Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Browser has been hijacked By Spigot


  • Please log in to reply
15 replies to this topic

#1 imducky1

imducky1

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 17 January 2014 - 01:55 AM

Here is what my browser address is.....http://search.yahoo.com/?type=114576&fr=spigot-yhp-ff 

 

I have tried everything......Malware Removers, Virus removers, removed add ons and search engines but shown below I cant get rid of

this HELPPPPP

 

Imducky1


Edited by hamluis, 17 January 2014 - 02:07 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:34 AM

Posted 17 January 2014 - 04:58 AM

Hello imducky -
Malware Removers & Virus removers will do nothing to help in the first instance.

 

•Click on your Windows Start button
•Click "Control Panel"
•Click "Add or Remove Programs" or "Uninstall a program"

Uninstall MyBrowserBar and/or a Spigot Toolbar from within the Browser.
Again, the toolbar is not MyBrowserBar malware, it is a simple program with clear user agreement that can easily be removed.

(Note: also may show a Dealio toolbar)

 

Now -
Open Internet Explorer and reset your Homepage as normal

If you use Chrome, this is the browser that picks up all of these Add Ons (remove it)

 

 

Just to clean up -

Please download and run RKill by Grinler.

A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.

You can post the Rkill log back here

 

Important: Do not reboot your computer until you complete the next step.

 

Please download AdwCleaner by Xplode and save to your Desktop.
+ NOTE : Please close or save all work, as the computer will be Rebooted
+ Double-click on AdwCleaner.exe to run the tool.
+ Vista/Windows 7/8 users right-click and select Run As Administrator.
+ Click on the Scan button. (only once)
+ AdwCleaner will begin...be patient as the scan may take some time to complete.
+ click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
+ NOW - Click on the Clean button. (only once)
+ Press OK when asked to close all programs and follow the onscreen prompts.
+ Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
+ After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
+ Copy and paste the contents of that logfile in your next reply.
+ A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

Next -

Please download and run RogueKiller 32 bit to your desktop.
RogueKiller 64<---use this one for 64 bit systems
Which system am I using?
Quit all running programs.
For Windows XP, double-click to start.
For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
Click Scan to scan the system.
When the scan completes > Close out the program > Don't Fix anything!
Don't run any other options, they're not all bad ! ! !
Post back the report which should be located on your desktop.

 

 

Thank You -



#3 imducky1

imducky1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 18 January 2014 - 01:22 AM

Here is the killer post;
Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/17/2014 09:13:52 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/17/2014 09:14:06 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)

Here is the one for Adware Cleaner;
# AdwCleaner v3.017 - Report created 17/01/2014 at 22:08:11
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : John - JOHNS-PC
# Running from : C:\Users\John\Desktop\AdwCleaner(1).exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\John\AppData\Local\Temp\Uninstall.exe
Folder Found C:\Program Files (x86)\Common Files\Spigot
Folder Found C:\ProgramData\AVG Security Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\systweak
Key Found : [x64] HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\Software\systweak
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\o9vrtv36.default-1389507808785\prefs.js ]


*************************

AdwCleaner[R1].txt - [2630 octets] - [17/01/2014 21:24:38]
AdwCleaner[R2].txt - [2524 octets] - [17/01/2014 22:08:11]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2584 octets] ##########

#4 imducky1

imducky1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 18 January 2014 - 01:39 AM

RogueKiller V8.8.2 [Jan 17 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : John [Admin rights]
Mode : Scan -- Date : 01/17/2014 22:35:35
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) ST3360320AS +++++
--- User ---
[MBR] 97d549ea8c9aa2091d6c00fdd6ce5b8c
[BSP] ceb84c3e7b096f62a58a22cb4210973b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 333748 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 683517555 | Size: 9648 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) HP Officejet 6500 E USB Device +++++
Error reading User MBR! ([0x15] The device is not ready. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )

Finished : << RKreport[0]_S_01172014_223535.txt >>

 

 



#5 imducky1

imducky1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 18 January 2014 - 01:58 AM

It is still there and redirecting me to yahoo spigot......I appreciate your help, perhaps it would be good to remove the Spigot from Iobit, that is where I got it!!

 

Is there anything else that I can do?  Imducky1



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:34 AM

Posted 18 January 2014 - 03:44 AM

Well

Personally I would remove All IObit programs on your system, and leave them off.

 

Have you looked in Programs and Features for any programs that you are not 100% sure of ?

The Spigot and similar programs are often listed as its makers name and not its display name.

 

Their online site is not hidden, as my post was half copied from there -

 

I will get a link for you - First start Here and the link is halfway down -

 

It also says to remove IObit.

 

 

(My personal Opinion Only). IObit has gone back to Spamming, like they did earlier -

 

Visit this site, or follow the links provided >> http://singularlabs.com/uninstallers/security-software/
Item #17 IObit > Info > Tool (Note: Cleans left-overs after a normal uninstall)

A Full IObit cleaner by Fred deVries -
 

 

Thanks -


Edited by noknojon, 18 January 2014 - 03:49 AM.


#7 imducky1

imducky1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 18 January 2014 - 01:37 PM

Iobit Advanced System Care offers Spigot when you download it, but not all of my students don't decline the option and download Spigot.  As you are aware most free programs have "freeware".  Uninstalling Iobit will not get rid of Spigot, its buried somewhere.  Can you help or tell me where to get help?

 

Thank you for all of your efforts,,,,,Ducky1



#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:34 AM

Posted 18 January 2014 - 03:52 PM

Hi -

but not all of my students don't decline the option

Do you teach Computer, or just "general students" ??

 

I have only just noted that Spigot is now with IObit these days -

I can continue to help if you like, or you can post to Virus, Trojan, Spyware, and Malware Removal Logs forum, by following Preparation Guide starting at Step #6.

 

 

If you do wish to post as above, please leave a link to your new topic, and I will have this one locked, purely to stop others posting to it.

 

We could find it here, but only if you wish to continue -

 

Download Autoruns to your desktop
Double click on Autoruns exe.
Allow the program to fully populate (this will take a few minutes)
Go > File > Save > Save as Autoruns.txt > File Type > All Files
Save to Desktop
Copy and Paste the Autoruns.txt back here

 

Thanks -

Minor link Edit -


Edited by noknojon, 18 January 2014 - 03:57 PM.


#9 imducky1

imducky1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 18 January 2014 - 07:10 PM

Yes I would appreciate your help......Imducky1



#10 imducky1

imducky1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 18 January 2014 - 07:32 PM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "7/13/2009 8:49 PM"
+ "rdpclip" "" "" "File not found: rdpclip" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "11/10/2013 3:44 PM"
+ "LogMeIn GUI" "LogMeIn Desktop Application" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\logmeinsystray.exe" "4/12/2007 9:56 AM"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe" "10/23/2013 9:53 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "1/17/2014 10:45 PM"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe" "11/21/2013 8:56 AM"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2014\avgui.exe" "11/7/2013 1:03 PM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "2/12/2013 8:06 PM"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "7/13/2009 3:58 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "4/25/2013 7:41 PM"
+ "Internet Explorer" "" "" "File not found: C:\Windows\system32\ie4uinit.exe" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe" "7/13/2009 3:42 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" "" "11/10/2013 3:25 PM"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe" "11/20/2010 2:24 AM"
+ "SkyDrive" "Microsoft SkyDrive" "Microsoft Corporation" "c:\users\john\appdata\local\microsoft\skydrive\skydrive.exe" "8/11/2013 4:55 PM"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "2/13/2013 9:58 PM"
+ " SkyDriveEx" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\john\appdata\local\microsoft\skydrive\17.0.2015.0811\amd64\skydriveshell64.dll" "8/11/2013 4:40 PM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 8:53 PM"
+ "Advanced SystemCare" "ASCExtMenu Module" "IObit" "c:\program files (x86)\iobit\advanced systemcare 7\ascextmenu_64.dll" "11/25/2013 7:00 PM"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2014\avgsea.dll" "10/7/2013 2:54 PM"
+ "UnLockerMenu" "IObitUnlockerExtension" "IObit" "c:\program files (x86)\iobit\iobit uninstaller\uninstallmenuright64.dll" "10/21/2013 10:48 PM"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 8:53 PM"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2014\avgse.dll" "10/7/2013 3:38 PM"
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 8:53 PM"
+ "Advanced SystemCare" "ASCExtMenu Module" "IObit" "c:\program files (x86)\iobit\advanced systemcare 7\ascextmenu_64.dll" "11/25/2013 7:00 PM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 8:53 PM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll" "12/14/2012 12:52 PM"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "2/13/2013 9:58 PM"
+ " SkyDriveEx" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\john\appdata\local\microsoft\skydrive\17.0.2015.0811\amd64\skydriveshell64.dll" "8/11/2013 4:40 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 8:53 PM"
+ "Advanced SystemCare" "ASCExtMenu Module" "IObit" "c:\program files (x86)\iobit\advanced systemcare 7\ascextmenu_64.dll" "11/25/2013 7:00 PM"
+ "UnLockerMenu" "IObitUnlockerExtension" "IObit" "c:\program files (x86)\iobit\iobit uninstaller\uninstallmenuright64.dll" "10/21/2013 10:48 PM"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "2/13/2013 9:58 PM"
+ " SkyDriveEx" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\john\appdata\local\microsoft\skydrive\17.0.2015.0811\amd64\skydriveshell64.dll" "8/11/2013 4:40 PM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 8:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "7/13/2009 5:32 PM"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll" "9/11/2009 8:41 AM"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 8:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll" "7/13/2009 5:09 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "2/18/2013 10:39 PM"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll" "5/11/2013 1:34 AM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "2/18/2013 10:39 PM"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2014\avgsea.dll" "10/7/2013 2:54 PM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll" "12/14/2012 12:52 PM"
+ "UnLockerMenu" "IObitUnlockerExtension" "IObit" "c:\program files (x86)\iobit\iobit uninstaller\uninstallmenuright64.dll" "10/21/2013 10:48 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "2/18/2013 10:39 PM"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2014\avgse.dll" "10/7/2013 3:38 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "1/17/2014 10:45 PM"
+ " SkyDrive1" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\john\appdata\local\microsoft\skydrive\17.0.2015.0811\amd64\skydriveshell64.dll" "8/11/2013 4:40 PM"
+ " SkyDrive2" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\john\appdata\local\microsoft\skydrive\17.0.2015.0811\amd64\skydriveshell64.dll" "8/11/2013 4:40 PM"
+ " SkyDrive3" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\john\appdata\local\microsoft\skydrive\17.0.2015.0811\amd64\skydriveshell64.dll" "8/11/2013 4:40 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "1/18/2014 4:25 PM"
+ " SkyDrive1" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\john\appdata\local\microsoft\skydrive\17.0.2015.0811\skydriveshell.dll" "8/11/2013 4:55 PM"
+ " SkyDrive2" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\john\appdata\local\microsoft\skydrive\17.0.2015.0811\skydriveshell.dll" "8/11/2013 4:55 PM"
+ " SkyDrive3" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\john\appdata\local\microsoft\skydrive\17.0.2015.0811\skydriveshell.dll" "8/11/2013 4:55 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "1/17/2014 10:45 PM"
+ "ExplorerWnd Helper" "Uninstall for explorer" "IObit" "c:\program files (x86)\iobit\iobit uninstaller\uninstallexplorer64.dll" "10/22/2013 1:25 AM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll" "7/17/2012 2:11 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "1/18/2014 4:25 PM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll" "7/17/2012 1:46 PM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" "" "1/15/2014 3:03 AM"
+ "PokerStars.net" "PokerStars Update" "PokerStars" "c:\program files (x86)\pokerstars.net\pokerstarsupdate.exe" "10/31/2013 8:01 AM"
"Task Scheduler" "" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.9 r900" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "12/1/2013 10:09 AM"
+ "\ASC7_SkipUac_John" "Advanced SystemCare 7" "IObit" "c:\program files (x86)\iobit\advanced systemcare 7\asc.exe" "1/7/2014 9:18 PM"
+ "\GoogleUpdateTaskMachineCore" "" "" "File not found: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" ""
+ "\GoogleUpdateTaskMachineUA" "" "" "File not found: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" ""
+ "\HPCustParticipation HP Officejet 6500 E710n-z" "HP Customer Participation." "Hewlett-Packard Co." "c:\program files\hp\hp officejet 6500 e710n-z\bin\hpcustpartic.exe" "6/14/2010 3:28 PM"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll" "2/5/2013 10:43 PM"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "6/10/2009 12:36 PM"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "7/13/2009 4:24 PM"
+ "\Reimage Reminder" "" "" "File not found: C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe" ""
+ "\SmartDefrag_Startup" "Smart Defrag v2" "IObit" "c:\program files (x86)\iobit\smart defrag 2\smartdefrag.exe" "9/13/2013 2:09 AM"
+ "\SmartDefragUpdate" "SmartDefrag Updater" "IObit" "c:\program files (x86)\iobit\smart defrag 2\autoupdate.exe" "8/26/2012 7:09 PM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "1/16/2014 8:50 PM"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe" "11/21/2013 8:55 AM"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "12/1/2013 10:09 AM"
+ "AdvancedSystemCareService7" "Advanced SystemCare Service" "IObit" "c:\program files (x86)\iobit\advanced systemcare 7\ascservice.exe" "12/5/2013 9:49 PM"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2014\avgidsagent.exe" "11/11/2013 1:02 PM"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2014\avgwdsvc.exe" "9/23/2013 3:33 PM"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "" "File not found: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc" ""
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "" "File not found: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc" ""
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "" "File not found: C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" ""
+ "HsfXAudioService" "User-mode gate for HSF Modem" "Conexant Systems, Inc." "c:\windows\syswow64\xaudio64.dll" "4/29/2009 10:21 AM"
+ "LiveUpdateSvc" "LiveUpdate" "IObit" "c:\program files (x86)\iobit\liveupdate\liveupdate.exe" "12/1/2013 6:54 PM"
+ "LMIGuardianSvc" "Support LogMeIn processes with quality assurance feedback" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\lmiguardiansvc.exe" "11/30/2012 12:15 AM"
+ "LMIMaint" "LogMeIn Maintenance Service" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\ramaint.exe" "12/10/2013 6:09 AM"
+ "LogMeIn" "LogMeIn" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\logmein.exe" "11/8/2010 2:58 AM"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe" "2/28/2013 12:38 PM"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe" "12/5/2013 9:09 AM"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe" "7/27/2003 8:52 AM"
+ "RtkAudioService" "For cooperation with Realtek audio driver." "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rtkaudioservice64.exe" "10/15/2013 11:29 PM"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll" "5/26/2013 9:51 PM"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "7/17/2012 2:11 PM"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "11/20/2010 3:18 AM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "1/16/2014 8:50 PM"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "12/5/2008 3:54 PM"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "5/1/2007 9:30 AM"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "2/27/2007 4:04 PM"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "7/13/2009 3:19 PM"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "3/18/2010 4:45 PM"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "3/20/2009 10:36 AM"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "3/19/2010 8:18 AM"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "5/24/2007 1:27 PM"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "1/14/2009 11:27 AM"
+ "Avgdiska" "AVG File Vault Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgdiska.sys" "11/5/2013 12:55 PM"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgidsdrivera.sys" "11/4/2013 12:52 PM"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgidsha.sys" "10/24/2013 12:25 PM"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys" "10/31/2013 2:00 PM"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgloga.sys" "10/31/2013 1:49 PM"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys" "9/30/2013 2:49 PM"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys" "9/9/2013 2:42 PM"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys" "8/1/2013 6:06 AM"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys" "2/13/2009 2:18 PM"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys" "4/26/2009 3:14 AM"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "8/6/2006 5:51 PM"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "8/6/2006 5:51 PM"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "8/6/2006 5:51 PM"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "8/6/2006 5:51 PM"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "8/6/2006 5:51 PM"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "8/9/2006 4:11 AM"
+ "CAXHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\caxhwbs2.sys" "2/13/2009 1:21 PM"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "7/13/2009 3:19 PM"
+ "cpuz134" "" "" "File not found: C:\Users\John\AppData\Local\Temp\cpuz134\cpuz134_x64.sys" ""
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys" "12/31/2008 8:29 AM"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "2/3/2009 2:52 PM"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "5/11/2009 12:26 AM"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "4/20/2010 10:32 AM"
+ "HSF_DP" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\cax_dp.sys" "2/13/2009 1:18 PM"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "6/10/2010 4:46 PM"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys" "9/11/2009 9:04 AM"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "12/13/2005 1:47 PM"
+ "InputFilter_Hid_FlexDef2b" "Flex Define Keyboard Driver" "Siliten" "c:\windows\system32\drivers\inputfilter_flexdef2b.sys" "6/18/2010 4:36 PM"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys" "12/3/2013 4:26 AM"
+ "LMIInfo" "RemotelyAnywhere Kernel Information Provider" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\rainfo.sys" "1/11/2013 4:19 AM"
+ "lmimirr" "LogMeIn Mirror Miniport Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\lmimirr.sys" "4/10/2007 2:32 PM"
+ "LMIRfsDriver" "LogMeIn Rfs Drivemap Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\lmirfsdriver.sys" "7/14/2008 8:26 AM"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "12/9/2008 2:46 PM"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "5/18/2009 4:20 PM"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "5/18/2009 4:31 PM"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "4/16/2009 2:13 PM"
+ "mbamchameleon" "Malwarebytes Chameleon Protection Driver" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbamchameleon.sys" "9/3/2013 2:56 PM"
+ "mdmxsdk" "Diagnostic Interface x64 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys" "6/19/2006 1:27 PM"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "5/18/2009 5:09 PM"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "5/18/2009 5:25 PM"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "6/6/2006 1:11 PM"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "3/19/2010 12:59 PM"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "3/19/2010 12:45 PM"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "1/22/2009 3:05 PM"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "5/18/2009 5:18 PM"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys" "11/21/2013 1:18 AM"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys" "11/25/2013 11:33 PM"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys" "9/13/2006 5:18 AM"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "9/24/2008 10:28 AM"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "10/1/2008 1:56 PM"
+ "SmartDefragDriver" "File driver of SmartDefrag" "" "c:\windows\system32\drivers\smartdefragdriver.sys" "11/26/2010 1:29 AM"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "2/17/2009 3:03 PM"
+ "SWDUMon" "Driver Update Installer Monitor" "" "c:\windows\system32\drivers\swdumon.sys" "5/23/2013 6:23 AM"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "7/13/2009 3:19 PM"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "1/30/2009 5:18 PM"
+ "VST64_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys" "10/15/2008 4:57 PM"
+ "VST64HWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstbs26.sys" "10/15/2008 4:54 PM"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\cax_cnxt.sys" "2/13/2009 1:19 PM"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio64.sys" "4/29/2009 10:21 AM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "10/18/2013 2:18 AM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "7/13/2009 5:28 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "1/17/2014 10:45 PM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm" "7/13/2009 5:06 PM"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll" "11/20/2010 3:59 AM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 8:53 PM"
+ "LogMeIn Video Decoder" "LogMeIn Video Codec" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\racodec.ax" "12/10/2013 6:09 AM"
+ "LogMeIn Video Encoder" "LogMeIn Video Codec" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\racodec.ax" "12/10/2013 6:09 AM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 8:53 PM"
+ "LogMeIn Video Decoder" "LogMeIn Video Codec" "LogMeIn, Inc." "c:\program files (x86)\logmein\x86\racodec.ax" "12/10/2013 5:58 AM"
+ "LogMeIn Video Encoder" "LogMeIn Video Codec" "LogMeIn, Inc." "c:\program files (x86)\logmein\x86\racodec.ax" "12/10/2013 5:58 AM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" "" "" "" "10/18/2013 2:18 AM"
+ "ehshell.exe" "LogMeIn Desktop Application" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\logmeinsystray.exe" "4/12/2007 9:56 AM"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" "" "" "" "1/17/2014 10:45 PM"
+ "ehshell.exe" "LogMeIn Desktop Application" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\logmeinsystray.exe" "4/12/2007 9:56 AM"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "7/13/2009 8:53 PM"
+ "LogMeInCredProv" "LogMeIn Remote Control Helper" "LogMeIn, Inc." "c:\windows\system32\lmiinit.dll" "12/10/2013 6:08 AM"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll" "7/17/2012 2:11 PM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" "" "1/17/2014 10:45 PM"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll" "9/11/2009 8:40 AM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "2/13/2013 6:41 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 1:45 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 1:45 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" "" "2/13/2013 6:41 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 2:09 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 2:09 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "1/17/2014 10:45 PM"
+ "HP 5412 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts5412lm.dll" "6/5/2010 1:13 AM"
+ "HP Discovery Port Monitor (HP Officejet 6500 E710n-z)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopm5412.dll" "6/14/2010 3:24 PM"
+ "LogMeIn Printer Port Monitor" "RemotelyAnywhere Printer Port Monitor" "LogMeIn, Inc." "c:\windows\system32\lmiport.dll" "4/26/2013 6:14 AM"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" "" "7/13/2009 8:49 PM"
+ "LMIRfsClientNP" "LogMeIn Virtual Disk Network" "LogMeIn, Inc." "c:\windows\system32\lmirfsclientnp.dll" "12/10/2013 6:08 AM"
"C:\Users\John\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" "" "1/16/2014 11:31 PM"
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Gadget.xml" "4/12/2011 12:17 AM"
 



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:34 AM

Posted 18 January 2014 - 08:16 PM

Re-open Autoruns and as indicated either Untick, or Right Click > Delete these listings

The + sign means it will have a tick in the box at the left -

 

The top 2 are just orphaned files from uninstalls that left a bit behind.
Just untick the left end of the line ........

+ "rdpclip" "" "" "File not found: rdpclip"
+ "cpuz134" "" "" "File not found: C:\Users\John\AppData\Local\Temp\cpuz134\cpuz134_x64.sys" ""

 

The listings below can be Right Click > Deleted :

Either the top item, or the Highlighted items look like a browser changer -

+ "ExplorerWnd Helper" "Uninstall for explorer" "IObit" "c:\program files (x86)\iobit\iobit uninstaller\uninstallexplorer64.dll" "10/22/2013 1:25 AM"
+ "\ASC7_SkipUac_John" "Advanced SystemCare 7" "IObit" "c:\program files (x86)\iobit\advanced systemcare 7\asc.exe" "1/7/2014 9:18 PM"
+ "Advanced SystemCare" "ASCExtMenu Module" "IObit" "c:\program files (x86)\iobit\advanced systemcare 7\ascextmenu_64.dll" "11/25/2013 7:00 PM"
+ "UnLockerMenu" "IObitUnlockerExtension" "IObit" "c:\program files (x86)\iobit\iobit uninstaller\uninstallmenuright64.dll" "10/21/2013 10:48 PM"
+ "Advanced SystemCare" "ASCExtMenu Module" "IObit" "c:\program files (x86)\iobit\advanced systemcare7\ascextmenu_64.dll" "11/25/2013 7:00 PM"
+ "Advanced SystemCare" "ASCExtMenu Module" "IObit" "c:\program files (x86)\iobit\advanced systemcare 7\ascextmenu_64.dll" "11/25/2013 7:00 PM"
+ "\SmartDefrag_Startup" "Smart Defrag v2" "IObit" "c:\program files (x86)\iobit\smart defrag 2\smartdefrag.exe" "9/13/2013 2:09 AM"
+ "SmartDefragDriver" "File driver of SmartDefrag" "" "c:\windows\system32\drivers\smartdefragdriver.sys" "11/26/2010 1:29 AM"
+ "\SmartDefragUpdate" "SmartDefrag Updater" "IObit" "c:\program files (x86)\iobit\smart defrag 2\autoupdate.exe" "8/26/2012 7:09 PM"
End -

There are a lot more than most programs, so could you recheck your sysyem and repost another log if there is a problem still.

 

Now - Reset your Home Pages to your normal page -

 

I assume that you use LogMeIn for your teaching -
With AVG currently installed, it would clash with all of IObits programs

 

Thanks -



#12 imducky1

imducky1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 20 January 2014 - 12:45 AM

CONGRATULATIONS!!  You did the impossible....thank you for your continued help, it is now gone.  I was able to reinstall some of the handy Iobit software without installing the Spigot add on.  I am not quite sure how to discuss this on going problem with Iobit, they can't really realize they are sending out a "highjacker" program, can they?

 

How do I compensate you?   Imducky1



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:34 AM

Posted 20 January 2014 - 01:14 AM

How do I compensate you?   Imducky1

You have, but if you go back to IObit, , , , Grrrr.



#14 imducky1

imducky1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:34 AM

Posted 20 January 2014 - 02:30 AM

Got it my friend......Thanks



#15 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:34 AM

Posted 20 January 2014 - 04:30 AM

I will keep this on watch for a couple of days.

 

Please start a new topic after that -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users