Has that solved it or are you still having problems

Hello Dennis,

Thank you for the update, I realize your frustion levels must be sky high with BD, a real and proper PITA. I did believe we could remove the files with FRST, but did ask for a registry back up first incase we had to revert back.

The decision is obviously yours, as you say the BD entries are dormant it should not have any affect on your system. Experience does suggest there may still be active drivers related to BD running, that is why removal tools are produced for many security systems, the normal uninstall route does not always achieve a clean removal....

As long as you are happy and content with the outcome, i`m the same. We do not want to interfere and possibly trash your system because of the pitfalls of BitDefender.

Like you I do hope that an eventual fix will be created by the BD developers, until then I guess we have to live with the outcome we choose...

It was a pleasure to work with you, take care and surf safe,

Kevin....:up:

i keep getting a notice to update internet explorer from 'open software updater' ? I ran malware-bytes, hitman pro, no 'open...' in list to uninstall in control panel list, I searched for 'open software updater', no luck ? thanks

Good Morning
I had a folder with sensitive data on the c drive which I hid using a prog called Free Hide Folder. Then I had a major crash and had to restore to factory settings. When I did this the hidden folder was gone. Luckily I had some of the important files still on a thumb drive. When I tried to create another folder with the same name it said that folder already exists, would I like to merge the new folder to the old one. When I said yes, the new folder vanished. The old folder is still there but i cant see or access it. There are some important files in the old folder i would like to retrieve. How ca I access it?
Thank You

Hello,
I have a windows 8 laptop with a touchpad mouse and i just got the computer restored because of virus related problems in the past and today was the first day i used it sence then. the mouse is randomly moving and clicking and it right clicks things and presses inspect element and just random stuff and when i move it its kind of distorted as if im pulling it from something and its hard to use. is this a virus or a different related problem or is there anyway to fix it?
Thank you :D

not sure if this a threat or not. every time I put my laptop on a message comes up saying that I cant install this programme
C:\ProgramFiles(x86)\FindMeFreebies_9e|bar\2.bin\HPG64.DLL


it stops me from copying and pasting anything?
it also stops a java update from installing?


don't know if its connected but having problems with my e-mails syncing now as well

Thanks for the prompt reply! I won't hold you to any deadlines I promise :)

Here are the scan results from Security Check:

Results of screen317's Security Check version 0.99.91
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
WinPatrol
Spybot - Search & Destroy
Java 8 Update 25
Java version 32-bit out of Date!
Adobe Flash Player 15.0.0.189
Adobe Reader 10.1.9 Adobe Reader out of Date!
Mozilla Firefox (33.1.1)
Google Chrome (39.0.2171.65)
Google Chrome (39.0.2171.71)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
WinPatrol winpatrol.exe
Spybot Teatimer.exe is disabled!
BillP Studios WinPatrol WinPatrol.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````



Here are the FRST results:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by owner (administrator) on OWNER-PC on 29-11-2014 21:49:58
Running from C:\Users\owner\Desktop
Loaded Profile: owner (Available profiles: owner)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\ssonsvr.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
() C:\Program Files\Lexmark 2500 Series\lxddmon.exe
() C:\Program Files\Lexmark 2500 Series\lxddamon.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPStart.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\sprtcmd.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Lexmark International, Inc.) C:\Windows\System32\spool\drivers\w32x86\3\lxddserv.exe
( ) C:\Windows\System32\lxddcoms.exe
() C:\TOSHIBA\IVP\ISM\pinger.exe
(SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\sprtsvc.exe
(SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\tgsrvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\pnamain.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-11-2014 01
Ran by owner at 2014-11-29 21:51:15
Running from C:\Users\owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1990.41618 - ABBYY Software House)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Big Fish Games: Game Manager (HKLM\...\BFGC) (Version: 2.0.0.28 - )
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v5.10.14(T) - )
Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.)
Canon Digital Camera Solution Disk 40-46 Software Starter Guide (HKLM\...\SoftwareStarterGuide-DCSD40_46) (Version: 1.1.0.1 - Canon Inc.)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.7.0.4 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.0.0.20 - Canon Inc.)
Canon MP Navigator EX 4.1 (HKLM\...\MP Navigator EX 4.1) (Version: - )
Canon MX420 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX420_series) (Version: - )
Canon MX420 series User Registration (HKLM\...\Canon MX420 series User Registration) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Personal Printing Guide (HKLM\...\Personal Printing Guide) (Version: 1.0.0.1 - Canon Inc.)
Canon PowerShot A1100 IS Camera User Guide (HKLM\...\CameraUserGuide-PSA1100IS) (Version: 1.0.0.1 - Canon Inc.)
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - )
Canon Speed Dial Utility (HKLM\...\Speed Dial Utility) (Version: - )
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.2.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC (HKLM\...\CameraWindowDC) (Version: 7.4.0.9 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.5.0.3 - Canon Inc.)
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.2.0.4 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM\...\MyCameraDC) (Version: 7.2.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.3.0.7 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.0.9 - Canon Inc.)
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.01.03 - TOSHIBA)
Citrix Receiver (Enterprise) (HKLM\...\CitrixOnlinePluginFull) (Version: 13.4.201.3 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cyberduck 4.0.2 (8601) (HKLM\...\Cyberduck) (Version: 4.0.2 (8601) - )
DVD MovieFactory for TOSHIBA (HKLM\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.3 - Ulead Systems, Inc.)
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{D17111CB-C992-42A9-9D56-C19395102AAA}) (Version: 2.4.2 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
IHA_MessageCenter (HKLM\...\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Juniper Networks Secure Application Manager (HKLM\...\Neoteris_Secure_Application_Manager) (Version: 7.4.0.30611 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-1714088805-4286387499-517085011-1000\...\Juniper_Setup_Client) (Version: 7.4.9.44981 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Lexmark 2500 Series (HKLM\...\Lexmark 2500 Series) (Version: - Lexmark International, Inc.)
Lexmark Fax Solutions (HKLM\...\Lexmark Fax Solutions) (Version: - )
LiveUpdate (Symantec Corporation) (HKLM\...\PsuedoLiveUpdate) (Version: 3.4.0.162 - Symantec)
LiveUpdate (Symantec Corporation) (Version: 3.4.0.162 - Symantec) Hidden
Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 10.0.4.3 - Marvell)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MPM (HKLM\...\{8F968232-15C6-4872-84C2-9FCDAA1AEAB6}) (Version: 1.00.0000 - Hewlett-Packard)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Napster (HKLM\...\{BBBCAE4B-B416-4182-A6F2-438180894A81}) (Version: 3.8.1.4 - Napster)
Napster Burn Engine (Version: 3.5.0000 - Roxio) Hidden
Online Plug-in (Version: 13.4.201.3 - Citrix Systems, Inc.) Hidden
Pac-Man (HKLM\...\BFG-Pac-Man) (Version: - )
Picasa 2 (HKLM\...\Picasa2) (Version: 2.0 - Google, Inc.)
Pretty Good MahJongg version 2.32 (HKLM\...\Pretty Good MahJongg 2_is1) (Version: 2.32 - Goodsol Development Inc.)
Pretty Good Solitaire version 12.0.1 (HKLM\...\Pretty Good Solitaire_is1) (Version: 12.0.1 - Goodsol Development Inc.)
QuickBooks Financial Center (HKLM\...\{890EF3F8-742F-46BD-9E8E-084B3A1F4364}) (Version: 1.00.0000 - Intuit Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5406 - Realtek Semiconductor Corp.)
REALTEK RTL8187B Wireless LAN Driver (HKLM\...\{7095FD27-37F0-4750-9DE8-D37DC0043706}) (Version: Package:1.00.0008 Driver:6.1089.601.2007 - REALTEK Semiconductor Corp.)
RTC Client API v1.2 (HKLM\...\{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)
Search App by Ask (HKLM\...\{4F524A2D-5350-4500-76A7-A758B70C1101}) (Version: 12.17.1.65 - APN, LLC) <==== ATTENTION
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SymNet (Version: 8.0.3.4 - Symantec Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}) (Version: 2.00.0001 - Texas Instruments Inc.)
TIPCI (Version: 2.00.0001 - Texas Instruments Inc.) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.05 - TOSHIBA)
TOSHIBA ConfigFree (HKLM\...\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}) (Version: 7.00.33 - TOSHIBA)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.0.8 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.10.13 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Games (HKLM\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.43 - WildTangent)
TOSHIBA Hardware Setup (HKLM\...\{BFC85CDC-BD7C-4FDD-9507-8D74B5A79404}) (Version: 2.00.03 - )
Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.1 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.77 (SM2177ALD04) - Agere Systems)
TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.3 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM\...\{2BDF38E0-1A7F-4220-B4B7-118DD45E5E13}) (Version: 2.00.02 - )
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.0.28 - TOSHIBA Corporation)
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Verizon Download Manager (HKLM\...\{8C0B406B-DF08-49EF-8702-FA45752C135F}) (Version: 9 - SupportSoft)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version: - )
Vz In Home Agent (HKLM\...\{7BDD6642-76D6-49F7-9157-6100E5C75B97}) (Version: 7.07.02 - Verizon)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.67.0 - Verizon)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
WinPatrol (HKLM\...\{A62F9CD0-B2E0-4F2A-88F2-79254A3C8539}) (Version: 26.0.2013.0 - BillP Studios)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1714088805-4286387499-517085011-1000_Classes\CLSID\{1853e19a-4e54-4190-8deb-2e1cc947cd60}\InprocServer32 -> C:\Program Files\AOL 9.5\axtrack.dll No File
CustomCLSID: HKU\S-1-5-21-1714088805-4286387499-517085011-1000_Classes\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 -> C:\Program Files\AOL 9.5\axtrack.dll No File
CustomCLSID: HKU\S-1-5-21-1714088805-4286387499-517085011-1000_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\hpcdmc32.dll No File
CustomCLSID: HKU\S-1-5-21-1714088805-4286387499-517085011-1000_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\hpcdmc32.dll No File
CustomCLSID: HKU\S-1-5-21-1714088805-4286387499-517085011-1000_Classes\CLSID\{B9F3009B-976B-41C4-A992-229DCCF3367C}\InprocServer32 -> C:\Program Files\AOL 9.5\axtrack.dll No File

==================== Restore Points =========================

07-11-2014 19:27:34 Windows Update
09-11-2014 16:01:20 Scheduled Checkpoint
12-11-2014 01:48:27 Windows Update
12-11-2014 15:00:39 Scheduled Checkpoint
13-11-2014 16:40:23 Scheduled Checkpoint
15-11-2014 17:26:42 Scheduled Checkpoint
16-11-2014 03:51:13 Windows Update
19-11-2014 15:04:54 Windows Update
21-11-2014 22:05:44 Scheduled Checkpoint
22-11-2014 17:59:47 Scheduled Checkpoint
23-11-2014 02:15:13 Windows Update
23-11-2014 19:39:15 Scheduled Checkpoint
25-11-2014 22:46:59 Scheduled Checkpoint
26-11-2014 20:28:02 Scheduled Checkpoint
27-11-2014 02:23:08 Windows Update
28-11-2014 02:46:54 Scheduled Checkpoint
28-11-2014 18:47:20 Removed Java 7 Update 67
28-11-2014 19:16:37 Windows Update
28-11-2014 20:47:00 Windows Update
28-11-2014 22:00:15 Windows Update
29-11-2014 22:14:45 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2012-12-26 20:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {C8E6A65C-962B-4DCC-A805-CBBA7D7D1049} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {EE5FFC93-DFD3-4163-8DD5-8EBF13DF845D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-01-08 17:58 - 2007-02-21 18:11 - 00045056 _____ () C:\Windows\System32\LXF3PMON.DLL
2008-01-08 17:58 - 2006-11-07 05:02 - 00036864 _____ () C:\Windows\System32\LXF3OEM.DLL
2008-01-08 17:57 - 2007-02-21 18:08 - 00032768 _____ () C:\Program Files\Lexmark Fax Solutions\ipcmt.dll
2008-01-08 17:58 - 2007-02-21 18:14 - 00012288 _____ () C:\Windows\System32\LXF3PMRC.DLL
2008-01-08 18:07 - 2007-02-26 23:16 - 00103936 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\lxdddrpp.dll
2014-11-29 15:57 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-11-29 15:57 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2007-09-13 18:11 - 2007-09-13 18:11 - 00249856 _____ () C:\Windows\system32\igfxTMM.dll
2006-11-09 21:27 - 2006-11-09 21:27 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2007-11-06 17:40 - 2006-10-10 14:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2006-11-08 21:08 - 2006-11-08 21:08 - 00009216 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-10-07 14:57 - 2006-10-07 14:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2008-01-08 17:44 - 2007-06-11 14:27 - 00291760 _____ () C:\Program Files\Lexmark 2500 Series\lxddmon.exe
2008-01-08 17:44 - 2007-01-09 11:10 - 00278528 _____ () C:\Program Files\Lexmark 2500 Series\lxddscw.dll
2008-01-08 17:57 - 2007-03-06 02:16 - 00589824 _____ () C:\Program Files\Lexmark 2500 Series\lxdddatr.dll
2008-01-08 17:48 - 2007-04-30 03:19 - 00020480 _____ () C:\Program Files\Lexmark 2500 Series\lxddamon.exe
2008-01-08 17:48 - 2007-05-30 00:12 - 00040960 _____ () C:\Program Files\Lexmark 2500 Series\App4R.Monitor.Core.dll
2008-01-08 17:48 - 2007-05-30 00:12 - 00028672 _____ () C:\Program Files\Lexmark 2500 Series\App4R.Monitor.Common.dll
2008-01-08 17:45 - 2007-05-30 00:11 - 00057344 _____ () C:\Program Files\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.dll
2008-01-08 17:45 - 2007-04-30 03:19 - 00020480 _____ () C:\Program Files\Lexmark 2500 Series\App4R.DevMons.NetworkCardDevMon.dll
2008-01-08 17:45 - 2007-04-30 03:19 - 00020480 _____ () C:\Program Files\Lexmark 2500 Series\App4R.DevMons.ScanDevMon.dll
2008-01-08 17:44 - 2007-04-30 03:20 - 00011776 _____ () C:\Program Files\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll
2008-01-08 17:44 - 2007-01-23 13:40 - 00065536 _____ () C:\Program Files\Lexmark 2500 Series\lxddcaps.dll
2012-12-27 19:34 - 2012-12-09 20:46 - 00600868 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
2007-11-11 10:18 - 2007-01-25 21:47 - 00136816 _____ () C:\TOSHIBA\IVP\ISM\pinger.exe
2014-11-29 15:57 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-11-29 15:57 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-11-29 15:57 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-04-09 05:20 - 2014-04-09 05:20 - 00081920 _____ () C:\Program Files\Juniper Networks\Secure Application Manager\dsSamResource_EN.dll
2014-04-09 05:20 - 2014-04-09 05:20 - 00065536 _____ () C:\Program Files\Juniper Networks\Secure Application Manager\samdiagEx.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:15E76ABF

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: 1145860967 => C:\Program Files\Toshiba Registration\Registration.exe /r "C:\Program Files\Toshiba Registration\Registration.rpd"
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPStart => C:\Program Files\Synaptics\SynTP\SynTPStart.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WindowsWelcomeCenter => rundll32.exe oobefldr.dll,ShowWelcomeCenter

========================= Accounts: ==========================

Administrator (S-1-5-21-1714088805-4286387499-517085011-500 - Administrator - Disabled)
Guest (S-1-5-21-1714088805-4286387499-517085011-501 - Limited - Disabled)
owner (S-1-5-21-1714088805-4286387499-517085011-1000 - Administrator - Enabled) => C:\Users\owner

==================== Faulty Device Manager Devices =============

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (11/29/2014 08:10:42 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Search App by Ask -- Error 1606. Could not access network location %APPDATA%\.

Error: (11/29/2014 08:10:42 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Search App by Ask -- Error 1606. Could not access network location %APPDATA%\.

Error: (11/29/2014 07:11:49 PM) (Source: Automatic LiveUpdate Scheduler) (EventID: 101) (User: NT AUTHORITY)
Description: Information Level: error

Initialization of the COM subsystem failed. Error code: 0x80004005.

Error: (11/29/2014 06:56:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 73882

Error: (11/29/2014 06:56:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 73882

Error: (11/29/2014 06:56:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2014 06:56:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 72853

Error: (11/29/2014 06:56:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 72853

Error: (11/29/2014 06:56:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2014 06:56:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 71839


System errors:
=============
Error: (11/29/2014 03:06:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (11/28/2014 05:26:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (11/28/2014 05:21:03 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}

Error: (11/28/2014 05:21:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (11/28/2014 05:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (11/28/2014 05:14:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (11/28/2014 05:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (11/28/2014 05:14:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (11/28/2014 05:13:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (11/28/2014 05:13:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search


Microsoft Office Sessions:
=========================
Error: (04/14/2014 00:54:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4851 seconds with 600 seconds of active time. This session ended with a crash.

Error: (03/19/2013 10:23:33 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1349 seconds with 1320 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2014-02-17 10:57:05.266
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-17 10:57:04.477
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-17 10:57:03.675
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-17 10:57:02.891
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-17 10:56:47.133
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-17 10:56:46.418
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-17 10:56:45.703
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-17 10:56:44.986
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-17 10:56:44.163
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-17 10:56:43.446
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz
Percentage of memory in use: 65%
Total physical RAM: 2037.69 MB
Available physical RAM: 693.46 MB
Total Pagefile: 4318.65 MB
Available Pagefile: 2384.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.51 MB

==================== Drives ================================

Drive c: (SQ004585V03) (Fixed) (Total:147.58 GB) (Free:89.39 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 32FC1A2F)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=147.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

I have a HP Pavilion p7-1215 and recently I have not been able to download from cnet.com and get this message

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, [no address given] and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

This just started happening. I ran the anti Malware program and found 4 trojans and cleaned them up but still have the same issue.


also I have a reboot issue as well I get this error message.

svchost.exe - No Disk

There is no disk in the drive. Please insert a disk into drive\Device\Harddisk1\DR1

I have recently reformatted my computer using the disk that HP restore disk program and it did great but I am getting this crap now. I have to cancel this error about 11 or 12 times before it disappears. Can someone please help me and remember I am 55 years old and old school so please explain clearly lol thank you

Suddenly my Laptop got infected with this: [SIZE="3"]mophssjaeroscorrhodu\mophssjaeroscorrhoduhelper.exe[/SIZE] I'd tried to remove it by SCANNING with AVG and CCLEANER and nothing. My Laptop is a HP ELITEBOOK 8440P and Running WIN 7 ULTIMATE. Thanks IN ADVANCE FOR YOUR HELP!!!!

It may be advisable then to make a post at the Malware forum for others who are more qualified to assist you with that, as it could be the malwares taking up the CPU and causing conflict with MS updates.

eddie5659, once again sorry for the lag time in my response time. Please see below for the scan results from running FRST AND Additional Txt.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by home (administrator) on HOME-PC on 30-11-2014 19:17:07
Running from C:\Users\home\Desktop
Loaded Profile: home (Available profiles: home)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Comodo\Dragon\dragon_updater.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Black Oak Computers, Inc.) C:\Program Files\StrongVPN\StrongService.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(ReviverSoft LLC) C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\CisTray.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Bootstrap Software Development) C:\Program Files\Common Files\BSD\AppUpdater\BSDChecker.exe
(Black Oak Computers, Inc.) C:\Program Files\StrongVPN\StrongDial.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_189_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5075104 2014-02-24] (ESET)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKLM\...\Run: [BSDAppUpdater] => C:\Program Files\Common Files\BSD\AppUpdater\BSDChecker.exe [1660232 2013-05-21] (Bootstrap Software Development)
HKLM\...\Run: [OCDLMgr] => [X]
HKU\S-1-5-21-1062624436-1845524453-1938322655-1000\...\Run: [StrongVPN Client] => C:\Program Files\StrongVPN\StrongDial.exe [1663472 2014-10-05] (Black Oak Computers, Inc.)
HKU\S-1-5-21-1062624436-1845524453-1938322655-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-07-08] (Google Inc.)
HKU\S-1-5-21-1062624436-1845524453-1938322655-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [51712 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1062624436-1845524453-1938322655-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-21-1062624436-1845524453-1938322655-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_189_ActiveX.exe [854704 2014-11-11] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-07-12] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1062624436-1845524453-1938322655-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1062624436-1845524453-1938322655-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKU\S-1-5-21-1062624436-1845524453-1938322655-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com
SearchScopes: HKU\S-1-5-21-1062624436-1845524453-1938322655-1000 -> DefaultScope {711F7A8C-6EB8-4B76-8D4C-7A5F89ED9F38} URL = http://www.google.co.kr/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer: source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_enKR596
SearchScopes: HKU\S-1-5-21-1062624436-1845524453-1938322655-1000 -> {711F7A8C-6EB8-4B76-8D4C-7A5F89ED9F38} URL = http://www.google.co.kr/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer: source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_enKR596
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-1062624436-1845524453-1938322655-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1062624436-1845524453-1938322655-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 168.126.63.1 168.126.63.2
Tcpip\..\Interfaces\{81ED6EA9-1B7B-4D79-A368-2573D7887650}: [NameServer] 216.169.129.2 216.169.130.2

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-07-08]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70864 2014-07-18] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] ()
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1343408 2014-02-24] (ESET)
R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-07-18] (Comodo Security Solutions, Inc.)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2014-05-24] (Realsil Microelectronics Inc.) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 StrongVPN Service; C:\Program Files\StrongVPN\StrongService.exe [101872 2014-10-05] (Black Oak Computers, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [35064 2013-05-07] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [607168 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43728 2014-04-16] (COMODO)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [122376 2013-09-17] (ESET)
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [15400 2013-10-07] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [92656 2014-04-16] (COMODO)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2014-05-24] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [31368 2011-05-30] (The OpenVPN Project)
R3 tapstrong; C:\Windows\System32\DRIVERS\tapstrong.sys [32872 2013-11-16] (The OpenVPN Project)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 19:17 - 2014-11-30 19:17 - 00011939 _____ () C:\Users\home\Desktop\FRST.txt
2014-11-30 19:16 - 2014-11-30 19:17 - 00000000 ____D () C:\FRST
2014-11-30 19:14 - 2014-11-30 19:14 - 01109504 _____ (Farbar) C:\Users\home\Desktop\FRST.exe
2014-11-30 17:20 - 2014-11-30 17:20 - 00000376 _____ () C:\Windows\PFRO.log
2014-11-30 17:20 - 2014-11-30 17:20 - 00000056 _____ () C:\Windows\setupact.log
2014-11-30 17:20 - 2014-11-30 17:20 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-11 11:26 - 2014-09-26 07:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 11:26 - 2014-09-19 10:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 11:26 - 2014-09-19 10:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 11:26 - 2014-09-19 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 11:26 - 2014-09-19 09:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 11:26 - 2014-09-19 09:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 11:26 - 2014-09-19 09:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 11:26 - 2014-09-19 09:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 11:26 - 2014-09-19 09:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 11:26 - 2014-09-19 08:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 11:26 - 2014-08-29 10:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-11 11:26 - 2014-06-19 07:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-11-11 11:26 - 2014-06-19 07:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-11-11 11:26 - 2014-06-19 07:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-11-11 11:25 - 2014-10-07 11:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 11:25 - 2014-09-26 07:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 11:25 - 2014-09-26 07:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 11:25 - 2014-09-26 07:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 11:25 - 2014-09-26 07:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 11:25 - 2014-09-19 10:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 11:25 - 2014-09-19 10:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 11:25 - 2014-09-19 10:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 11:25 - 2014-09-19 10:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 11:25 - 2014-09-19 09:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 11:25 - 2014-09-19 09:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 11:25 - 2014-09-19 09:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 11:25 - 2014-09-19 09:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 11:25 - 2014-09-19 09:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 11:25 - 2014-09-19 09:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 11:25 - 2014-09-19 09:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 11:25 - 2014-09-19 09:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 11:25 - 2014-09-19 09:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 11:25 - 2014-09-19 08:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 11:25 - 2014-09-19 08:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 11:25 - 2014-07-17 10:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-11-11 11:25 - 2014-07-17 10:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 11:25 - 2014-07-17 10:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-11-11 11:25 - 2014-07-17 10:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-11-11 11:25 - 2014-07-17 10:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 11:25 - 2014-07-17 10:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 11:25 - 2014-07-17 10:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-11-11 11:25 - 2014-07-17 10:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-11-11 11:24 - 2014-09-29 09:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 11:24 - 2014-09-18 10:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 11:24 - 2014-09-05 10:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-11 11:24 - 2014-09-04 14:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-11-11 11:15 - 2014-09-13 10:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 11:03 - 2014-11-11 11:04 - 00000000 ____D () C:\Users\home\AppData\Local\Adobe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 19:16 - 2014-07-10 23:13 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-30 18:40 - 2014-07-08 22:33 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-30 18:40 - 2014-07-08 22:33 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-30 18:29 - 2014-05-24 05:46 - 02027216 _____ () C:\Windows\WindowsUpdate.log
2014-11-30 18:28 - 2009-07-14 13:34 - 00019520 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-30 18:28 - 2009-07-14 13:34 - 00019520 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-30 18:23 - 2014-09-01 17:34 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-30 18:23 - 2014-09-01 17:34 - 00000000 ____D () C:\Program Files\SpywareBlaster
2014-11-30 17:59 - 2009-07-14 11:37 - 00000000 ____D () C:\Windows\rescache
2014-11-30 17:22 - 2014-07-10 22:42 - 00000000 ____D () C:\Users\home\AppData\Roaming\.strongvpn
2014-11-30 17:22 - 2014-07-10 21:54 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-30 17:21 - 2014-10-05 20:10 - 00002155 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-11-30 17:21 - 2014-07-20 10:46 - 00000316 _____ () C:\Windows\Tasks\Start Driver Reviver for home-PC@home(logon).job
2014-11-30 17:20 - 2009-07-14 13:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-11 20:00 - 2014-07-11 22:09 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4c3900bf-46ab-45b1-b899-69549cbb9d77.job
2014-11-11 18:25 - 2009-07-14 11:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-11 17:43 - 2014-10-05 22:02 - 48148480 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-11-11 17:43 - 2014-10-05 22:02 - 01093632 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-11-11 17:43 - 2014-10-05 22:02 - 00057344 _____ () C:\Windows\system32\config\SAM.iobit
2014-11-11 17:43 - 2014-10-05 22:02 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-11-11 17:43 - 2014-05-24 03:10 - 00000000 ____D () C:\Users\home
2014-11-11 17:16 - 2009-07-14 13:33 - 00486200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-11 11:42 - 2014-07-12 13:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-11 11:35 - 2014-07-12 13:15 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 11:04 - 2014-07-10 23:13 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-11 11:04 - 2014-07-10 23:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-04 14:30 - 2014-05-24 03:27 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\ProgramData\DriverReviver.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-30 17:50

==================== End Of Log ======================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-11-2014 01
Ran by home at 2014-11-30 19:19:03
Running from C:\Users\home\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
Belkin Wireless USB Utility (HKLM\...\InstallShield_{A6359CCF-215D-43D9-8366-479D231F2A72}) (Version: 6.3.2.16 - Belkin)
Belkin Wireless USB Utility (Version: 6.3.2.16 - Belkin) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO)
COMODO Firewall (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)
Comodo TrustConnect™ v.1.7.3 (HKLM\...\Comodo TrustConnect™_is1) (Version: - COMODO)
Driver Reviver (HKLM\...\Driver Reviver) (Version: 4.0.1.104 - ReviverSoft LLC)
ESET NOD32 Antivirus (HKLM\...\{006B8604-097D-47F5-9590-6F43F94B9279}) (Version: 7.0.317.4 - ESET, spol s r. o.)
GeekBuddy (HKLM\...\{3ED40DF8-7A27-4321-8CC3-55302B1DE3D3}) (Version: 4.13.113 - Comodo Security Solutions Inc)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1065 - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaWidget 7.0 (HKLM\...\MediaWidget - Easy iPod Transfer_is1) (Version: - Bootstrap Development, LLC.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
MyDataBase (HKLM\...\{AB856C83-7CA0-4EB5-8D86-792B29EB4A10}) (Version: - )
MySoftware Fonts (HKLM\...\{6C6F0968-2B86-42B4-AF34-46A5F06E8FA4}) (Version: - )
ParetoLogic Privacy Controls (HKLM\...\{29ACDA07-0CAD-4751-B3A4-3E03C5F74673}) (Version: 3.2.0.0 - ParetoLogic, Inc.)
Quicken 2004 (HKLM\...\InstallShield_{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8}) (Version: 13.00.0000 - Intuit)
Quicken 2004 (Version: 13.00.0000 - Intuit) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.78.1218.2013 - Realtek)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
RoboForm 7-9-8-5 (All Users) (HKLM\...\AI RoboForm) (Version: 7-9-8-5 - Siber Systems)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
StrongVPN Client (HKLM\...\{6EB6293C-9286-4981-8672-956E1A92F33B}_is1) (Version: 1.4.0.1 - Black Oak Computers, Inc)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Weather Exchange (HKLM\...\{BC70488C-D4EF-42C2-A60D-20A3C14335D2}) (Version: 1.0.57 - Ambient, LLC)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

13-09-2014 01:22:58 Scheduled Checkpoint
14-09-2014 13:15:54 Windows Update
05-10-2014 04:04:31 Windows Update
05-10-2014 13:06:41 Windows Modules Installer
11-11-2014 02:27:36 Windows Update
30-11-2014 08:57:48 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 11:04 - 2009-06-11 06:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00A74FFD-2567-4F82-8D8E-16824CD33667} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {167B8B78-A257-45B5-93A6-003EAC24C287} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-08] (Google Inc.)
Task: {237E7CC6-0CD2-4A4D-B742-808F3DB843FA} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-07-10] (Siber Systems)
Task: {2F06B637-6F40-4D2E-98AA-857BF28FBE19} - System32\Tasks\Start Driver Reviver for home-PC@home(logon) => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe [2014-07-03] (ReviverSoft LLC)
Task: {386C3466-FCC3-4103-B02F-892FA7026679} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNJPMNMMJNMGMMJNMCNIMJJMJKMCNLMHMGMJMCNGMNJOMHMCNLMLJMMOMK MNJGMHMKJLJOMLMJNJICMIMCNGMCNHMFMHMCNPMCNIMJMPMPMFMJMCNOMCNIMJMPMPMCNNMJNPI CMLMFMOMNMIIPMOMFMPMJNHICMOMNMIIPMOMJNBJCMHJAJCJKJJNKJCMJNNICMJNDJCMKJBJJNM JCMOMFMOMKMGMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {39908308-DFE5-45A6-A46E-AE01B8261F34} - System32\Tasks\SUPERAntiSpyware Scheduled Task 69723fa5-9123-404b-865b-54a691dd0611 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {3B6E62F4-AB64-42EF-A263-1928A863E02A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-11] (Adobe Systems Incorporated)
Task: {3BCCDEAC-E623-4906-A21B-E225DD17E355} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-08-22] (IObit)
Task: {3EA2D898-5BBC-4CE6-A434-0BE03DE763E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-08] (Google Inc.)
Task: {5BF5E9D3-9950-4712-93FF-ECF1717A4D08} - System32\Tasks\SpywareBlaster AutoUpdate => C:\Program Files\SpywareBlaster\sbautoupdate.exe [2013-03-01] ()
Task: {6F020878-BB79-4BC7-A78D-43992C026E83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {71BADB46-D442-4627-B76F-5FFA698D7078} - System32\Tasks\Privacy Controls_{377A90E1-08FB-11E4-B7A6-089E01266C5E} => C:\Program Files\ParetoLogic\Privacy Controls\Pareto_PC.exe
Task: {DBC82BEF-EF4C-477E-814F-9F2A2308A73F} - System32\Tasks\ASC7_SkipUac_home => C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {F7D6712B-1301-482F-9A55-6C687D9580F8} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {FDB7D509-E550-4246-B299-33BEDFA92430} - System32\Tasks\SUPERAntiSpyware Scheduled Task 4c3900bf-46ab-45b1-b899-69549cbb9d77 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Privacy Controls_{377A90E1-08FB-11E4-B7A6-089E01266C5E}.job => C:\Program Files\ParetoLogic\Privacy Controls\Pareto_PC.exe
Task: C:\Windows\Tasks\Start Driver Reviver for home-PC@home(logon).job => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4c3900bf-46ab-45b1-b899-69549cbb9d77.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 69723fa5-9123-404b-865b-54a691dd0611.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2014-10-05 20:09 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-21 19:22 - 2014-05-21 19:22 - 02135232 _____ () C:\Program Files\Comodo\Dragon\dragon_updater.exe
2014-08-19 13:36 - 2014-06-25 10:13 - 01457664 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-08-19 13:36 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-10-05 20:09 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 7\webres.dll
2014-10-05 20:08 - 2013-12-02 19:06 - 01281312 _____ () C:\Program Files\IObit\Advanced SystemCare 7\Scan.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk => C:\Windows\pss\Quicken Scheduled Updates.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup
MSCONFIG\startupreg: GfxServiceInstall => C:\Windows\system32\GfxCUIServiceInstall.vbs
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RoboForm => "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
MSCONFIG\startupreg: StrongVPN Client => "C:\Program Files\StrongVPN\StrongDial.exe" --silent
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: tvncontrol => "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave

========================= Accounts: ==========================

Administrator (S-1-5-21-1062624436-1845524453-1938322655-500 - Administrator - Disabled)
Guest (S-1-5-21-1062624436-1845524453-1938322655-501 - Limited - Disabled)
home (S-1-5-21-1062624436-1845524453-1938322655-1000 - Administrator - Enabled) => C:\Users\home
HomeGroupUser$ (S-1-5-21-1062624436-1845524453-1938322655-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/30/2014 06:24:07 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={7EFDF3E8-D281-4F78-A1B7-ECF667D4D0F4}: The user home-PC\home dialed a connection named StrongVPN - 251768-L2TP which has failed. The error code returned on failure is 619.

Error: (11/30/2014 06:23:56 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={137C10D2-16A7-4B12-A0C8-B34817315E85}: The user home-PC\home dialed a connection named StrongVPN - 251768-L2TP which has failed. The error code returned on failure is 628.

Error: (11/30/2014 05:21:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (3064) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\home\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (11/11/2014 08:20:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x541b6f63
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000374
Fault offset: 0x000c3873
Faulting process id: 0x1290
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/11/2014 08:13:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x541b6f63
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000374
Fault offset: 0x000c3873
Faulting process id: 0x167c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/11/2014 06:11:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x541b6f63
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000374
Fault offset: 0x000c3873
Faulting process id: 0x5b0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/11/2014 05:03:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x53f262ac
Faulting module name: igdumd32.dll, version: 8.14.8.1065, time stamp: 0x4efd8b10
Exception code: 0xc0000005
Fault offset: 0x000aa188
Faulting process id: 0x1140
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/11/2014 05:00:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x53f262ac
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000374
Fault offset: 0x000c3873
Faulting process id: 0xae8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/11/2014 04:58:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x53f262ac
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000374
Fault offset: 0x000c3873
Faulting process id: 0x1aa4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/11/2014 04:56:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x53f262ac
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000374
Fault offset: 0x000c3873
Faulting process id: 0x1498
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (11/30/2014 07:11:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 80.

Error: (11/30/2014 05:20:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (11/11/2014 05:19:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (11/11/2014 05:16:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (11/11/2014 05:13:25 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (11/11/2014 04:52:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (11/11/2014 11:45:26 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 80.

Error: (11/11/2014 11:11:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The COMODO Dragon Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (11/11/2014 10:59:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (10/15/2014 07:42:29 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-07-12 21:48:30.388
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz
Percentage of memory in use: 56%
Total physical RAM: 2036.3 MB
Available physical RAM: 882.86 MB
Total Pagefile: 4072.6 MB
Available Pagefile: 2509.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:169.26 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: BE3FBE82)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Thanks again for the help.

Thanks :)


Looks like there isn't much there, so we'll start on the manual scans ;)

We'll do these over several scans, just in case there are a lot of entries.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  
  Code:

  ---

  :filefind
*Browsersafeguard*.*
*MediaGet*.*
*TBHostSupport*.*
*Conduit*.*
*AVG-Secure-Search*.*
*AVG Secure Search*.*
*OutfoxTV*.*
*ask.com
*trovi*.*
*Mywebsearch*.*
*InboxAce*.*
:folderfind
*Browsersafeguard*
*MediaGet*
*TBHostSupport*
*Conduit*
*AVG-Secure-Search*
*AVG Secure Search*
*OutfoxTV*
*ask.com
*trovi*
*Mywebsearch*
*InboxAce*
:regfind
Browsersafeguard
MediaGet
TBHostSupport
Conduit
AVG-Secure-Search
AVG Secure Search
OutfoxTV
ask.com
trovi
Mywebsearch
InboxAce
:dir
C:\a /s
:contents
C:\Windows\SysWOW64\59175765.bat

  ---

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found at on your Desktop entitled SystemLook.txt

eddie

My Toshiba laptop (windows 7) is running very slow. I did a malware scan, ran ccleaner, ran superantispyware, ran AVG scan and found little if anything. The cpu % is frequently only in the 50's and memory usage in the 80's. I performed some system changes recommended for making it more efficient and it helped, but frequently it is extremely slow. Sometimes I will be typing and nothing will show up for several seconds.

I want to be sure that I am not infected. Any help would be appreciated.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD E-300 APU with Radeon(tm) HD Graphics, AMD64 Family 20 Model 2 Stepping 0
Processor Count: 2
RAM: 3686 Mb
Graphics Card: AMD Radeon HD 6310 Graphics, 384 Mb
Hard Drives: C: Total - 291227 MB, Free - 108262 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: AVG AntiVirus Free Edition 2015, Updated and Enabled

Welcome. :)

Attempt this:

Restart your computer and immediately hold down Alt+f10 . This will bring you to the recovery partition of your computer. Recover to factory settings. Please know that this will erase your hard drive and all data.

Hello,
I did what you indicated. Still Reg Pro cleaner at start up.
enclosed the OTS log. I can only run Internet explorer as admin. otherwise, it wouldnt work.

I did run a regedit and found 3 folders of RPC. They are all in the program files in Windows under the x86. Should i do anything to them?

Attached Files

11302014_170753.txt (639.5 KB)

Hello Cathy, try the following...

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

There are three buttons to choose from with different names on, select the first one and save it to your desktop.

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7/8, right-click on it and Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
• If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
• If the tool does not run from any of the links provided, please let me know.

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Kevin...

I'm posting this in a few different forums because I need help and I guess no one knows the answer in the web and email forum:-(. Hopefully someone who does will come past this thread!!!

This is lengthy, but I appreciate anyone who takes the time to read it!!!!!

OK:

I'm not sure if this is even possible.... I'm a college student, the class I am writing about today had a deadline date, in which to withdraw from the course without getting a "F" grade, but instead a "W".

The deadline was on 10/28/14.

Now I was aware of this, and went to withdraw on 10/27/14. I was browsing my student portal a few days later to see that it never withdrew me from the class. I know I withdrew in time (27th), but maybe some computer glitch, or something happened that caused it to not finalize the withdrawal or something.

I am so desperate (I got my first "F") that I've been searching Google history for the 27th. It pulls up many history that day of my being on my college account, and even has the words on 2 of the 7 history entries: add drop class. Unfortunately, that isn't enough, as my school could just say I was probably browsing classes to ADD, not withdrawing the class in this topic.

QUESTION: IF I USE inspect element, what is that? It almost looked like a blueprint of all the clicks I made that day, etc, but hard to read.
--Can I show "what I was CLICKING" on the 27th with inspect element?
--Can I show more detail as to WHY and EXACTLY what I was clicking on the 27th, so I can prove my actual, documented clicks of ATTEMPTING to drop the class?

Did that make sense?
I need to prove that I honestly believed, and thought I had, withdrew my class. A timeline per say?!

I PRAY someone out there understands what I'm saying, and if "inspect element" won't help, maybe let me know if there is an alternative route to show my internet STEPS on the 27th, while on my student account.

THANK YOU SO MUCH FOR READING THIS LONG QUESTION!!! I am tempted to take my laptop into a computer technology professor and beg him to snoop through that day for me. I have attached a picture of what pops up with my Google history search for the 27th.

My Mac computer has suddenly started going blank screen in any session - internet/ word xl etc. Anything.
I then shut down with the power button and reboot. Sometimes it come back to the ID user page, sometimes not and the fans start whirring very loud etc.
If i get back up through the ID user etc i can do work for a while, then the screen suddenly goes blank and can't se or do anything once again.

Virus Ha. I have no money to buy virus package etc. Any suggestions welcome please.

i have merged your two threads together here

HI Eddie!

So, where do we go now?

THANK YOU!!!