User User name Password  
   
Wednesday 13.11.2024 / 16:18
Search AfterDawn Forums:        In English   Suomeksi   Pć svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > pc freezing / sluggish
Show topics
 
Forums
Forums
PC freezing / sluggish
  Jump to:
 
Posted Message
Page:1234Next >
mossfan18
Member
_
23. August 2013 @ 15:54 _ Link to this message    Send private message to this user   
PC has recently began to freeze and take forever to load simple programs. I ran Malwarebytes & 4 objects were detected.


Can you see anything from my HJT log? TIA guys!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:55:59 PM, on 8/23/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\AdFender\AdFender.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\MKVToolNix\mmg.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=4f7500a9...33-101f74bee443
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=4f7500a9...33-101f74bee443
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file)
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SMessaging] C:\Users\JRdenn\AppData\Local\Strongvault Online Backup\SMessaging.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [49AB5E380498AE00FBC09232F5ADE192CCB0EA2A._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [Google Update] "C:\Users\JRdenn\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [HDD Observer] C:\Program Files\HDD Observer\HDD Observer.exe
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Startup: AdFender.lnk = C:\Program Files (x86)\AdFender\AdFender.exe
O4 - Startup: BTGuard Updates.lnk = C:\BTGUARD\settings.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HDD Observer Service - Unknown owner - C:\Program Files\HDD Observer\HDDObserver.Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 19309 bytes

Eddie Dennison
Advertisement
_
__
ddp
Moderator
_
23. August 2013 @ 16:48 _ Link to this message    Send private message to this user   
what did malwarebytes find? have you tried system restore to before this problem started?
AfterDawn Addict
_
23. August 2013 @ 16:56 _ Link to this message    Send private message to this user   
I can understand SLOW... No malware seen in HJT Log, just remnants..

You have 43 programs, 10 BHO's, couple of Toolbars and some other unnecessary stuff that starts and runs all the time when you boot up......

You have a MiniTruck trying to do the job of an 18 Wheeler!

2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
AfterDawn Addict
_
23. August 2013 @ 16:57 _ Link to this message    Send private message to this user   
It's not malware, ddp, it's congestion...
AfterDawn Addict
_
23. August 2013 @ 17:22 _ Link to this message    Send private message to this user   
Hi mossfan18,

To start cleaning: Turn off your AntiVirus and follow the following instructions..
It may be a long procedure so bite your lip and start cleaning?.
You will later have too stop a huge amount of these programs from running at Start up. That don?t get rid of them just stops them from running all of the time.

Security Check

Please download and save SecurityCheck.exe to your Desktop.

? Double-click SecurityCheck.exe then follow the on-screen instructions inside of the black box.
? A Notepad document should open automatically called checkup.txt
? Please copy and past the contents of checkup.txt in your next reply.


AdwCleaner

Please download adwcleaner and save to your desktop.

? Close all open programs and internet browsers.
? Double click on AdwCleaner.exe to run the tool.
? Click on Delete.
? Confirm each time with Ok. if asked.
? Your computer will be rebooted automatically.
? A text file will open after the restart.
? Please copy and past the content of that log file with your next post.


Note: The log can also be located at C: >> AdwCleaner[XX].txt >> XX <-- denotes the number of times the application has been ran, so in this case may be something like R1.



Junkware Removal Tool

Please download jrt.exe and save it to your desktop.

? If running Vista or Win7... right-click jrt.exe and select "Run as Administrator", otherwise just double click it. The tool will open and start scanning your system. Please be patient, it can take a while depending on your system. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
? Please copy and paste the contents of JRT.txt and post in your next reply.


When finished with these post the Logs and also run HJT after running these and post the new HJT Log.

2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
ddp
Moderator
_
23. August 2013 @ 17:30 _ Link to this message    Send private message to this user   
i saw the congestion as i see he still have parts of avg2012 on the list when he is using avg2013.
AfterDawn Addict
_
23. August 2013 @ 17:40 _ Link to this message    Send private message to this user   
yeah I know. He also has another AV running, AdAware, that's what I want Security Check for.
mossfan18
Member
_
23. August 2013 @ 18:20 _ Link to this message    Send private message to this user   
thanks guys .. so it's just congested as hell eh? I'll start the cleaning process as recommended. Malwarebytes found PUP something another in my default & I deleted it. Didn't realize AVG 2012 was loaded. I know you pc know-it-all's think people like me are just lulz when you see our HJT logs.

Thanks guys! Will let you know how it works after cleaning & will contribute a donation to the site if you still can.

Eddie Dennison
AfterDawn Addict
_
23. August 2013 @ 18:29 _ Link to this message    Send private message to this user   
We would appreciate a donation because the pay here sucks pond water. LOL
But all we ask for is a simple "Thanks" and don't tell anyone we gave you a discount. LMAO

2oG
ddp
Moderator
_
23. August 2013 @ 18:50 _ Link to this message    Send private message to this user   
mossfan18, how much ram are you running?
mossfan18
Member
_
24. August 2013 @ 01:04 _ Link to this message    Send private message to this user   
HJT log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:01:04 AM, on 8/24/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\AdFender\AdFender.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SMessaging] C:\Users\JRdenn\AppData\Local\Strongvault Online Backup\SMessaging.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [49AB5E380498AE00FBC09232F5ADE192CCB0EA2A._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [Google Update] "C:\Users\JRdenn\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [HDD Observer] C:\Program Files\HDD Observer\HDD Observer.exe
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Startup: AdFender.lnk = C:\Program Files (x86)\AdFender\AdFender.exe
O4 - Startup: BTGuard Updates.lnk = C:\BTGUARD\settings.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HDD Observer Service - Unknown owner - C:\Program Files\HDD Observer\HDDObserver.Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17613 bytes

___________________________________________________

Checkup


sp Results of screen317's Security Check version 0.99.72
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2013
Lavasoft Ad-Aware
AVG Anti-Virus Free Edition 2012
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.75.0.1300
Wise Disk Cleaner 7.55
Java(TM) 6 Update 35
Java 7 Update 25
Adobe Flash Player 11.8.800.94
Adobe Reader XI
Mozilla Firefox (23.0.1)
Google Chrome 28.0.1500.95
Google Chrome 29.0.1547.57
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
AVG avgwdsvc.exe
Ad-Aware Antivirus AdAwareService.exe
Ad-Aware Antivirus SBAMSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````


___________________________________________


ADWcleaner log

# AdwCleaner v3.000 - Report created 24/08/2013 at 00:29:29
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : JRdenn - JRDENN-HP
# Running from : C:\Users\JRdenn\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\adawaretb
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\JRdenn\AppData\Local\Conduit
Folder Deleted : C:\Users\JRdenn\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\JRdenn\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\JRdenn\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\JRdenn\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\JRdenn\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\JRdenn\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\JRdenn\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\JRdenn\AppData\Roaming\Mozilla\Firefox\Profiles\hrl5bnf1.default\adawaretb
Folder Deleted : C:\Users\JRdenn\AppData\Roaming\Mozilla\Firefox\Profiles\hrl5bnf1.default\jetpack
Folder Deleted : C:\Users\JRdenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Deleted : C:\Users\JRdenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\JRdenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbofibgamhkgoonaocfgemncghhadmgb
[!] Folder Deleted : C:\Users\JRdenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbofibgamhkgoonaocfgemncghhadmgb
File Deleted : C:\Users\JRdenn\AppData\Roaming\Mozilla\Firefox\Profiles\hrl5bnf1.default\Extensions\addon@defaulttab.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\JRdenn\AppData\Roaming\Mozilla\Firefox\Profiles\hrl5bnf1.default\searchplugins\Conduit.xml
File Deleted : C:\Users\JRdenn\AppData\Roaming\Mozilla\Firefox\Profiles\hrl5bnf1.default\searchplugins\search.xml
File Deleted : C:\Users\JRdenn\AppData\Roaming\Mozilla\Firefox\Profiles\hrl5bnf1.default\searchplugins\Searchab.xml
File Deleted : C:\Users\JRdenn\AppData\Roaming\Mozilla\Firefox\Profiles\hrl5bnf1.default\searchplugins\search-here.xml
File Deleted : C:\Users\JRdenn\AppData\Roaming\Mozilla\Firefox\Profiles\hrl5bnf1.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pbofibgamhkgoonaocfgemncghhadmgb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pbofibgamhkgoonaocfgemncghhadmgb
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16483

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\JRdenn\AppData\Roaming\Mozilla\Firefox\Profiles\hrl5bnf1.default\prefs.js ]

Line Deleted : user_pref("CT3272718.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3272718.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":

\"hxxp://www.feedlive.net/california.asx\"}");
Line Deleted : user_pref("CT3272718.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272718.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272718.FirstTime", "true");
Line Deleted : user_pref("CT3272718.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3272718.LoginRevertSettingsEnabled", true);
Line Deleted : user_pref("CT3272718.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3272718.RevertSettingsEnabled", true);
Line Deleted : user_pref("CT3272718.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?

ctid=CT3272718&SearchSource=2&CUI=UN24953591821053190&q=");
Line Deleted : user_pref("CT3272718.TopHitsConfig.enc",

"ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL2NhcDEuY29uZHVpdC1hcHBzLmNvbS9BcHBzL1RvcEhpdHNMeXJpY3MvY29uZmlncy9VUy1HQi1ERS1FUy1JVC9zcHJpdGUucG5nIiwNCiAgICAiaXRlbXMi

Oi[...]
Line Deleted : user_pref("CT3272718.UserID", "UN24953591821053190");
Line Deleted : user_pref("CT3272718.YTbyClickFavorites.enc", "W10=");
Line Deleted : user_pref("CT3272718.YTbyClickRecent.enc", "W10=");
Line Deleted : user_pref("CT3272718.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3272718.autoDisableScopes", 0);
Line Deleted : user_pref("CT3272718.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3272718.cbfirsttime.enc", "V2VkIEZlYiAwNiAyMDEzIDIxOjI5OjUxIEdNVC0wNTAwIChFYXN0ZXJuIFN0YW5kYXJkIFRpbWUp");
Line Deleted : user_pref("CT3272718.defaultSearch", "true");
Line Deleted : user_pref("CT3272718.embeddedsData", "[{\"appId\":\"130004885110157816\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle

\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3272718.enableAlerts", "always");
Line Deleted : user_pref("CT3272718.enableFix404ByUser", "FALSE");
Line Deleted : user_pref("CT3272718.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3272718.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3272718.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3272718.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT3272718.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3272718.fixUrls", true);
Line Deleted : user_pref("CT3272718.installDate", "6/2/2013 21:10:58");
Line Deleted : user_pref("CT3272718.installId", "aaa_cid119");
Line Deleted : user_pref("CT3272718.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT3272718.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3272718.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272718.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3272718.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3272718.keyword", "true");
Line Deleted : user_pref("CT3272718.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?

ctid=CT3272718&octid=CT3272718&SearchSource=15&CUI=UN24953591821053190&SSPV=EB_SSPV&Lay=1&UM=[...]
Line Deleted : user_pref("CT3272718.lastVersion", "10.14.42.7");
Line Deleted : user_pref("CT3272718.mam_gk_CouponBuddy_appState.enc", "b24=");
Line Deleted : user_pref("CT3272718.mam_gk_PriceGong_appState.enc", "b24=");
Line Deleted : user_pref("CT3272718.mam_gk_appsData.enc",

"eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvcGcvcGcuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h

[...]
Line Deleted : user_pref("CT3272718.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3272718.mam_gk_configuration.enc",

"eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImNyaXRlcmlhcyI6W3siY3JpdGVyaWFJZCI6IjNhNDcwNWJjLWI3YjYtNGZhNy04NWJmLTg5OGM4MDQyZWUxOCIsImRvbWFpbnMiOls[...]
Line Deleted : user_pref("CT3272718.mam_gk_currentVersion.enc", "MS4yLjAuMTI=");
Line Deleted : user_pref("CT3272718.mam_gk_eventsCache.enc",

"eyIwNmYxNzcwZS02MmFiLTRmMDgtYTFlNC0zMjZkZmUxNmZlMjIiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjpbIldlbGNvbWUiLCJWaWV3Il0sInVuaXF1ZUlkIjoiMDZmMTc3MGUtNjJhYi00Z

[...]
Line Deleted : user_pref("CT3272718.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3272718.mam_gk_gadgetOpen.enc", "MA==");
Line Deleted : user_pref("CT3272718.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3272718.mam_gk_lastLoginTime.enc", "MTM2MDIwNDE5MDc3Mw==");
Line Deleted : user_pref("CT3272718.mam_gk_localization.enc",

"eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg

[...]
Line Deleted : user_pref("CT3272718.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3272718.mam_gk_settings1.2.0.12.enc",

"eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMTIyXzAiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0[...]
Line Deleted : user_pref("CT3272718.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3272718.mam_gk_showWelcomeGadget.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3272718.mam_gk_userId.enc", "NGMzMjkyZTEtYzY0ZS00Njk0LWE0OTMtMzMwMjQ4NDBhODg4");
Line Deleted : user_pref("CT3272718.mam_gk_user_apps_selection.enc", "");
Line Deleted : user_pref("CT3272718.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3272718.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Funiverse.chacha.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"Guide

%20Console%20-%20Dashboard\",\"EB_SEARCH_TERM\":\"\",\"EB_T[...]
Line Deleted : user_pref("CT3272718.openThankYouPage", "false");
Line Deleted : user_pref("CT3272718.openUninstallPage", "true");
Line Deleted : user_pref("CT3272718.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT3272718.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT3272718.search.searchAppId", "130004885110157816");
Line Deleted : user_pref("CT3272718.search.searchCount", "0");
Line Deleted : user_pref("CT3272718.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3272718.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3272718.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272718.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272718.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3272718.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3272718\"}");
Line Deleted : user_pref("CT3272718.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":

\"hxxp://MixiDJToolbar.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3272718.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"MixiDJ\"}");
Line Deleted : user_pref("CT3272718.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272718.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1360204183816");
Line Deleted : user_pref("CT3272718.serviceLayer_services_appsMetadata_lastUpdate", "1360204183940");
Line Deleted : user_pref("CT3272718.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1360204183892");
Line Deleted : user_pref("CT3272718.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360204184351");
Line Deleted : user_pref("CT3272718.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1360204183858");
Line Deleted : user_pref("CT3272718.serviceLayer_services_searchAPI_lastUpdate", "1360204182707");
Line Deleted : user_pref("CT3272718.serviceLayer_services_serviceMap_lastUpdate", "1360204182327");
Line Deleted : user_pref("CT3272718.serviceLayer_services_toolbarContextMenu_lastUpdate", "1360204183821");
Line Deleted : user_pref("CT3272718.serviceLayer_services_toolbarSettings_lastUpdate", "1360204182717");
Line Deleted : user_pref("CT3272718.serviceLayer_services_translation_lastUpdate", "1360204183931");
Line Deleted : user_pref("CT3272718.settingsINI", true);
Line Deleted : user_pref("CT3272718.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3272718.smartbar.CTID", "CT3272718");
Line Deleted : user_pref("CT3272718.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3272718.smartbar.homepage", "true");
Line Deleted : user_pref("CT3272718.smartbar.toolbarName", "MixiDJ ");
Line Deleted : user_pref("CT3272718.startPage", "true");
Line Deleted : user_pref("CT3272718.toolbarBornServerTime", "7-2-2013");
Line Deleted : user_pref("CT3272718.toolbarCurrentServerTime", "7-2-2013");
Line Deleted : user_pref("CT3272718_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1360204178734,\"isWithState\":\"\",

\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272718&SearchSource=13&CUI=UN24953591821053190");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "MixiDJ Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?

ctid=CT3272718&SearchSource=2&CUI=UN24953591821053190&q=");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3272718");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272718&SearchSource=3&q={searchTerms}

&CUI=UN24953591821053190");
Line Deleted : user_pref("browser.search.order.2", "Blekko");
Line Deleted : user_pref("ct3272718.UserID", "UN24953591821053190");
Line Deleted : user_pref("extensions.crossrider.bic", "1387b73fb9a82283839b1dc1bd87ed7a");
Line Deleted : user_pref("extensions.netassistant.keyword.url", "hxxp://searchab.com/?aff=7&uid=4f7500a9-795f-11e2-8433-101f74bee443&q=");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3272718&SearchSource=13&CUI=UN24953591821053190");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?

ctid=CT3272718&SearchSource=2&CUI=UN24953591821053190&q=");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.orbitdownloader.com");
Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");
Line Deleted : user_pref("smartbar.originalSearchEngine", "Google");

-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\JRdenn\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url

*************************

AdwCleaner[R0].txt - [24180 octets] - [24/08/2013 00:25:39]
AdwCleaner[S0].txt - [22733 octets] - [24/08/2013 00:29:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22794 octets] ##########



______________________________________

JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by JRdenn on Sat 08/24/2013 at 0:46:49.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{596AA0F3-9801-4119-BB4F-54C3965A92E9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{627C4FEE-4BD3-4C98-B5C4-C5B001BEEEEF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{627C4FEE-4BD3-4C98-B5C4-C5B001BEEEEF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho6832.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\Users\JRdenn\AppData\Roaming\strongvault"
Successfully deleted: [Folder] "C:\Users\JRdenn\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\JRdenn\appdata\local\blekkotb_031"
Successfully deleted: [Folder] "C:\Users\JRdenn\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\JRdenn\appdata\local\stronghold_llc"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Failed to delete: [Folder] "C:\Program Files (x86)\dll-files.com fixer"
Successfully deleted: [Folder] "C:\Program Files (x86)\tuguu sl"
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{005C6258-F96A-43C1-9C88-8F29D0FB0F73}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{00731577-CF72-4447-A076-5618698553F8}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{013D35A5-586E-445F-9D90-F29290A6E22A}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{01E43004-5F31-4282-986F-84FA0A4C89AE}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{01FD48B7-0F2B-4F80-BD33-2A007420CDF5}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{0546B025-79C6-46A0-B132-F807E6CBB0C6}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{0654614F-29B9-44F3-9475-31E4FE0BC7C4}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{079E6684-29F0-4D29-8778-1EBB291B8639}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{07F4D1D0-404B-4F30-A0F3-2051D92D6CE3}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{089CDCD3-B5CA-4D05-9D06-EAC90F6AEC8C}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{0F380F27-038C-4839-BE8C-AABC1870E666}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{110F90B9-8080-46A5-8F5F-DDFF66790A7E}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{14F9BA45-EAA2-4E87-BDE5-F3784D491DF4}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{17011C68-B1AE-4BE9-A95C-AF551B57CBF4}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{1719B537-E53E-495F-8621-58D6FEA1EE0A}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{1737415E-9421-464F-AB87-E44F7D9501E9}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{1979B679-63E6-4F29-A62D-AE18A31E8802}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{1D1473AE-EA9E-4939-B86C-C89C97F97A69}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{1D67410B-5893-49A2-9CDB-061C7B9BAA6B}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{1E44E603-2092-43B9-A4E2-8EA7283C3D73}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{1ECD492A-6C87-41C6-87D7-678709333D4D}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{1FBB5FDC-A6AA-4496-BE5E-24BB5A774FE6}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{205BEBD2-6ECC-4892-8FC7-7A5AD34E71B3}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{206E4A12-5968-4997-AA65-489BAE37EBB9}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{2105F8EA-72DC-4726-A58D-849F255B5B92}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{25887843-56C6-406E-A9B8-5BA847823916}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{2729445D-3A74-4231-A267-28CED72CE0A5}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{27645E5F-538F-47AD-AE67-E985A5341BDC}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{27A93417-348C-4ED0-B394-C63A0C5DF64E}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{310FD86C-4F37-4F4E-B6F9-65554D778736}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{32601A3B-2B90-4940-A4D9-CAD379856DE7}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{3C20D49A-DD8E-405C-91B8-1DD71186FCB0}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{409ED724-144C-4B65-860F-4CFD9868C523}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{40A428EE-A81D-49E5-9F91-39921214D8CC}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{42CF2731-C905-44B4-8F20-6935F6589E5D}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{43BB9B48-444F-4603-A02E-49346C4A15C1}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{43EDFBDA-4531-4D68-A8CE-B58B0218C133}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{46BD6297-127C-44B6-8745-FF081A7E4795}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{4BFD9827-D08C-4624-A276-3BDE91ABD130}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{4D489BB4-73B0-45EC-AB02-DA74C7B31A93}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{503E635B-85D8-421F-95D7-1352E583306D}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{53707495-3E15-468E-A7FE-D66D365B49A8}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{54BA8FA9-F2CD-4E83-A3AE-788CAEF29489}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{55A7D043-FF1E-4871-AAFA-CF37FE73C1D3}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{56EA7B39-D65A-4D11-B048-F1511190779B}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{583D7B66-8976-4BD8-A2FC-0821956183EA}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{59DBD49A-626E-4C6E-988C-FB49ACF9DD89}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{5BFABB97-5456-489D-92A5-BADBEDDC8265}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{5C987700-676F-47FC-98BF-A3855D6BE91B}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{5DE693F8-E654-4905-A4FB-755601C2977B}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{5E76E9D8-B9EB-404E-A291-C43C9146D106}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{5E8A91D7-54DF-4F7A-9E07-02C0C17D5D66}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{5E8D7BAC-9F0C-4EBA-B5DD-17741F7B8010}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{5E92A55E-70DE-4B4D-9B4B-95FD1C54B587}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{600B5485-09E1-4D04-9BBF-DAAD7A9ECB59}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{61B3A840-7D4D-4A6F-A30F-21A70151760C}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{681326CB-0A4F-48DA-B2EF-C12980D49710}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{69630ECF-D4B5-4CEE-B22F-198664879EEC}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{6A9DC387-C2ED-4D08-95F6-587EDBDA658D}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{6C4444B5-7387-4377-A981-48B766808A69}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{6C822594-A920-4580-871E-7A688094ED80}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{6D06A7BA-09F4-472F-B92C-212767EFD016}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{6DCC531F-D033-4F77-9591-865ED554C78E}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{6E6818D8-16EC-4C9E-969D-F939CDF530EF}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{6F925958-8072-463F-ABF6-6664EA39695A}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{701DEED9-A162-4F85-A5E5-DE5D38406007}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{718122B8-8DA8-462E-B108-3AF51E7A1F06}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{73FA0EBE-9261-45B9-B9F5-7DA0C4CAEDDE}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{761770C8-857D-405B-ADB7-431C88F3C735}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{785449BF-B750-4C86-B996-63DD130A382F}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{7957FD8C-6FAE-46A3-8810-CB81A988BF30}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{7C2BE211-69C6-4301-8303-48FCF4D92A41}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{7D19146E-D7C8-4766-AC1D-614152ACF967}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{7D9787E6-9E31-4872-837B-64EED156861D}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{80B2DFC9-F093-43DF-9DE6-C9B4FD166F20}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8144D03E-B13F-4885-A6B8-4BDD73B45766}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8147E375-3D42-4BC1-8CD9-8441029BE013}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{81677E9B-242D-4615-94C2-6B5A77D95495}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8169A020-8E30-4B12-A14F-CD1837560CDB}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{81DEA68A-C9E1-40B8-B48C-D3AC1C36D286}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8234A81A-DF48-46AF-A900-C680579C61E7}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{83063274-C1FE-44FD-884D-24C98240581E}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{84959C66-976C-4247-9904-AC18FB2AFFF9}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{87450692-4254-446F-9B14-DE285B9D1CD5}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{883F97D8-E10F-48E3-A009-350810AD3B19}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{89AFEF5F-56A9-4A0B-BEBF-6B6BCDBB96E4}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8B7D32A2-8E83-4619-A3D9-5EA85037390A}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8B84EBA3-EC9D-43A1-9E43-B07BC41FF11B}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8BDA5504-EDBC-4D9A-BC60-A19228FC4B1C}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8DE00EEC-4AEE-43CA-A88B-2152135DE4F4}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8DF142D6-7404-4633-A2D2-3ADCF492F32F}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8E108C87-B073-43AC-9D2D-D69567D5D1B1}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{8EB0EBE6-E121-4E2F-8127-723B3F31FB8B}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{905611A7-99E2-47C5-B187-21B320F26119}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{913F292A-1008-489B-B5B1-C0C4F1449CF8}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{91B81B05-186A-418F-913F-DF9D0E1B69DB}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{924169CA-55F4-40D0-A34C-88E66BD46086}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{9714E930-942A-45C1-A732-751CD5B99EBF}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{97926DD0-3560-45DB-9255-982A57ECA737}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{9953890C-D70F-4085-879A-DC44433F7A9A}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{99EDBF15-3315-42EA-A760-3889F3224A72}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{9BA73482-F3BB-478B-914E-5D7831C5F104}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{9E1AA926-9F45-4033-9150-4C53CBC91C65}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{A0FF1C34-488F-42A1-9F92-F6A6B9876AF9}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{A150CF02-C2D7-4F88-9C81-EA70D075848F}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{A260DDFC-8F73-47FF-B975-DBD002EDF98E}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{A4F935FA-743A-406B-A7C4-CE87B48ECAD2}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{A5DB22E8-E99F-4B86-9209-E275B0C0A4AE}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{A835BDFC-AA8B-46B1-8B85-6D85DDF47B5A}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{A849B72A-DBAC-4A59-B485-C8E9F684AE31}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{ADE7E810-FB99-4098-8C8D-75769CE751B3}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{AF6C4792-1F8B-49A8-AE7D-0A3266907C24}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{B0400E4D-D6B3-4FD7-BB6A-5573BE642882}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{B080C402-4BFE-4A7B-8CC3-2323D60FA000}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{B08560B2-D984-401E-A2A1-FA9A7370937F}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{B12DE529-2EEC-4983-AD2A-27B9F9262ED6}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{B1FD6AE3-689E-4ED9-8474-590A5374059B}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{B25BEEAA-CF81-4868-B5B8-39E6C8E69DBB}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{B3900E7F-AD61-4109-9918-FE7C99480ED4}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{B4000D87-5947-4E93-BB00-88635D137DA3}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{B4101685-D2E3-4490-A881-484D14D7691B}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{BB75CE48-B30D-43AA-9560-C741792D4525}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{BB99897F-C5B2-494F-AD6B-506A343725A7}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{BC236DAE-4692-448F-9144-97D89CEB3B41}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{BC87333C-E3C5-4DD8-88A2-16E6B47C5D3D}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{BD0FC47F-B5AA-4ADB-B7EA-EFF9721E4A84}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{BDD84687-7BE6-43B7-8F9E-1853EC874ED2}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{BF31A52D-318B-4345-A182-B83CB020971A}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{BFA17256-AA05-420B-8483-14C80383ED5D}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{BFBDD8FF-0593-4BFF-856B-DBD0081C5F61}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{C373D276-C441-42AF-B533-E335B958D82D}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{C83C44AC-9A0C-4254-A0EE-E62D19AB10FE}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{C85E9AFA-A820-449E-ABEA-726CBA4710DC}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{D2D6F426-E716-4A0F-8CE7-161C3BD57F19}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{D9745A98-209D-4CF7-8936-537F3B52C598}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{DDFBAE7D-502B-4C39-B648-A86F4ED9B678}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{DE5C6BCD-C511-47C3-9C2A-DEB1F0E2B099}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{DE973E99-E062-4FBF-BB16-43170E531D01}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{E387A131-79C2-428D-9764-EA9D3A7B353F}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{E3B43E75-166C-4282-9A48-441195841A32}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{E4126867-A22F-465E-8620-8605615D81D5}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{E55A431E-2219-4F13-9819-D60352F32706}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{E566C1D4-FEF6-40F6-B715-1CA8DB5F6502}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{E968B83F-946C-4BBD-809B-360E683C6008}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{E9EB23DA-885C-4505-9FF9-5A2C39C31790}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{EDAAC8A2-82BB-4FBD-84A5-EA3F5A618A4C}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{F0238FEC-9C5C-46BE-BD1B-412C06D0FD82}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{F1C3C8AF-75AD-4A25-B0A2-7A0515B3BC2C}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{F27FDD7E-D0E3-4791-B247-A65D65244546}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{F2C5F81E-D4D4-4362-8C43-2863579494D5}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{F8A2167C-C128-4AB3-A9A2-12252C35541D}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{F8A4F7DE-D383-43EC-A9FE-82C7363D121A}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{F9CFC487-86AD-4CCE-9999-67BA1FC60819}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{FA4540E9-E294-4D67-9B9F-B89251573D78}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{FB9BB21E-E11A-42AC-9285-03EC4675A534}
Successfully deleted: [Empty Folder] C:\Users\JRdenn\appdata\local\{FCF42ABE-F0CB-44F6-BCB1-8C21838FD457}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\JRdenn\AppData\Roaming\mozilla\firefox\profiles\hrl5bnf1.default\extensions\staged
Successfully deleted the following from C:\Users\JRdenn\AppData\Roaming\mozilla\firefox\profiles\hrl5bnf1.default\prefs.js

user_pref("browser.search.defaultengine", "Privitize VPN");
user_pref("browser.search.order.1", "Privitize VPN");
user_pref("browser.startup.homepage", "hxxp://www.mysearchresults.com/?c=4002&t=01");
user_pref("extensions.defaulttab.installdate", 1345320426);
Emptied folder: C:\Users\JRdenn\AppData\Roaming\mozilla\firefox\profiles\hrl5bnf1.default\minidumps [14 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 08/24/2013 at 0:57:59.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Eddie Dennison
mossfan18
Member
_
24. August 2013 @ 01:06 _ Link to this message    Send private message to this user   
Originally posted by ddp:
mossfan18, how much ram are you running?
4.00 GB


BTW: I never tried restore as someone asked

Eddie Dennison
ddp
Moderator
_
24. August 2013 @ 01:26 _ Link to this message    Send private message to this user   
still running 2 avgs, 2012 & 2013.
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2013
Lavasoft Ad-Aware
AVG Anti-Virus Free Edition 2012
Antivirus up to date! (On Access scanning disabled!)

get rid of 2012.
AfterDawn Addict
_
24. August 2013 @ 10:34 _ Link to this message    Send private message to this user   
mossfan18,
You actually have 4 AntiVirus running at the same time.. They conflict and will actually leave you unprotected, as you can see from the amount of adware, spyware and foistware that was removed by that first cleaning.

There is a lot more work to be done in order to get you back to running clean and fast so, bare with me and we will get you going strong as soon as possible.

First go to -> Start -> control panel -> programs and features and uninstall the following:
AVG AntiVirus Free Edition 2013
Lavasoft Ad-Aware
AVG Anti-Virus Free Edition 2012
Ad-Aware Antivirus

Next download and install Avast! Antivirus -> HERE!

Avast is a much better AV than the ones you have. We can use it during this cleaning period and afterwards you can change if you don?t like it..


DDS is a diagnostic tool, which scans your computer and produces logs which can be analyzed and interpreted by your helper.

To run a scan with DDS .....

Please Download DDS and save it to your Desktop.

? Double click dds.scr to run the tool.
? If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
? DDS will now scan your computer.
? When the scan is complete, DDS will open two (2) logs:
o DDS.txt
o Attach.txt

? If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
? Please note it is important that you post BOTH logs in your topic.

Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
mossfan18
Member
_
25. August 2013 @ 11:06 _ Link to this message    Send private message to this user   
thanks man, I'm doing it ... I deleted AVG but it still shows it in my programs but doesn't give me an option to uninstall. When I click uninstall nothing happens. I've never seen this before. Normal?

Eddie Dennison
ddp
Moderator
_
25. August 2013 @ 12:28 _ Link to this message    Send private message to this user   
did you delete it or uninstall it as sounds like you deleted it? try 1 of these.
http://download.avg.com/filedir/util/av...6_2013_3341.exe
http://download.avg.com/filedir/util/av...4_2013_3341.exe
mossfan18
Member
_
25. August 2013 @ 15:12 _ Link to this message    Send private message to this user   
N/M I used Revo Pro to uninstall AVG

And yes, I ran the uninstaller and rebooted the pc, but it was sill there. But Revo Pro deleted all of it.

Thanks!

Eddie Dennison

This message has been edited since posting. Last time this message was edited on 25. August 2013 @ 15:13

mossfan18
Member
_
25. August 2013 @ 16:40 _ Link to this message    Send private message to this user   
Hey 20G, I can't dl the DDS program, clicking takes me to a blank page.

EDIT: N/M : I copied the url and pasted it into Google search and found it.

Eddie Dennison

This message has been edited since posting. Last time this message was edited on 25. August 2013 @ 16:42

mossfan18
Member
_
25. August 2013 @ 16:47 _ Link to this message    Send private message to this user   
DDS log

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.25.2
Run by JRdenn at 16:50:46 on 2013-08-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2223 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\HDD Observer\HDDObserver.Service.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\AdFender\AdFender.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\helppane.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader

\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll
BHO: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live

\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck

\HPNetworkCheckPlugin.dll
BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
uRun: [AdobeBridge] <no file>
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
dRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
StartupFolder: C:\Users\JRdenn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AdFender.lnk - C:\Program Files (x86)\AdFender\AdFender.exe
StartupFolder: C:\Users\JRdenn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BTGUAR~1.LNK - C:\BTGUARD\settings.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
TCP: NameServer = 208.180.42.68 208.180.42.100
TCP: Interfaces\{A1AE69A2-642C-45EC-91C9-C43FDF94F91E} : DHCPNameServer = 208.180.42.68 208.180.42.100
TCP: Interfaces\{A1AE69A2-642C-45EC-91C9-C43FDF94F91E}\131364850363134363830373 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{A1AE69A2-642C-45EC-91C9-C43FDF94F91E}\3555444454E4C494E4B4E2E45445D243347353 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{A1AE69A2-642C-45EC-91C9-C43FDF94F91E}\3757464656E6C696E6B6E2E65647D263132303 : DHCPNameServer = 208.180.42.68 208.180.42.100
TCP: Interfaces\{A1AE69A2-642C-45EC-91C9-C43FDF94F91E}\3757464656E6C696E6B6E2E65647D293932403 : DHCPNameServer = 208.180.42.68 208.180.42.100
TCP: Interfaces\{A1AE69A2-642C-45EC-91C9-C43FDF94F91E}\5436F6E6F602C4F646765602F4E6D2759664960283 : DHCPNameServer = 192.168.182.1
TCP: Interfaces\{A1AE69A2-642C-45EC-91C9-C43FDF94F91E}\A6274656E6E613938313 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E1BEBAAA-5CC9-460B-B91A-12E87CFFB6AC} : DHCPNameServer = 208.180.42.68 208.180.42.100
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller

\15.4.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-

settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\JRdenn\AppData\Roaming\Mozilla\Firefox\Profiles\hrl5bnf1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL -
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\JRdenn\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Users\JRdenn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\JRdenn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\JRdenn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\JRdenn\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-1-28 77952]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-1-28 38016]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-8-25 189936]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2012-12-22 14456]
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-6-20 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-6-20 15920]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-8-25 378944]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-3-5 45856]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-3-7 497496]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-28 203776]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-2-28 354304]
R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17

194496]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-8-25 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-25 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-8-25 46808]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HDD Observer Service;HDD Observer Service;C:\Program Files\HDD Observer\HDDObserver.Service.exe [2013-7-25 8704]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-1-21 2413056]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-9-23 641832]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-9 144672]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

[2012-11-29 38608]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-10-15 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [2013-8-24

1616048]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-11-14 46136]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-11-14 338536]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-21 425064]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2011-11-14 878184]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-11-14 44672]
S0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-25 65336]
S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-8-25 1030952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18

138576]
S2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe --> C:\Program

Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-8-9 266240]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2013-8-9 39504]
S3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-8-25 31800]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-1-10 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-08-25 20:18:52 -------- d-----w- C:\Program Files (x86)\Siber Systems
2013-08-25 20:16:54 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-08-25 20:16:50 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-08-25 20:16:49 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-08-25 20:16:46 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-08-25 20:16:42 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-08-25 20:16:05 41664 ----a-w- C:\Windows\avastSS.scr
2013-08-25 20:15:44 -------- d-----w- C:\Program Files\AVAST Software
2013-08-25 20:15:14 -------- d-----w- C:\ProgramData\AVAST Software
2013-08-25 15:34:58 -------- d-----w- C:\ProgramData\VS Revo Group
2013-08-25 15:34:57 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
2013-08-25 15:34:56 -------- d-----w- C:\Program Files\VS Revo Group
2013-08-25 03:41:56 -------- d-----w- C:\Users\JRdenn\AppData\Local\AVG Secure Search
2013-08-25 03:37:46 -------- d-----w- C:\ProgramData\AVG Secure Search
2013-08-25 03:37:46 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2013-08-25 03:37:45 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2013-08-25 03:36:42 -------- d-----w- C:\ProgramData\AVG2012
2013-08-24 04:46:44 -------- d-----w- C:\Windows\ERUNT
2013-08-24 04:24:05 -------- d-----w- C:\AdwCleaner
2013-08-22 01:22:20 -------- d-----w- C:\Users\JRdenn\AppData\Roaming\mkvtoolnix
2013-08-22 01:19:55 -------- d-----w- C:\Program Files (x86)\MKVToolNix
2013-08-22 01:11:22 -------- d-----w- C:\Users\JRdenn\AppData\Roaming\avidemux
2013-08-22 01:09:51 -------- d-----w- C:\Program Files (x86)\Avidemux 2.6
2013-08-22 01:06:05 40960 ----a-w- C:\Windows\SysWow64\ssubtmr6.dll
2013-08-22 01:06:05 36864 ----a-w- C:\Windows\SysWow64\trayicon_handler.ocx
2013-08-22 01:06:05 28672 ----a-w- C:\Windows\SysWow64\mousewheel.ocx
2013-08-22 01:06:04 212240 ----a-w- C:\Windows\SysWow64\richtx32.ocx
2013-08-22 01:06:03 -------- d-----w- C:\Program Files (x86)\DVD Flick
2013-08-21 01:03:39 17737608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-08-09 15:39:00 39504 ----a-w- C:\Windows\System32\drivers\gfiark.sys
2013-08-09 14:15:36 -------- d-----w- C:\Users\JRdenn\AppData\Roaming\ControlCenter4
2013-08-09 14:14:26 -------- d-----w- C:\Users\JRdenn\AppData\Roaming\FLEXnet
2013-08-09 14:01:32 -------- d-----w- C:\Brother
2013-08-09 14:01:27 -------- d-----w- C:\Program Files (x86)\Browny02
2013-08-09 14:01:26 -------- d-----w- C:\ProgramData\ControlCenter4
2013-08-09 14:01:23 -------- d-----w- C:\Program Files (x86)\ControlCenter4
2013-08-09 14:01:19 290304 ------w- C:\Windows\System32\BrfxDA5c.dll
2013-08-09 14:01:18 84480 ------r- C:\Windows\System32\BrNetSti.dll
2013-08-09 14:01:18 58880 ------r- C:\Windows\System32\BrWiaNCp.dll
2013-08-09 14:01:18 51712 ------r- C:\Windows\System32\Brnsplg.dll
2013-08-09 14:01:18 316928 ------r- C:\Windows\System32\NSSRH64.dll
2013-08-09 14:01:18 143360 ------r- C:\Windows\System32\BrSNMP64.dll
2013-08-09 14:00:19 73728 ------w- C:\Windows\SysWow64\BrDctF2.dll
2013-08-09 14:00:19 5120 ------w- C:\Windows\SysWow64\BrDctF2S.dll
2013-08-09 14:00:19 5120 ------w- C:\Windows\SysWow64\BrDctF2L.dll
2013-08-09 14:00:19 245760 ------w- C:\Windows\SysWow64\NSSearch.dll
2013-08-09 14:00:19 -------- d-----w- C:\Program Files (x86)\Brother
2013-08-09 13:36:05 -------- d-----w- C:\Program Files\Nuance
2013-08-09 13:34:55 -------- d-----w- C:\ProgramData\zeon
2013-08-09 13:34:06 -------- d-----w- C:\Users\JRdenn\AppData\Roaming\Nuance
2013-08-09 13:32:27 -------- d-----w- C:\Program Files (x86)\Common Files\ScanSoft Shared
2013-08-09 13:32:26 -------- d-----w- C:\ProgramData\Nuance
2013-08-09 13:32:26 -------- d-----w- C:\Program Files (x86)\Nuance
2013-08-09 13:27:35 -------- d-----w- C:\ProgramData\Brother
2013-07-30 15:04:42 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M ====================
.
2013-08-25 03:28:48 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-08-21 01:03:54 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-21 01:03:53 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-30 15:04:24 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-07-30 15:04:24 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-28 20:30:44 1793672 ----a-w- C:\Windows\SysWow64\amtlib.dll
2006-05-03 16:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll
2007-02-21 17:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll
2008-03-16 19:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll
2010-01-07 04:00:00 107520 --sha-r- C:\Windows\SysWOW64\TAKDSDecoder.dll
.
============= FINISH: 16:51:34.06 ===============


Attach log

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/13/2012 1:33:41 PM
System Uptime: 8/25/2013 11:00:36 AM (5 hours ago)
.
Motherboard: Hewlett-Packard | | 1664
Processor: AMD Phenom(tm) II P650 Dual-Core Processor | Socket S1G4 | 780/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 452 GiB total, 228.526 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.513 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0000
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter
PNP Device ID: ROOT\*ISATAP\0000
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #2
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP152: 8/9/2013 10:04:05 AM - Device Driver Package Install: Brother Printers
RP153: 8/14/2013 11:46:01 AM - Removed Adobe Reader X (10.1.4) MUI.
RP154: 8/24/2013 9:07:40 PM - Removed Ad-Aware Antivirus.
RP155: 8/24/2013 11:20:12 PM - Revo Uninstaller's restore point - TurboTax 2011
RP156: 8/24/2013 11:26:04 PM - Removed AVG 2013
RP157: 8/24/2013 11:43:40 PM - Removed AVG 2013
RP158: 8/24/2013 11:48:28 PM - Removed AVG 2013
RP160: 8/25/2013 11:35:26 AM - Revo Uninstaller Pro's restore point - AVG 2013
RP162: 8/25/2013 3:22:25 PM - Revo Uninstaller Pro's restore point - McAfee Security Scan Plus
RP163: 8/25/2013 4:15:33 PM - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
”Torrent
AdFender
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 11.6
Advanced SystemCare 5
Agatha Christie - Peril at End House
AMD Fuel
Any Video Converter 3.3.9
ATI Catalyst Install Manager
Audacity 2.0
avast! EasyPass
avast! Free Antivirus
AVG 2012
Avidemux 2.6 (32-bit)
Bejeweled 2 Deluxe
Bejeweled 3
Bing Bar
Blackhawk Striker 2
Blasterball 3
Blio
Bounce Symphony
Brother MFL-Pro Suite MFC-J425W
BTGuard 2.6
Build-a-lot 2
Cake Mania
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon MP Navigator EX 4.0
Canon MP280 series MP Drivers
Canon MP280 series User Registration
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
ConvertHelper 2.2
Coupon Printer for Windows
CyberLink YouCam
D3DX10
Diner Dash 2 Restaurant Rescue
DivxToDVD 0.5.2b
Dll-Files Fixer
Dora's Ballet Adventures
Dora's World Adventure
DVD Flick 1.3.0.7
DVDInfoPro
Energy Star Digital Logo
ESU for Microsoft Windows 7
Evernote v. 4.2.2
Express Burn
Farm Frenzy
FATE - The Traitor Soul
ffdshow v1.2.4453 [2012-05-21]
GIMP 2.8.0
Google Chrome
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
HandBrake 0.9.6
HDD Observer
Hewlett-Packard ACLM.NET v1.2.1.1
High-Definition Video Playback
HiJackThis
HP Auto
HP Client Services
HP Connection Manager
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MovieStore
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
IDT Audio
ImgBurn
Inkscape 0.48.2
Java 7 Update 25
Java Auto Updater
Java(TM) 6 Update 24 (64-bit)
Java(TM) 6 Update 35
Junk Mail filter update
LightScribe System Software
Magic Desktop
Mah Jong Medley
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MKVToolNix 6.3.0
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
Mystery P.I. - Stolen in San Francisco
Namco All-Stars PAC-MAN
Nero 11
Nero 11 Disc Menus Basic
Nero 11 Effects Basic
Nero 11 Image Samples
Nero 11 Kwik Themes Basic
Nero 11 PiP Effects Basic
Nero Audio Pack 1
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Backup Drivers
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero ControlCenter 11
Nero ControlCenter 11 Help (CHM)
Nero Core Components 11
Nero CoverDesigner 11
Nero CoverDesigner 11 Help (CHM)
Nero Express 11
Nero Express 11 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Recode 11
Nero Recode 11 Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero SoundTrax 11
Nero SoundTrax 11 Help (CHM)
Nero Update
Nero Video 11
Nero Video 11 Help (CHM)
Nero WaveEditor 11
Nero WaveEditor 11 Help (CHM)
nero.prerequisites.msi
Nuance PaperPort 12
Nuance PDF Viewer Plus
PaperPort Image Printer 64-bit
PDF Settings CS6
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
RealDownloader
RealNetworks - Microsoft Visual C++ 2005 Runtime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
RealUpgrade 1.1
Recovery Manager
Replay AV 8
Replay Converter 4
Revo Uninstaller 1.94
Revo Uninstaller Pro 3.0.7
Riverpoint Writer
RoxioNow Player
Scansoft PDF Professional
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Slingo Supreme
SpeedFan (remove only)
Spybot - Search & Destroy
Strongvault Online Backup
SUPER © v2012.build.51 (April 7, 2012) version v2012.build.51
Synaptics Pointing Device Driver
The Weather Channel App
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update Installer for WildTangent Games App
Video Magic 6.0.0.4
VideoPad Video Editor
Virtual Villagers 4 - The Tree of Life
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.1
welcome
Wheel of Fortune 2
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.2
WinRAR 4.20 (32-bit)
WinZip 16.5
Wise Disk Cleaner 7.55
WM Recorder
WMV9/VC-1 Video Playback
Xvid Video Codec
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
8/25/2013 3:22:57 PM, Error: NetBT [4321] - The name "JRDENN-HP :0" could not be registered on the interface with IP address 192.168.0.2. The computer

with the IP address 192.168.0.3 did not allow the name to be claimed by this computer.
8/25/2013 11:01:28 AM, Error: Service Control Manager [7000] - The vToolbarUpdater15.5.0 service failed to start due to the following error: The system

cannot find the file specified.
8/25/2013 11:01:10 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows

\system32\Rtlihvs.dll Error Code: 126
8/25/2013 10:53:56 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate

that the system is low on virtual memory, or that the memory manager has encountered an internal error.
8/25/2013 10:53:41 AM, Error: NetBT [4321] - The name "JRDENN-HP :20" could not be registered on the interface with IP address 169.254.14.138. The

computer with the IP address 192.168.0.2 did not allow the name to be claimed by this computer.
8/25/2013 10:53:41 AM, Error: NetBT [4321] - The name "JRDENN-HP :0" could not be registered on the interface with IP address 169.254.14.138. The

computer with the IP address 192.168.0.2 did not allow the name to be claimed by this computer.
8/25/2013 1:06:13 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{A1AE69A2-642C-45EC-91C9-C43FDF94F91E} because

another computer on the network has the same name. The server could not start.
8/25/2013 1:06:13 PM, Error: NetBT [4321] - The name "JRDENN-HP :20" could not be registered on the interface with IP address 192.168.0.2. The computer

with the IP address 192.168.0.3 did not allow the name to be claimed by this computer.
8/24/2013 5:07:02 PM, Error: NetBT [4321] - The name "JRDENN-HP :20" could not be registered on the interface with IP address 192.168.0.2. The computer

with the IP address 169.254.14.138 did not allow the name to be claimed by this computer.
8/24/2013 5:07:02 PM, Error: NetBT [4321] - The name "JRDENN-HP :0" could not be registered on the interface with IP address 192.168.0.2. The computer

with the IP address 169.254.14.138 did not allow the name to be claimed by this computer.
8/24/2013 11:40:00 PM, Error: Service Control Manager [7003] - The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not

be installed.
.
==== End Of File ===========================

Eddie Dennison

This message has been edited since posting. Last time this message was edited on 25. August 2013 @ 16:48

ddp
Moderator
_
25. August 2013 @ 16:58 _ Link to this message    Send private message to this user   
still have "avg 2012" installed.
==== Installed Programs ======================
.
”Torrent
AdFender
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 11.6
Advanced SystemCare 5
Agatha Christie - Peril at End House
AMD Fuel
Any Video Converter 3.3.9
ATI Catalyst Install Manager
Audacity 2.0
avast! EasyPass
avast! Free Antivirus
AVG 2012
Avidemux 2.6 (32-bit)

get rid of the avg toolbars like this 1 "AVG Secure Search".
mossfan18
Member
_
25. August 2013 @ 19:59 _ Link to this message    Send private message to this user   
k, I ran the avg uninstaller you provided, what log you wanna look at to make sure it's gone?

Eddie Dennison
mossfan18
Member
_
25. August 2013 @ 20:02 _ Link to this message    Send private message to this user   
New Attached log

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/13/2012 1:33:41 PM
System Uptime: 8/25/2013 11:00:36 AM (9 hours ago)
.
Motherboard: Hewlett-Packard | | 1664
Processor: AMD Phenom(tm) II P650 Dual-Core Processor | Socket S1G4 | 2600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 452 GiB total, 228.586 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.513 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0000
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter
PNP Device ID: ROOT\*ISATAP\0000
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #2
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP152: 8/9/2013 10:04:05 AM - Device Driver Package Install: Brother Printers
RP153: 8/14/2013 11:46:01 AM - Removed Adobe Reader X (10.1.4) MUI.
RP154: 8/24/2013 9:07:40 PM - Removed Ad-Aware Antivirus.
RP155: 8/24/2013 11:20:12 PM - Revo Uninstaller's restore point - TurboTax 2011
RP156: 8/24/2013 11:26:04 PM - Removed AVG 2013
RP157: 8/24/2013 11:43:40 PM - Removed AVG 2013
RP158: 8/24/2013 11:48:28 PM - Removed AVG 2013
RP160: 8/25/2013 11:35:26 AM - Revo Uninstaller Pro's restore point - AVG 2013
RP162: 8/25/2013 3:22:25 PM - Revo Uninstaller Pro's restore point - McAfee Security Scan Plus
RP163: 8/25/2013 4:15:33 PM - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
”Torrent
AdFender
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 11.6
Advanced SystemCare 5
Agatha Christie - Peril at End House
AMD Fuel
Any Video Converter 3.3.9
ATI Catalyst Install Manager
Audacity 2.0
avast! EasyPass
avast! Free Antivirus
Avidemux 2.6 (32-bit)
Bejeweled 2 Deluxe
Bejeweled 3
Bing Bar
Blackhawk Striker 2
Blasterball 3
Blio
Bounce Symphony
Brother MFL-Pro Suite MFC-J425W
BTGuard 2.6
Build-a-lot 2
Cake Mania
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon MP Navigator EX 4.0
Canon MP280 series MP Drivers
Canon MP280 series User Registration
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
ConvertHelper 2.2
Coupon Printer for Windows
CyberLink YouCam
D3DX10
Diner Dash 2 Restaurant Rescue
DivxToDVD 0.5.2b
Dll-Files Fixer
Dora's Ballet Adventures
Dora's World Adventure
DVD Flick 1.3.0.7
DVDInfoPro
Energy Star Digital Logo
ESU for Microsoft Windows 7
Evernote v. 4.2.2
Express Burn
Farm Frenzy
FATE - The Traitor Soul
ffdshow v1.2.4453 [2012-05-21]
GIMP 2.8.0
Google Chrome
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
HandBrake 0.9.6
HDD Observer
Hewlett-Packard ACLM.NET v1.2.1.1
High-Definition Video Playback
HiJackThis
HP Auto
HP Client Services
HP Connection Manager
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MovieStore
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
IDT Audio
ImgBurn
Inkscape 0.48.2
Java 7 Update 25
Java Auto Updater
Java(TM) 6 Update 24 (64-bit)
Java(TM) 6 Update 35
Junk Mail filter update
LightScribe System Software
Magic Desktop
Mah Jong Medley
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MKVToolNix 6.3.0
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
Mystery P.I. - Stolen in San Francisco
Namco All-Stars PAC-MAN
Nero 11
Nero 11 Disc Menus Basic
Nero 11 Effects Basic
Nero 11 Image Samples
Nero 11 Kwik Themes Basic
Nero 11 PiP Effects Basic
Nero Audio Pack 1
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Backup Drivers
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero ControlCenter 11
Nero ControlCenter 11 Help (CHM)
Nero Core Components 11
Nero CoverDesigner 11
Nero CoverDesigner 11 Help (CHM)
Nero Express 11
Nero Express 11 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Recode 11
Nero Recode 11 Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero SoundTrax 11
Nero SoundTrax 11 Help (CHM)
Nero Update
Nero Video 11
Nero Video 11 Help (CHM)
Nero WaveEditor 11
Nero WaveEditor 11 Help (CHM)
nero.prerequisites.msi
Nuance PaperPort 12
Nuance PDF Viewer Plus
PaperPort Image Printer 64-bit
PDF Settings CS6
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
RealDownloader
RealNetworks - Microsoft Visual C++ 2005 Runtime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
RealUpgrade 1.1
Recovery Manager
Replay AV 8
Replay Converter 4
Revo Uninstaller 1.94
Revo Uninstaller Pro 3.0.7
Riverpoint Writer
RoxioNow Player
Scansoft PDF Professional
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Slingo Supreme
SpeedFan (remove only)
Spybot - Search & Destroy
Strongvault Online Backup
SUPER © v2012.build.51 (April 7, 2012) version v2012.build.51
Synaptics Pointing Device Driver
The Weather Channel App
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update Installer for WildTangent Games App
Video Magic 6.0.0.4
VideoPad Video Editor
Virtual Villagers 4 - The Tree of Life
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.1
welcome
Wheel of Fortune 2
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.2
WinRAR 4.20 (32-bit)
WinZip 16.5
Wise Disk Cleaner 7.55
WM Recorder
WMV9/VC-1 Video Playback
Xvid Video Codec
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
8/25/2013 7:33:53 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
8/25/2013 7:33:37 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{A1AE69A2-642C-45EC-91C9-C43FDF94F91E} because another computer on the network has the same name. The server could not start.
8/25/2013 7:33:37 PM, Error: NetBT [4321] - The name "JRDENN-HP :20" could not be registered on the interface with IP address 192.168.0.2. The computer with the IP address 192.168.0.3 did not allow the name to be claimed by this computer.
8/25/2013 7:33:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
8/25/2013 3:22:57 PM, Error: NetBT [4321] - The name "JRDENN-HP :0" could not be registered on the interface with IP address 192.168.0.2. The computer with the IP address 192.168.0.3 did not allow the name to be claimed by this computer.
8/25/2013 11:01:28 AM, Error: Service Control Manager [7000] - The vToolbarUpdater15.5.0 service failed to start due to the following error: The system cannot find the file specified.
8/25/2013 11:01:10 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126
8/25/2013 10:53:41 AM, Error: NetBT [4321] - The name "JRDENN-HP :20" could not be registered on the interface with IP address 169.254.14.138. The computer with the IP address 192.168.0.2 did not allow the name to be claimed by this computer.
8/25/2013 10:53:41 AM, Error: NetBT [4321] - The name "JRDENN-HP :0" could not be registered on the interface with IP address 169.254.14.138. The computer with the IP address 192.168.0.2 did not allow the name to be claimed by this computer.
8/24/2013 5:07:02 PM, Error: NetBT [4321] - The name "JRDENN-HP :20" could not be registered on the interface with IP address 192.168.0.2. The computer with the IP address 169.254.14.138 did not allow the name to be claimed by this computer.
8/24/2013 5:07:02 PM, Error: NetBT [4321] - The name "JRDENN-HP :0" could not be registered on the interface with IP address 192.168.0.2. The computer with the IP address 169.254.14.138 did not allow the name to be claimed by this computer.
8/24/2013 11:40:00 PM, Error: Service Control Manager [7003] - The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
.
==== End Of File ===========================

Eddie Dennison
mossfan18
Member
_
25. August 2013 @ 20:07 _ Link to this message    Send private message to this user   
BTW: What's up w/ these program/games

Agatha Christie - Peril at End House

Dora's Ballet Adventures
Dora's World Adventure

Is this stock Windows stuff>

Eddie Dennison
AfterDawn Addict
_
25. August 2013 @ 21:36 _ Link to this message    Send private message to this user   
No, they are not windows stuff...

Sorry I was out all day. will look over your logs and get back to you.

you have so much stuff on that little HP that I doubt you know what half of it is..
after you got rid of AVG, did you install Avast? never mind, I see it..

2oG

@ddp, you want this one? LOL



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...

This message has been edited since posting. Last time this message was edited on 25. August 2013 @ 22:49

Advertisement
_
__
 
_
AfterDawn Addict
_
25. August 2013 @ 22:18 _ Link to this message    Send private message to this user   
mossfan18,

Looked over some of the Logs and it looks like the AVG uninstaller worked. Follow the below paths to see if they are gone.

The whole ?AVG Secure Search? and "AVG SafeGuard toolbar" folders should be gone.. If not, you have Revo Pro and can use the Forced Uninstall feature to follow the path and uninstall the files marked in RED.


C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\npsitesafety.dll

C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe




This is going to be like eating an elephant, just have to take one Byte at a time??


2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...

This message has been edited since posting. Last time this message was edited on 25. August 2013 @ 22:20

 
Page:1234Next >
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > pc freezing / sluggish
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2024 by AfterDawn Ltd.

  IDG TechNetwork