Hi, My friend's PC was infected with some crypto malware. The anti-virus didn't catch it and her files were encrypted. I contacted the anti-virus company and they removed the malware but couldn't help with decrypting the files. I tried going to decryptcryptolocker.com to decrypt the files. Unfortunately, the malware is not CryptoLocker, so it didn't work. I tried to use ShadowExplorer (suggested by the anti-virus company) to look at the shadow copy files. Unfortunately, there were only 3 days of shadow copy files and all were encrypted. During the removal of the malware, the anti-virus company ran pc cleanups and deleted a lot of files. Could there have been more shadow copies that were deleted during cleanup? I do have a full disk backup of the harddrive before the malware cleanup and before the pc cleaner. Is there a way I can find the shadow copies on the disk backup? The malware "decryption instruction" goes to paytordmbdekmizq.bortor.com/1j7e2o5. Is there anyway I can decrypt the word, excel, and photo files? Thank you!

P.S. computer has Windows 7 Pro SP1

It has been two days or more since my last post. Do you still need help or more time?



Regards,

Richard

The Malwarebytes Anti-Malware report is not included. Any progress?

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: AMD A10-4600M APU with Radeon(tm) HD Graphics, AMD64 Family 21 Model 16 Stepping 1
Processor Count: 4
RAM: 7644 Mb
Graphics Card: AMD Radeon HD 7660G, 512 Mb
Hard Drives: C: Total - 926913 MB, Free - 870730 MB; D: Total - 25815 MB, Free - 3034 MB;
Motherboard: Hewlett-Packard, 182D
Antivirus: Windows Defender, Disabled

Hello, I am at my wits end here using my laptop. I can't go on websites anymore. I keep getting Whoops errors and I keep getting popups that say

"your Java Version is Outdated, Have Security Risks, Please update now. And also: the page at www.webstered.com says: Microsoft Detected Security Error due to suspicious Activity found on your computer. Contact Microsoft certified professionals live at 1-855-403-6030."

I don't understand this and I don't know if I should call or go to that website. I have not. I don't know if I should just find a new anti-virus/anti-malware software, to remove all the problems I have. I have several programs through Systweak which include: 1. Systweak Advanced System Protector
2. PC Cleaner
3. Redclean Pro

I run them daily and a lot of problems are found and quarenteened and deleted. I still cannot surf the web and it's worse in AOL software. I go on Chrome and can visit some websites, however, I still receive Whoops errors and I can't play any video, like news or anything for that matter. I am frustrated and unfortunately know nothing about PC's. Thank you for any help you may provide. :(
Tracie

Seems to be running somewhat better. I'm going to use it for awhile and see how it goes. I do have one additional question though....when I'm typing in an email or a response to you...my cursor jumps around and I end up typing in the middle of words, etc.....Any suggestions on how to trouble shoot that?


Thank you for your help!
Rosemary

I discovered that my IE and Opera is no longer able to run,

For IE I have tried to use the Internet Options> Advanced > Reset button, but it gave an error message. ( bad me, forgot what the error message was). But a day later, IE runs without any problems again.

For Opera, I resorted to uninstalling it, then going into the registry and removing all mentions of opera. Then re-installing. That worked.

My Firefox runs without problems.

I still think something is not right. For 2 browsers to fail together is not normal. And I wasn't even using the machine, not installing any programs.

ANYBODY got an answer to this?

Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.

Good afternoon,

recently i had to use the program malwarebytes, combifix, and frst. for a malware issue I had, it was during that time when my program windows start randomly minimizing and maximizing by them selves if it was already maximized it would go full screen if it was possible. The people at malwarebytes assure me it's not their product but I'm not so sure. I'm using an acer aspire 5732 Z, windows 7 service pack 1. i don't receive an error message though.

look forward to your assistance.

I inadvertently downloaded some ad. viruses and can't seem to get rid of them. the worst one is s.ptrk-wn.com. The one that seemed to kick it all of wascdncache-a.akamaihd.net/pd.html?r=322202.
Others update portal.net. udate-club .com. master-update.com.
One of these comes up whenever I look at a youtube clip and again when I alter the volume it comes up with a note asking me to accept the particular site to allow prog. to put files on my computer. I always deny request.
Another tries to get me to update Flash when I already have the latest edition.
I have run DDS and Combo fix and except for a couple of files being deleted these problems are still there.


I will attempt to upload the required files but being the wrong side of 70 and my son being abroad could be a struggle!!


I uploaded the files (4) came back error mailshield.der!!! Invalid file ????
Could not turn off malware bytes or System mechanic

Please advise if not correct Thanks.




Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 8
RAM: 16355 Mb
Graphics Card: NVIDIA GeForce GTX 675M, -2048 Mb
Hard Drives: C: Total - 691234 MB, Free - 490271 MB; D: Total - 715403 MB, Free - 688676 MB;
Motherboard: SAMSUNG ELECTRONICS CO., LTD., SAMSUNG_NP1234567890
Antivirus: avast! Antivirus, Updated and Enabled

Hi. My name is Brian, and I would be happy to look into your issue.

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.


- General Instructions -

• Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
• I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
• Any fixes provided by myself are for this log file only and should not be used on any other systems.
• Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
• It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
• You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
• Please feel free to ask any questions, especially if you are having problems with my instructions.

- Save ALL Tools to your Desktop-

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

- Finally Before We Start-

Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.



OK, let's get started. Please provide the logs below.

Step#1 - FRST Scan

1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.

Hello!

RAN AdwCleaner AND RECEIVED TWO REPORTS [RO] & [SO] .
SO is the most recent.

AdwCleaner[RO]

# AdwCleaner v4.101 - Report created 22/11/2014 at 20:35:19
# Updated 09/11/2014 by Xplode
# Database : 2014-11-22.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : honey60 - HONEY60-HP
# Running from : C:\Users\honey60\Desktop\adwcleaner_4.101.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\honey60\AppData\Local\Google\Chrome\User Data\Default\\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\honey60\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\honey60\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\honey60\AppData\Roaming\Mozilla\Firefox\Profiles\97escprx.default\ searchplugins\Groovorio.xml
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
Folder Found : C:\Program Files (x86)\ASP
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\iolo
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\Program Files\Reimage
Folder Found : C:\ProgramData\iolo
Folder Found : C:\ProgramData\pastaleads
Folder Found : C:\ProgramData\Reimage Protector
Folder Found : C:\ProgramData\Systweak
Folder Found : C:\SearchProtect
Folder Found : C:\Users\honey60\AppData\Local\Conduit
Folder Found : C:\Users\honey60\AppData\Local\SwvUpdater
Folder Found : C:\Users\honey60\AppData\LocalLow\Conduit
Folder Found : C:\Users\honey60\AppData\LocalLow\Datamngr
Folder Found : C:\Users\honey60\AppData\LocalLow\DataMngr
Folder Found : C:\Users\honey60\AppData\LocalLow\PriceGong
Folder Found : C:\Users\honey60\AppData\Roaming\iolo
Folder Found : C:\Users\honey60\AppData\Roaming\Mozilla\Firefox\Profiles\97escprx.default\ Extensions\{73843edf-1075-4a55-947c-e13e0dc9349e}
Folder Found : C:\Users\honey60\AppData\Roaming\SearchProtect
Folder Found : C:\Users\honey60\AppData\Roaming\Systweak
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\iolo

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\AppDataLow\Software\Smartbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\BetterSurf
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.FCTB000061107Pos
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.FCTB000061107Pos.1
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.JSOptionsImpl
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.JSOptionsImpl.1
Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2408}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : [x64] HKLM\SOFTWARE\DataMngr
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2408}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtection]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1.1 (x86 en-US)


-\\ Google Chrome v39.0.2171.65


*************************

AdwCleaner[R0].txt - [7998 octets] - [22/11/2014 20:35:19]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8058 octets] ##########
# AdwCleaner v4.101 - Report created 22/11/2014 at 20:35:19
# Updated 09/11/2014 by Xplode
# Database : 2014-11-22.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : honey60 - HONEY60-HP
# Running from : C:\Users\honey60\Desktop\adwcleaner_4.101.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\honey60\AppData\Local\Google\Chrome\User Data\Default\\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\honey60\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\honey60\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\honey60\AppData\Roaming\Mozilla\Firefox\Profiles\97escprx.default\ searchplugins\Groovorio.xml
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
Folder Found : C:\Program Files (x86)\ASP
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\iolo
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\Program Files\Reimage
Folder Found : C:\ProgramData\iolo
Folder Found : C:\ProgramData\pastaleads
Folder Found : C:\ProgramData\Reimage Protector
Folder Found : C:\ProgramData\Systweak
Folder Found : C:\SearchProtect
Folder Found : C:\Users\honey60\AppData\Local\Conduit
Folder Found : C:\Users\honey60\AppData\Local\SwvUpdater
Folder Found : C:\Users\honey60\AppData\LocalLow\Conduit
Folder Found : C:\Users\honey60\AppData\LocalLow\Datamngr
Folder Found : C:\Users\honey60\AppData\LocalLow\DataMngr
Folder Found : C:\Users\honey60\AppData\LocalLow\PriceGong
Folder Found : C:\Users\honey60\AppData\Roaming\iolo
Folder Found : C:\Users\honey60\AppData\Roaming\Mozilla\Firefox\Profiles\97escprx.default\ Extensions\{73843edf-1075-4a55-947c-e13e0dc9349e}
Folder Found : C:\Users\honey60\AppData\Roaming\SearchProtect
Folder Found : C:\Users\honey60\AppData\Roaming\Systweak
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\iolo

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\AppDataLow\Software\Smartbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\BetterSurf
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.FCTB000061107Pos
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.FCTB000061107Pos.1
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.JSOptionsImpl
Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.JSOptionsImpl.1
Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2408}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : [x64] HKLM\SOFTWARE\DataMngr
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2408}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtection]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1.1 (x86 en-US)


-\\ Google Chrome v39.0.2171.65


*************************

AdwCleaner[R0].txt - [7998 octets] - [22/11/2014 20:35:19]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8058 octets] ##########


AdwCleaner[SO]

# AdwCleaner v4.101 - Report created 22/11/2014 at 20:37:36
# Updated 09/11/2014 by Xplode
# Database : 2014-11-22.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : honey60 - HONEY60-HP
# Running from : C:\Users\honey60\Desktop\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\pastaleads
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Reimage Protector
Folder Deleted : C:\ProgramData\iolo
Folder Deleted : C:\Program Files (x86)\ASP
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\iolo
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\iolo
Folder Deleted : C:\Program Files\Reimage
Folder Deleted : C:\Users\honey60\AppData\Local\Conduit
Folder Deleted : C:\Users\honey60\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\honey60\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\honey60\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\honey60\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\honey60\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\honey60\AppData\Roaming\Systweak
Folder Deleted : C:\Users\honey60\AppData\Roaming\iolo
Folder Deleted : C:\Users\honey60\AppData\Roaming\Mozilla\Firefox\Profiles\97escprx.default\ Extensions\{73843edf-1075-4a55-947c-e13e0dc9349e}
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\honey60\AppData\Roaming\Mozilla\Firefox\Profiles\97escprx.default\ searchplugins\Groovorio.xml
File Deleted : C:\Users\honey60\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\honey60\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtection]
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.FCTB000061107Pos
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.FCTB000061107Pos.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
[#] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2408}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2408}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\BetterSurf
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1.1 (x86 en-US)


-\\ Google Chrome v39.0.2171.65


*************************

AdwCleaner[R0].txt - [8230 octets] - [22/11/2014 20:35:19]
AdwCleaner[S0].txt - [7764 octets] - [22/11/2014 20:37:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7824 octets] ##########


RESULTS OF "MiniToolbox was:

MiniToolBox by Farbar Version: 21-07-2014
Ran by honey60 (administrator) on 22-11-2014 at 20:44:47
Running from "C:\Users\honey60\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************


=========================== Installed Programs ============================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Ad-Aware Browsing Protection (HKLM-x32\...\Ad-Aware Browsing Protection) (Version: 1.0.1.94 - )
Ad-Aware Web Companion (x32 Version: 1.0.757.1446 - Lavasoft) Hidden
AddThis Toolbar (HKLM-x32\...\AddThis Toolbar) (Version: 1.514 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD 0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AT&T Communication Manager (HKLM-x32\...\{39A13F18-2AA2-4AB2-B7E3-5D356BCD48F7}) (Version: 9.2.444.7 - AT&T)
ATI Catalyst Install Manager (HKLM\...\{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{504CC891-B140-4E1B-860B-5E4C1DFBA9E3}) (Version: 2.0.5350 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0511.2153.37435 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help English (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help French (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help German (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
ccc-utility64 (Version: 2010.0511.2153.37435 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.3210 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E48DACEA-5789-4CC5-8584-2E268C560131}) (Version: - Microsoft)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Family Tree Maker 2011 (HKLM-x32\...\Family Tree Maker 2011) (Version: 20.0.368 - Ancestry.com)
Family Tree Maker 2011 (x32 Version: 20.0.368 - Ancestry.com) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.2.802 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Game Console (x32 Version: - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.2.4725 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.2.4517 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.2.4513 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.2.4522 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP MovieStore (x32 Version: 1.0.027 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LavasoftTcpService (x32 Version: 2.2.9.5 - Lavasoft) Hidden
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{6D10FB2C-82A9-40F2-91D0-7BE64CF0DAF2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Neat (HKLM-x32\...\Neat) (Version: 5.1.29.304 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.2 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (x32 Version: 5.1.29.304 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975E}) (Version: 5.10.1102.0 - NewspaperDirect Inc.)
Quicken WillMaker Plus 2011 (HKLM-x32\...\Quicken WillMaker Plus 2011) (Version: - Nolo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow)
Sage ACT! Pro 2011 (HKLM-x32\...\InstallShield_{569E52E4-5043-4F93-AE2B-6D8E489D4AAB}) (Version: 13.0.0.0 - Sage, Inc.)
Sage ACT! Pro 2011 (x32 Version: 13.0.0.0 - Sage, Inc.) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
System Checkup 3.5 (HKLM-x32\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.5.0.23 - iolo technologies, LLC)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2889935) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{153CD843-3EDC-412C-95B1-F36237DF8415}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A4F91D60-654C-4892-BFD3-0D41ADA649B6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{0B7744D2-1FDD-4843-9987-7CE11B79F370}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{C1954E2B-1672-4E5C-B564-F8CB2D08345B}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2878251) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{521F54B6-E2E5-462D-946E-8161830DDF18}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Web Companion (HKLM-x32\...\{DE20CE03-D4C1-4C3F-ACEB-86F731E1A358}_WebCompanion) (Version: 1.0.757.1446 - Lavasoft)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
Workspace Desktop (HKCU\...\workspacedesktop) (Version: - Starfield Technologies)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 3839.29 MB
Available physical RAM: 2307.13 MB
Total Pagefile: 7676.75 MB
Available Pagefile: 5847.83 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.98 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:918.5 GB) (Free:843 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:12.92 GB) (Free:1.59 GB) NTFS

========================= Users: ========================================

User accounts for \\HONEY60-HP

Administrator Guest honey60


**** End of log ****

Thank you in advance,

JJ

Hi, Recently got whacked with a massive onslaught of software trouble (Windows 7 Home Premium) and have not been going to porn sites. Had a bad habit of going to sleep leaving the PC on, with the Modem switched on, and the USB external Hard-Drive hooked up as well; this post is about the latter as it started to exponentially get "taken over" by something that was with incredible speed gobbling up it's 500 Gigabytes of capacity and annihilating nearly all of the files on it in the process. How can things like this be defended against? Not being a Geek, the way i deal with virus/malware "implants" into Windows 7 itself is to reinstall the OS which is a long and laborious process, but this attack on the external drive wiped out practically all of my backups, and even though the system is going reasonably okay now (with the usual Windows Explorer crashes happening all the time) please is there someone out there who can point to a way of how to protect the external HDD from another attack (have reformatted it and am now keeping most files back on it; now always make a point of switching off the Modem before using the USB external drive for anything. Thank you.

Hi

My laptop takes a good 10 mins or so to run properly after a reboot, i.e. it runs slow for 10 mins as if numerous programmes are starting up in the background, web pages sometimes fail to load at all, any help would me much appreciated.

Thanks in advance

Martyn

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, 64 bit
Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz, Intel64 Family 6 Model 37 Stepping 2
Processor Count: 4
RAM: 2806 Mb
Graphics Card: Intel(R) HD Graphics, 1275 Mb
Hard Drives: C: Total - 290803 MB, Free - 198941 MB;
Motherboard: Packard Bell, EasyNote TM89
Antivirus: AVG AntiVirus Free Edition 2015, Updated and Enabled

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:02:07, on 23/11/2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe
C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
c:\OEM\preload\utility\SetEvent.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Real\RealPlayer\update\RealOneMessageCenter.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe
C:\Users\Martyn & Linda\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
C:\Users\Martyn & Linda\AppData\Roaming\Juniper Networks\Host Checker\dsHostChecker.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Martyn & Linda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V8SYTCCI\SysInfo.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=OIE9HP
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr....4z1k5f4692a279
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr....4z1k5f4692a279
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: SFVBho - {00AF1458-D967-4C0E-B736-D6D010521EF5} - (no file)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0814tb] "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe" /PROMPT /CMPID=0814tb
O4 - HKCU\..\Run: [Cache Cleaner] "C:\Users\Martyn & Linda\AppData\Roaming\Juniper Networks\Host Checker\dsCCProc.exe" -action delete
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O4 - Global Startup: Heimdal.lnk = C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Martyn & Linda\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Users\Martyn & Linda\Desktop\PartyGammon.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Users\Martyn & Linda\Desktop\PartyGammon.lnk (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/res.../wlscctrl2.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://connect.nestle.biz/dana-cach...etupClient.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC0451CE-B04B-4453-A963-6B6376156A27}: NameServer = 127.0.0.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Heimdal Service (HeimdalService) - CSIS Security Group - C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13827 bytes

If you could give me the exact wording or a screenshot of what you're seeing that would be helpful.

Please download DDS by sUBs to your desktop from the following location:

http://download.bleepingcomputer.com/sUBs/dds.scr

Double-click the dds.scr file to run the program.

It will automatically run in silent mode and then you will see the following note:

"Two logs shall be created on your Desktop".

The logs will be named dds.txt and attach.txt.

Wait until the logs appear and then copy and paste their contents in your post.

I have apparently downloaded Vosteran .com, described as NOT a virus, but I cannot delete or remove it. It has taken over my Google Chrome search and MSN search functions .... can someone please advise how to clean Vosteran fro my system .... Windows 7.

Thank you


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 3034 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1293 Mb
Hard Drives: C: Total - 290143 MB, Free - 237824 MB;
Motherboard: Dell Inc., 0N7J7M
Antivirus: Microsoft Security Essentials, Updated and Enabled

My Laptop which is on the Windows 8 platform received a virus. I changed this to safe mode to try to remove the virus, but it is now continuously re-boots. I cannot get to a main page. It try's to boot up but then stops and try's to re-boot again. I put in my Gateway Recovery Drive to restore to the factory settings but it does nothing. Help!!!


Thanks,

i have moved to malware forum
It may take 48 hours to get a reply , as its a very busy forum

Hi Team,

This is a wonderful website that has helped me in the past. I ran an ESET scan and got the following:

C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\ User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome \User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Jonny\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Jonny\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Jonny\AppData\Local\torch\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Jonny\AppData\Local\torch\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
C:\Program Files (x86)\Free mp3 Wma Converter\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
C:\Program Files (x86)\Free mp3 Wma Converter\Uninstall.exe a variant of Win32/KoyoteLab.A potentially unwanted application
C:\Users\Jonny\Downloads\Evernote_5.7.2.5753_inst.exe a variant of Win32/InstallCore.QW potentially unwanted application
C:\Users\Jonny\Downloads\uTorrent_inst.exe a variant of Win32/InstallCore.QW potentially unwanted application
C:\Users\Jonny\Downloads\WinThruster_2014.exe a variant of Win32/Systweak potentially unwanted application
G:\ORRG-PC\Backup Set 2013-08-30 214815\Backup Files 2013-08-30 214815\Backup files 11.zip a variant of Win32/Toolbar.Conduit.AI potentially unwanted application
G:\ORRG-PC\Backup Set 2013-08-30 214815\Backup Files 2013-08-30 214815\Backup files 7.zip MSIL/AdvancedSystemProtector.D potentially unwanted application
G:\ORRG-PC\Backup Set 2013-09-29 190000\Backup Files 2013-09-29 190000\Backup files 11.zip a variant of Win32/Toolbar.Widgi.B potentially unwanted application
G:\ORRG-PC\Backup Set 2013-09-29 190000\Backup Files 2013-09-29 190000\Backup files 7.zip MSIL/AdvancedSystemProtector.D potentially unwanted application
G:\ORRG-PC\Backup Set 2013-09-29 190000\Backup Files 2014-02-16 190000\Backup files 7.zip a variant of Win32/KoyoteLab.A potentially unwanted application
G:\ORRG-PC\Backup Set 2013-09-29 190000\Backup Files 2014-02-16 190000\Backup files 8.zip a variant of Win32/Verti.A potentially unwanted application
G:\ORRG-PC\Backup Set 2013-09-29 190000\Backup Files 2014-04-24 103700\Backup files 7.zip a variant of Win32/iLivid.A potentially unwanted application
G:\ORRG-PC\Backup Set 2014-11-23 190001\Backup Files 2014-11-23 190001\Backup files 12.zip a variant of Win32/InstallCore.QW potentially unwanted application
G:\ORRG-PC\Backup Set 2014-11-23 190001\Backup Files 2014-11-23 190001\Backup files 13.zip a variant of Win32/InstallCore.QW potentially unwanted application
G:\ORRG-PC\Backup Set 2014-11-23 190001\Backup Files 2014-11-23 190001\Backup files 3.zip JS/Chromex.Agent.L trojan
G:\ORRG-PC\Backup Set 2014-11-23 190001\Backup Files 2014-11-23 190001\Backup files 4.zip JS/Chromex.Agent.L trojan
G:\ORRG-PC\Backup Set 2014-11-23 190001\Backup Files 2014-11-23 190001\Backup files 5.zip JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Administrator\AppData\Local\torch\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Administrator\AppData\Local\torch\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Guest\AppData\Local\torch\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Guest\AppData\Local\torch\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Jonny\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Jonny\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Jonny\AppData\Local\torch\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\AdwCleaner\Quarantine\C\User s\Jonny\AppData\Local\torch\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Ad ministrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Ad ministrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Ad ministrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Ad ministrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Ad ministrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Gu est\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Gu est\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Gu est\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Gu est\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Gu est\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Ho meGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Ho meGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Ho meGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Ho meGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Ho meGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Jo nny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Jo nny\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Jo nny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Jo nny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ibmfkmonhmokfakpmkmbbnhffcolhhcn\2.0\content.js.vir JS/Chromex.Agent.L trojan
G:\WD SmartWare.swstor\ORRG-PC\Volume.0b0a849f.d519.11e0.839c.806e6f6e6963\Qoobox\Quarantine\C\Users\Jo nny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nhahncknpppipmgjchbbhehkfglelepf\118\content.js.vir JS/Chromex.Agent.L trojan

HighJackThis Log:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:53:09 PM, on 24-Nov-14
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)

FIREFOX: 33.1.1 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Users\Jonny\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\RescueTime\RescueTime.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Users\Jonny\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
E:\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\Jonny\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCef RenderProcess.exe
C:\Program Files (x86)\Logitech\LWS\LU\LULnchr.exe
C:\Program Files (x86)\Logitech\LWS\LU\LogitechUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\iTunes\iTunes.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
C:\Users\Jonny\Downloads\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {41564952-412D-5637-4300-7A786E7484D7} - (no file)
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "E:\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jonny\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [F.lux] "C:\Users\Jonny\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - Startup: Dropbox.lnk = Jonny\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: Z Cinema.lnk = ?
O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe
O4 - Global Startup: RescueTime.lnk = C:\Program Files (x86)\RescueTime\RescueTime.exe
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15388 bytes

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 8
RAM: 8175 Mb
Graphics Card: NVIDIA GeForce GTX 560, 1024 Mb
Hard Drives: C: Total - 253868 MB, Free - 107074 MB; E: Total - 699996 MB, Free - 450163 MB; F: Total - 1907726 MB, Free - 1692810 MB; G: Total - 2861554 MB, Free - 2414119 MB; H: Total - 1907625 MB, Free - 341233 MB;
Motherboard: Gigabyte Technology Co., Ltd., P67X-UD3-B3
Antivirus: Microsoft Security Essentials, Updated and Enabled

Your help would be greatly appreciated!

Cheers, Pongy.

I am getting an annoying pop up from Adobe System's to run a program. How can I stop this, my laptop is also running slowly now .... I inadvertently downloaded Vosteran program yesterday ... I thought that I had deleted it ... apparently something is left over. Clicking on the MSN or Google Chrome icon causes the pop up to begin, also response time is very slow now.
Thank you.


Jim.