Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Running slow and having new windows pop up


  • This topic is locked This topic is locked
17 replies to this topic

#1 MicheleShreve11

MicheleShreve11

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 15 December 2014 - 03:14 PM

Good Afternoon, I am running Windows 7.  About a week or so ago, I had a pop up that said my flash player needed to be updated.  then it also said I need to update my Chrome application.Since then I have had ads pop up in my internet pages, I have had new windows open up with ads or immediate updates needed, none of which I have done.  I did delete the new programs that were installed and have run several security scans but am not able to get it repaired.  I also went into my registry and deleted the add program from that place.  My computer is extremely slow and whenever I click on something to do a fill in for a form, it will open a new page with some sort of an ad.  Please help

 

Thanks

Michele



BC AdBot (Login to Remove)

 


m

#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 15 December 2014 - 03:47 PM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

Thanks and good luck!



#3 MicheleShreve11

MicheleShreve11
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  

Posted 15 December 2014 - 05:27 PM

MiniToolBox by Farbar  Version: 30-11-2014

Ran by Michele (administrator) on 15-12-2014 at 15:57:00
Running from "C:\Users\Michele\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
Thank you for your help
 
 
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
 
=========================== Installed Programs ============================
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Cozi (HKLM-x32\...\{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}) (Version: 1.0.4323.24051 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB2910899) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{C8358E8D-6C89-41B3-8439-FEFBC0353D81}) (Version:  - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.9.0.19 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell Marketplace Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)
Dell MusicStage (HKLM-x32\...\{3E8A1ADF-B72C-47FE-85F6-F7A73C487F6C}) (Version: 1.3.31.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.19 - ArcSoft)
Dell SonicWALL NetExtender (HKLM-x32\...\{EF06A6A8-6B81-4A09-8223-789953972FFF}) (Version: 7.0.196 - Dell)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.218 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.1.0.1011 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.1.0.1011 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{5A80B0BA-79AF-4B11-B851-CCB9F7977AC0}) (Version: 1.0.1.0489 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6003.0710 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Norton Security (HKLM-x32\...\NS) (Version: 22.0.2.17 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.28 - Symantec Corporation)
Performance Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}) (Version:  - Linker Ltd)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A4F91D60-654C-4892-BFD3-0D41ADA649B6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{A12F43A5-CF0B-44E3-942F-2441CD442F0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{0B7744D2-1FDD-4843-9987-7CE11B79F370}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D1C4AD0B-CC79-41D2-8D6A-571E7B30658C}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889818) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CFB80344-FCBA-4C03-AD77-D49E82F14C3E}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{C1954E2B-1672-4E5C-B564-F8CB2D08345B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{E762A933-274B-4860-B066-A39FAB0838FD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{A7AA9E77-A9F4-4596-8AFD-4910FF258C3D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{A87EDEA3-4861-4D99-9B36-F442740F1287}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A87EDEA3-4861-4D99-9B36-F442740F1287}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{26A0F874-417C-4B0A-8088-3FA53638FB49}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DF548669-AAED-467B-A074-AE2B72A4A871}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{6C727BC2-B2B9-4B03-BD7E-682EA6FA1C04}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Viber (HKCU\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Phone app for desktop (HKLM-x32\...\{E786AE85-8A30-4CF2-BF70-57404A5CD684}) (Version: 1.0.1720.1 - Microsoft Corporation)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
========================= Restore Points ==================================
 
10-12-2014 08:01:15 Windows Update
11-12-2014 20:53:08 Norton_Power_Eraser_20141211155304735
13-12-2014 08:00:47 Windows Update
14-12-2014 08:00:34 Windows Update
15-12-2014 03:43:46 Windows Backup
 
**** End of log ****

 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/15/2014
Scan Time: 4:04:47 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.12.15.05
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Michele
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 439267
Time Elapsed: 58 min, 14 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 34
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [0918a9ba463678bedb8b0ffa7e85e21e], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [0918a9ba463678bedb8b0ffa7e85e21e], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, , [e73ad09381fbc67084bba8624db65aa6], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, , [e73ad09381fbc67084bba8624db65aa6], 
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [80a1550ebfbd35016b74e5276a99e020], 
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, , [80a1550ebfbd35016b74e5276a99e020], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [041d94cf87f5b38375375aafb94a0bf5], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [9f8284dfb0cc80b6f3ba957457ac6c94], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [0c1568fb3547270f0a3734d5c53e08f8], 
PUP.Optional.CouponArific.A, HKLM\SOFTWARE\couponarific, , [c061a4bf35475ed8f18b52060ff4ce32], 
PUP.Optional.DomaIQ.A, HKLM\SOFTWARE\DomaIQ, , [28f996cd2f4d54e258c725712ed57987], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, , [35eccb9849335adcfa34f2a283806799], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent, , [c75ad98a621a60d6d967c3fb3fc5639d], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, , [c55c2e354537b97db386c5a79f649d63], 
PUP.Optional.CouponArific.A, HKLM\SOFTWARE\WOW6432NODE\couponarific, , [38e9dc874537cf6725574b0de41f33cd], 
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\GAMESDESKTOP, , [9889d48fef8d83b3a1cfb1a1fc070000], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [120f560d6b11c175c965870d1ee5cf31], 
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, , [f52c98cb4438ec4a8deb9bf2fb0821df], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent, , [69b85112de9e270fff41724cb054758b], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, , [56cbd093007cd16539005913c93a5ba5], 
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}, , [2cf5154e33498da9a5b928475ca748b8], 
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, , [2cf5d390097368cef07092dc7b88eb15], 
PUP.Optional.BrowserApp.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browser App+ v1, , [68b91a49b6c644f21e82d183c93a728e], 
PUP.Optional.MediaPlayersVideos.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayersvideos  1.1, , [8998540f116b68ce77609b3734d04cb4], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, , [53ce3d2619631c1a0d2fc6e3e71d966a], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, , [c1607de64834e650d8634e5bad572cd4], 
PUP.Optional.DesktopDockApp.A, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DesktopDockApp, , [5cc586dd314bad896689c1912cd7ef11], 
PUP.Optional.StormWatchApp.A, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\StormWatchApp, , [36ebe08307757abc3441332729da9f61], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, , [aa770f54e894ec4a6d09ad1f4db7b34d], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [b76a6102d5a7ad89b8d675489d676799], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [46db6ef5c2ba9d99bb84c8cb7f84de22], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [0e13f27192ea6bcbb2ade0c94fb5c53b], 
PUP.Optional.BProtector.A, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, , [75acfa69dca00d294240ffad09fb9967], 
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, , [3ce56ef5d7a5c86eabb49cd206fdc43c], 
 
Registry Values: 5
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [3ae74023116b93a34469c1a151b2837d]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [869b87dcd2aad264b9f4045ea75c2fd1]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_us_8, , [bc65e182cbb195a16387e46ec1424db3], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 1Y1L1M1G1I1Q, , [0e13f27192ea6bcbb2ade0c94fb5c53b]
PUP.BProtector, HKU\S-1-5-21-3180417983-2728814020-2563858775-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [978ae57eb7c5d165ae90decb34d0f30d]
 
Registry Data: 7
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{66E3C7DB-6491-4666-B9F2-3B401A4DFA14}|NameServer, 31.168.224.106,5.135.12.52, Good: (), Bad: (31.168.224.106,5.135.12.52),,[6ab7f96acfad82b46a3e1a5818ed50b0]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{EAC6C596-1713-4842-B108-67FAE2088275}|NameServer, 31.168.224.106,5.135.12.52, Good: (), Bad: (31.168.224.106,5.135.12.52),,[1e03461d86f6fd39792f8fe3b352b24e]
 
Folders: 13
Rogue.Multiple, C:\ProgramData\374311380, , [63bea1c2552785b1742e729b7390d62a], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.ShopToWin.A, C:\Users\Michele\Documents\ShopToWin, , [6db4cc975a22191d1adea77a41c2c43c], 
PUP.Optional.MultiPlug.A, C:\ProgramData\topbuyeR, , [3fe283e023599f97f9c8043df70cd828], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\topbuyeR, , [140dd29137450d2908ba6cd59d6659a7], 
PUP.Optional.MultiPlug.A, C:\ProgramData\PriceLess, , [7ea3cb98d5a7a294040f053d12f16d93], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PriceLess, , [021f570c2d4f62d4f91b370bf50e6e92], 
PUP.Optional.CouponArific, C:\Program Files\Couponarific, , [d44dca992a524aec6561d1788d7616ea], 
PUP.Optional.CouponArific, C:\Program Files\Couponarific\SSL, , [d44dca992a524aec6561d1788d7616ea], 
PUP.Optional.AdPeak.A, C:\Program Files (x86)\740E97DF-6426-4A2A-ABEF-5C33040EFEE1, , [0b168dd6106ce74fb0e10449ac57a45c], 
 
Files: 38
PUP.Optional.Loadshop, C:\monitorsvc.exe, , [859ce47f6913fc3a850c31cc7988946c], 
PUP.Optional.iBryte, C:\Users\Michele\Downloads\Setup (1).exe, , [de43c3a0ec9051e55552b408dc25b14f], 
PUP.Optional.iBryte, C:\Users\Michele\Downloads\Setup (2).exe, , [0e1372f11c603ff734739e1e8c75c13f], 
PUP.Optional.iBryte, C:\Users\Michele\Downloads\Setup.exe, , [c45d84df017bd95dc8dfb10b728f817f], 
PUP.Optional.Bandoo, C:\Users\Michele\Downloads\iLividSetup-r495-n-bc.exe, , [6db46102df9d8ea853c341e6926fe31d], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSI3977.tmp-\Smartbar.Installer.CustomActions.dll, , [28f91d46d3a993a3750a2fff1fe1a25e], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSI3E6A.tmp-\Smartbar.Installer.CustomActions.dll, , [f62ba2c18cf049ed403f36f847b96f91], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSIEF8A.tmp-\Smartbar.Installer.CustomActions.dll, , [ba67d093126a83b39de283ab6e92e917], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSIEF90.tmp-\Smartbar.Installer.CustomActions.dll, , [8e932c3769132610b3cc3fef12eefb05], 
PUP.Optional.UTop.A, C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage, , [c35ed78c96e673c37d9c2c25f50e8878], 
PUP.Optional.UTop.A, C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage-journal, , [7ca599ca7c00ac8a889189c8f90a24dc], 
PUP.Optional.MyOSProtect.A, C:\Windows\SysWOW64\MyOSProtectOff.ini, , [e63b92d119637cba6bacf26fcd36718f], 
PUP.Optional.MyOSProtect.A, C:\Windows\SysWOW64\MyOSProtect.ini, , [1e0385de2458be7835e330310102fb05], 
PUP.Optional.RegCleanerPro, C:\Windows\System32\Tasks\ASP, , [d64b96cde7953bfb65602046a65d17e9], 
PUP.Optional.Iminent.A, C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jdkokpcldhneihjdhigfjmoeojkdcbmg_0.localstorage, , [49d8e77c6a12290d8aa21e4ed1329e62], 
PUP.Optional.Iminent.A, C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, , [b56cdb88423ad264d16518654bb8fb05], 
PUP.Optional.BProtector.A, C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data, , [81a00360710b52e4780bc9e303017090], 
PUP.Optional.BProtector.A, C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences, , [e839dd860379ea4c3d478b21ae56f010], 
PUP.Optional.ReMarkable.A, C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, , [c65b5f047408d75f322515b9e51fde22], 
PUP.Optional.ReMarkable.A, C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, , [df42c69df8849b9ba1b6eee02cd8827e], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23, , [071af56e710b93a332d06db0ca39bb45], 
PUP.Optional.AdPeak.A, C:\Program Files (x86)\740E97DF-6426-4A2A-ABEF-5C33040EFEE1\64.ico, , [0b168dd6106ce74fb0e10449ac57a45c], 
PUP.Optional.AdPeak.A, C:\Program Files (x86)\740E97DF-6426-4A2A-ABEF-5C33040EFEE1\nfapi.dll, , [0b168dd6106ce74fb0e10449ac57a45c], 
PUP.Optional.AdPeak.A, C:\Program Files (x86)\740E97DF-6426-4A2A-ABEF-5C33040EFEE1\nfregdrv.exe, , [0b168dd6106ce74fb0e10449ac57a45c], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
Norton Security                 
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
  Adobe Flash Player 15.0.0.246 Flash Player out of Date!  
 Adobe Reader 10.1.10 Adobe Reader out of Date!  
 Google Chrome (39.0.2171.71) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 2% 
````````````````````End of Log`````````````````````` 
 

Here it all is...hope it makes sense to you, cause sure does not to me.  thanks a bunch for your help



#4 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 16 December 2014 - 01:39 AM

Hello there,

 

:step1: Please download rKill to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)
  • The tool will run and then a log file should open.
  • Please post the contents of it in your next reply.

Please don't restart your computer before running the next step.

:step2: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step3: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

Edited by LighthouseParty, 16 December 2014 - 01:40 AM.


#5 MicheleShreve11

MicheleShreve11
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 16 December 2014 - 10:22 AM

thank you so much.  you must be doing something right because my computer is being totally worse each time i try to start this problem.  thank you so much.  here are the results.....
 
Rkill 2.6.9 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 12/16/2014 09:44:47 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Windows\system32\lxdxcoms.exe (PID: 2632) [WD-HEUR]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1 d3oxij66pru1i3.cloudfront.net
 
Program finished at: 12/16/2014 09:52:49 AM
Execution time: 0 hours(s), 8 minute(s), and 1 seconds(s)
 
 
 
# AdwCleaner v4.105 - Report created 16/12/2014 at 09:57:21
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michele - LAPTOP
# Running from : C:\Users\Michele\Downloads\adwcleaner_4.105.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : netfilter64
Service Deleted : YahooAUService
Service Deleted : c2cautoupdatesvc
Service Deleted : c2cpnrsvc
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\ProgramData\Performance Optimizer
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\ProgramData\2e034dc3f04803a9
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\Web Protect
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Michele\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Michele\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Michele\AppData\Local\iLivid
Folder Deleted : C:\Users\Michele\AppData\Local\torch
Folder Deleted : C:\Users\Michele\AppData\LocalLow\Yahoo! Companion
Folder Deleted : C:\Users\Michele\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Michele\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe
Folder Deleted : C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Folder Deleted : C:\Users\Michele\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe
Folder Deleted : C:\Users\Michele\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe
File Deleted : C:\Windows\System32\drivers\netfilter64.sys
File Deleted : C:\Windows\System32\MyOSProtect64.dll
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.lnk
File Deleted : C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Youtube.lnk
File Deleted : C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
File Deleted : C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : ASP
Task Deleted : LaunchSignup
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Search.lnk
Shortcut Disinfected : C:\Users\Michele\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Search.lnk
Shortcut Disinfected : C:\Users\Michele\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox Search.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKCU\Software\9edadcb33dea49
Key Deleted : HKLM\SOFTWARE\9edadcb33dea49
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6d104ecc-17cd-43e8-8bf3-1da8e96f9bb8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6d104ecc-17cd-43e8-8bf3-1da8e96f9bb8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6d104ecc-17cd-43e8-8bf3-1da8e96f9bb8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WebProtect
Key Deleted : HKCU\Software\Vosteran
Key Deleted : HKCU\Software\AppDataLow\Software\LyricsContainer
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\WebProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FE139F4C-CE5B-121A-8A2D-191FA2226094}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Google Chrome v39.0.2171.71
 
[C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
-\\ Comodo Dragon v
 
[C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [11693 octets] - [16/12/2014 09:54:41]
AdwCleaner[S0].txt - [12073 octets] - [16/12/2014 09:57:21]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12134 octets] ##########
 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Michele on Tue 12/16/2014 at 10:06:12.90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Michele\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\Michele\appdata\local\pro_pc_cleaner"
Successfully deleted: [Folder] "C:\Users\Michele\documents\propccleaner"
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{075CD5D4-95E1-42F6-AAB6-BB4AA7503256}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{1788B64E-0143-4265-BBA4-7B9FA947AF03}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{1E377DC1-F651-448D-BBD2-99921854A688}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{20461C82-5B7E-4266-8F33-781CF5103CF8}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{26FAE69D-E2B0-4061-829A-D53552243F37}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{2CD18CFB-C3FA-44BD-888C-06167AE54DBC}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{353F0396-B7DA-43E4-9821-185ECB783E70}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{4042F8D0-CF10-4BD6-81EE-6D9C5A4E8577}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{4A570F23-7A2C-41AE-9EEB-620132EC9B98}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{4D71151C-0E47-4874-8600-DC60CFF5C4D6}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{50F054CA-18BF-4F1D-920A-589668E2D2A0}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{5CF92E26-869A-432D-AF26-7CAB5B46EBAE}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{5D265694-E71D-4D44-9DCE-128E956A72F8}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{67115FCB-CC93-4905-BF34-7293BBE749CC}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{841061E9-C057-442D-AD09-D582A499B10B}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{85E001D8-8A62-4779-A553-CA79359B1A6B}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{8E812613-5961-4952-B487-C829D6D848A4}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{A0263C01-54BB-4E76-B778-4D08F0520D13}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{A3F67FC0-99A2-42B2-B53D-9A90398F1659}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{ACE19514-AC5B-45A5-850F-78BCCC6F3C86}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{B3E0C885-3E13-4C26-8A7B-BAC0A73CCD99}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{B533C445-587E-426B-B972-38BFD894C298}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{BF5094C7-2A61-4CFE-B533-5ED589C13B4A}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{C6919082-3F1F-465A-B6B8-47875A484794}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{D32064C4-93CE-472C-B9BE-8E09A74858BE}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{D93C4202-B5B5-4780-B038-3BE0D56DAF46}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{E1AFAE10-4EEC-40BA-B3C7-30DF375C5F9B}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{E5511993-03E3-453F-A827-C77D26456350}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{EC9F82D0-2940-44D3-A54D-B9311FB96ECF}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{F63F0561-6C9C-4B4C-B17F-87DF64093117}
Successfully deleted: [Empty Folder] C:\Users\Michele\appdata\local\{F6B660D2-F5D3-4CDA-9D6B-323996C1640E}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 12/16/2014 at 10:12:59.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 16 December 2014 - 11:20 AM

thank you so much.  you must be doing something right because my computer is being totally worse each time i try to start this problem.  thank you so much.  here are the results.....

 
Do you mean your computer is becoming faster each time or is that sarcasm?
 
:step1: Please download Temporary File Cleaner to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)]
  • Click start and wait for it to finish.

:step2: Please download Malwarebytes Anti-Rootkit to your desktop

  • Double click it and click ok (Make sure to extract it to your desktop)
  • When it opens, click next and then update.
  • After it's updated, click next and then scan.
  • If malware is detected, select clean, then restart your computer.
  • Open 'MBAR' on your desktop and paste the contens in your reply of the following logs:
  • mbar-log-xx.xx.xx.txt and system-log.txt.

:step3: ESET Online Scanner

 

:exclame: Internet Explorer MUST be used for this step.  :exclame:

  • Click here to visit the ESET online scanner webpage.
  • Click the checkbox next to 'Yes, I accept the Terms of Use' and click start.
  • Select the checkboxes which are displayed in the picture below.

jqnp8z.png

  • Press start and the scan will now begin - this scan will take a long time.
  • When the scand finished, select list threats and then export.
  • Choose a name for the log (e.g ESET) and click save (to your desktop)
  • Press the back button and then click finish. Please include the contents of the log in your reply.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA

Posted 16 December 2014 - 02:18 PM

Your Hosts File appears damaged and can be causing pop ups.

Reset by clicking the FIX-IT button here L@@K.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 MicheleShreve11

MicheleShreve11
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 16 December 2014 - 02:58 PM

Lighthouse Party, it is getting better, but when I did the first two fixes you sent it was definietely trying everything possible to keep me from getting to the things you were wanting.  It still is sending me to other sights when I click on things.  I have not done what the other person listed, as it did not come from you and was not sure I should.  Here are the latest results.....

 

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
 
Database version: v2014.12.16.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Michele :: LAPTOP [administrator]
 
12/16/2014 11:31:48 AM
mbar-log-2014-12-16 (11-31-48).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 438377
Time elapsed: 24 minute(s), 55 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 
 
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.17501
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.292000 GHz
Memory total: 4204969984, free: 2575306752
 
Downloaded database version: v2014.12.16.03
Downloaded database version: v2014.12.14.01
Downloaded database version: v2014.12.06.01
=======================================
Initializing...
------------ Kernel report ------------
     12/16/2014 11:31:37
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\NSx64\1600020.011\SYMDS64.SYS
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\system32\drivers\NSx64\1600020.011\SYMEFA64.SYS
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\NSx64\1600020.011\ccSetx64.sys
\SystemRoot\system32\drivers\NSx64\1600020.011\SRTSP64.SYS
\SystemRoot\system32\drivers\NSx64\1600020.011\SRTSPX64.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\SystemRoot\system32\drivers\NSx64\1600020.011\Ironx64.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\drivers\NSx64\1600020.011\SYMNETS.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\IPSDefs\20141212.002\IDSvia64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\BASHDefs\20141209.001\BHDrvx64.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETwNs64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\NxDrv.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\WDKMD.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\CtClsFlt.sys
\SystemRoot\system32\DRIVERS\iBtFltCoex.sys
\SystemRoot\system32\DRIVERS\btmhsf.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\btmaux.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\TurboB.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\VirusDefs\20141215.016\EX64.SYS
\??\C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\VirusDefs\20141215.016\ENG64.SYS
\??\C:\Windows\system32\drivers\mwac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\wininet.dll
\Windows\System32\shell32.dll
\Windows\System32\normaliz.dll
\Windows\System32\user32.dll
\Windows\System32\msctf.dll
\Windows\System32\imagehlp.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\imm32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\oleaut32.dll
\Windows\System32\nsi.dll
\Windows\System32\msvcrt.dll
\Windows\System32\advapi32.dll
\Windows\System32\psapi.dll
\Windows\System32\sechost.dll
\Windows\System32\iertutil.dll
\Windows\System32\setupapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\lpk.dll
\Windows\System32\ole32.dll
\Windows\System32\usp10.dll
\Windows\System32\kernel32.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8006610060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80053b6050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8006610060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8006610b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8006610060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80053b6050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7F2837E
 
Partition information:
 
    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 208782
 
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 208845  Numsec = 30720000
    Partition file system is NTFS
    Partition is bootable
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 30928845  Numsec = 945842275
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-208845-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 
 
C:\Windows\Installer\MSIEF90.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application
C:\Windows\Installer\MSIEF90.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application
C:\Windows\Installer\MSIEF90.tmp-\srpu.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Protect\MyOSProtect64.dll.vir Win64/Adware.Loadshop.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Protect\pcwtc64f.sys.vir Win64/Adware.Loadshop.D application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Protect\pcwtc64r.sys.vir Win64/Adware.Loadshop.E application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Protect\postcollect.exe.vir Win32/AdWare.Loadshop.G application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Protect\precollect.exe.vir Win32/AdWare.Loadshop.G application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Protect\uninstaller.exe.vir Win32/AdWare.Loadshop.H application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Protect\WDCertInstaller.dll.vir Win32/Adware.Loadshop.F application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Michele\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Michele\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Michele\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Michele\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Michele\AppData\Local\torch\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Michele\AppData\Local\torch\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\MyOSProtect64.dll.vir Win64/Adware.Loadshop.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application deleted - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application deleted - quarantined
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Michele\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\lsdb.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Michele\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dicablajnofhepagmbplkjhonokjhmfe\5.2\sqsq3x42.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Michele\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application deleted - quarantined
C:\Users\Michele\AppData\Local\Viber\Uninstall.exe a variant of Win32/Toolbar.SearchSuite.W.gen potentially unwanted application deleted - quarantined
C:\Users\Michele\Downloads\ViberSetup (1).exe Win32/DownWare.Y potentially unwanted application deleted - quarantined
C:\Users\Michele\Downloads\ViberSetup (2).exe Win32/Toolbar.SearchSuite.P potentially unwanted application deleted - quarantined
C:\Users\Michele\Downloads\ViberSetup.exe Win32/DownWare.Y potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3977.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3977.tmp-\spbe.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3977.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3977.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3977.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3977.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3977.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3E6A.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3E6A.tmp-\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3E6A.tmp-\spbe.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3E6A.tmp-\spbl.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3E6A.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3E6A.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3E6A.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3E6A.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3E6A.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI3E6A.tmp-\srpu.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF8A.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF8A.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF8A.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF8A.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF8A.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF90.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF90.tmp-\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF90.tmp-\spbe.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF90.tmp-\spbl.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF90.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF90.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEF90.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application deleted - quarantined
 
 
again, many thanks for all your help
 
 
 


#9 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 16 December 2014 - 03:04 PM

It is fine to follow Boopme's advice.. for more information, please read: How do I get help? Who is helping me?

:step1: Please download Temporary File Cleaner to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)]
  • Click start and wait for it to finish.

:step2: Please download Malwarebytes Anti-Rootkit to your desktop

  • Double click it and click ok (Make sure to extract it to your desktop)
  • When it opens, click next and then update.
  • After it's updated, click next and then scan.
  • If malware is detected, select clean, then restart your computer.
  • Open 'MBAR' on your desktop and paste the contens in your reply of the following logs:
  • mbar-log-xx.xx.xx.txt and system-log.txt.

:step3: Try all of the below and let me know what happens
 
Perform a Clean Boot and see if you still receive the issue - http://support.microsoft.com/kb/929135
Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Run Disk Cleanup - http://windows.microsoft.com/en-gb/windows/delete-files-using-disk-cleanup



#10 MicheleShreve11

MicheleShreve11
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  

Posted 16 December 2014 - 05:15 PM

ok, so I have done all the things listed.  As well as the thing the other guy suggested.  It is still running a little slow and there are still a few pop-ups that keep occurring, When i am typing this response now, it is about ten characters behind and then will just sit and then will show what i typed.  Since I ran the clean boot, do I have to go back and change it back?  It said there were no file problems or disk issues.  ugh, still not working right



#11 MicheleShreve11

MicheleShreve11
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 16 December 2014 - 05:20 PM

Also , I am still getting ad pop-ups in my internet page and sending me to another page when I click on something.  Getting page unresponsive a lot, this is newer



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:10 PM

Posted 16 December 2014 - 09:07 PM

Hello.. check for and disable or remove any unwanted or Unknown add-ons from your browser:

For IE, if you use another and need a guide let me know.

How to Disable Extensions in Internet Explorer


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 MicheleShreve11

MicheleShreve11
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  

Posted 16 December 2014 - 09:29 PM

I do not have any enabled in Chrome and I don't use IE, but I did go and check and there was nothing that stood out, but I enabled things that did not have information.  Since the last fix, I have had the adds popping up in the middle of the screen over top of other pages and through out my page


also, when i just hit post, it takes me to another open window that is an update this app or an adware page



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:10 PM

Posted 16 December 2014 - 09:57 PM

Ok, lets look at one more thing here.
The Master boot record.
Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 MicheleShreve11

MicheleShreve11
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 16 December 2014 - 10:59 PM

here it is....

 

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2014-12-16 22:07:11
-----------------------------
22:07:11.501    OS Version: Windows x64 6.1.7601 Service Pack 1
22:07:11.501    Number of processors: 4 586 0x2A07
22:07:11.503    ComputerName: LAPTOP  UserName: 
22:07:12.322    Initialize success
22:07:12.326    VM: initialized successfully
22:07:12.329    VM: Intel CPU supported 
22:07:14.843    VM: supported disk I/O iaStor.sys
22:26:24.381    AVAST engine defs: 14121602
22:27:04.993    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:27:05.000    Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 476940MB BusType: 3
22:27:05.232    VM: Disk 0 MBR read successfully
22:27:05.238    Disk 0 MBR scan
22:27:05.333    Disk 0 Windows VISTA default MBR code
22:27:05.341    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      101 MB offset 63
22:27:05.438    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 208845
22:27:05.458    Disk 0 Boot: NTFS     code=1
22:27:05.548    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       461837 MB offset 30928845
22:27:05.817    Disk 0 scanning C:\Windows\system32\drivers
22:27:27.204    Service scanning
22:27:32.173    Service BHDrvx64 C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\BASHDefs\20141209.001\BHDrvx64.sys **LOCKED** 5
22:27:38.264    Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
22:27:39.019    Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
22:27:43.239    Service IDSVia64 C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\IPSDefs\20141212.002\IDSvia64.sys **LOCKED** 5
22:27:51.801    Service NAVENG C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\VirusDefs\20141216.001\ENG64.SYS **LOCKED** 5
22:27:51.972    Service NAVEX15 C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\VirusDefs\20141216.001\EX64.SYS **LOCKED** 5
22:28:15.063    Modules scanning
22:28:15.069    Disk 0 trace - called modules:
22:28:15.092    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
22:28:15.096    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800662b060]
22:28:15.101    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800488a050]
22:28:16.144    AVAST engine scan C:\Windows
22:28:19.251    AVAST engine scan C:\Windows\system32
22:34:05.782    AVAST engine scan C:\Windows\system32\drivers
22:34:28.334    AVAST engine scan C:\Users\Michele
22:49:59.831    AVAST engine scan C:\ProgramData
22:57:13.382    Disk 0 statistics 4441176/0/22 @ 1.92 MB/s
22:57:13.407    Scan finished successfully
22:58:41.137    Disk 0 MBR has been saved successfully to "C:\Users\Michele\Desktop\MBR.dat"
22:58:41.318    The log file has been saved successfully to "C:\Users\Michele\Desktop\aswMBR.txt"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users