11 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2418376.SettingsLastUpdate", "1311797275");
Deleted : user_pref("CT2418376.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2418376.ThirdPartyComponentsLastCheck", "Tue Aug 02 2011 10:00:11 GMT-0500 (Central Day[...]
Deleted : user_pref("CT2418376.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT2418376.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2418376.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2418376");
Deleted : user_pref("CT2418376.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2418376.UserID", "UN93151528184200993");
Deleted : user_pref("CT2418376.alertChannelId", "812740");
Deleted : user_pref("CT2418376.ct2418376.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2418376.ct2418376.LanguagePackLastCheckTime", "Wed Dec 26 2012 20:16:36 GMT-0600 (Centr[...]
Deleted : user_pref("CT2418376.ct2418376.Locale", "en");
Deleted : user_pref("CT2418376.ct2418376.SearchInNewTabLastCheckTime", "Wed Dec 26 2012 20:16:24 GMT-0600 (Cen[...]
Deleted : user_pref("CT2418376.ct2418376.SettingsLastCheckTime", "Wed Dec 26 2012 20:16:22 GMT-0600 (Central S[...]
Deleted : user_pref("CT2418376.ct2418376.SettingsLastUpdate", "1356550082");
Deleted : user_pref("CT2418376.ct2418376.ThirdPartyComponentsLastCheck", "Tue Aug 02 2011 10:00:18 GMT-0500 (C[...]
Deleted : user_pref("CT2418376.ct2418376.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT2418376.ct2418376.globalFirstTimeInfoLastCheckTime", "Fri Aug 12 2011 20:53:06 GMT-0500[...]
Deleted : user_pref("CT2418376.ct2418376.toolbarAppMetaDataLastCheckTime", "Wed Dec 26 2012 20:16:36 GMT-0600 [...]
Deleted : user_pref("CT2418376.ct2418376.toolbarContextMenuLastCheckTime", "Tue Aug 02 2011 10:00:22 GMT-0500 [...]
Deleted : user_pref("CT2418376.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2418376.globalFirstTimeInfoLastCheckTime", "Tue Aug 02 2011 10:00:20 GMT-0500 (Central [...]
Deleted : user_pref("CT2418376.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2418376.initDone", true);
Deleted : user_pref("CT2418376.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2418376.myStuffEnabled", true);
Deleted : user_pref("CT2418376.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2418376.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2418376.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2418376.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2418376.oldAppsList", "128994482097350312,128994482097506563,111,5694225620172914022,12[...]
Deleted : user_pref("CT2418376.revertSettingsEnabled", true);
Deleted : user_pref("CT2418376.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2418376.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2418376.testingCtid", "");
Deleted : user_pref("CT2418376.toolbarAppMetaDataLastCheckTime", "Tue Aug 02 2011 10:00:17 GMT-0500 (Central D[...]
Deleted : user_pref("CT2418376.toolbarContextMenuLastCheckTime", "Tue Aug 02 2011 10:00:21 GMT-0500 (Central D[...]
Deleted : user_pref("CT2418376.usagesFlag", 2);
Deleted : user_pref("CT3072253..clientLogIsEnabled", false);
Deleted : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Deleted : user_pref("CT3072253.CTID", "CT3072253");
Deleted : user_pref("CT3072253.CurrentServerDate", "27-12-2012");
Deleted : user_pref("CT3072253.DSInstall", false);
Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Wed Dec 26 2012 20:16:24 GMT-0600 (Central Standa[...]
Deleted : user_pref("CT3072253.DownloadReferralCookieData", "");
Deleted : user_pref("CT3072253.FirstServerDate", "19-5-2012");
Deleted : user_pref("CT3072253.FirstTime", true);
Deleted : user_pref("CT3072253.FirstTimeFF3", true);
Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true);
Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3072253.HPInstall", false);
Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Deleted : user_pref("CT3072253.HomePageProtectorEnabled", false);
Deleted : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://www.dressupgames.com/");
Deleted : user_pref("CT3072253.Initialize", true);
Deleted : user_pref("CT3072253.InitializeCommonPrefs", true);
Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT3072253.InstallationId", "fft8788.tmp.exe");
Deleted : user_pref("CT3072253.InstallationType", "XPE");
Deleted : user_pref("CT3072253.InstalledDate", "Fri May 18 2012 17:41:17 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT3072253.IsAlertDBUpdated", true);
Deleted : user_pref("CT3072253.IsGrouping", false);
Deleted : user_pref("CT3072253.IsInitSetupIni", true);
Deleted : user_pref("CT3072253.IsMulticommunity", false);
Deleted : user_pref("CT3072253.IsOpenThankYouPage", true);
Deleted : user_pref("CT3072253.IsOpenUninstallPage", false);
Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Wed Dec 26 2012 20:16:24 GMT-0600 (Central Standar[...]
Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3072253.LastLogin_3.12.0.8", "Fri May 25 2012 22:19:20 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT3072253.LastLogin_3.12.2.3", "Wed Dec 26 2012 20:16:22 GMT-0600 (Central Standard Time)[...]
Deleted : user_pref("CT3072253.LatestVersion", "3.16.0.3");
Deleted : user_pref("CT3072253.Locale", "en");
Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3072253.MCDetectTooltipShow", false);
Deleted : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", false);
Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Deleted : user_pref("CT3072253.SearchEngineBeforeUnload", "AVG Secure Search");
Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Wed Dec 26 2012 20:16:19 GMT-0600 (Central Stand[...]
Deleted : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3072253.SearchProtectorEnabled", false);
Deleted : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Wed Dec 26 2012 20:16:20 GMT-0600 (Central Standard [...]
Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Wed Dec 26 2012 22:53:30 GMT-0600 (Central Standard Ti[...]
Deleted : user_pref("CT3072253.SettingsLastUpdate", "1356550082");
Deleted : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Wed Dec 26 2012 20:16:17 GMT-0600 (Central Sta[...]
Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3072253.UserID", "UN56636655684754584");
Deleted : user_pref("CT3072253.ValidationData_Toolbar", 1);
Deleted : user_pref("CT3072253.alertChannelId", "1463702");
Deleted : user_pref("CT3072253.approveUntrustedApps", true);
Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Deleted : user_pref("CT3072253.backendstorage.cb_experience_000", "31");
Deleted : user_pref("CT3072253.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT3072253.backendstorage.cb_user_id_000", "43423737393739303638313639375F46697265666F78")[...]
Deleted : user_pref("CT3072253.backendstorage.cbcountry_000", "5553");
Deleted : user_pref("CT3072253.backendstorage.cbcountry_001", "5553");
Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", "467269204D617920313820323031322031373A34313A32312[...]
Deleted : user_pref("CT3072253.backendstorage.url_history0001", "687474703A2F2F6C796E63686275726773746F72652E7[...]
Deleted : user_pref("CT3072253.components.129573915102477663", false);
Deleted : user_pref("CT3072253.components.129593762370823811", false);
Deleted : user_pref("CT3072253.components.129749445881800338", false);
Deleted : user_pref("CT3072253.components.129805375651312503", false);
Deleted : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Wed Dec 26 2012 20:16:25 GMT-0600 (Central [...]
Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3072253.initDone", true);
Deleted : user_pref("CT3072253.isAppTrackingManagerOn", false);
Deleted : user_pref("CT3072253.myStuffEnabled", true);
Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3072253.navigateToUrlOnSearch", false);
Deleted : user_pref("CT3072253.oldAppsList", "129295695672325902,129571859753931591,111,129593762370823811,129[...]
Deleted : user_pref("CT3072253.revertSettingsEnabled", false);
Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3072253.testingCtid", "");
Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Wed Dec 26 2012 20:16:24 GMT-0600 (Central S[...]
Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Wed Dec 26 2012 20:16:24 GMT-0600 (Central S[...]
Deleted : user_pref("CT3072253.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2418376/CT2418376[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2418376", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2418376", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2418376",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2418376&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2418376&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"b33[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Micheal\\AppData\\Roaming\\Mozilla\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://ws.infospace.com/coolchaser_game/[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2418376,CT3072253");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2418376,CT3072253");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2418376,CT3072253");
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.userId", "{4322f197-52f8-4ac9-9d0d-b36fed3e2191}");
Deleted : user_pref("CommunityToolbar.globalUserId", "0e7af7d1-91f3-4cd0-a0f5-ba3fbd5defca");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Dec 26 2012 20:16:2[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri May 18 2012 18:41:21 GMT-050[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Dec 26 2012 20:16:20 GMT-0600 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "ed6292fe-7eee-48e1-855f-59a1f5918aa0");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.dressupgames.com/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "AVG Secure Search");
Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\13.2.0.5");
Deleted : user_pref("avg.install.userSPSettings", "AVG Secure Search");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("extensions.509c96527c3ca.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Deleted : user_pref("extensions.plugin@gameplaylabs.com.fr", "1299555654");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_.bing.com", "1301267214");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_.ebay.", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_.google.", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_.msn.com", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_.myspace.com", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_.yahoo.com", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_.youtube.com", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_/", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_dealsplugin.com/", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_facebook.com", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_h", "1301267214");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_hxxp", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_hxxp://www.facebook.com/plugins/like.php?href=htt[...]
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_iqquizgame.com/", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_mail.aol.com", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_play-ga.me/", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_revealmycrush.com/", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_theclickcheck.com", "1301267214");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_unlock-this.com/browserplugin", "1299555656");
Deleted : user_pref("extensions.plugin@gameplaylabs.com.rule_unlock-this.com/plugin", "1299555656");
Deleted : user_pref("extentions.y2layers.installId", "66fcb406-a064-45cc-9b19-dbc8dcb75c25");
Deleted : user_pref("extentions.y2layers.lastDnsTest", 371667);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.2808538.KeywordHistory", "frontierville%7C");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.AutoSearchEventData", "auto%20search");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ClearCacheDate", 26);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DNSCatch", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DisplayEULA", false);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DnsCatchEventData", "dns%20catch");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.FirstLaunchShown", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.LoadLayoutDate.62781", 26);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.NewTabSearchEventData", "tab%20search");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ShowRecommendedOptions", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.StateReportDate", "1356574576095");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.TopRightSearchEventData", "top%20right%20search[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.customNewTab", false);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.data", "970E0D327E91ACB7AE5FC2C7B268ABD9A70C71F[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.helpUsImprove", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.hideOthers", false);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.processAddrBar", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.restoreSearch", false);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.revision", "37");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.searchHistory", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.showFirstLaunchOptions", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.stday", "14");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.sthour", "21");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tb_lang", "en");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tool_id", "62781");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_id", "36909025");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_key", "41812c1874c52b3fe261a676d6727821766[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_layouts", "62781");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_lnames", "Gamers%20Unite%21%20Snag%20Bar")[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.xml_service_url", "64e3a27980eeceb34248bc3e680b[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.yahooSearch", true);
Deleted : user_pref("greasemonkey.scriptvals.mafiawars/Facebook Mafia Wars Autoplayer.itemLog", "<div class=\"[...]
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bbcd06d84-2a34-458b-922f-93d4d118cca3%[...]

File : C:\Users\Kids\AppData\Roaming\Mozilla\Firefox\Profiles\hioq90bj.default\prefs.js

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.2.0.1");
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B6ce0e1cc-14e2-4a1e-aaa0-a0955a488fbc%[...]

-\\ Google Chrome v25.0.1364.172

File : C:\Users\Micheal\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [38174 octets] - [15/03/2013 13:19:04]

########## EOF - C:\AdwCleaner[S1].txt - [38235 octets] ##########

 

 

 

 

 

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.1 (03.12.2013:1)
OS: Windows 7 Professional x86
Ran by Micheal on Fri 03/15/2013 at 13:24:36.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{687578b9-7132-4a7a-80e4-30ee31099e03}

 

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\bho.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{26d675ac-d925-4bbf-a720-62c2aa4a81eb}

 

~~~ Files

Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll"

 

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Users\Micheal\AppData\Roaming\microsoft\windows\start menu\programs\rivalgaming"

 

~~~ FireFox

Successfully deleted: [File] C:\Users\Micheal\AppData\Roaming\mozilla\firefox\profiles\90f1yf9q.default\searchplugins\bing-zugo.xml
Successfully deleted: [Folder] C:\Users\Micheal\AppData\Roaming\mozilla\firefox\profiles\90f1yf9q.default\extensions\509c96527c31e@509c96527c357.com
Successfully deleted: [Folder] C:\Users\Micheal\AppData\Roaming\mozilla\firefox\profiles\90f1yf9q.default\extensions\links@rivalgaming.com
Successfully deleted the following from C:\Users\Micheal\AppData\Roaming\mozilla\firefox\profiles\90f1yf9q.default\prefs.js

user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6,{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8,piclens@cooliris.com:1.12.2.44172,smarterwiki@w
user_pref("extensions.searchtoolbar@zugo.com.install-event-fired", true);
Emptied folder: C:\Users\Micheal\AppData\Roaming\mozilla\firefox\profiles\90f1yf9q.default\minidumps [4 files]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/15/2013 at 13:29:54.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:47 PM

Posted 15 March 2013 - 02:08 PM

Thank you for running the programs and posting the results. Here is what I would like you to do next.

===================================================

Disabling Plug-ins and Extensions in Google Chrome

--------------------
  • Launch Chrome
  • In the address bar type chrome://plugins and press Enter
  • Click Disable on all plugins
  • In the address bar type chrome://extensions and press Enter
  • Uncheck any checked items
  • Close Chrome and then Restart it
  • Check the browser performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • How is Chrome behaving now?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 shortmicheal

shortmicheal
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:47 PM

Posted 15 March 2013 - 02:13 PM

When I open chrome it still freezes my computer and distorts the image and the only thing I can do is reset the computer with tye power switch. I disabled all plugins and extensions in safe mode and reset and it still did the same thing.


Edited by shortmicheal, 15 March 2013 - 02:44 PM.


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:47 PM

Posted 15 March 2013 - 02:58 PM

Is this the only thing that causes this behavior?

Please do this now.

===================================================

Clearing Data Information in Google Chrome

--------------------

I would like you to clear some saved information in Google Chrome. Please perform the following from within the web browser:
  • Click the wrench icon on the browser toolbar in the upper right hand corner.
  • On the dropdown list select Tools, then Clear browsing data...
  • Please ensure only the following items are checked:
    • Clear browsing history
    • Empty the cache
    • Delete cookies and other site data
  • Press Clear browsing data
  • Restart Chrome and check the performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Any difference?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 shortmicheal

shortmicheal
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:47 PM

Posted 15 March 2013 - 03:39 PM

No change at all, it is still crashing my computer but like i said it works in safe mode with networking but not in normal mode.



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:47 PM

Posted 15 March 2013 - 03:41 PM

And is this the only program giving you problems? Any other symptoms at all?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 shortmicheal

shortmicheal
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:47 PM

Posted 15 March 2013 - 03:44 PM

Yes chrome is the only prgram giving me trouble. nothing is runnig slow and I am not noticing any other symptoms other than chrome crashing which is horrible because its the best browser in my opinion. I dont know what to do. I have tried uninstalling and reinstalling but that doesnt work either.



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:47 PM

Posted 15 March 2013 - 03:59 PM

OK, at this point we do have some options. We just need to work through some additional troubleshooting steps.

What we are going to do is disable what are know as third party programs. These are non-Microsoft programs and sometimes they create conflicts like what you are experiencing.

Please do this.

===================================================

Clean Boot
--------------------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msconfig and press Enter
  • If you are prompted for an administrator password or for a confirmation, type the password, or provide confirmation
  • In the System Configuration Utility dialog box, click Selective Startup on the General tab
  • Click to clear the Load Startup Items check box
  • Click the Services tab
  • Click to select the Hide All Microsoft Services check box
  • Click Disable All, and then click OK
  • When you are prompted, click Restart
  • Launch Chrome in Normal Mode
===================================================

Things I would like to see in your next reply. :thumbsup2:
  • Can you launch Chrome?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 shortmicheal

shortmicheal
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:47 PM

Posted 15 March 2013 - 06:38 PM

No change, same results



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:47 PM

Posted 15 March 2013 - 07:16 PM

Greetings,

I need a bit more information. Please do this.

===================================================

Checking Chrome Sync Status

--------------------
  • Lauch Chrome web browser
  • Type chrome://settings in the address bar and hit Enter
  • Under Sign in click Advanced sync settings...
  • Is Sync everything selected on the drop down list and are all 9 items underneath checked?
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Chrome sync information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users