eddie5659, I don't know but I may have stumbled on a possible solution to the problem of IE constantly terminating. Using my other computer, I Googled the problem and one suggestion was to check to see if Java was up-to-date. I checked and Java was not installed. Well... I installed Java and so far IE has remained connected. I'll try it over the next day and let you know if this solved the problem. Thanks again for all of your help and I'll let you know about this possible solution

Sorry for the delay been busy with the family etc over new year.

Ran the OTL tool and got the following two files which I have attached as they were too long to embed in this post.

The link you gave for the TDSSKiller doesnt work for me, says 404 file not found. So I downloaded it from here http://download.cnet.com/Kaspersky-T...-75722087.html

I have attached the log from that as well. It only found one suspicious object which I skipped as instructed so yeah, no change here.

Computer generally runs absolutely fine but then it is fairly powerful so it would take a lot to slow it down. However using the internet is very frustrating as every time you click on anything a new advert tab opens and then when you close that it pops with warnings saying are you sure you want to leave this page etc. It also interferes with youtube videos meaning the video is just a blank screen, you cant pause it or anything. If you refresh the page enough times it manages to work it out.

Attached Files

	OTL.Txt (162.0 KB)
	Extras.Txt (72.8 KB)
	TDSSKiller.3.0.0.42_04.01.2015_22.25.42_log.txt (195.3 KB)

my laptop is a e627 emachine it is not funtioning in anyway dont know what to do to get it back running when on there are lines in screen so i figure it has virus on it. help!

Listened to your voice. Yep, your an Englander. My Cousins grandparents are from England. The Breretons. Know any Breretons?Yes, I know its a big country but the Brereton name was well known from what I gathered doing some ancestry research.

press NO or cancel and close the browser window
restart the browser then
Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

quarantining the virus, removes it from the computer

P U P means potentially unwanted program. it would have been bundled in with some seemingly legitimate program that you downloaded and installed

lets see what is left to deal with ( if anything )

Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

Hey there!

Here is some basic information about my PC:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz, x64 Family 6 Model 23 Stepping 6
Processor Count: 2
RAM: 2038 Mb
Graphics Card: Mobile Intel(R) 965 Express Chipset Family, 384 Mb
Hard Drives: C: Total - 79899 MB, Free - 40696 MB; E: Total - 225241 MB, Free - 219557 MB;
Motherboard: FUJITSU, FJNB1DB
Antivirus: Microsoft Security Essentials, Updated and Enabled


I have a problem with my computer. The process Iexplore.exe is opened in the background and using most of my PCs CPU. Sometimes I hear random music playing from my speakers. This music stops when I close the process Iexplore.exe. Once I close this process it is usually there again within five minutes or so.
I have already run many anti-virus programs including AdwareCleaner and Hitman Pro, but the problem is still there.

I hope you can help me. If you need more information conscerning my problem, please contact me.

Best regards and thanks in advance! :)

smashinpotatoes

I am absolutely terrified that my brand new laptop might be infected. I am having internet connectivity issues and slowness. I have bitdefender and all day get stuff like this. Well I cant copy it so I saved a copy of the report log. Here it is.

<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="C:\Program Files\Bitdefender\Bitdefender 2015\ondemand.xsl"?>
<ScanSession creator="Bitdefender Total Security 2015" name="Custom Scan" installPath="C:\Program Files\Bitdefender\Bitdefender 2015\" creationDate="Monday, January 5, 2015 8:12:08 AM" originalPath="C:\Users\summer\AppData\Roaming\Bitdefender\Desktop\Profiles\ Logs\2e440000-33c1-45cc-7ab2-80d26a0cfdbf\1420462392_3_02.xml" >
<ScanSettings
statisticsRefreshInterval="1000"
scanSpeed="1.000000"
lowPriority="1"
enableExclusions="1"
enableTaskExclusions="0"
scanAdware="1"
scanSpyware="1"
scanApplications="1"
scanDialers="1"
scanKeyloggers="1"
scanFiles="1"
scanAllFiles="1"
scanProgramsOnly="0"
useCustomPrograms="0"
customPrograms=""
scanUserDefined="0"
scanPacked="1"
scanArchives="1"
useSmartScan="0"
scanEmails="1"
scanRootkits="0"
scanAllRootkits="1"
scanBoot="1"
scanMemory="1"
scanRegistry="1"
quickScan="0"
quickScanMemory="0"
quickScanAutoruns="0"
quickScanPlugins="0"
scanCookies="1"
shutdownAfter="0"
passwordPrompt="0"
onlyAllowedActions="1"
deepArchiveScan="1"
maxArchiveLevel="15"
maxArchiveSize="10485760"
infectedAction1="1"
infectedAction2="1"
suspectAction1="1"
suspectAction2="1"
rootkitAction="3"
userDefinedExtensions=""
scanPua="-1"
>

<ScanPaths>
<path>\\.</path>
<path>\\.</path>
<path>\\.</path>
<path>C:\</path>
<path>D:\</path>
<path>E:\</path>
<path>F:\</path>
</ScanPaths>

<ExcludedPaths>
</ExcludedPaths>

<ExcludedExtensions>
</ExcludedExtensions>

</ScanSettings>

<EngineSummary
totalSignatures="6386326"
/>

<ScanSummary
scannedArchives="410"
scannedPacked="1181"
startTime="1420462392"
duration="9664454"
>

<TypeSummary type="1"
scanned="30"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>

<TypeSummary type="4"
scanned="15"
infected="2"
suspicious="0"
disinfected="0"
deleted="2"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>

<TypeSummary type="0"
scanned="1083673"
infected="3"
suspicious="0"
disinfected="0"
deleted="3"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>

<TypeSummary type="5"
scanned="0"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>

<TypeSummary type="2"
scanned="4213"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>

<TypeSummary type="3"
scanned="6185"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>

<TypeSummary type="6"
scanned="7977"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>

</ScanSummary>

<ScanDetails>
<UnresolvedDetails>
</UnresolvedDetails>

<ResolvedDetails>
<Item type="0" objectType="4" path="C:\Users\summer\AppData\Local\Microsoft\Windows\INetCookies\Low\OM567 J0M.txt" threatType="0" threatName="Cookie.WebTrends" action="3" allActions="1 1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\summer\AppData\Local\Microsoft\Windows\INetCookies\Low\WTHHW 61J.txt" threatType="0" threatName="Cookie.2o7" action="3" allActions="1 1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="0" path="C:\Program Files\Common Files\GBUpdatePlus\smei64.dll" threatType="2" threatName="Adware.Generic.1119096" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="0" path="C:\Program Files\Common Files\GBUpdatePlus\smoi64.dll" threatType="2" threatName="Adware.Generic.1121689" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="0" path="C:\Program Files\Common Files\GBUpdatePlus\smci64.dll" threatType="2" threatName="Adware.Generic.1130874" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
</ResolvedDetails>

<IgnoredDetails>
</IgnoredDetails>

<QuickScanDetails>
</QuickScanDetails>
<NotScannedDetails
skipped="0"
ioerrors="8"
archiveBombs="0"
passwordProtected="68"
>

<Item type="0" objectType="0" path="C:\System Volume Information\{c3447f85-9497-11e4-826e-3863bb912cbc}{3808876b-c176-4e48-b7ae-04046e6cc752}" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cookie-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Internet Explorer-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\System Volume Information\{c3447fa4-9497-11e4-826e-3863bb912cbc}{3808876b-c176-4e48-b7ae-04046e6cc752}" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\DoubleClick-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\SWSetup\Youcam\SupportFiles.7z=&gt;YouCam.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS Management Console-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\System Volume Information\{c3448003-9497-11e4-826e-3863bb912cbc}{3808876b-c176-4e48-b7ae-04046e6cc752}" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
<Item type="0" objectType="0" path="C:\SWSetup\CyberMS\SupportFiles.7z=&gt;PowerStarter.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="\\." threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
<Item type="0" objectType="0" path="C:\System Volume Information\{c344800d-9497-11e4-826e-3863bb912cbc}{3808876b-c176-4e48-b7ae-04046e6cc752}" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
<Item type="0" objectType="0" path="C:\SWSetup\PWDVD12\SupportFiles.7z=&gt;PowerDVD12.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectDraw-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
<Item type="0" objectType="0" path="C:\SWSetup\P2Go\SupportFiles.7z=&gt;P2G.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\DoubleClick-0000.zip=&gt;DoubleClick-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\SWSetup\CPDD\SupportFiles.7z=&gt;PhotoDirector.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MediaPlex-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MediaPlex-0000.zip=&gt;MediaPlex-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\SWSetup\CPwrDD\SupportFiles.7z=&gt;PDR.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0000.zip=&gt;Windows Explorer-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0000.zip=&gt;Windows Media SDK-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectDraw-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MediaPlex-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows-0000.zip=&gt;Windows-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS Management Console-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS Management Console-0000.zip=&gt;MS Management Console-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\History-0000.zip=&gt;History-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS Management Console-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\CasaleMedia-0000.zip=&gt;CasaleMedia-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectDraw-0000.zip=&gt;MS DirectDraw-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip=&gt;Macromedia.FlashPlayer.Cookies-0000.md5" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectDraw-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Internet Explorer-0000.zip=&gt;Internet Explorer-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip=&gt;Quarantine.lst" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip=&gt;Macromedia.FlashPlayer.Cookies-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files (x86)\InstallShield Installation Information\{E1646825-D391-42A0-93AA-27FA810DA093}\SupportFiles.7z=&gt;PDR.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip=&gt;Users/summer/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/LD3LPNH3/tag.mediashakers.hiro.tv/HIRO_NETWORK_CAPPING_COOKIE.sol" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\History-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip=&gt;Users/summer/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/LD3LPNH3/tag.mediashakers.hiro.tv/US_FARM_mediashakers.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Internet Explorer-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Internet Explorer-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\History-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\DoubleClick-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cookie-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cookie-0000.zip=&gt;Cookie-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0000.zip=&gt;Cache-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\CasaleMedia-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\CasaleMedia-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\BurstMedia-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\BurstMedia-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\BurstMedia-0000.zip=&gt;BurstMedia-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\7-Zip-0000.zip=&gt;150105-013137.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\7-Zip-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\7-Zip-0000.zip=&gt;7-Zip-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\ProgramData\Spybot - Search &amp; Destroy\Quarantine\7-Zip-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\SupportFiles.7z=&gt;PowerDVD12.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files (x86)\InstallShield Installation Information\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}\SupportFiles.7z=&gt;PhotoDirector.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\SupportFiles.7z=&gt;P2G.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z=&gt;PowerStarter.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
<Item type="0" objectType="0" path="C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\SupportFiles.7z=&gt;YouCam.ico" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
</NotScannedDetails>
</ScanDetails>

</ScanSession>



Also the info for my system

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics, AMD64 Family 22 Model 48 Stepping 1
Processor Count: 4
RAM: 7105 Mb
Graphics Card: AMD Radeon(TM) R5 Graphics, 1024 Mb
Hard Drives: C: Total - 692062 MB, Free - 585382 MB; D: Total - 22296 MB, Free - 2478 MB;
Motherboard: Hewlett-Packard, 8015
Antivirus: Bitdefender Antivirus, Updated: Yes, On-Demand Scanner: Enabled


Thanks!

This morning, with a fresh perspective, I booted in safe mode (which is hard with Asus and an SSD) and ran more software. I went into IE and unchecked the proxy option again. It stayed unchecked, but still didn't work. I then selected the option to reset Internet Explorer settings, which did the trick. I am not sure if there was/is a virus or if that raptr installation messed up the internet settings through IE somehow.

Internet is still slow, but actually getting through. The check mark still won't leave the internet settings. :(

*Follow these steps to uninstall Combofix and the other tools it downloaded to remove the malware*
* Click START then RUN
* Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the /U, it needs to be there.


This will also purge the restore folder and clear any malware that has been put in there. Now Empty Recycle bin on desktop Then reboot.

go here http://myonlinesecurity.co.uk/how-to...hten-security/ for info on how to tighten your security settings and how to help prevent future attacks.

and scan here http://secunia.com/vulnerability_scanning/personal for out of date & vulnerable common applications on your computer and update whatever it suggests.

Then pay an urgent visit to windows update & make sure you are fully updated, that will help to plug the security holes that let these pests on in the first place. If windows update doesn't work, please come back & tell us

Hi Eddie,


Many thanks for taking all that trouble to respond. Luckily a friend helped me solve my problem easily. I simply ran Windows' Recovery feature, picking a date prior to when the problem started, and it restored my system to all the settings it was on at that date.


Thanks again, Eddie, and best wishes,
Art

Hello again acameron,

I have only just caught up with this reply. I don't know what happened with the automatic e-mail notifications but I didn't seem to get it. Had some storms around the end of December with some power cuts so that might have been a cause lol.

Anyway, how is your machine now?

If everything is running okay you might like to Mark the thread as solved.

Ran sfc /scannow in elevated prompt and files have been repaired. Will check around for a security to better replace windows defender.

Nvm if anyone has this problem i used adcleaner! i found it while browsing through sites on internet!

https://toolslib.net/downloads/viewd.../1-adwcleaner/

Eddie,

Sorry that I have not been in touch.... I tried to run SystemLook and I get a message that a script is required. On another note, whenever I try to run a video that requires Adobe Flash player 16 active x, I have to download it everytime. It will not stay active from one day to another.... somewhat of an inconvenience .... why is this happening?

Sorry. Just found the Extras.txt in my task bar.


OTL Extras logfile created on: 07/01/2015 10:12:49 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Darlene\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.68 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 61.74% Memory free
7.36 Gb Paging File | 5.52 Gb Available in Paging File | 75.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 281.99 Gb Total Space | 215.10 Gb Free Space | 76.28% Space Free | Partition Type: NTFS

Computer Name: DARLENE-LAPTOP | User Name: Darlene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{049B0A1D-2D57-48CF-BDB9-8A636D06305E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{05BD6D09-9B00-4597-9AA5-8D555CB9588B}" = rport=139 | protocol=6 | dir=out | app=system |
"{1430F282-3E31-49D2-85F1-E40E3EEEE7D9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{305FD811-E5B6-49DB-8B8B-B1A3A5E5B765}" = rport=137 | protocol=17 | dir=out | app=system |
"{3113FB74-8D4C-4BB9-AE3D-00191AE863CD}" = lport=138 | protocol=17 | dir=in | app=system |
"{331F5CDF-97D1-47AF-A702-FF95A5439C8F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4D426D7F-F0E6-4F4E-BC6E-73D29A7FCFDE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59198CB2-3942-41ED-84D6-595E26893541}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5D923B95-489E-44CA-AAA4-FFFB965841F7}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{606F4143-45D8-4FE0-AA72-415D51340200}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61F26442-F84F-4430-92F4-B1DA22F2DC0C}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6A20C77B-27CA-434B-83E5-AD5B059AB989}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6D59B09F-9B6C-458F-8FBA-FA10F370D312}" = lport=10243 | protocol=6 | dir=in | app=system |
"{73F579A5-BD35-4F0F-972E-6400B2EB5A5C}" = rport=138 | protocol=17 | dir=out | app=system |
"{7690250C-9A59-4170-B8A5-0C3DBDE3BF7D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8AD1A9E0-72DD-4E4D-AE39-3198EEEEC313}" = rport=445 | protocol=6 | dir=out | app=system |
"{8AEFBDFC-3E28-49C4-BA6C-457D39FAF670}" = lport=139 | protocol=6 | dir=in | app=system |
"{91DAD4BB-2740-403B-BD93-09ECC1C1E7D6}" = lport=445 | protocol=6 | dir=in | app=system |
"{98AD4BDD-7EB9-4E68-A707-20DF291C54C8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A0C64C51-12EA-4303-B53D-7980C34CF6B9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AFC246A1-90A6-4255-95E3-357EFE99E997}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B14E151D-690E-4574-B7B2-CAF70D6694AE}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B5E3E9A6-2B23-4CAF-BD6B-9DF30FC59287}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{B7B0C4EC-FAD0-4248-ADB7-0BF44724D229}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BC672755-C548-4649-845A-5453B4754E4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD2ECB16-6C07-4F7C-B85B-F38620707DE5}" = rport=2869 | protocol=6 | dir=out | app=system |
"{C22510E6-F92C-4622-AF76-BAA1E89673EF}" = lport=137 | protocol=17 | dir=in | app=system |
"{C36394E4-A323-44A4-BC68-CD4F7F1A1E21}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C7AC6869-24B5-4BEC-AA49-461F1C9FF18B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CCA8A6A4-7B46-4453-B1FD-589512EC1E1C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CFD351D4-E7DF-4751-887A-4A0F9DA04889}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DE326A88-BCC8-41C7-BBB5-61AFDDE87263}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E2DA932A-A102-4A00-A41B-F31D2875773B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F8E09D6A-23B3-40AF-8877-3314F10DCB8F}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{0303C91F-1EA0-4A35-A4D3-A5DC42C55DFB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{05C4C500-7DAD-4D9F-BF6E-F980F29C4D85}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{09BDB747-3C86-4C4F-AF93-C83C51D6E5EA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1644752C-89B3-42F4-896E-964126416D6B}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe |
"{193310F2-4595-4898-8328-14B1FA89DFA1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1987F5F3-492D-4B35-BAA4-E14B2B265A45}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2023D9F4-518B-4D98-8453-1DD6B3F421FE}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{30D0E022-C966-492C-B656-BB5CDFAB7621}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{37A66CF4-5C6D-4608-8E94-17F1597AA832}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{38DB1C66-A036-400C-B1D9-292E55E0DE6A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3F9D2B19-0E36-408E-A544-DE542CB6DC73}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{4E1F347A-EEAE-4D20-918E-D1745B2CD60F}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\clml\clmlsvc.exe |
"{508BEC67-D529-40F1-BB76-AA5C211B1D92}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe |
"{52B08ED9-5F24-44A4-9A0F-B26BC39D6B66}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5DC2EBC2-C5E3-4B2E-A233-F5E2D901DE67}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5FA6C18C-BD15-47A1-BFAB-822D45C68A4C}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{611A21C6-7875-400A-A82F-5D852CB3084D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7BCA0377-371C-4C14-A199-E3C67BC80D87}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{828B516A-4E2B-4F0A-A905-C1291DF70C72}" = dir=in | app=c:\program files (x86)\acer\clear.fi\movie\touchmovieservice.exe |
"{871DC5AB-543B-40AE-841A-CB80FB399967}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8D2BD635-0256-4B51-9FB2-0D8FD78463C4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8F1A5751-B602-4AF3-B912-BCD60C45E2DE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9FA8E9C5-018E-4EC4-A134-181A43177EFE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{A4B8C0E6-1DCD-4E9B-B6E4-23CE06BE3C8B}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{ACBD1875-D863-4A2C-91DE-F7A5F47CB000}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BFA16F1E-B129-46A9-B4AE-BF0430DD6AA9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C43608DA-8439-452A-BC88-99326DB58FC9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C5430BD2-6E4B-4C1A-BDF6-D6F844C65C1B}" = dir=in | app=c:\program files (x86)\acer\clear.fi\movie\touchmovie.exe |
"{C6BACFF8-0F9B-40AD-92BA-437BCD3E6F77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3591A46-FC60-496F-A4AF-C3F812699D27}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D441D2D6-93B8-454D-84DD-7733BD7733D5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DAB2E4F1-F682-4D39-AA5D-279B667CE1FB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E0A3A459-589C-4F10-9446-FC923C35A0D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EEABE848-BBDC-4C31-970D-5878052577C1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F0D64AF0-6AFD-48EA-B394-0503C4F01169}" = protocol=6 | dir=out | app=system |
"{F228A71B-C143-44C3-8390-6C628F6A4BC1}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{F421164B-C274-4960-B958-121FF7524B3E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F4B1D0CA-B4F2-422B-9382-5317C9C72B91}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FC098317-4250-4FF4-B9AB-8D5BA7465A02}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{AA6E2048-8889-44CE-A8BD-26A108E292EB}C:\users\darlene\appdata\local\dvo\cook'n10app\cook'n.exe" = protocol=6 | dir=in | app=c:\users\darlene\appdata\local\dvo\cook'n10app\cook'n.exe |
"TCP Query User{B46135E9-6B4C-4655-84F6-C88671182DED}C:\program files (x86)\palm\hotsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\palm\hotsync.exe |
"TCP Query User{EB08ACCB-22E0-4EF8-A2D1-70EB57971681}C:\users\darlene\appdata\local\dvo\cook'n10app\cook'n.exe" = protocol=6 | dir=in | app=c:\users\darlene\appdata\local\dvo\cook'n10app\cook'n.exe |
"UDP Query User{05F807BE-8FBA-4A2A-A126-2806D8CD82CF}C:\program files (x86)\palm\hotsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\palm\hotsync.exe |
"UDP Query User{3EC239D4-DDEB-4391-9839-A9F62CFB02D0}C:\users\darlene\appdata\local\dvo\cook'n10app\cook'n.exe" = protocol=17 | dir=in | app=c:\users\darlene\appdata\local\dvo\cook'n10app\cook'n.exe |
"UDP Query User{97D979F0-CA91-4FD3-B1ED-54A9BBCB7EDB}C:\users\darlene\appdata\local\dvo\cook'n10app\cook'n.exe" = protocol=17 | dir=in | app=c:\users\darlene\appdata\local\dvo\cook'n10app\cook'n.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{17DB0909-D123-43E1-B5F2-CC356E08B4AA}" = AdAwareInstaller
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{373B90E1-A28C-434C-92B6-7281AFA6115A}" = WOT for Internet Explorer
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5C0392D-46A7-4CB3-800B-5794909453BD}" = AdAwareUpdater
"{A5C0392D-46A7-4CB3-800B-5794909453BD}_AdAwareUpdater" = Ad-Aware Antivirus
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{CC347FC6-C8D7-493A-B70E-1D89E22691A7}" = AntimalwareEngine
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F46AA0F1-E284-4878-A462-5F11B9166C0E}" = iTunes
"EPSON Printer and Utilities" = EPSON Printer Software
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}" = clear.fi
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.7.7
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294B365B-32EF-49EE-99B3-A00558DC76E5}" = e-Sword
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client
"{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}" = OpenOffice 4.0.1
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C774C35-E0AF-72E1-136A-2BF666702268}" = Fooz Kids
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}" = Fooz Kids Platform
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB398DDB-0E7B-400B-A940-7E61FB91A531}" = Alcor Micro USB Card Reader
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.13) MUI
"{B17A014A-F2C2-4BAD-A96C-648449C61CEC}" = Print My Cal
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = clear.fi
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D3E5A972-9A15-427D-AE78-8181A5FD943C}" = eBay Worldwide
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}" = palmOne
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"AmUStor" = Alcor Micro USB Card Reader
"BFG-1 Penguin 100 Cases" = 1 Penguin 100 Cases
"BFG-3 Days - Zoo Mystery" = 3 Days: Zoo Mystery
"BFG-Brainiversity 2" = Brainiversity 2
"BFGC" = Big Fish: Game Manager
"BFG-Clutter" = Clutter
"BFG-Clutter 3 - Who is The Void" = Clutter 3: Who is The Void?
"BFG-Clutter II - He Said She Said" = Clutter II: He Said, She Said
"BFG-Cubetastic" = Cubetastic
"BFG-Mystery Case Files - Dire Grove" = Mystery Case Files &reg;: Dire Grove ™
"BFG-Mystery Riddles" = Mystery Riddles
"BFG-Nancy Drew - The Captive Curse" = Nancy Drew: The Captive Curse
"BFG-Ocean Express" = Ocean Express
"BFG-Patchworkz" = Patchworkz™
"BFG-Professor Fizzwizzle" = Professor Fizzwizzle
"BFG-Professor Fizzwizzle and the Molten Mystery" = Professor Fizzwizzle and the Molten Mystery
"BFG-Riddles of Fate - Into Oblivion" = Riddles of Fate: Into Oblivion
"BFG-Scrabble" = Scrabble
"BFG-The Amazing Brain Train" = The Amazing Brain Train
"BFG-Viking Saga - New World" = Viking Saga: New World
"BFG-World Mosaics" = World Mosaics
"BFG-World Mosaics 6" = World Mosaics 6
"Cook'n" = Cook'n
"Everyday Jigsaw" = Everyday Jigsaw
"FoozKids" = Fooz Kids
"FreeHearts" = 100% Free Hearts 7.42
"GeniusBox" = GeniusBox 2.0
"Google Chrome" = Google Chrome
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"Kobo" = Kobo
"KraiSoft Games Launcher" = KraiSoft Games Launcher
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"NutriBase 5 Plus v.5.17 Uninstall" = NutriBase 5 Plus v.5.17
"Picasa 3" = Picasa 3
"WildTangent acer Master Uninstall" = Acer Games
"WinLiveSuite" = Windows Live Essentials
"WTA-05dd85d7-e480-43e4-b0c9-ffd1c80dba05" = Polar Bowler
"WTA-0a22fb9c-2f13-4f4f-9b0f-e781479788cd" = Build-a-lot 4 - Power Source
"WTA-2459a356-fde8-47b8-92f7-b07e43913240" = Bejeweled 2 Deluxe
"WTA-27a96be9-dc0d-41bb-a652-03cdf2d06aa1" = Torchlight
"WTA-3af15a87-159a-44a5-bc7d-ce95df73728b" = Chronicles of Albian
"WTA-44518fa7-ec62-428c-a550-b5ed577e0acf" = Final Drive: Nitro
"WTA-48854e1c-d1fb-436e-8c91-22078f8c7961" = Agatha Christie - Death on the Nile
"WTA-53766960-24cd-4888-872a-5e56b720ed66" = Dora's World Adventure
"WTA-6eca25dc-9b8b-41e2-8af4-a74d149e463e" = Mystery of Mortlake Mansion
"WTA-73ba7507-e28c-49b8-86a1-c3989ea76da5" = Virtual Villagers 5 - New Believers
"WTA-8554ed51-3b68-492e-b596-73af78930e7c" = Jewel Match 3
"WTA-9160b757-1644-4fd9-9b5a-b67699a0d29c" = Penguins!
"WTA-97662c15-4c6f-4497-9f3d-cd30a2328883" = FATE: The Cursed King
"WTA-a54f5db7-51bf-47e4-ab4e-24b570f7696e" = Governor of Poker 2 Premium Edition
"WTA-aa77aad7-d227-40dc-86af-0c52d8ec0a88" = Polar Golfer
"WTA-acf866a9-d0dd-40b4-b1c0-78ab46c84e4b" = Chuzzle Deluxe
"WTA-d1765cd8-c911-46a5-9d63-a5a761a9f8d7" = Plants vs. Zombies - Game of the Year
"WTA-d7e13c16-1aa0-493c-ab2e-e34dbb5a7b4a" = Cradle of Rome 2
"WTA-ed56c021-644d-4639-bb0b-c8188c208027" = Zuma's Revenge

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 22/11/2014 10:18:49 AM | Computer Name = Darlene-laptop | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Failed auto update retrieval of third-party root certificate from:
<http://ctldl.windowsupdate.com/msdow...A77BB70D54.crt>
with error: The specified server cannot perform the requested operation. .

Error - 22/11/2014 10:18:49 AM | Computer Name = Darlene-laptop | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Failed auto update retrieval of third-party root certificate from:
<http://ctldl.windowsupdate.com/msdow...A77BB70D54.crt>
with error: The specified server cannot perform the requested operation. .

Error - 22/11/2014 10:18:49 AM | Computer Name = Darlene-laptop | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Failed auto update retrieval of third-party root certificate from:
<http://ctldl.windowsupdate.com/msdow...A77BB70D54.crt>
with error: The specified server cannot perform the requested operation. .

Error - 25/11/2014 12:52:58 PM | Computer Name = Darlene-laptop | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 34c8 Start
Time: 01d008cd3eb29a09 Termination Time: 0 Application Path: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Report Id:

Error - 25/11/2014 3:54:15 PM | Computer Name = Darlene-laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 25/11/2014 6:18:25 PM | Computer Name = Darlene-laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15569

Error - 25/11/2014 6:18:25 PM | Computer Name = Darlene-laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15569

Error - 25/11/2014 8:15:34 PM | Computer Name = Darlene-laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 25/11/2014 8:15:34 PM | Computer Name = Darlene-laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1139

Error - 25/11/2014 8:15:34 PM | Computer Name = Darlene-laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1139

[ System Events ]
Error - 06/01/2015 1:32:52 PM | Computer Name = Darlene-laptop | Source = ipnathlp | ID = 31004
Description =

Error - 06/01/2015 1:32:52 PM | Computer Name = Darlene-laptop | Source = ipnathlp | ID = 30013
Description =

Error - 06/01/2015 8:52:34 PM | Computer Name = Darlene-laptop | Source = ipnathlp | ID = 31004
Description =

Error - 06/01/2015 8:52:34 PM | Computer Name = Darlene-laptop | Source = ipnathlp | ID = 30013
Description =

Error - 06/01/2015 9:06:38 PM | Computer Name = Darlene-laptop | Source = ipnathlp | ID = 31004
Description =

Error - 06/01/2015 9:06:39 PM | Computer Name = Darlene-laptop | Source = ipnathlp | ID = 30013
Description =

Error - 06/01/2015 11:25:04 PM | Computer Name = Darlene-laptop | Source = ipnathlp | ID = 31004
Description =

Error - 06/01/2015 11:25:04 PM | Computer Name = Darlene-laptop | Source = ipnathlp | ID = 30013
Description =

Error - 07/01/2015 10:47:13 AM | Computer Name = Darlene-laptop | Source = ipnathlp | ID = 34001
Description =

Error - 07/01/2015 10:47:13 AM | Computer Name = Darlene-laptop | Source = ipnathlp | ID = 30013
Description =


< End of report >

Hi,
So my old computer frequently had viruses, key loggers, and other malware and I am afraid that one or more of theses buggers might be present on one or both of my external drives. I recently purchased a new macbook pro and I will be installing parallels on it but I am afraid to use the external drives on it and my other laptop. The laptop that it is attached to now is a very old one so I am not to concerned if the drives infect it. Could someone help me verify that there isn't any malware on the external dives from my previous system.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD C-50 Processor, AMD64 Family 20 Model 1 Stepping 0
Processor Count: 2
RAM: 7786 Mb
Graphics Card: AMD Radeon HD 6250 Graphics, 384 Mb
Hard Drives: C: Total - 219240 MB, Free - 157205 MB; D: Total - 14969 MB, Free - 1663 MB; E: Total - 4055 MB, Free - 1108 MB; G: Total - 953853 MB, Free - 839631 MB; H: Total - 953835 MB, Free - 642695 MB;
Motherboard: Hewlett-Packard, 3577
Antivirus: Webroot SecureAnywhere, Updated and Enabled

Thanks for the update, a reformat & reinstall really is the best option when dealing with Ramnit, that is one very nasty infection.

If we are done hit the "Mark Solved" tab at the top of the thread to close out...

Read the following link to fully understand PC security and best practices, you may find it useful....

http://www.bleepingcomputer.com/foru.../#entry2316629

It was a pleasure to work with you, take care and surf safe,

Kevin...

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i3-3220T CPU @ 2.80GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 6032 Mb
Graphics Card: Intel(R) HD Graphics, -1984 Mb
Hard Drives: C: Total - 452094 MB, Free - 391965 MB;
Motherboard: SAMSUNG ELECTRONICS CO., LTD., DP500A2D-A01UB
Antivirus: AVG AntiVirus Free Edition 2015, Updated and Enabled

Hi,

I am getting pop-ups like crazy and this computer is running really slow. It won't run a lot of programs, and some of the games my niece/nephew play are super slow or freeze. The screen saver will start running really fast and won't stop without turning off the computer. There are a lot of games on here :eek: but I wasn't sure if they all needed to be removed or not. This computer is supposed to be for the kids' homework and gaming but right now it's barely running. Please help.

Shonda

I ran AdwCleaner but didn't clean anything. I just saved the report:

# AdwCleaner v4.107 - Report created 08/01/2015 at 08:43:51
# Updated 07/01/2015 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : tanga_000 - KIDS
# Running from : C:\Users\tanga_000\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater18.1.9
Service Found : Orbiter

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\tanga_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Found : C:\Users\tanga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Found : C:\Users\tanga_000\Desktop\Live PC Help.lnk
File Found : C:\WINDOWS\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Found : C:\Program Files (x86)\AVG Security Toolbar
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Delta
Folder Found : C:\Program Files (x86)\Movies Toolbar
Folder Found : C:\Program Files (x86)\Search Results Toolbar
Folder Found : C:\Program Files (x86)\WebCake
Folder Found : C:\Program Files\Conduit
Folder Found : C:\ProgramData\5041fd27aa5e4ac2
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AVG SafeGuard toolbar
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\BitGuard
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\downloaDiTkeep
Folder Found : C:\ProgramData\dtdata
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tech Hotline
Folder Found : C:\ProgramData\PCFixSpeed
Folder Found : C:\ProgramData\PrionuceCCoupon
Folder Found : C:\ProgramData\Systweak
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\wincert
Folder Found : C:\Users\Public\Util
Folder Found : C:\Users\tanga_000\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\tanga_000\AppData\Local\Conduit
Folder Found : C:\Users\tanga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\Users\tanga_000\AppData\Local\iLivid
Folder Found : C:\Users\tanga_000\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found : C:\Users\tanga_000\AppData\LocalLow\Conduit
Folder Found : C:\Users\tanga_000\AppData\LocalLow\Delta
Folder Found : C:\Users\tanga_000\AppData\LocalLow\ilividtoolbargaw
Folder Found : C:\Users\tanga_000\AppData\Roaming\BabSolution
Folder Found : C:\Users\tanga_000\AppData\Roaming\Babylon
Folder Found : C:\Users\tanga_000\AppData\Roaming\DigitalSites
Folder Found : C:\Users\tanga_000\AppData\Roaming\DSite
Folder Found : C:\Users\tanga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Found : C:\Users\tanga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
Folder Found : C:\Users\tanga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vosteran
Folder Found : C:\Users\tanga_000\AppData\Roaming\PC Tech Hotline
Folder Found : C:\Users\tanga_000\AppData\Roaming\Systweak
Folder Found : C:\Users\tanga_000\AppData\Roaming\UpdaterEX
Folder Found : C:\Users\tanga_000\AppData\Roaming\VOPackage
Folder Found : C:\WINDOWS\SysWOW64\SearchProtect

***** [ Scheduled Tasks ] *****

Task Found : Advanced System Protector
Task Found : advanced-System Protector_startup
Task Found : DSite
Task Found : DefaultCheck
Task Found : DefaultReg
Task Found : Default2Check

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll
Key Found : HKCU\Software\96da8db03de543
Key Found : HKCU\Software\APN DTX
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Smartbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\BABSOLUTION
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\gameo
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\ilividtoolbargaw
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{549F5407-7804-43F0-AF42-EAA8C14AD1D8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F0F5CD06-83B8-4B7C-AF23-F9863945AA8C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\torch
Key Found : HKCU\Software\UpdaterEX
Key Found : HKCU\Software\Vosteran
Key Found : [x64] HKCU\Software\APN DTX
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : [x64] HKCU\Software\BABSOLUTION
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Delta
Key Found : [x64] HKCU\Software\gameo
Key Found : [x64] HKCU\Software\ilivid
Key Found : [x64] HKCU\Software\ilividtoolbargaw
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{549F5407-7804-43F0-AF42-EAA8C14AD1D8}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F0F5CD06-83B8-4B7C-AF23-F9863945AA8C}
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\torch
Key Found : [x64] HKCU\Software\UpdaterEX
Key Found : [x64] HKCU\Software\Vosteran
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\{F2E9660B-98AF-42c0-8258-9CDDF07BF95D}
Key Found : HKLM\SOFTWARE\96da8db03de543
Key Found : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Boost
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4277F7CF-0000-46CF-BA49-D624465C4BAB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{88AF4F6A-C6B7-4229-9275-824E98BF97F9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Found : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Delta
Key Found : HKLM\SOFTWARE\Driver-Soft
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\iLividSRTB
Key Found : HKLM\SOFTWARE\InstallCore
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C5CBB76-7379-4490-AA5B-B037C0A36381}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{021C6667-63D3-4416-B537-865E77F4DF4F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\ORBTR
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\torch
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : HKLM\SOFTWARE\Video Converter
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v41.0.2251.0

[C:\Users\tanga_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\tanga_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\tanga_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=390&systemid=406&v=a12712-115&apn_uid=5405241825924204&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={se archTerms}
[C:\Users\tanga_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3300039&SearchSource=45&q={searchTerms}
[C:\Users\tanga_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3300039&SearchSource=45&q={searchTerms}
[C:\Users\tanga_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=kw&q={searchTerms}&locale=en_US&a pn_ptnrs=^TV&apn_dtid=^OSJ000^YY^US&apn_uid=CA576AA8-AA91-471F-970F-BFDD2560B12E&apn_sauid=207225F6-F5BC-441F-8ADB-AC11E0EADD3D
[C:\Users\tanga_000\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=kw&q={searchTerms}&locale=en_US&a pn_ptnrs=^TV&apn_dtid=^OSJ000^YY^US&apn_uid=CA576AA8-AA91-471F-970F-BFDD2560B12E&apn_sauid=207225F6-F5BC-441F-8ADB-AC11E0EADD3D

*************************

AdwCleaner[R0].txt - [20543 octets] - [28/11/2014 19:35:46]
AdwCleaner[R1].txt - [22279 octets] - [08/01/2015 08:43:51]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [22340 octets] ##########

Great, thanks!