Jump to content

namida12

Honorary Members
 View Profile  See their activity

  • Posts

    140

  • Joined

  • Last visited

Reputation

0 Neutral
  1. namida12
    Now after another reboot another windows update, and now in normal mode I get a black screen after welcome screen. Mouse is showing but no windows screen... I am currently in safe mode, with networking and was able to increase the screen display 1024 x 768 so I could read and type this message. Shutting down system from safe mode, and restarting in normal mode the system booted correctly. Strange happenings for me and this previously reliable system.
  2. namida12
    Spent 2 hours 37 minutes waiting for windows update this morning. Do I need to provide this info again after this update?
  3. namida12
    Can not sign into AOL - Get this address and not AOL https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=sns.mail.aol.com&seamless=novl&lang=en&locale=US&authLev=0&siteState=sid%3A4a732fef-6db5-4b84-8151-62d87fe21ea5|qp%3A|ld%3Amail.aol.com|uv%3AAOL|at%3ASNS|lc%3Aen_US|rt%3ASTD|snt%3AScreenName|&offerId=newmail-en-us-v2 FRST.txt Addition.txt Malwarebyte-scan.txt
  4. namida12
    It has not appeared for two days, lets close the thread. If the Driver Pop-up appears again I will try to reopen the thread, or start a new one if I am unable to reactivate this one. Maybe it was part of "Spyware Clear" infect with other software plan? Computer boots much faster, loads software faster. Overall this low powered computer system is much snappier getting the Rogue "Spyware Clear" out of this Win7 system. Very short @ the moment, but on Payday will see you have a beer or two on my donation. You have me breathing much easier, when I look or turn the computer on for internet, or email. Thanks again. JR
  5. namida12
    Checked, and this procedure has removed the "Spyware Clear reference in Control Panel> Programs... Still havent seen the popup to try and capture a screen JR Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2015 Ran by Harmon at 2015-02-05 15:48:21 Run:1 Running from C:\Users\Harmon\Desktop\JR Folder Loaded Profiles: Harmon (Available profiles: Harmon) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: EmptyTemp: [-HKEY_CURRENT_USER\Software\Spyware Clear] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E778C05E-AFF7-4924-B04A-D4084859D53A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Spyware Clear] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E778C05E-AFF7-4924-B04A-D4084859D53A}] [-HKEY_USERS\S-1-5-21-1194239397-2374196267-4070538924-1001\Software\Spyware Clear] ***************** Processes closed successfully. Restore point was successfully created. HKEY_CURRENT_USER\Software\Spyware Clear => Key Deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4} => Failed to delete key at first attempt (Error: C0000121), see next line. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4} => Key Deleted Successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E778C05E-AFF7-4924-B04A-D4084859D53A} => Failed to delete key at first attempt (Error: C0000121), see next line. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E778C05E-AFF7-4924-B04A-D4084859D53A} => Key Deleted Successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4} => Key Deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Spyware Clear => Failed to delete key at first attempt (Error: C0000121), see next line. HKEY_LOCAL_MACHINE\SOFTWARE\Spyware Clear => Key Deleted Successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E778C05E-AFF7-4924-B04A-D4084859D53A} => Failed to delete key at first attempt (Error: C0000121), see next line. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E778C05E-AFF7-4924-B04A-D4084859D53A} => Key Deleted Successfully. HKEY_USERS\S-1-5-21-1194239397-2374196267-4070538924-1001\Software\Spyware Clear => Key not found. EmptyTemp: => Removed 380.3 MB temporary data. The system needed a reboot. ==== End of Fixlog 15:49:13 ====
  6. namida12
    Certainly: The pop-up catches me unguarded and does not stay on screen long enough to copy. I will keep trying using print screen way... I also deleted all the programs, with a program you suggested... JR
  7. namida12
    What about the "Window Driver Download" popup? I am certain this is another lurking malware advertismnt. Is this popup comming from the remaining bits of Spyware Clear? SystemLook 30.07.11 by jpshortstuff Log created at 16:24 on 04/02/2015 by Harmon Administrator - Elevation successful ========== filefind ========== Searching for "*spyware clear*" No files found. ========== folderfind ========== Searching for "*spyware clear*" No folders found. ========== regfind ========== Searching for "spyware clear" [HKEY_CURRENT_USER\Software\Spyware Clear] [HKEY_CURRENT_USER\Software\Spyware Clear] "SHELL_MENU_ITEM_CAPTION"="Scan with Spyware Clear" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4}] @="Spyware Clear" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4}] "LocalizedString"="Spyware Clear" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4}] "System.Software.TasksFileUrl"="C:\ProgramData\Spyware Clear\SC_CPL.xml" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4}\DefaultIcon] @="C:\Program Files (x86)\Spyware Clear\SpywareClear.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4}\Shell\Open\Command] @="C:\Program Files (x86)\Spyware Clear\SpywareClear.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E778C05E-AFF7-4924-B04A-D4084859D53A}\InprocServer32] @="C:\Program Files (x86)\Spyware Clear\SCShell64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E778C05E-AFF7-4924-B04A-D4084859D53A}\InprocServer32] @="C:\Program Files (x86)\Spyware Clear\SCShell.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{8B01D4B7-0860-452C-AC2B-5CE0140C82D4}] @="Spyware Clear" [HKEY_LOCAL_MACHINE\SOFTWARE\Spyware Clear] [HKEY_LOCAL_MACHINE\SOFTWARE\Spyware Clear] "SHELL_MENU_ITEM_CAPTION"="Scan with Spyware Clear" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E778C05E-AFF7-4924-B04A-D4084859D53A}\InprocServer32] @="C:\Program Files (x86)\Spyware Clear\SCShell.dll" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{9742C5F7-76B2-488C-85C9-CE23EBFA61D9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClear.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{95CEF87D-5FD3-4BCB-8ACD-0BB0839D1B9B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClear.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{6387308A-6FC0-4322-B695-3FFD74692CE4}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClearUpdate.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{44EAF4C5-B0C8-48DB-A5E7-00F65D34DFE1}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClearUpdate.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{9742C5F7-76B2-488C-85C9-CE23EBFA61D9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClear.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{95CEF87D-5FD3-4BCB-8ACD-0BB0839D1B9B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClear.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{6387308A-6FC0-4322-B695-3FFD74692CE4}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClearUpdate.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{44EAF4C5-B0C8-48DB-A5E7-00F65D34DFE1}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClearUpdate.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{9742C5F7-76B2-488C-85C9-CE23EBFA61D9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClear.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{95CEF87D-5FD3-4BCB-8ACD-0BB0839D1B9B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClear.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{6387308A-6FC0-4322-B695-3FFD74692CE4}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClearUpdate.exe|Name=Spyware Clear|" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{44EAF4C5-B0C8-48DB-A5E7-00F65D34DFE1}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Spyware Clear\SpywareClearUpdate.exe|Name=Spyware Clear|" [HKEY_USERS\S-1-5-21-1194239397-2374196267-4070538924-1001\Software\Spyware Clear] [HKEY_USERS\S-1-5-21-1194239397-2374196267-4070538924-1001\Software\Spyware Clear] "SHELL_MENU_ITEM_CAPTION"="Scan with Spyware Clear" -= EOF =-
  8. namida12
    OK, have attached the image files. The first one: Before-01 has the logo, and I never understood why it was not in the program list, so I could uninstall. The second: after-02 this does not have the logo, but right clicking on the words: brings up menu "Open or make Shortcut". I tried to take a screen print while the dialog box was open but that failed... Also occasionally also getting a new pop-up - "window drivers download" JR
  9. namida12
    I see no way to attach the file.
  10. namida12
    Computer loads windows faster, and seems to function better... I still have Spyware Clear listed in a window: Control Panel > Programs In this page I have the following listed Programs and Features Default Programs Desktop Gadgets Spyware Clear <--The program Icon is white, no longer shows their logo, but right clicking on the file listing gives to choices - open / create shortcut (do not know if these are working, have not tested do not want to reinstall) Java (32-bit)
  11. namida12
    Computer loads windows faster, and seems to function better... I still have Spyware Clear listed in a window: Control Panel > Programs In this page I have the following listed Programs and Features Dfault Programs Desktop Gagets Spyware Clear <--The program Icon is white, no longer shows their logo, but right clicking on the file listing gives to choices - open / create shortcut (do not know if these are working, have not tested do not want to reinstall) Java (32-bit) * * * Tweaking.com - Windows Repair v2.10.4 -------------------------------------------------------------------------------- System Variables -------------------------------------------------------------------------------- OS: Windows 7 Home Premium OS Architecture: 64-bit OS Version: 6.1.7601 OS Service Pack: Service Pack 1 Computer Name: HARMON-PC Windows Drive: C:\ Windows Path: C:\windows Program Files: C:\Program Files Program Files (x86): C:\Program Files (x86) Current Profile: C:\Users\Harmon Current Profile SID: S-1-5-21-1194239397-2374196267-4070538924-1001 Current Profile Classes: S-1-5-21-1194239397-2374196267-4070538924-1001_Classes Profiles Location: C:\Users Profiles Location 2: C:\windows\ServiceProfiles Local Settings AppData: C:\Users\Harmon\AppData\Local -------------------------------------------------------------------------------- System Information -------------------------------------------------------------------------------- System Up Time: 0 Days 00:13:19 Process Count: 64 Commit Total: 1.29 GB Commit Limit: 3.50 GB Commit Peak: 1.29 GB Handle Count: 18261 Kernel Total: 322.73 MB Kernel Paged: 285.51 MB Kernel Non Paged: 37.22 MB System Cache: 751.00 MB Thread Count: 779 -------------------------------------------------------------------------------- Memory Before Cleaning with CleanMem -------------------------------------------------------------------------------- Memory Total: 1.75 GB Memory Used: 1.01 GB(57.9726%) Memory Avail.: 752.31 MB -------------------------------------------------------------------------------- Cleaning Memory Before Starting Repairs... Memory After Cleaning with CleanMem -------------------------------------------------------------------------------- Memory Total: 1.75 GB Memory Used: 868.21 MB(48.502%) Memory Avail.: 921.84 MB -------------------------------------------------------------------------------- Starting Repairs... Started at (2/2/2015 11:04:55 AM) Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair... Total Missing 'InstallDate' Fixed: 93 01 - Reset Registry Permissions 01/03 HKEY_CURRENT_USER & Sub Keys Start (2/2/2015 11:04:58 AM) Running Repair Under Current User Account Done (2/2/2015 11:05:30 AM) 01 - Reset Registry Permissions 02/03 HKEY_LOCAL_MACHINE & Sub Keys Start (2/2/2015 11:05:30 AM) Running Repair Under System Account Done (2/2/2015 11:10:12 AM) 01 - Reset Registry Permissions 03/03 HKEY_CLASSES_ROOT & Sub Keys Start (2/2/2015 11:10:12 AM) Running Repair Under System Account Done (2/2/2015 11:11:11 AM) 03 - Reset Service Permissions Start (2/2/2015 11:11:11 AM) Running Repair Under System Account Done (2/2/2015 11:11:40 AM) 04 - Register System Files Start (2/2/2015 11:11:40 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:12:15 AM) 05 - Repair WMI Start (2/2/2015 11:12:15 AM) Starting Security Center So We Can Export The Security Info. Exporting Antivirus Info... avast! Antivirus Exported. Exporting AntiSpyware Info... Windows Defender Exported. avast! Antivirus Exported. Exporting 3rd Party Firewall Info... avast! Antivirus Exported. Running Repair Under Current User Account Done (2/2/2015 11:16:12 AM) 06 - Repair Windows Firewall Start (2/2/2015 11:16:12 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:16:49 AM) 07 - Repair Internet Explorer Start (2/2/2015 11:16:49 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:17:21 AM) 08 - Repair MDAC/MS Jet Start (2/2/2015 11:17:21 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:17:33 AM) 09 - Repair Hosts File Start (2/2/2015 11:17:33 AM) Running Repair Under System Account Done (2/2/2015 11:17:34 AM) 10 - Remove Policies Set By Infections Start (2/2/2015 11:17:34 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:17:37 AM) 12 - Repair Icons Start (2/2/2015 11:17:37 AM) Running Repair Under Current User Account Done (2/2/2015 11:17:39 AM) 13 - Repair Winsock & DNS Cache Start (2/2/2015 11:17:39 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:18:01 AM) 15 - Repair Proxy Settings Start (2/2/2015 11:18:01 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:18:03 AM) 17 - Repair Windows Updates Start (2/2/2015 11:18:03 AM) Running Repair Under Current User Account Running Repair Under System Account Setting Windows Updates Files That Are In Use To Be Removed At Next Boot. Done (2/2/2015 11:18:50 AM) 18 - Repair CD/DVD Missing/Not Working Start (2/2/2015 11:18:50 AM) iTunes was found, adding UpperFilters for iTunes Reg Key UpperFilters added?: True Done (2/2/2015 11:18:50 AM) 19 - Repair Volume Shadow Copy Service Start (2/2/2015 11:18:50 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:10 AM) 21 - Repair MSI (Windows Installer) Start (2/2/2015 11:19:10 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:20 AM) 23.01 - Repair bat Association Start (2/2/2015 11:19:20 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:22 AM) 23.02 - Repair cmd Association Start (2/2/2015 11:19:22 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:24 AM) 23.03 - Repair com Association Start (2/2/2015 11:19:24 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:26 AM) 23.04 - Repair Directory Association Start (2/2/2015 11:19:26 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:28 AM) 23.05 - Repair Drive Association Start (2/2/2015 11:19:29 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:31 AM) 23.06 - Repair exe Association Start (2/2/2015 11:19:31 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:33 AM) 23.07 - Repair Folder Association Start (2/2/2015 11:19:33 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:35 AM) 23.08 - Repair inf Association Start (2/2/2015 11:19:35 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:37 AM) 23.09 - Repair lnk (Shortcuts) Association Start (2/2/2015 11:19:37 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:39 AM) 23.10 - Repair msc Association Start (2/2/2015 11:19:39 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:42 AM) 23.11 - Repair reg Association Start (2/2/2015 11:19:42 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:44 AM) 23.12 - Repair scr Association Start (2/2/2015 11:19:44 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:46 AM) 24 - Repair Windows Safe Mode Start (2/2/2015 11:19:46 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:19:48 AM) 25 - Repair Print Spooler Start (2/2/2015 11:19:48 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:20:02 AM) 26 - Restore Important Windows Services Start (2/2/2015 11:20:02 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:20:10 AM) 27 - Set Windows Services To Default Startup Start (2/2/2015 11:20:10 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:20:24 AM) Skipping Repair. Repair is for Windows v6.2 (Windows 8 & Newer) or higher. Current version: 6.1 Skipping Repair. Repair is for Windows v6.2 (Windows 8 & Newer) or higher. Current version: 6.1 Skipping Repair. Repair is for Windows v6.2 (Windows 8 & Newer) or higher. Current version: 6.1 31 - Repair Windows 'New' Submenu Start (2/2/2015 11:20:24 AM) Running Repair Under Current User Account Running Repair Under System Account Done (2/2/2015 11:20:26 AM) Cleaning up empty logs... All Selected Repairs Done. Done at (2/2/2015 11:20:26 AM) Total Repair Time: 00:15:33
  12. namida12
    There is a check system to be certain that the win7 stock software is still good and has not been altered? Since the the instalation of "Spyware Clean" malware, every thing loads slowly? I also have the screen icons refresing or redrawing when I open a software program, and sometimes when opening or closing a web browser. someting WinXP never did. I use this computer all the time, and know/percieve it has become much slower. My internet is still quick, but the opening and closing of software is slower. I can't measure the operating speed, but opening Google Chrome web browser takes more time, or opening another tab. The system is just slower. Internet: http://www.speedtest.net/my-result/4110170710 JR
  13. namida12
    Oops --- Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015Ran by Harmon at 2015-02-01 11:15:52 Run:1Running from C:\Users\Harmon\Desktop\JR-Fix-it filesLoaded Profiles: Harmon (Available profiles: Harmon)Boot Mode: Normal============================================== Content of fixlist:*****************CloseProcesses:ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.ProxyServer: [.DEFAULT] => http=127.0.0.1:47574HKLM-x32\...\Run: [] => [X]SearchScopes: HKU\S-1-5-21-1194239397-2374196267-4070538924-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No FileFF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileR2 SC_Svc; C:\Program Files (x86)\Spyware Clear\SC_svc64.exe [3006784 2015-01-20] (Crawler Group)2015-01-27 09:57 - 2015-01-27 09:57 - 06000640 _____ () C:\Program Files (x86)\GUT2CEA.tmp2015-01-27 09:57 - 2015-01-27 09:57 - 00000000 ____D () C:\Program Files (x86)\GUM2CE9.tmp2015-01-27 09:54 - 2015-01-29 08:07 - 00000000 ____D () C:\ProgramData\Spyware Clear2015-01-27 09:54 - 2015-01-27 09:56 - 00000000 ____D () C:\Users\Harmon\AppData\Roaming\OpenSoftwareUpdater2015-01-27 09:54 - 2015-01-27 09:54 - 00000000 ____D () C:\Users\Harmon\AppData\Roaming\Spyware Clear2015-01-27 09:54 - 2015-01-27 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSoftwareUpdater2015-01-27 09:53 - 2015-01-29 08:02 - 00000000 ____D () C:\Program Files (x86)\Spyware ClearC:\ProgramData\flashax10.exeREG: reg delete "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /fREG: reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 0 /fCreateRestorePoint:EmptyTemp:***************** Processes closed successfully.HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully."HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found. "HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully."HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.SC_Svc => Service deleted successfully.C:\Program Files (x86)\GUT2CEA.tmp => Moved successfully.C:\Program Files (x86)\GUM2CE9.tmp => Moved successfully.C:\ProgramData\Spyware Clear => Moved successfully.C:\Users\Harmon\AppData\Roaming\OpenSoftwareUpdater => Moved successfully.C:\Users\Harmon\AppData\Roaming\Spyware Clear => Moved successfully.C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSoftwareUpdater => Moved successfully.C:\Program Files (x86)\Spyware Clear => Moved successfully.C:\ProgramData\flashax10.exe => Moved successfully. ========= reg delete "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 0 /f ========= The operation completed successfully. ========= End of Reg: ========= Restore point was successfully created.EmptyTemp: => Removed 214.4 MB temporary data. The system needed a reboot. ==== End of Fixlog 11:16:52 ====
  14. namida12
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015 Ran by Harmon (administrator) on HARMON-PC on 01-02-2015 11:23:12 Running from C:\Users\Harmon\Desktop\JR-Fix-it files Loaded Profiles: Harmon (Available profiles: Harmon) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Google Inc.) C:\Users\Harmon\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe (Google Inc.) C:\Users\Harmon\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe (Lenovo (Shenzhen) Electronic Co., Ltd.) C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe (JME) C:\Program Files (x86)\jmesoft\hotkey.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe (CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Users\Harmon\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Harmon\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Harmon\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060832 2010-02-08] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.) HKLM-x32\...\Run: [LenovoFSC] => C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe [49152 2009-07-29] (Lenovo (Shenzhen) Electronic Co., Ltd.) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME) HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [325120 2010-04-30] (Lenovo) HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [281088 2010-07-12] (Lenovo) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink) HKLM-x32\...\Run: [updateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [updatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\...\Run: [Google Update] => C:\Users\Harmon\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.) HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\...\Run: [EPSON WorkForce 500 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEQA.EXE [221696 2008-02-22] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\...\Run: [EPSON WorkForce 500 Series (Copy 1)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEQA.EXE [221696 2008-02-22] (SEIKO EPSON CORPORATION) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:47574 HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lenovo.com/ HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1194239397-2374196267-4070538924-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll No File Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 FireFox: ======== FF ProfilePath: C:\Users\Harmon\AppData\Roaming\Mozilla\Firefox\Profiles\5ihcjatc.default FF DefaultSearchEngine: Yahoo! (Avast) FF DefaultSearchUrl: https://search.yahoo.com/yhs/search FF SearchEngineOrder.1: Yahoo! (Avast) FF SelectedSearchEngine: Yahoo! (Avast) FF Homepage: https://www.yahoo.com/?fr=hp-avast&type=agc511 FF Keyword.URL: https://search.yahoo.com/yhs/search FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1194239397-2374196267-4070538924-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Harmon\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1194239397-2374196267-4070538924-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Harmon\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Users\Harmon\AppData\Roaming\Mozilla\Firefox\Profiles\5ihcjatc.default\searchplugins\yahoo-avast.xml FF Extension: Firefox Old Version Update Hotfix - C:\Users\Harmon\AppData\Roaming\Mozilla\Firefox\Profiles\5ihcjatc.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-12-10] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-11] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt Chrome: ======= CHR StartupUrls: Default -> "https://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Users\Harmon\AppData\Local\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Harmon\AppData\Local\Google\Chrome\Application\40.0.2214.93\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\Harmon\AppData\Local\Google\Chrome\Application\40.0.2214.93\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File CHR Plugin: (Java Platform SE 7 U4) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Google Update) - C:\Users\Harmon\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\windows\SysWOW64\npDeployJava1.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Profile: C:\Users\Harmon\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Harmon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-03] CHR Extension: (Google Wallet) - C:\Users\Harmon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2014-04-06] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-06] StartMenuInternet: Google Chrome - C:\Users\Harmon\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-06] (AVAST Software) R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-06] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-06] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-06] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-06] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-06] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-06] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-06] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-06] () S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation ) R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows ® Win 7 DDK provider) R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11848 2009-06-05] () R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.) R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-01 11:03 - 2015-02-01 11:05 - 00000000 ____D () C:\Users\Harmon\Desktop\Line Dance 2015-02-01 11:02 - 2015-02-01 11:03 - 00000340 _____ () C:\windows\LkmdfCoInst.log 2015-01-31 08:44 - 2015-01-31 08:44 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-01-31 08:40 - 2015-01-31 08:40 - 02347384 _____ (ESET) C:\Users\Harmon\Downloads\esetsmartinstaller_enu.exe 2015-01-30 19:13 - 2015-01-30 19:13 - 00001463 _____ () C:\Users\Harmon\.recently-used.xbel 2015-01-30 16:07 - 2015-02-01 11:24 - 00000000 ____D () C:\FRST 2015-01-30 15:45 - 2015-02-01 11:23 - 00000000 ____D () C:\Users\Harmon\Desktop\JR-Fix-it files 2015-01-30 15:35 - 2015-01-30 15:35 - 00000000 ____D () C:\windows\ERUNT 2015-01-30 13:18 - 2015-02-01 11:18 - 00000538 _____ () C:\windows\setupact.log 2015-01-30 13:18 - 2015-01-30 13:18 - 00000000 _____ () C:\windows\setuperr.log 2015-01-30 13:17 - 2015-01-31 08:30 - 00000756 _____ () C:\windows\PFRO.log 2015-01-30 11:16 - 2015-01-30 11:16 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk 2015-01-30 11:16 - 2015-01-30 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-01-30 11:15 - 2015-01-30 11:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-01-30 11:15 - 2015-01-30 11:16 - 00000000 ____D () C:\Program Files\iTunes 2015-01-30 11:15 - 2015-01-30 11:15 - 00000000 ____D () C:\Program Files\iPod 2015-01-30 11:15 - 2015-01-30 11:15 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-01-30 11:13 - 2015-01-30 11:13 - 00000000 ____D () C:\Program Files\Bonjour 2015-01-30 11:13 - 2015-01-30 11:13 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2015-01-30 11:09 - 2015-01-30 11:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2015-01-30 11:09 - 2015-01-30 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-01-27 19:02 - 2015-01-27 19:02 - 00000000 __SHD () C:\Users\Harmon\AppData\Local\EmieBrowserModeList 2015-01-26 19:58 - 2015-01-26 19:58 - 00000000 _____ () C:\windows\SysWOW64\profiles.ini 2015-01-26 12:21 - 2015-01-20 17:02 - 07339145 _____ () C:\Users\Harmon\Desktop\04 Rhythm of Love.m4a 2015-01-26 12:18 - 2015-01-21 18:43 - 08580266 _____ () C:\Users\Harmon\Desktop\02 Superheroes.m4a 2015-01-15 22:03 - 2015-01-01 12:11 - 07146182 _____ () C:\Users\Harmon\Desktop\03 Love Drunk.m4a 2015-01-15 13:47 - 2015-01-15 13:47 - 00171112 _____ () C:\Users\Harmon\AppData\Local\9AdwCleaner.exe 2015-01-13 19:55 - 2014-12-11 09:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe 2015-01-13 19:54 - 2014-12-18 19:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll 2015-01-13 19:54 - 2014-12-18 17:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys 2015-01-13 19:54 - 2014-12-11 21:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-01-13 19:54 - 2014-12-11 21:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-01-13 19:54 - 2014-12-11 21:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-01-13 19:54 - 2014-12-11 21:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-01-13 19:54 - 2014-12-11 21:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2015-01-13 19:54 - 2014-12-11 21:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2015-01-13 19:54 - 2014-12-11 21:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2015-01-13 19:54 - 2014-12-05 20:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll 2015-01-13 19:54 - 2014-12-05 19:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll 2015-01-13 19:54 - 2014-12-05 19:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll 2015-01-13 19:54 - 2012-10-03 09:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll 2015-01-13 19:54 - 2012-10-03 09:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-01 11:25 - 2013-02-24 08:01 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2015-02-01 11:20 - 2012-07-16 09:30 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update 2015-02-01 11:18 - 2013-05-24 20:40 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-01 11:18 - 2009-07-13 21:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-02-01 11:17 - 2011-02-22 19:52 - 01280705 _____ () C:\windows\WindowsUpdate.log 2015-02-01 11:09 - 2009-07-13 20:45 - 00018288 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-01 11:09 - 2009-07-13 20:45 - 00018288 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-01 11:02 - 2014-04-06 14:06 - 00018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys 2015-01-31 18:46 - 2013-05-24 20:40 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-31 18:02 - 2011-04-11 09:35 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1194239397-2374196267-4070538924-1001UA.job 2015-01-31 08:30 - 2011-04-21 15:59 - 00002154 _____ () C:\windows\epplauncher.mif 2015-01-30 19:13 - 2011-04-11 12:57 - 00000000 ____D () C:\Users\Harmon\.gimp-2.6 2015-01-30 19:13 - 2011-04-11 09:31 - 00000000 ____D () C:\Users\Harmon 2015-01-30 19:11 - 2011-04-11 13:15 - 00000000 ____D () C:\Users\Harmon\AppData\Roaming\gtk-2.0 2015-01-30 18:51 - 2014-09-29 12:11 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-30 13:24 - 2011-04-11 10:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-30 13:20 - 2014-10-20 11:21 - 00000000 ___RD () C:\Users\Harmon\Dropbox 2015-01-30 13:20 - 2014-10-20 11:15 - 00000000 ____D () C:\Users\Harmon\AppData\Roaming\Dropbox 2015-01-30 12:49 - 2011-12-29 16:06 - 00000000 ___DC () C:\Users\Harmon\AppData\Local\MigWiz 2015-01-30 11:25 - 2014-12-30 20:30 - 00000000 ____D () C:\Users\Harmon\AppData\Roaming\eM Client 2015-01-30 11:18 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\schemas 2015-01-30 11:15 - 2011-12-04 19:49 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-01-30 11:06 - 2011-04-11 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2015-01-27 10:06 - 2009-07-13 20:45 - 00358904 _____ () C:\windows\system32\FNTCACHE.DAT 2015-01-27 09:58 - 2013-05-24 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-01-27 09:58 - 2011-04-11 09:34 - 00089872 _____ () C:\Users\Harmon\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-26 20:25 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\Resources 2015-01-26 20:10 - 2011-04-11 09:36 - 00002636 _____ () C:\Users\Harmon\Desktop\Google Chrome.lnk 2015-01-26 19:59 - 2009-07-13 21:08 - 00032602 _____ () C:\windows\Tasks\SCHEDLGU.TXT 2015-01-24 12:25 - 2014-11-25 15:25 - 04070576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe 2015-01-24 12:25 - 2013-02-24 08:01 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-01-24 12:25 - 2013-02-24 08:01 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-24 12:25 - 2013-02-24 08:01 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-01-16 08:46 - 2014-10-04 12:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2015-01-16 08:35 - 2011-04-12 10:26 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-01-13 21:05 - 2013-08-13 21:07 - 00000000 ____D () C:\windows\system32\MRT 2015-01-13 20:59 - 2011-04-25 10:06 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-01-11 13:32 - 2014-12-08 15:49 - 00000000 ____D () C:\windows\System32\Tasks\Games 2015-01-05 20:50 - 2009-07-13 21:13 - 00726444 _____ () C:\windows\system32\PerfStringBackup.INI ==================== Files in the root of some directories ======= 2013-08-05 18:17 - 2013-08-05 18:17 - 0000288 _____ () C:\Users\Harmon\AppData\Roaming\.backup.dm 2013-08-07 20:33 - 2013-08-07 20:33 - 0000016 _____ () C:\Users\Harmon\AppData\Roaming\mbam.context.scan 2015-01-15 13:47 - 2015-01-15 13:47 - 0171112 _____ () C:\Users\Harmon\AppData\Local\9AdwCleaner.exe 2012-02-15 15:00 - 2012-02-15 15:01 - 0000319 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-24 12:43 ==================== End Of Log ============================ ** Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015 Ran by Harmon (administrator) on HARMON-PC on 01-02-2015 11:23:12 Running from C:\Users\Harmon\Desktop\JR-Fix-it files Loaded Profiles: Harmon (Available profiles: Harmon) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Google Inc.) C:\Users\Harmon\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe (Google Inc.) C:\Users\Harmon\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe (Lenovo (Shenzhen) Electronic Co., Ltd.) C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe (JME) C:\Program Files (x86)\jmesoft\hotkey.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe (CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Users\Harmon\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Harmon\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Harmon\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060832 2010-02-08] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.) HKLM-x32\...\Run: [LenovoFSC] => C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe [49152 2009-07-29] (Lenovo (Shenzhen) Electronic Co., Ltd.) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME) HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [325120 2010-04-30] (Lenovo) HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [281088 2010-07-12] (Lenovo) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink) HKLM-x32\...\Run: [updateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [updatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\...\Run: [Google Update] => C:\Users\Harmon\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.) HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\...\Run: [EPSON WorkForce 500 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEQA.EXE [221696 2008-02-22] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\...\Run: [EPSON WorkForce 500 Series (Copy 1)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEQA.EXE [221696 2008-02-22] (SEIKO EPSON CORPORATION) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:47574 HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lenovo.com/ HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-1194239397-2374196267-4070538924-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1194239397-2374196267-4070538924-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll No File Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 FireFox: ======== FF ProfilePath: C:\Users\Harmon\AppData\Roaming\Mozilla\Firefox\Profiles\5ihcjatc.default FF DefaultSearchEngine: Yahoo! (Avast) FF DefaultSearchUrl: https://search.yahoo.com/yhs/search FF SearchEngineOrder.1: Yahoo! (Avast) FF SelectedSearchEngine: Yahoo! (Avast) FF Homepage: https://www.yahoo.com/?fr=hp-avast&type=agc511 FF Keyword.URL: https://search.yahoo.com/yhs/search FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1194239397-2374196267-4070538924-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Harmon\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1194239397-2374196267-4070538924-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Harmon\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Users\Harmon\AppData\Roaming\Mozilla\Firefox\Profiles\5ihcjatc.default\searchplugins\yahoo-avast.xml FF Extension: Firefox Old Version Update Hotfix - C:\Users\Harmon\AppData\Roaming\Mozilla\Firefox\Profiles\5ihcjatc.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-12-10] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-11] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt Chrome: ======= CHR StartupUrls: Default -> "https://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Users\Harmon\AppData\Local\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Harmon\AppData\Local\Google\Chrome\Application\40.0.2214.93\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\Harmon\AppData\Local\Google\Chrome\Application\40.0.2214.93\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File CHR Plugin: (Java Platform SE 7 U4) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Google Update) - C:\Users\Harmon\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\windows\SysWOW64\npDeployJava1.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Profile: C:\Users\Harmon\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Harmon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-03] CHR Extension: (Google Wallet) - C:\Users\Harmon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2014-04-06] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-06] StartMenuInternet: Google Chrome - C:\Users\Harmon\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-06] (AVAST Software) R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-06] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-06] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-06] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-06] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-06] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-06] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-06] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-06] () S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation ) R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows ® Win 7 DDK provider) R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11848 2009-06-05] () R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.) R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-01 11:03 - 2015-02-01 11:05 - 00000000 ____D () C:\Users\Harmon\Desktop\Line Dance 2015-02-01 11:02 - 2015-02-01 11:03 - 00000340 _____ () C:\windows\LkmdfCoInst.log 2015-01-31 08:44 - 2015-01-31 08:44 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-01-31 08:40 - 2015-01-31 08:40 - 02347384 _____ (ESET) C:\Users\Harmon\Downloads\esetsmartinstaller_enu.exe 2015-01-30 19:13 - 2015-01-30 19:13 - 00001463 _____ () C:\Users\Harmon\.recently-used.xbel 2015-01-30 16:07 - 2015-02-01 11:24 - 00000000 ____D () C:\FRST 2015-01-30 15:45 - 2015-02-01 11:23 - 00000000 ____D () C:\Users\Harmon\Desktop\JR-Fix-it files 2015-01-30 15:35 - 2015-01-30 15:35 - 00000000 ____D () C:\windows\ERUNT 2015-01-30 13:18 - 2015-02-01 11:18 - 00000538 _____ () C:\windows\setupact.log 2015-01-30 13:18 - 2015-01-30 13:18 - 00000000 _____ () C:\windows\setuperr.log 2015-01-30 13:17 - 2015-01-31 08:30 - 00000756 _____ () C:\windows\PFRO.log 2015-01-30 11:16 - 2015-01-30 11:16 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk 2015-01-30 11:16 - 2015-01-30 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-01-30 11:15 - 2015-01-30 11:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-01-30 11:15 - 2015-01-30 11:16 - 00000000 ____D () C:\Program Files\iTunes 2015-01-30 11:15 - 2015-01-30 11:15 - 00000000 ____D () C:\Program Files\iPod 2015-01-30 11:15 - 2015-01-30 11:15 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-01-30 11:13 - 2015-01-30 11:13 - 00000000 ____D () C:\Program Files\Bonjour 2015-01-30 11:13 - 2015-01-30 11:13 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2015-01-30 11:09 - 2015-01-30 11:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2015-01-30 11:09 - 2015-01-30 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-01-27 19:02 - 2015-01-27 19:02 - 00000000 __SHD () C:\Users\Harmon\AppData\Local\EmieBrowserModeList 2015-01-26 19:58 - 2015-01-26 19:58 - 00000000 _____ () C:\windows\SysWOW64\profiles.ini 2015-01-26 12:21 - 2015-01-20 17:02 - 07339145 _____ () C:\Users\Harmon\Desktop\04 Rhythm of Love.m4a 2015-01-26 12:18 - 2015-01-21 18:43 - 08580266 _____ () C:\Users\Harmon\Desktop\02 Superheroes.m4a 2015-01-15 22:03 - 2015-01-01 12:11 - 07146182 _____ () C:\Users\Harmon\Desktop\03 Love Drunk.m4a 2015-01-15 13:47 - 2015-01-15 13:47 - 00171112 _____ () C:\Users\Harmon\AppData\Local\9AdwCleaner.exe 2015-01-13 19:55 - 2014-12-11 09:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe 2015-01-13 19:54 - 2014-12-18 19:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll 2015-01-13 19:54 - 2014-12-18 17:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys 2015-01-13 19:54 - 2014-12-11 21:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-01-13 19:54 - 2014-12-11 21:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-01-13 19:54 - 2014-12-11 21:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-01-13 19:54 - 2014-12-11 21:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-01-13 19:54 - 2014-12-11 21:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2015-01-13 19:54 - 2014-12-11 21:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2015-01-13 19:54 - 2014-12-11 21:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2015-01-13 19:54 - 2014-12-05 20:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll 2015-01-13 19:54 - 2014-12-05 19:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll 2015-01-13 19:54 - 2014-12-05 19:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll 2015-01-13 19:54 - 2012-10-03 09:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll 2015-01-13 19:54 - 2012-10-03 09:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-01 11:25 - 2013-02-24 08:01 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2015-02-01 11:20 - 2012-07-16 09:30 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update 2015-02-01 11:18 - 2013-05-24 20:40 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-01 11:18 - 2009-07-13 21:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-02-01 11:17 - 2011-02-22 19:52 - 01280705 _____ () C:\windows\WindowsUpdate.log 2015-02-01 11:09 - 2009-07-13 20:45 - 00018288 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-01 11:09 - 2009-07-13 20:45 - 00018288 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-01 11:02 - 2014-04-06 14:06 - 00018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys 2015-01-31 18:46 - 2013-05-24 20:40 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-31 18:02 - 2011-04-11 09:35 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1194239397-2374196267-4070538924-1001UA.job 2015-01-31 08:30 - 2011-04-21 15:59 - 00002154 _____ () C:\windows\epplauncher.mif 2015-01-30 19:13 - 2011-04-11 12:57 - 00000000 ____D () C:\Users\Harmon\.gimp-2.6 2015-01-30 19:13 - 2011-04-11 09:31 - 00000000 ____D () C:\Users\Harmon 2015-01-30 19:11 - 2011-04-11 13:15 - 00000000 ____D () C:\Users\Harmon\AppData\Roaming\gtk-2.0 2015-01-30 18:51 - 2014-09-29 12:11 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-30 13:24 - 2011-04-11 10:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-30 13:20 - 2014-10-20 11:21 - 00000000 ___RD () C:\Users\Harmon\Dropbox 2015-01-30 13:20 - 2014-10-20 11:15 - 00000000 ____D () C:\Users\Harmon\AppData\Roaming\Dropbox 2015-01-30 12:49 - 2011-12-29 16:06 - 00000000 ___DC () C:\Users\Harmon\AppData\Local\MigWiz 2015-01-30 11:25 - 2014-12-30 20:30 - 00000000 ____D () C:\Users\Harmon\AppData\Roaming\eM Client 2015-01-30 11:18 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\schemas 2015-01-30 11:15 - 2011-12-04 19:49 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-01-30 11:06 - 2011-04-11 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2015-01-27 10:06 - 2009-07-13 20:45 - 00358904 _____ () C:\windows\system32\FNTCACHE.DAT 2015-01-27 09:58 - 2013-05-24 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-01-27 09:58 - 2011-04-11 09:34 - 00089872 _____ () C:\Users\Harmon\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-26 20:25 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\Resources 2015-01-26 20:10 - 2011-04-11 09:36 - 00002636 _____ () C:\Users\Harmon\Desktop\Google Chrome.lnk 2015-01-26 19:59 - 2009-07-13 21:08 - 00032602 _____ () C:\windows\Tasks\SCHEDLGU.TXT 2015-01-24 12:25 - 2014-11-25 15:25 - 04070576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe 2015-01-24 12:25 - 2013-02-24 08:01 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-01-24 12:25 - 2013-02-24 08:01 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-24 12:25 - 2013-02-24 08:01 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-01-16 08:46 - 2014-10-04 12:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2015-01-16 08:35 - 2011-04-12 10:26 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-01-13 21:05 - 2013-08-13 21:07 - 00000000 ____D () C:\windows\system32\MRT 2015-01-13 20:59 - 2011-04-25 10:06 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-01-11 13:32 - 2014-12-08 15:49 - 00000000 ____D () C:\windows\System32\Tasks\Games 2015-01-05 20:50 - 2009-07-13 21:13 - 00726444 _____ () C:\windows\system32\PerfStringBackup.INI ==================== Files in the root of some directories ======= 2013-08-05 18:17 - 2013-08-05 18:17 - 0000288 _____ () C:\Users\Harmon\AppData\Roaming\.backup.dm 2013-08-07 20:33 - 2013-08-07 20:33 - 0000016 _____ () C:\Users\Harmon\AppData\Roaming\mbam.context.scan 2015-01-15 13:47 - 2015-01-15 13:47 - 0171112 _____ () C:\Users\Harmon\AppData\Local\9AdwCleaner.exe 2012-02-15 15:00 - 2012-02-15 15:01 - 0000319 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-24 12:43 ==================== End Of Log ============================
  15. namida12
    Jergen, Computer is still very very very slow, could not find a method to attach or insert a image of where the program link has put a link in "control panel/programs". It is not with the other programs Icons always move to left side of screen, never happend before this malware eas installed. Is this the same Rogue Spyware or another varient reported 25 September 2014 - 12:50 AM https://forums.malwarebytes.org/index.php?/topic/157767-huge-drive-by-rogueware-attack-spyware-clear/ (Crawler Group) C:\Program Files (x86)\Spyware Clear\SC_svc64.exe It now takes Firefox and Chrome web browsers, control panel, and other software 40 or more seconds to load and open. JR
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.