I continue to get some kind of windows error and the culprit seems to be this "Finding Discount" that I can't uninstall because it trys to get me to click on a web page link to do it, and I'm sure that will only make matters worse. Here is what I have done so far based on what I saw on another forum:
My PC info:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 64 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, Intel64 Family 6 Model 23 Stepping 7
Processor Count: 4
RAM: 4084 Mb
Graphics Card: Intel(R) G33/G31 Express Chipset Family, 320 Mb
Hard Drives: C: Total - 461899 MB, Free - 89419 MB; D: Total - 14999 MB, Free - 7274 MB;
Motherboard: Dell Inc., 0FM586
Antivirus: PC Cleaner Pro, Updated: Yes, On-Demand Scanner: Disabled

I downloaded adwcleaner and ran it and got this log:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 64 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, Intel64 Family 6 Model 23 Stepping 7
Processor Count: 4
RAM: 4084 Mb
Graphics Card: Intel(R) G33/G31 Express Chipset Family, 320 Mb
Hard Drives: C: Total - 461899 MB, Free - 89419 MB; D: Total - 14999 MB, Free - 7274 MB;
Motherboard: Dell Inc., 0FM586
Antivirus: PC Cleaner Pro, Updated: Yes, On-Demand Scanner: Disabled
then I ran FRST and got this:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 64 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, Intel64 Family 6 Model 23 Stepping 7
Processor Count: 4
RAM: 4084 Mb
Graphics Card: Intel(R) G33/G31 Express Chipset Family, 320 Mb
Hard Drives: C: Total - 461899 MB, Free - 89419 MB; D: Total - 14999 MB, Free - 7274 MB;
Motherboard: Dell Inc., 0FM586
Antivirus: PC Cleaner Pro, Updated: Yes, On-Demand Scanner: Disabled
and:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-05-2015
Ran by Teri at 2015-05-26 21:26:55
Running from C:\Users\Teri\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2921958453-311441876-30025052-500 - Administrator - Disabled)
Bukoskie (S-1-5-21-2921958453-311441876-30025052-1002 - Limited - Enabled) => C:\Users\Bukoskie
Cowgirl's Folder (S-1-5-21-2921958453-311441876-30025052-1004 - Limited - Enabled) => C:\Users\Cowgirl's Folder
Guest (S-1-5-21-2921958453-311441876-30025052-501 - Limited - Disabled)
Jerod Rocks (S-1-5-21-2921958453-311441876-30025052-1008 - Limited - Enabled) => C:\Users\Jerod Rocks
Paul Mccartney (S-1-5-21-2921958453-311441876-30025052-1010 - Limited - Enabled) => C:\Users\Paul Mccartney
Sara (S-1-5-21-2921958453-311441876-30025052-1006 - Limited - Enabled) => C:\Users\Sara
Teri (S-1-5-21-2921958453-311441876-30025052-1000 - Administrator - Enabled) => C:\Users\Teri

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.175 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD 0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Reader 9.5.0 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AVS Audio Editor 7.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.2.488 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.2 build 4667 (Jan-19-2015) - Carbonite)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Digital Atmosphere 2.07 Standard (HKLM-x32\...\Digital-Atmosphere-2009-Series_is1) (Version: - )
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Evernote v. 5.4.1 (HKLM-x32\...\{A5F7DF42-F67D-11E3-B7EB-00163E98E7D6}) (Version: 5.4.1.3962 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FamilySearch Indexing 3.24.2 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.24.2 - FamilySearch)
FindingDiscount (HKLM-x32\...\FindingDiscount) (Version: - )
Free YouTube Download Manager (HKLM-x32\...\{d30bef4f-4150-4be8-98e2-69de77cc27c6}) (Version: 1.0.0.22 - Freetec)
Free YouTube Download Manager (x32 Version: 1.0.0.22 - Freetec) Hidden
Free YouTube Download version 3.2.33.424 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.33.424 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 7520 series Basic Device Software (HKLM\...\{B2903FFC-7AFD-4D29-8CEE-D5BDC5F4C38F}) (Version: 28.0.989.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Help (HKLM-x32\...\{08295D09-E002-48F8-905D-34E4B08509BA}) (Version: 28.0.0 - Hewlett Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{952DCCD8-4039-46C8-BC8B-5C1EB6C8E130}) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
NaturalReaderFree (HKLM-x32\...\{C5E7BF75-007E-44AD-8962-627ED44CB63B}) (Version: 11.8 - NaturalSoft)
Nero 2014 (HKLM-x32\...\{0128492C-AB60-43BE-9D9A-8CA622CAF06E}) (Version: 15.0.07700 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2921958453-311441876-30025052-1000\...\Spotify) (Version: 1.0.5.186.ga9c24d6a - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

12-05-2015 00:00:02 Scheduled Checkpoint
13-05-2015 00:00:02 Scheduled Checkpoint
14-05-2015 01:54:12 Scheduled Checkpoint
15-05-2015 00:00:10 Scheduled Checkpoint
15-05-2015 18:44:58 Garmin Express
17-05-2015 00:00:01 Scheduled Checkpoint
19-05-2015 02:04:29 Scheduled Checkpoint
20-05-2015 23:30:37 Scheduled Checkpoint
21-05-2015 23:42:28 Scheduled Checkpoint
23-05-2015 00:00:03 Scheduled Checkpoint
24-05-2015 12:13:14 Scheduled Checkpoint
25-05-2015 00:30:44 Scheduled Checkpoint
26-05-2015 00:20:30 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 07:34 - 2006-09-18 16:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F1718D-5FF5-430B-BD7A-1109F74F8211} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2921958453-311441876-30025052-1008 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {03E32A9C-2B4B-4C98-AFDE-F1D84FD95A36} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2921958453-311441876-30025052-1010 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {066F08D1-08C1-4165-91CC-2CC4D5BB6F28} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2921958453-311441876-30025052-1010 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {07B48FBC-14B9-4B04-A53F-C74CC48540D6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2921958453-311441876-30025052-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {0DC7433F-C6EF-4D11-8A2A-784545A35B3A} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2921958453-311441876-30025052-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {0E6D9858-741A-4EFD-B211-2481AD45B96B} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {136C916A-24BE-46FB-A46D-6A5F3D4DFA4E} - System32\Tasks\GoogleUpdateTaskMachineUA1d0901248e7db70 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-24] (Google Inc.)
Task: {15E4E066-A07E-4C53-B36E-34CD3883CDE3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2921958453-311441876-30025052-1002Core => C:\Users\Bukoskie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-03] (Facebook Inc.)
Task: {1B11F7D9-C205-4105-90F5-0DE3AD12C3BB} - System32\Tasks\AdobeAAMUpdater-1.0-Bukoskie-PC-Bukoskie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {285FB4EF-655A-4882-A5D4-21098334CC04} - System32\Tasks\GoogleUpdateTaskMachineCore1d040261e72f690 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-24] (Google Inc.)
Task: {2F24AA85-3821-4839-9251-4176211218E7} - \DealPly No Task File <==== ATTENTION
Task: {3320355D-CA75-42D0-B821-0E7792F27B0A} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {49358E5C-7354-45A5-8EDB-F3DC23CB93D5} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8bbb67ce8c3f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-24] (Google Inc.)
Task: {4B2D35B7-3CA0-4C19-969D-06BC62B05FEC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {4C4CD1E4-E068-4C90-BCE6-29B8CB1AEF79} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2921958453-311441876-30025052-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {562CD2BC-4C9E-4CD7-8AEA-95DA7B771E47} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
Task: {69BEB595-A74B-4D8C-9ACD-8A33DE47598A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2921958453-311441876-30025052-1010 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6F3EE280-A92A-4067-9270-A81CC93A5815} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2921958453-311441876-30025052-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {73111922-586A-4B66-A0F4-24FA785C29B0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2921958453-311441876-30025052-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {75DD1725-4C52-4744-959B-88428A26BE56} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Teri => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {79BA8C65-0584-4BA2-AB54-A33C71AF60D5} - System32\Tasks\GoogleUpdateTaskMachineUA1cfff0ef7b2f30 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-24] (Google Inc.)
Task: {88C0F837-C8BB-4552-BFF9-459559D7CE3B} - System32\Tasks\AdobeAAMUpdater-1.0-Bukoskie-PC-Paul Mccartney => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {8C69032B-902A-4AB2-B5CB-16CA3E3BAC27} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {8E8EBA43-4C78-411E-A33B-C5428BC60344} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2921958453-311441876-30025052-1010 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {90EDA80A-46AA-4D19-BA41-221B565C6263} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2921958453-311441876-30025052-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {93013C69-2B3E-4296-A22D-20E2DA557CF7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2921958453-311441876-30025052-1002UA => C:\Users\Bukoskie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-03] (Facebook Inc.)
Task: {A134D8F6-4AC4-46EC-BD17-2C7CB0FF8D0B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {A89DABCF-E524-44EC-A3FF-300377D6606A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2921958453-311441876-30025052-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {AC22EA48-7126-4076-A701-1516371F3A32} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B43825FB-37E0-40AE-BFEF-57402F749E11} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-24] (Google Inc.)
Task: {B9ED0D84-A317-4375-8393-A6A2F2FB52E7} - System32\Tasks\AdobeAAMUpdater-1.0-Bukoskie-PC-Teri => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {BA9DC144-DC8D-4E2D-8A99-1E377A76C1F5} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02] (Adobe Systems Incorporated)
Task: {C1AC5E75-5556-4D56-A13A-B6CA3B5AD68C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2921958453-311441876-30025052-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {C47A0150-2799-47F4-8FA8-071502B007EB} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-12-10] (RealNetworks, Inc.)
Task: {C7292358-16C1-4130-B119-FE8FDE924C09} - \AmiUpdXp No Task File <==== ATTENTION
Task: {D017803A-43B2-417E-8279-0A141B596453} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2921958453-311441876-30025052-1008 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D9ACAD8A-F9F8-413A-A662-0EF0847596F1} - System32\Tasks\AdobeAAMUpdater-1.0-Bukoskie-PC-Cowgirl's Folder => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {DCA41DC9-352E-41B0-8C2F-085BF170E0DC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2921958453-311441876-30025052-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E406704A-86C6-4952-B5A5-76C4AB7C01A0} - System32\Tasks\GoogleUpdateTaskMachineCore1cfec5b237f0620 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-24] (Google Inc.)
Task: {EBDADCE5-EE24-4BF2-87CC-B7E582C1C795} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2921958453-311441876-30025052-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EF0519E7-59AF-4F37-8B0D-5AD47452C8C4} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2921958453-311441876-30025052-1010 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F01E6084-F749-42BE-912A-FE9378F01634} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2921958453-311441876-30025052-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F5FFD76C-021D-4547-AFBB-9B4F3B33D08D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2921958453-311441876-30025052-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {FB88A033-EBF9-428D-9027-3052DA16C6B2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2921958453-311441876-30025052-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2921958453-311441876-30025052-1002Core.job => C:\Users\Bukoskie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2921958453-311441876-30025052-1002UA.job => C:\Users\Bukoskie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec5b237f0620.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d040261e72f690.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8bbb67ce8c3f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff0ef7b2f30.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0901248e7db70.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-01-02 07:07 - 2009-11-04 14:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeadrpp.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2009-10-14 14:36 - 2009-10-14 14:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 14:34 - 2009-10-14 14:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-05-25 17:29 - 2015-05-22 15:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Teri\Downloads\Christmas Mass 730 am.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2921958453-311441876-30025052-1000\...\vizzed.com -> www.vizzed.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2921958453-311441876-30025052-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Teri\Pictures\2015\Shrek 03 29 2015\IMGP5517.JPG
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{0DC48D50-D5D5-417B-8D2D-1979A03B2AEB}] => (Allow) LPort=80
FirewallRules: [{6B0989A7-B37A-4EB4-8DB0-1E29DDCA5671}] => (Allow) LPort=80
FirewallRules: [{DE51B373-DDED-44BD-8DAB-B2E8676E0FFC}] => (Allow) LPort=80
FirewallRules: [{A455E8BC-BAA0-4C0D-BEDE-447AB6593529}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{63665E10-A03F-4BB8-BB4D-D89322BBB2E1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE633EE6-FD3D-4EEE-8745-B05E03582BC8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6779FE28-CF3C-45D3-BC48-8D19FBFC2A20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3292E6CC-CC29-4FBE-86D1-930BEE7D10BD}] => (Allow) C:\Windows\system32\lxeacoms.exe
FirewallRules: [{3462FF10-1767-4FCE-8918-F7B894BE05FC}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{0F73C9E5-EFC4-49F3-A7A0-6BB9524E5C82}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{A496220C-3AD2-4F15-BD1E-06DC8B595DC5}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{25EA39D5-77F5-4777-BD07-CBD268ED8054}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7A2EF3F9-004B-4048-BE57-6FAEC9C60B01}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{5936F0AB-60BB-45A9-8649-BE43B3D145E6}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{E285B7C4-F0B5-4393-919A-CA7E5B44ACD3}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{413500BA-F55D-482A-A2EF-E5FF15EC92BF}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{88CE16BD-C348-40B4-9EAF-7675C27FD7AC}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{F9543CF0-F74B-428C-8A2D-D8B7C120FE71}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2EFD07B5-40F7-4E1B-AB17-D75938BAF459}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe
FirewallRules: [{0B6DF702-8716-44B4-AAEB-EC61867C97F9}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe
FirewallRules: [{95962F62-5063-4B57-BBC4-6A04116A1622}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe
FirewallRules: [{3F16EFD2-C59D-4101-A5F1-BD40FD276D7C}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe
FirewallRules: [{FFB46145-376F-47E4-88C1-A1627736F1B0}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{6872441C-2DBC-46AE-8A2A-D94E1EBFC491}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{091E43ED-0B8D-4AEB-A847-3BB3FF959CDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{573FC224-4F2A-420C-B66D-8C5D5CAB219D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A66E7CC6-810A-42CC-8459-24C07499C5E5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft Tun Miniport Adapter #2
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/26/2015 09:21:41 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (05/26/2015 09:21:41 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (05/26/2015 09:21:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (05/26/2015 09:21:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (05/26/2015 09:21:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (05/26/2015 09:21:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (05/26/2015 09:21:17 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (05/26/2015 09:21:17 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (05/26/2015 09:21:12 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (05/26/2015 09:21:12 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (05/26/2015 09:15:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (05/26/2015 09:14:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (05/26/2015 09:12:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (05/26/2015 09:11:23 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a54\??\C:\Windows\ServiceProfiles\LocalService\ntuser.dat

Error: (05/26/2015 09:07:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Software Licensing23000001Restart the service

Error: (05/26/2015 09:07:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: CarboniteService2600001Restart the service

Error: (05/26/2015 09:07:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Print Spooler2600001Restart the service

Error: (05/26/2015 09:07:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Apple Mobile Device Service2600001Restart the service

Error: (05/26/2015 09:07:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search2300001Restart the service

Error: (05/26/2015 09:07:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Media Player Network Sharing Service2300001Restart the service


Microsoft Office:
=========================
Error: (05/26/2015 09:21:41 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES

Error: (05/26/2015 09:21:41 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES

Error: (05/26/2015 09:21:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS

Error: (05/26/2015 09:21:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS

Error: (05/26/2015 09:21:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES

Error: (05/26/2015 09:21:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES

Error: (05/26/2015 09:21:17 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS

Error: (05/26/2015 09:21:17 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS

Error: (05/26/2015 09:21:12 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS

Error: (05/26/2015 09:21:12 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\TERI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS


CodeIntegrity Errors:
===================================
Date: 2015-05-07 20:34:17.781
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 20:34:17.572
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 20:34:16.809
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 20:34:16.607
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-29 22:04:14.684
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-29 22:04:14.469
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-29 22:04:13.164
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-29 22:04:12.955
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-29 21:59:24.017
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-29 21:59:23.814
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 63%
Total physical RAM: 4084.27 MB
Available physical RAM: 1502.43 MB
Total Pagefile: 8343.79 MB
Available Pagefile: 5576.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:87.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:7.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 19F5C167)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=451.1 GB) - (Type=07 NTFS)

==================== End of log ============================

Now what? Thank you.

Hi clariss,

Welcome to Tech Support Guy. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:

• Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
• All of the assistants and staff at Tech Support Guy are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date.
• Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
• If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
• While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
• Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
• Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  
  
  - Save ALL Tools to your Desktop-
  
  All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
  
  Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
  Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the
  "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
  Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
  and the click the "Select Folder" button. Click OK to get out of the Options menu.
  Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
  select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
  NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Let's get started....

Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.

• Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• If an update is available, the program will inform you and download the update. Allow it do this please.
• Once the tool shows "The tool is ready to use." message, please press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

that would suggest a possibility of malware

lease download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to download and run the appropriate version for your system

• Right click to run as administrator. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Results of screen317's Security Check version 1.002
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Webroot SecureAnywhere
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
SUPERAntiSpyware Professional
Java 7 Update 65
Java version 32-bit out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader XI
Mozilla Firefox (38.0.1)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````









# AdwCleaner v4.205 - Logfile created 27/05/2015 at 10:07:38
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Lorrie - BEAN-PC
# Running from : C:\Users\Lorrie\Desktop\adwcleaner_4.205.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\Program Files (x86)\Freeze.com
Folder Deleted : C:\Program Files (x86)\Uniblue
Folder Deleted : C:\Users\John\AppData\Local\SanctionedMedia
Folder Deleted : C:\Users\John\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\John\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\John\AppData\Roaming\Systweak
Folder Deleted : C:\Users\John\AppData\Roaming\UpdaterEX
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\w4455l7m.default\sea rchplugins\ask-search.xml
File Deleted : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\w4455l7m.default\sea rchplugins\ask-web-search.xml
File Deleted : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\w4455l7m.default\sea rchplugins\astromenda.xml
File Deleted : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\w4455l7m.default\use r.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\WildBlue.js

***** [ Scheduled tasks ] *****

Task Deleted : ASP

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\ShoppingReport
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.1 (x86 en-US)

[w4455l7m.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[w4455l7m.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[w4455l7m.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
[w4455l7m.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "1379af22c0384523f9d0d558a104efc0");
[w4455l7m.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
[w4455l7m.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
[w4455l7m.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._29Members_.hp.user.defined", true);
[w4455l7m.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.hp.user.defined", true);
[w4455l7m.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[w4455l7m.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[w4455l7m.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "headlinealley@mindspark.com");

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [5241 bytes] - [27/05/2015 10:04:28]
AdwCleaner[S0].txt - [5290 bytes] - [27/05/2015 10:07:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5349 bytes] ##########







~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.1 (05.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by Lorrie on Wed 05/27/2015 at 12:53:52.45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{ABD3B5E1-B268-407B-A150-2641DAB8D898}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApprove d\{11111111-1111-1111-1111-110011341191}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ex plorer\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}



~~~ Files

Successfully deleted: [File] C:\Windows\wininit.ini



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{1454EC2A-ECC4-4D4B-ABCC-153B0C0AFAA7}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{174B14E9-6057-41D0-A035-5668ACFE2303}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{1B63357E-8D50-4EF0-8487-DFF22428FEA0}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{2FD92D6D-81B4-4F64-94B9-832031FBCA4D}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{3E204F07-5373-4FEE-9917-F3E401B6478B}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{42B5F201-A353-4904-A083-776844ABC135}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{46E39CE5-4302-45FF-8C51-6D16ED298CBD}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{4972E837-9E5D-4589-9E29-1DCC355D605F}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{4B60E151-0AFB-4583-BB13-480149740613}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{5DEC988E-B674-4608-95A4-D994A8736BE5}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{5EF97AC6-D4CB-4397-821F-98BCC3E40600}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{6AE5012A-A29B-435E-BC0C-B903543FF1F2}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{81A4670A-4BEF-4349-A365-C0F7032EAF4A}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{86BBE55F-A4C6-4BC8-8418-63899B8AFE55}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{9100ACBB-F23A-4DA7-A4A4-9AEE01050379}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{9127DF9E-4E07-4530-BE9C-4989A4056549}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{91881166-EF7A-4265-B957-BE272B6DAA0F}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{99938DED-8287-457C-82E9-17EA4AB3151D}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{9D223184-0590-47AC-83C6-066DC7F57F5F}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{CB432335-75E5-4D8C-9D49-3216AC3FD284}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{D516D329-C100-4CCF-92A7-E307D77F1108}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{D82516F0-6AE7-4441-8EF1-466DDD5280C9}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{DE9C6B89-BBB8-40F9-9001-EF097FBBCC4A}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{E0C4C80B-297D-48B1-873B-CC68CAAAA8D1}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{E26CADFD-4C4F-424F-A248-B2C157934683}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{E9CAF884-6E96-4008-B01B-53E1C2458864}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{EABA9B55-A06A-4F96-B54A-1CCEC55D6690}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{EEA9CA41-A763-472B-A9F0-CEC9D5D8B11C}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{FA57F04D-53ED-4CB1-BA20-2D0DA4C1637D}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{FCC92039-6889-49EA-A534-B8C77187B275}
Successfully deleted: [Empty Folder] C:\Users\Lorrie\appdata\local\{FE50F368-607B-4B3C-93FB-AF5F920EC68F}
Successfully deleted: [Folder] C:\Program Files (x86)\Common Files\homepage protection
Successfully deleted: [Folder] C:\Users\Lorrie\appdata\local\packageaware
Successfully deleted: [Folder] C:\Users\Lorrie\appdata\locallow\hotbar
Successfully deleted: [Folder] C:\Users\Lorrie\appdata\locallow\shoppingreport
Successfully deleted: [Folder] C:\Users\Lorrie\AppData\Roaming\iwin



~~~ FireFox

Successfully deleted: [File] C:\Users\Lorrie\AppData\Roaming\mozilla\firefox\profiles\iu627sg5.default\s earchplugins\askcom.xml
Successfully deleted: [File] C:\Users\Lorrie\AppData\Roaming\mozilla\firefox\profiles\iu627sg5.default\s earchplugins\astromenda.xml
Successfully deleted the following from C:\Users\Lorrie\AppData\Roaming\mozilla\firefox\profiles\iu627sg5.default\p refs.js

user_pref(browser.search.defaultengine, Ask.com);
user_pref(extensions.crossrider.bic, 1379a35c556e451efa59d00b9241cbb9);
Emptied folder: C:\Users\Lorrie\AppData\Roaming\mozilla\firefox\profiles\iu627sg5.default\m inidumps [65 files]







~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/27/2015 at 12:57:27.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

i have win8 and for some reason whenever i try to start some applications up they either crash or dont load. minecraft and google are some of the workign ones but 90% dont work :(. any ideas? remember i cant download anything bc if i do i cant run it without it crashing.

So I accidentally downloaded something and was able to remove it but now a huge chunk of my pictures are broken with .toxcrypt at the end of them. can I fix this?

Adwcleaner got it all
I couldn't see anything else wrong in the frst logs

you have malware that has probably disabled it

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to download and run the 64 bit version

• Right click to run as administrator. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

DO NOT change the text size in the reply or add additional formatting like changing type faces please

avirus has infected my computer and it running very slow and it changingthe home page on IE i did detectTech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz, Intel64 Family 6 Model 15 Stepping 6
Processor Count: 2
RAM: 3069 Mb
Graphics Card: NVIDIA GeForce 7300 LE, 128 Mb
Hard Drives: C: Total - 300434 MB, Free - 161599 MB; E: Total - 305243 MB, Free - 80138 MB;
Motherboard: Dell Inc., 0WG864
Antivirus: Microsoft Security Essentials, Updated and Enabled a file "DREGOL" I THINK I UNINSTALLED IT

My internet is running very slow. At times when I choose a link a random link with a different address pops up but is blocked off. One appeared called Ssl.gstatic.com, fls.doubleclick.net and vesteddigital.com. I have pop up blocker on and from time to time the CPU usage on the windows task manager jumps from 10% to 90%. I don't know why it's slowing down so much or if it has some sort of bug. I scanned it with malware on safe mode and it found 3 items. I quarantined them and it still is slow. Also I have to continuously press F8 when I turn my CPU on for my TV screen to register. This didn't happen before. Is there a way to fix these issues? Any help would be appreciated. Thanks.

Someone spoofed the email address of someone I regularly email and sent me an email with RAT malware. I contacted the person who's email address it was and they said they didn't send it.

I opened an email on my phone and someone was on my phone wihin 2 minutes. I was writing an email and they deleted the email address of one of my recipients.

I heard that doing a factory reset does not delete everything, if anything.

How can I clean my android smartphone so this malware is gone? It seems like the only way is to buy a new phone.

I have an lg 4.1.2 android. I ran a new version of malwarebytes but it didn't find anything.

Are there any tests you can run or simply removal software?

HD

moved to malware
Do not use spybot, it will cause more problems than it solves Spybot used to be good, but now is no longer a recommended security program

Step 1.

Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

hi all i hope someone can help me, i have had an issue with my wifi, but during the process of getting that fixed, alot of virus and malware was spotted, could someone help me with this, i have posted a log off adwcleaner i hope this helps thanks in advance

# AdwCleaner v4.205 - Logfile created 29/05/2015 at 20:52:50
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : kerry - KERRY-PC
# Running from : C:\Users\kerry\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : APNMCP
Service Found : PenWesController

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_aaaaaiabcopkplhgaedhbloeejhhankf_0.localstorage
File Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Folder Found : C:\Program Files (x86)\AskPartnerNetwork
Folder Found : C:\Program Files (x86)\Common Files\Spigot
Folder Found : C:\Program Files (x86)\Free Ride Games
Folder Found : C:\Program Files (x86)\gmsd_gb_380
Folder Found : C:\Program Files (x86)\PenWes
Folder Found : C:\ProgramData\{a00aa0d4-c52f-ba0a-a00a-aa0d4c528353}
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\AskPartnerNetwork
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\DSearchLink
Folder Found : C:\ProgramData\Free Ride Games
Folder Found : C:\ProgramData\iWin
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Folder Found : C:\ProgramData\PenWes
Folder Found : C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Found : C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Found : C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Found : C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found : C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found : C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found : C:\Users\kerry\AppData\Local\AskPartnerNetwork
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found : C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found : C:\Users\kerry\AppData\Local\gmsd_gb_380
Folder Found : C:\Users\kerry\AppData\Local\Temp\apn
Folder Found : C:\Users\kerry\AppData\Roaming\BabSolution
Folder Found : C:\Users\kerry\AppData\Roaming\Babylon
Folder Found : C:\Users\kerry\AppData\Roaming\iWin
Folder Found : C:\Users\kerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Found : C:\Users\kerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
Folder Found : C:\Users\kerry\AppData\Roaming\OpenCandy
Folder Found : C:\Users\kerry\AppData\Roaming\Run_Dregol

***** [ Scheduled tasks ] *****

Task Found : Periodic Synchronize Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\5b6d68ce06ebe41
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Software\Video-Saver-1
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\BABSOLUTION
Key Found : HKCU\Software\Conduit_Search_Protect
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DriverSupport
Key Found : HKCU\Software\GAMESDESKTOP
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\E92C1D74759C41868C6EBC1CA781B1A4
Key Found : HKCU\Software\SearchProtectINT
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\TutoTag
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\BABSOLUTION
Key Found : [x64] HKCU\Software\Conduit_Search_Protect
Key Found : [x64] HKCU\Software\DataMngr
Key Found : [x64] HKCU\Software\DriverSupport
Key Found : [x64] HKCU\Software\GAMESDESKTOP
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\E92C1D74759C41868C6EBC1CA781B1A4
Key Found : [x64] HKCU\Software\SearchProtectINT
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Tutorials
Key Found : [x64] HKCU\Software\TutoTag
Key Found : HKLM\SOFTWARE\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\GAMESDESKTOP
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_gb_380_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Penwes
Key Found : HKLM\SOFTWARE\Tutorials
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB58 57A57A0687786597A857BFFFFFF
Key Found : HKU\.DEFAULT\Software\AskPartnerNetwork
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_gb_380]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Google Chrome v43.0.2357.81

[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : pfndaklgolladniicklehhancnlgocpp
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : aaaaaiabcopkplhgaedhbloeejhhankf
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : pfndaklgolladniicklehhancnlgocpp
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : pfndaklgolladniicklehhancnlgocpp
[C:\Users\Alishas account\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://www.search.ask.com/?gct=hp
[C:\Users\kerry\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","ta bs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.ask.com/

-\\ Chromium v

[C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_fsvideosft_15_15&cd=2XzuyEtN2Y1L1Qzu0 CzzyCtDtDtDtDtB0ByE0F0C0D0B0BtDtN0D0Tzu0StCtCzytBtN1L2XzutAtFzytFzztFtBtN1L 1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyD0BtDtD0ByBtAzytGyCyC0AtAtGyB0Fz yyBtG0E0Azy0CtGtB0F0CyBzz0AtBtDyE0EyEyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztAtC0AtD 0AyB0FtGyDyDyByCtGyEyDyCzztGzzyDtCyBtG0EyB0DzzyC0BzzyB0EyDyEtB2QtN0A0LzuyE& cr=1344642341&ir=&uref=chmm
[C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Found [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","ta bs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.ask.com/
[C:\Users\kerry\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Found [Startup_URLs] : 74D06A39BC560C91CDE6FD115B95E0732DE9F22250B90E6477CDEA55EC3038CD"},"softwar e_reporter":{"prompt_reason":"5A1EEE6610B0E60FAD44D731D9768B67743F2307846BA 8C85E4A6884DBA2CC78","prompt_seed":"D12521B12F27ED8D55846D6FE25154BD2224208 4A3546A89F2435F0D6575A92E","prompt_version":"565C7DC33789AA140A0FFC230B569B 2F592F494FD1FE1EF8BAEA97F43DB5B49E"},"sync":{"remaining_rollback_tries":"33 0199A48C5F90321D74BF4A3B8CAD4B7FF7FA5817F414DCBE4E6C2F52FBDA56"}},"super_ma c":"A41FE3FCAFAC17173343EABBCC32573C8AFBC87FD8BBDEBFD8671A08FD13F245"},"sea rch_provider_overrides":[{"encoding":"UTF-8","favicon_url":"hxxp://www.dregol.com/favicon.ico

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [13597 bytes] - [29/05/2015 20:19:25]
AdwCleaner[R1].txt - [13655 bytes] - [29/05/2015 20:41:04]
AdwCleaner[R2].txt - [13352 bytes] - [29/05/2015 20:52:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [13412 bytes] ##########

Soooo lately encountered a little problem with my PC.

After I ran a malwarebytes hyper scan, it picked up two "unwanted" files from A-Z lyrics, I chose to delete them. However right after that when I wanted to resume my internet browsing, I found out that I kept getting DNS_PROBE_FINISHED_NXDOMAIN error. I googled around, tried every possible fix I found through my google searches(at least the ones I found on pages I was able to access), but none of them work. I decided to wipe OS and start fresh as I really had no time to screw around anymore, but before I did that I ran a system restore to a point made roughly 2 days before the incident. Turns out it fixed the issue.

However when I reinstalled malwarebytes today to run another scan, I encountered the same issue even though it picked up no threats. I quickly realized that since the internet worked fine before I got malwarebytes, its probably MWBytes fault, so I removed it, and voila, internet's back to normal.

This leads me to think that maybe I am in fact, infected with some sort of dodgy malware? I've had a couple of experiences in the past where viruses I picked up along my internetz travels ended up screwing with various programs making them act weird, so Im thinking this may also be the case.

Could someone walk me through the steps of checking if I am indeed infected, and if not, help me troubleshoot the malwarebytes issue?

Thanks,
Stanley.

I will try to remember everything, but essentially I have a lot of small problems currently.

My main issue which leads me to the possibility of a virus, is that I cannot run Malwarebytes. I've uninstalled/reinstalled, tried running the chameleon version, tried running off a usb. The process runs in the background, but I cannot see the actual window.

Other small issues include the computer not going to sleep when pressing the power button, the screen will shut off but the computer runs. My windows 8 tile homescreen no longer includes the "desktop" tile and I have no memory of removing it and am the only active user. Sometimes it seems like my soundcard disables itself, I'll have no sound and if I'm watching something like a video on youtube it will stop and say "an error has occurred". What's strange is if I put the computer to sleep and wake it back up, that usually resets it and I have sound and can watch a video again. I think that's more of a compatibility issue but thought it best to include just in case.

The computer is significantly slower but that just might be lack of maintenance on my part and keeping more on the internal drive that I typically do.

Computer info:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8, 64 bit
Processor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 8047 Mb
Graphics Card: Intel(R) HD Graphics 4000, -1984 Mb
Hard Drives: C: Total - 905399 MB, Free - 441249 MB; D: Total - 25599 MB, Free - 18858 MB; G: Total - 1430127 MB, Free - 754116 MB;
Motherboard: LENOVO, INVALID
Antivirus: Windows Defender, Disabled

Windows defender is actually enabled per the application but says disabled there so I'm not sure what that means.

I've run spybot and removed some malware but when I went to run Malwarebytes that's when I realized there was a much bigger issue and probably need some help.

Have noticed that browser is running very slow, especially on facebook. thought it was BestAd malware but removed this from registry files. I have now noticed all these "chat" things running at bottom left corner while playing on fb. What is this?

Grateful for any help I keep getting positive results for Conduit B from malwarebytes scans.
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz, Intel64 Family 6 Model 60 Stepping 3
Processor Count: 8
RAM: 16308 Mb
Graphics Card: Intel(R) HD Graphics 4600, -2016 Mb
Hard Drives: C: Total - 941031 MB, Free - 177497 MB; D: Total - 953866 MB, Free - 268824 MB;
Motherboard: Type2 - Board Vendor Name1, Type2 - Board Product Name1
Antivirus: Trend Micro Maximum Security, Updated: Yes, On-Demand Scanner: Enabled

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to download and run the 64 bit version

• Right click to run as administrator. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Hi

Please help!

My computer runs slow and has a very slow reaction time to commands.

It will at times no respond to commands and I have to hold the power button until it shuts it down.

HP Pavillion 6000 Laptop I've had since late 2005.
Windows XP
I have Zone Alarm and AVG for antivirus

Hi,

My laptop is running very slow and I need help with removing malware/virus. I've read the post about what needs to be included in the first post. Here are the results:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3 CPU U 330 @ 1.20GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 1909 Mb
Graphics Card: Intel(R) HD Graphics, 730 Mb
Hard Drives: C: Total - 225691 MB, Free - 80960 MB;
Motherboard: Dell Inc., 0K039P
Antivirus: Microsoft Security Essentials, Disabled

please help with this virus/malware removal to help my computer run good.

thanks.