1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Multiple Viruses or Trojans Unknown to me

Discussion in 'Malware and Virus Removal Archive' started by larsonjean, 2013/11/17.

  1. 2013/11/17
    larsonjean

    larsonjean Well-Known Member Thread Starter

    Joined:
    2002/06/03
    Messages:
    766
    Likes Received:
    2
    [Resolved] Multiple Viruses or Trojans Unknown to me

    Hi
    This is the second time I am trying to send the information as requested in your posting directions.

    Something has taken over this computer and I don't know how to rid it. I have run Malware and DDS programs. After running Malware twice it said nothing was detected.

    I hope you can help me clean up this friend's computer.

    Here is the text log on DDS:
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.25.2
    Run by Arlene Ruszala at 9:04:17 on 2013-11-17
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.1820 [GMT -5:00]
    .
    AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\lxeacoms.exe
    C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    C:\Program files\P4G\BatteryLife.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\MsgTranAgt64.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com
    uSearch Page = hxxp://www.google.com
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
    mStart Page = hxxp://www.yahoo.com/?fr=befhp&type=iehp-3.4-1310
    uSearchAssistant = hxxp://www.google.com
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    mURLSearchHooks: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - <orphaned>
    mWinlogon: Userinit = userinit.exe,
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - <orphaned>
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: {EDBBE0D0-A76A-4FE4-AE6B-13BCEFFD75C8} - <orphaned>
    BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    dRun: [SearchProtect] \SearchProtect\bin\cltmng.exe
    dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
    DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/amun/default/mjolauncher.cab
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/popcaploader_v10.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{E73E25D1-6C83-4F92-A148-27D6A96D7EEF} : DHCPNameServer = 192.168.1.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
    x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 lullaby;lullaby;C:\Windows\System32\drivers\lullaby.sys [2009-7-7 16440]
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys [2013-11-14 493656]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys [2013-11-14 1147480]
    R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [2013-11-1 1524824]
    R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys [2013-11-14 162392]
    R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20131115.001\IDSviA64.sys [2013-11-15 521816]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys [2013-11-14 264280]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2013-11-14 590936]
    R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-7-7 14904]
    R2 lxea_device;lxea_device;C:\Windows\System32\lxeacoms.exe -service --> C:\Windows\System32\lxeacoms.exe -service [?]
    R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [2013-11-14 264360]
    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-15 140376]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-3-19 161280]
    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2009-3-20 1119744]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
    S3 CRFILTER;USB Mass Storage Filter;C:\Windows\System32\drivers\CRFILTER.sys [2008-4-7 7168]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2009-7-7 61792]
    S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-15 111616]
    S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2008-10-9 5120]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-22 19456]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-15 56832]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-2 1255736]
    .
    =============== Created Last 30 ================
    .
    2013-11-16 21:13:55 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2013-11-16 21:13:55 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2013-11-16 19:14:59 -------- d-----w- C:\Users\Arlene Ruszala.Home\AppData\Roaming\GlarySoft
    2013-11-16 19:06:47 -------- d-----w- C:\Program Files (x86)\Glary Utilities
    2013-11-16 04:10:37 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
    2013-11-16 04:08:53 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
    2013-11-16 04:08:52 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
    2013-11-16 03:49:32 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2013-11-16 03:49:32 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2013-11-16 03:49:32 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2013-11-16 03:49:32 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2013-11-16 03:49:32 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2013-11-16 03:49:32 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
    2013-11-16 03:49:32 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    2013-11-15 20:48:50 -------- d-----w- C:\Program Files (x86)\CCleaner
    2013-11-15 19:31:34 -------- d-----w- C:\Program Files (x86)\VS Revo Group
    2013-11-15 18:59:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-11-15 18:59:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-11-15 18:30:00 -------- d-----w- C:\Users\Arlene Ruszala.Home\AppData\Roaming\Malwarebytes
    2013-11-15 18:29:49 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-11-15 15:42:43 -------- d-----w- C:\Windows\pss
    2013-11-14 21:30:59 858200 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
    2013-11-14 21:30:59 590936 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys
    2013-11-14 21:30:59 493656 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys
    2013-11-14 21:30:59 36952 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\srtspx64.sys
    2013-11-14 21:30:59 264280 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys
    2013-11-14 21:30:59 23568 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys
    2013-11-14 21:30:59 162392 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys
    2013-11-14 21:30:59 1147480 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys
    2013-11-14 21:30:32 -------- d-----w- C:\Windows\System32\drivers\N360x64\1501000.012
    2013-11-14 20:31:51 -------- d-----w- C:\Program Files (x86)\BetterSurf
    2013-11-13 13:00:29 1930752 ----a-w- C:\Windows\System32\authui.dll
    2013-11-13 13:00:28 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
    2013-11-13 13:00:28 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
    2013-11-13 13:00:27 197120 ----a-w- C:\Windows\System32\credui.dll
    2013-11-13 13:00:27 168960 ----a-w- C:\Windows\SysWow64\credui.dll
    2013-11-13 13:00:27 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
    2013-11-13 13:00:03 1474048 ----a-w- C:\Windows\System32\crypt32.dll
    2013-11-13 13:00:02 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2013-11-13 12:57:48 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
    2013-11-13 12:57:48 830464 ----a-w- C:\Windows\System32\nshwfp.dll
    2013-11-13 12:57:48 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
    2013-11-13 12:57:48 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
    2013-11-13 12:57:48 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
    2013-10-26 19:35:01 -------- d-----w- C:\ProgramData\BeFrugal
    2013-10-26 15:47:45 -------- d-----w- C:\Windows\System32\ljkb
    2013-10-25 17:05:29 -------- d-----w- C:\Users\Arlene Ruszala.Home\AppData\Roaming\uPlayer
    2013-10-25 16:13:13 -------- d-----w- C:\Users\Arlene Ruszala.Home\AppData\Roaming\Grey Alien Games
    2013-10-24 20:33:09 -------- d-----w- C:\Users\Arlene Ruszala.Home\AppData\Roaming\Nevosoft
    2013-10-24 20:21:58 -------- d-----w- C:\Users\Arlene Ruszala.Home\AppData\Roaming\Rumbic Studio
    2013-10-23 22:08:40 -------- d-----w- C:\ProgramData\FreshGames
    .
    ==================== Find3M ====================
    .
    2013-11-17 13:51:41 45056 ----a-w- C:\Windows\System32\acovcnt.exe
    2013-11-14 21:32:37 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
    2013-10-15 09:05:30 1754928 ----a-w- C:\Windows\System32\dmwu.exe
    2013-10-15 08:59:58 33792 ----a-w- C:\Windows\System32\ImHttpComm.dll
    2013-10-09 01:46:05 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-10-09 01:46:05 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
    2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2013-10-02 02:22:20 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
    2013-10-02 02:11:13 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
    2013-10-02 02:08:53 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
    2013-10-02 01:48:59 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
    2013-10-02 01:48:08 18944 ----a-w- C:\Windows\System32\wksprtPS.dll
    2013-10-02 01:29:05 62976 ----a-w- C:\Windows\System32\tsgqec.dll
    2013-10-02 00:15:45 1057280 ----a-w- C:\Windows\System32\rdvidcrl.dll
    2013-10-02 00:14:58 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
    2013-10-02 00:14:20 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
    2013-10-02 00:08:30 83968 ----a-w- C:\Windows\System32\TSWbPrxy.exe
    2013-10-02 00:01:16 420864 ----a-w- C:\Windows\System32\wksprt.exe
    2013-10-01 23:58:48 53248 ----a-w- C:\Windows\SysWow64\tsgqec.dll
    2013-10-01 23:31:09 1147392 ----a-w- C:\Windows\System32\mstsc.exe
    2013-10-01 23:08:10 855552 ----a-w- C:\Windows\SysWow64\rdvidcrl.dll
    2013-10-01 22:34:12 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe
    2013-10-01 20:57:46 6578176 ----a-w- C:\Windows\System32\mstscax.dll
    2013-10-01 20:55:10 5698048 ----a-w- C:\Windows\SysWow64\mstscax.dll
    2013-09-30 15:53:00 829264 ----a-w- C:\Windows\System32\msvcr100.dll
    2013-09-30 15:53:00 608080 ----a-w- C:\Windows\System32\msvcp100.dll
    2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
    2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
    2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
    2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
    2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
    2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
    2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
    2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
    2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
    2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
    2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
    2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
    2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
    2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
    2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
    2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
    2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
    2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
    2013-07-21 01:41:24 4188160 ----a-w- C:\Program Files (x86)\GUTFBAD.tmp
    2010-12-26 02:28:20 476 ----a-w- C:\Program Files (x86)\1225201021282010.bat
    2010-09-03 17:15:56 476 ----a-w- C:\Program Files (x86)\0903201013155645.bat
    2010-09-02 19:05:48 491 ----a-w- C:\Program Files (x86)\0902201015054854.bat
    2010-08-30 23:35:46 488 ----a-w- C:\Program Files (x86)\0830201019354664.bat
    2010-08-27 16:31:46 474 ----a-w- C:\Program Files (x86)\0827201012314594.bat
    2010-07-16 17:31:21 488 ----a-w- C:\Program Files (x86)\0716201013312084.bat
    2010-06-19 17:33:51 486 ----a-w- C:\Program Files (x86)\0619201013335165.bat
    2008-12-23 20:36:14 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
    .
    ============= FINISH: 9:05:11.55 ===============

    Here is attach log:
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 11/21/2009 12:38:09 PM
    System Uptime: 11/17/2013 8:47:59 AM (1 hours ago)
    .
    Motherboard: ASUSTeK Computer Inc. | | K50IJ
    Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz | Socket 478 | 2000/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 286 GiB total, 222.908 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Officejet J4680 series
    Device ID: ROOT\MULTIFUNCTION\0000
    Manufacturer: HP
    Name: Officejet J4680 series
    PNP Device ID: ROOT\MULTIFUNCTION\0000
    Service:
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Officejet J4680 series
    Device ID: ROOT\MULTIFUNCTION\0001
    Manufacturer: HP
    Name: Officejet J4680 series
    PNP Device ID: ROOT\MULTIFUNCTION\0001
    Service:
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Officejet J4680 series
    Device ID: ROOT\MULTIFUNCTION\0002
    Manufacturer: HP
    Name: Officejet J4680 series
    PNP Device ID: ROOT\MULTIFUNCTION\0002
    Service:
    .
    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Officejet 4500 G510n-z
    Device ID: ROOT\IMAGE\0000
    Manufacturer: HP
    Name: Officejet 4500 G510n-z
    PNP Device ID: ROOT\IMAGE\0000
    Service: StillCam
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Officejet J4680 series
    Device ID: ROOT\MULTIFUNCTION\0003
    Manufacturer: HP
    Name: Officejet J4680 series
    PNP Device ID: ROOT\MULTIFUNCTION\0003
    Service:
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Officejet J4680 series
    Device ID: ROOT\MULTIFUNCTION\0004
    Manufacturer: HP
    Name: Officejet J4680 series
    PNP Device ID: ROOT\MULTIFUNCTION\0004
    Service:
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Officejet 4500 G510n-z
    Device ID: ROOT\MULTIFUNCTION\0005
    Manufacturer: HP
    Name: Officejet 4500 G510n-z
    PNP Device ID: ROOT\MULTIFUNCTION\0005
    Service:
    .
    Class GUID:
    Description: Officejet 4500 G510n-z
    Device ID: ROOT\MULTIFUNCTION\0006
    Manufacturer:
    Name: Officejet 4500 G510n-z
    PNP Device ID: ROOT\MULTIFUNCTION\0006
    Service:
    .
    Class GUID:
    Description: HP LaserJet 400 M401n
    Device ID: ROOT\MULTIFUNCTION\0008
    Manufacturer:
    Name: HP LaserJet 400 M401n
    PNP Device ID: ROOT\MULTIFUNCTION\0008
    Service:
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: X5XSEx_Pr143
    Device ID: ROOT\LEGACY_X5XSEX_PR143\0000
    Manufacturer:
    Name: X5XSEx_Pr143
    PNP Device ID: ROOT\LEGACY_X5XSEX_PR143\0000
    Service: X5XSEx_Pr143
    .
    ==== System Restore Points ===================
    .
    RP461: 11/15/2013 9:58:17 PM - Revo Uninstaller's restore point - GC
    RP462: 11/15/2013 10:25:08 PM - Revo Uninstaller's restore point - SelectionLinks
    RP463: 11/15/2013 10:27:05 PM - Revo Uninstaller's restore point - DMUninstaller
    RP464: 11/15/2013 10:28:37 PM - Revo Uninstaller's restore point - The Happy Hereafter
    RP465: 11/15/2013 10:30:13 PM - Revo Uninstaller's restore point - HP Games
    RP466: 11/15/2013 10:49:36 PM - Windows Update
    RP467: 11/15/2013 11:09:00 PM - Windows Update
    RP468: 11/15/2013 11:21:58 PM - Windows Update
    RP469: 11/15/2013 11:35:39 PM - Windows Update
    RP470: 11/16/2013 12:04:22 AM - Windows Update
    RP471: 11/16/2013 2:02:10 PM - Revo Uninstaller's restore point - Lost in Reefs 2
    RP472: 11/16/2013 11:01:21 PM - Revo Uninstaller's restore point - Snap.Do
    RP473: 11/16/2013 11:03:50 PM - Revo Uninstaller's restore point - Snap.Do Engine
    RP474: 11/16/2013 11:42:40 PM - Revo Uninstaller's restore point - Spybot - Search & Destroy
    RP475: 11/16/2013 11:51:08 PM - Restore Operation
    RP476: 11/17/2013 12:11:14 AM - Revo Uninstaller's restore point - Spybot - Search & Destroy
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    4500_G510nz_Help
    4500G510nz
    4500G510nz_Software_Min
    4660_4680_Help
    64 Bit HP CIO Components Installer
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Reader XI (11.0.03)
    ASUS AI Recovery
    ASUS CopyProtect
    ASUS Data Security Manager
    ASUS FancyStart
    ASUS LifeFrame3
    ASUS Live Update
    ASUS MultiFrame
    ASUS Power4Gear Hybrid
    ASUS SmartLogon
    ASUS Splendid Video Enhancement Technology
    ASUS Virtual Camera
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    ATK Generic Function Service
    ATK Hotkey
    ATK Media
    ATKOSD2
    Big Fish: Game Manager
    bpd_scan
    BPDSoftware
    BPDSoftware_Ini
    BufferChm
    CCleaner (remove only)
    Choice Guard
    Compatibility Pack for the 2007 Office system
    CustomerResearchQFolder
    CyberLink Power2Go
    Destinations
    DeviceDiscovery
    DeviceManagementQFolder
    DocMgr
    DocProc
    DocProcQFolder
    Driver Pro v3.0
    eSupportQFolder
    ETDWare PS/2-x64 7.0.5.1 WHQL
    Fax
    Flash Player Pro V5.4
    GEAR driver installer for x86 and x64
    Glary Utilities 2.30.0.1066
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    GPBaseService
    GPBaseService2
    HP Customer Participation Program 13.0
    HP Document Manager 2.0
    HP Imaging Device Functions 13.0
    HP Officejet 4500 G510n-z
    HP OfficeJet J4600 All-In-One Series
    HP Photosmart Essential 2.5
    HP Smart Web Printing 4.60
    HP Solution Center 13.0
    HP Update
    HPProductAssistant
    HPSSupply
    Intel(R) Graphics Media Accelerator Driver
    Internet Explorer Toolbar 4.7 by SweetPacks
    InternetHelper3 Chrome Toolbar
    J4680
    Java 7 Update 25
    Java Auto Updater
    Junk Mail filter update
    Lexmark S300-S400 Series
    LightScribe System Software 1.14.17.1
    LoJack Factory Installer
    Malwarebytes Anti-Malware version 1.75.0.1300
    MarketResearch
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Home and Student 2007
    Microsoft Office Live Add-in 1.5
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared 64-bit MUI (English) 2007
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Web Publishing Wizard 1.52
    Microsoft Works
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Multimedia Card Reader
    Network64
    Nikon Message Center
    Nikon Transfer
    Norton 360
    OCR Software by I.R.I.S. 13.0
    OpenAL
    Picasa 2
    Picture Control Utility
    Platform
    ProductContext
    PSSWCORE
    QuickTime
    Revo Uninstaller 1.87
    Scan
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
    Shop for HP Supplies
    Skype Click to Call
    Skypeâ„¢ 6.1
    SmartWebPrinting
    SolutionCenter
    Spelling Dictionaries Support For Adobe Reader 9
    SRS Premium Sound
    Status
    Toolbox
    TrayApp
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 (KB974631)
    Update for Microsoft Office Word 2007 Help (KB963665)
    USB 2.0 1.3M UVC WebCam
    VIA Platform Device Manager
    VideoToolkit01
    ViewNX
    WebReg
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker Beta
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    WinFlash
    Wireless Console 3
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/17/2013 8:55:10 AM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.10. The computer with the IP address 192.168.1.2 did not allow the name to be claimed by this computer.
    11/17/2013 8:49:51 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    11/17/2013 8:48:44 AM, Error: Service Control Manager [7000] - The X5XSEx_Pr143 service failed to start due to the following error: The system cannot find the file specified.
    11/17/2013 8:24:08 AM, Error: Service Control Manager [7000] - The WajamUpdaterV3 service failed to start due to the following error: The system cannot find the file specified.
    11/17/2013 12:24:59 AM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
    11/17/2013 12:24:59 AM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
    11/16/2013 4:57:38 PM, Error: volmgr [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
    11/16/2013 4:56:09 PM, Error: Service Control Manager [7034] - The WajamUpdaterV3 service terminated unexpectedly. It has done this 1 time(s).
    11/16/2013 2:32:26 PM, Error: Service Control Manager [7034] - The ASLDR Service service terminated unexpectedly. It has done this 1 time(s).
    11/16/2013 11:56:53 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
    11/16/2013 1:56:38 PM, Error: Service Control Manager [7034] - The ADSM Service service terminated unexpectedly. It has done this 1 time(s).
    11/15/2013 2:36:35 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.10. The computer with the IP address 192.168.1.9 did not allow the name to be claimed by this computer.
    11/15/2013 12:57:50 PM, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).
    11/15/2013 12:52:51 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    11/15/2013 12:47:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments " " in order to run the server: {000C101C-0000-0000-C000-000000000046}
    11/15/2013 12:46:38 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    11/15/2013 12:46:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments " " in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    11/15/2013 12:46:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments " " in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    11/15/2013 12:45:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments " " in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    11/15/2013 12:45:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments " " in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    11/15/2013 12:45:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    11/15/2013 12:45:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments " " in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    11/15/2013 12:44:38 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_N360 DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSP SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf
    11/15/2013 12:44:38 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    11/15/2013 12:44:38 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    11/15/2013 12:44:38 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    11/15/2013 12:44:38 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    11/15/2013 12:44:38 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    11/15/2013 12:44:38 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    11/15/2013 12:44:37 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    11/15/2013 12:44:37 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    11/15/2013 12:44:37 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/15/2013 12:44:37 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    11/15/2013 11:27:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments " " in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    11/15/2013 11:27:49 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
    11/15/2013 11:27:49 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    11/15/2013 11:26:29 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000000000044, 0x0000000000000002, 0x0000000000000000, 0xfffff880046838c1). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111513-54054-01.
    11/15/2013 10:54:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
    11/15/2013 10:35:40 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    11/15/2013 10:28:40 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
    11/15/2013 10:28:40 AM, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    11/15/2013 1:40:20 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the DnsBasic Service service to connect.
    11/14/2013 4:05:58 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Home\Arlene Ruszala SID (S-1-5-21-4052997530-4231188459-3314463663-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    11/12/2013 10:12:21 PM, Error: Service Control Manager [7031] - The IBUpdaterService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    11/12/2013 10:12:05 PM, Error: Service Control Manager [7034] - The WajamUpdater service terminated unexpectedly. It has done this 1 time(s).
    11/12/2013 10:12:01 PM, Error: Service Control Manager [7034] - The BTHelper.exe service terminated unexpectedly. It has done this 1 time(s).
    .
    ==== End Of File ===========================


    Thank you. Jeanne
     
    larsonjean,
    #1
  2. 2013/11/17
    larsonjean

    larsonjean Well-Known Member Thread Starter

    Joined:
    2002/06/03
    Messages:
    766
    Likes Received:
    2
    Also I want to add that whatever it is, it took over the Internet Explorer. When I open the icon on the taskbar which should be the IE logo, this website comes up
    http://search.snapdo.com/?st=sc&q=

    I guess this could be part of the problem too. I couldn't earlier delete this snapdo.com in control panel because it is not there.

    Thanks for all the help.

    Jeanne
     
    larsonjean,
    #2


  3. to hide this advert.

  4. 2013/11/17
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =====================================

    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator ".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
    broni,
    #3
  5. 2013/11/17
    larsonjean

    larsonjean Well-Known Member Thread Starter

    Joined:
    2002/06/03
    Messages:
    766
    Likes Received:
    2
    Thanks again for your help.

    Here are the text files you told me to run:
    adwcleaner:
    # AdwCleaner v3.012 - Report created 17/11/2013 at 19:14:09
    # Updated 11/11/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Arlene Ruszala - HOME
    # Running from : C:\Users\Arlene Ruszala.Home\Desktop\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Searchprotect
    Folder Deleted : C:\ProgramData\apn
    Folder Deleted : C:\ProgramData\Ask
    Folder Deleted : C:\ProgramData\boost_interprocess
    Folder Deleted : C:\ProgramData\Conduit
    Folder Deleted : C:\ProgramData\Free Ride Games
    Folder Deleted : C:\ProgramData\quickclick
    Folder Deleted : C:\ProgramData\Tarma Installer
    Folder Deleted : C:\ProgramData\Trymedia
    Folder Deleted : C:\ProgramData\Alawar Entertainment
    Folder Deleted : C:\ProgramData\Alawar Stargaze
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot
    Folder Deleted : C:\Program Files (x86)\Free Ride Games
    Folder Deleted : C:\Program Files (x86)\Iminent
    Folder Deleted : C:\Program Files (x86)\Trusted Saver
    Folder Deleted : C:\Windows\System32\ljkb
    File Deleted : C:\Windows\Downloaded Program Files\popcaploader.inf
    File Deleted : C:\Windows\System32\dmwu.exe
    File Deleted : C:\Windows\System32\ImhxxpComm.dll
    File Deleted : C:\Windows\System32\Tasks\BrowserDefendert
    File Deleted : C:\Windows\System32\Tasks\Sing Along Update

    ***** [ Shortcuts ] *****

    Shortcut Disinfected : C:\Users\Arlene Ruszala.Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
    Shortcut Disinfected : C:\Users\Arlene Ruszala.Home\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk

    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Key Deleted : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget
    Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2
    Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
    Key Deleted : HKCU\Software\52ed8dbe534e812
    Key Deleted : HKLM\SOFTWARE\52ed8dbe534e812
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E8A1050-CF67-4575-92DF-DCC60E7D952D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7E8A1050-CF67-4575-92DF-DCC60E7D952D}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7E8A1050-CF67-4575-92DF-DCC60E7D952D}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\Iminent
    Key Deleted : HKCU\Software\smartbar
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
    Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
    Key Deleted : HKCU\Software\AppDataLow\Software\SweetPacks
    Key Deleted : HKLM\Software\DefaultTab
    Key Deleted : HKLM\Software\Iminent
    Key Deleted : HKLM\Software\InstallIQ
    Key Deleted : HKLM\Software\Supreme Savings
    Key Deleted : HKLM\Software\SweetPacks
    Key Deleted : HKLM\Software\Uniblue
    Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
    Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
    Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

    -\\ Google Chrome v31.0.1650.57

    *************************

    AdwCleaner[R0].txt - [20032 octets] - [17/11/2013 19:11:00]
    AdwCleaner[S0].txt - [19173 octets] - [17/11/2013 19:14:09]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19234 octets] ##########

    JRT.txt results:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.8 (11.05.2013:1)
    OS: Windows 7 Home Premium x64
    Ran by Arlene Ruszala on Sun 11/17/2013 at 19:18:48.78
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\solid savings
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211671166}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211671166}



    ~~~ Files

    Successfully deleted: [File] "C:\Windows\Tasks\driver robot.job "
    Successfully deleted: [File] "C:\Users\Arlene Ruszala.Home\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage "
    Successfully deleted: [File] "C:\Users\Arlene Ruszala.Home\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage-journal "
    Successfully deleted: [File] "C:\Users\Arlene Ruszala.Home\appdata\local\google\chrome\user data\default\local storage\http_www1.delta-search.com_0.localstorage "
    Successfully deleted: [File] "C:\Users\Arlene Ruszala.Home\appdata\local\google\chrome\user data\default\local storage\http_www1.delta-search.com_0.localstorage-journal "
    Successfully deleted: [File] "C:\Users\Arlene Ruszala.Home\appdata\locallow\SkwConfig.bin "



    ~~~ Folders

    Successfully deleted: [Folder] "C:\ProgramData\big fish "
    Successfully deleted: [Folder] "C:\ProgramData\big fish games "
    Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\AppData\Roaming\big fish "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\AppData\Roaming\big fish games "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\AppData\Roaming\conduit "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\AppData\Roaming\defaulttab "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\AppData\Roaming\iwin "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\AppData\Roaming\pc health kit "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\AppData\Roaming\strongvault "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\local\big fish "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\local\big fish games "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\local\defineext "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\local\discount buddy "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\local\supreme savings "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\local\swvupdater "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\locallow\conduit "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\locallow\delta "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\locallow\pricegong "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\locallow\sweetim "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\locallow\sweetpacks "
    Successfully deleted: [Folder] "C:\ai_recyclebin "
    Successfully deleted: [Folder] "C:\bigfishcache "
    Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin "
    Successfully deleted: [Folder] "C:\Users\Arlene Ruszala.Home\appdata\locallow\asktoolbar "



    ~~~ Chrome

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
    Successfully deleted: [Folder] C:\Users\Arlene Ruszala.Home\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 11/17/2013 at 19:31:29.08
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    PS I see I have the IE icon back in the taskbar. Thank you
     
    larsonjean,
    #4
  6. 2013/11/17
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    All cool now?
     
    broni,
    #5
  7. 2013/11/17
    larsonjean

    larsonjean Well-Known Member Thread Starter

    Joined:
    2002/06/03
    Messages:
    766
    Likes Received:
    2
    Do You think the computer is clean now???

    Thanks for your help.

    Jeanne
     
    larsonjean,
    #6
  8. 2013/11/17
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    If you see no further issues you should be good to go :)
     
    broni,
    #7
  9. 2013/11/18
    larsonjean

    larsonjean Well-Known Member Thread Starter

    Joined:
    2002/06/03
    Messages:
    766
    Likes Received:
    2
    OK, thanks for your help. I'll check it out and make sure there are no more issues.

    Thanks again for your help. I can't figure out how to close out this posting. I can't find it anywhere on the page.

    Jeanne
     
    larsonjean,
    #8
  10. 2013/11/18
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Only Broni can do that - specific to this forum.
     
    PeteC,
    #9
  11. 2013/11/18
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I'll mark this one as "Resolved ".

    Good luck and stay safe :)
     
    broni,
    #10

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...