Jump to content

jmm157

Honorary Members
  • Posts

    54
  • Joined

  • Last visited

Everything posted by jmm157

  1. I did not see a reset sync button in Chrome. I already had Malwarebytes Browser guard set up in Chrome. Adwcleaner log: # ------------------------------- # Malwarebytes AdwCleaner 8.2.0.0 # ------------------------------- # Build: 03-22-2021 # Database: 2021-05-17.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 06-21-2021 # Duration: 00:00:58 # OS: Windows 10 Home # Scanned: 31976 # Detected: 6 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\researchnow.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\surveymyopinion.researchnow.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\researchnow.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\surveymyopinion.researchnow.com ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
  2. Yesterday, this message popped up while using Chrome. I have not clicked on anything. It does not open if I use other browsers, only Chrome. I have scanned with both Webroot and Malwarebytes, but nothing is found with either app. Do you have a suggestion?
  3. Prior to your last post, I rebooted my switch and connection is good. Will again let you know if it fails. Thanks.
  4. Just like before. It worked for a while and the pages stopped loading. Both Firefox and IE.
  5. Hopefully this was the main issue. That seems to take care of the problem at this point, but it also worked for a bit yesterday after doing what you requested; then it stopped. What I find odd though is that IE was not working and now it is. My Outlook email account was giving errors at the same time since yesterday. I contacted my ISP and they said the line was working good and email was ok. I disabled my network card and rebooted then the connection still didn't work after that. Outlook now works OK as well. Hopefully this is all I need to do. I will keep you posted if things go awry again.
  6. Maybe minor improvement. I did get a couple of pages to load, but not all will load. Attached you will see a couple of screen shots of the pages that did not load. screens.pdf
  7. I use Firefox and have tried with IE, but neither will load pages. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by Mike at 2015-03-28 09:38:20 Run:3 Running from C:\Users\Mike\Desktop\FRST Loaded Profiles: Mike (Available profiles: Mike & ANOTHER) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\RunOnce: [b Register C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax",DllRegisterServer HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\...\Run: [ROC_ROC_APR2013_AV] => C:\Users\Mike\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid ddbae792321c47d1ba9ed15426e99490-dea33aeff6aaebca622fc55477b442c3c67ca2ee --CMPID ROC_APR2013_AV --CMPI (the data entry has 11 more characters). HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\...\Run: [AVG-Secure-Search-Update_0913a] => C:\Users\Mike\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid ddbae792321c47d1ba9ed15426e99490-dea33aeff6aaebca622fc55477b442c3c67ca2ee --CMPID 0913a HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\Mike\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=ddbae792321c47d1ba9ed15426e99490-dea33aeff6aaebca622fc55477b442c3c67ca2ee /CMPID=1113a CMD: ipconfig /flushdns EmptyTemp: ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\B Register C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax => value deleted successfully. HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ROC_ROC_APR2013_AV => value deleted successfully. HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_0913a => value deleted successfully. HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_1113a => value deleted successfully. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= EmptyTemp: => Removed 39.9 GB temporary data. The system needed a reboot. ==== End of Fixlog 09:42:43 ====
  8. Attachments included. Addition.txt FRST.txt
  9. The Internet access lasted a couple of hours, but now seems to be as it was before.
  10. Could you tell me what causes the host file to grow so large?
  11. It seems to be at this point. I have gotten to six webpages without an issue.
  12. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by Mike at 2015-03-27 16:57:50 Run:2 Running from C:\Users\Mike\Desktop\FRST Loaded Profiles: Mike (Available profiles: Mike & ANOTHER) Boot Mode: Normal ============================================== Content of fixlist: ***************** Hosts: ***************** C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. ==== End of Fixlog 16:57:50 ====
  13. Requested tasks completed. First, can you tell me what I need to do with the hosts file? Fixlog file: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by Mike at 2015-03-26 22:10:12 Run:1 Running from C:\Users\Mike\Desktop\FRST Loaded Profiles: Mike (Available profiles: Mike & ANOTHER) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\...\Run: [uTorrent] => "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\...\Run: [] => [X] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction URLSearchHook: HKU\S-1-5-21-1754454339-2153682011-3722641661-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File URLSearchHook: HKU\S-1-5-21-1754454339-2153682011-3722641661-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File SearchScopes: HKU\.DEFAULT -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = R2 PGMTrusted; C:\Program Files (x86)\Pogo Games\PGMTrusted.exe [520360 2013-03-25] (iWin Inc.) AlternateDataStreams: C:\Windows: AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 AlternateDataStreams: C:\Users\Mike\Documents\card1.jpg:Roxio EMC Stream AlternateDataStreams: C:\Users\Mike\Documents\card2.jpg:Roxio EMC Stream AlternateDataStreams: C:\Users\Mike\Documents\Cert.jpg:Roxio EMC Stream AlternateDataStreams: C:\Users\Mike\Documents\Mustacheless.jpg:Roxio EMC Stream AlternateDataStreams: C:\Users\Mike\Documents\Scan0001.jpg:Roxio EMC Stream AlternateDataStreams: C:\Users\Mike\Documents\Scan0002.jpg:Roxio EMC Stream AlternateDataStreams: C:\Users\Mike\Documents\Scan0003.jpg:Roxio EMC Stream AlternateDataStreams: C:\Users\Mike\Documents\Scan0004.jpg:Roxio EMC Stream AlternateDataStreams: C:\Users\Mike\Documents\Scan0005.jpg:Roxio EMC Stream AlternateDataStreams: C:\Users\Mike\Documents\Scan0006.jpg:Roxio EMC Stream AlternateDataStreams: C:\Users\Mike\Documents\scan1.jpg:Roxio EMC Stream C:\Users\Mike\AppData\Local\Temp\Xzg.exe ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully. HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. "HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} => Value not found. "HKCR\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}" => Key deleted successfully. HKU\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} => Value not found. "HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}" => Key deleted successfully. HKCR\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found. PGMTrusted => Service not found. "C:\Windows" => ":" ADS not found. C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully. C:\Users\Mike\Documents\card1.jpg => ":Roxio EMC Stream" ADS removed successfully. C:\Users\Mike\Documents\card2.jpg => ":Roxio EMC Stream" ADS removed successfully. C:\Users\Mike\Documents\Cert.jpg => ":Roxio EMC Stream" ADS removed successfully. C:\Users\Mike\Documents\Mustacheless.jpg => ":Roxio EMC Stream" ADS removed successfully. C:\Users\Mike\Documents\Scan0001.jpg => ":Roxio EMC Stream" ADS removed successfully. C:\Users\Mike\Documents\Scan0002.jpg => ":Roxio EMC Stream" ADS removed successfully. C:\Users\Mike\Documents\Scan0003.jpg => ":Roxio EMC Stream" ADS removed successfully. C:\Users\Mike\Documents\Scan0004.jpg => ":Roxio EMC Stream" ADS removed successfully. C:\Users\Mike\Documents\Scan0005.jpg => ":Roxio EMC Stream" ADS removed successfully. C:\Users\Mike\Documents\Scan0006.jpg => ":Roxio EMC Stream" ADS removed successfully. C:\Users\Mike\Documents\scan1.jpg => ":Roxio EMC Stream" ADS removed successfully. "C:\Users\Mike\AppData\Local\Temp\Xzg.exe" => File/Directory not found. ==== End of Fixlog 22:10:12 ==== AdwCleaner log file: # AdwCleaner v3.023 - Report created 20/04/2014 at 08:54:31 # Updated 01/04/2014 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Mike - MIKE-PC-LR # Running from : C:\Users\Mike\Desktop\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** Service Deleted : BCUService ***** [ Files / Folders ] ***** Folder Deleted : C:\Save Folder Deleted : C:\ProgramData\AGI Folder Deleted : C:\ProgramData\Conduit Folder Deleted : C:\ProgramData\DeviceVM Folder Deleted : C:\ProgramData\ParetoLogic Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParetoLogic Folder Deleted : C:\Program Files (x86)\AGI Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\DeviceVM Folder Deleted : C:\Program Files (x86)\ParetoLogic Folder Deleted : C:\Program Files (x86)\DivX_Browser_Bar Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic Folder Deleted : C:\Users\Mike\AppData\Local\PackageAware Folder Deleted : C:\Users\Mike\AppData\LocalLow\AGI Folder Deleted : C:\Users\Mike\AppData\LocalLow\boost_interprocess Folder Deleted : C:\Users\Mike\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Mike\AppData\LocalLow\DivX_Browser_Bar Folder Deleted : C:\Users\Mike\AppData\Roaming\DeviceVM Folder Deleted : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\lays53kr.default\Smartbar Folder Deleted : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\lays53kr.default\CT3288691 Folder Deleted : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\lays53kr.default\Extensions\{77E8143B-6759-416E-B521-82CFED75150B} Folder Deleted : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda File Deleted : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\lays53kr.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DownloadManager] Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1 Key Deleted : HKLM\SOFTWARE\Classes\agihelper.AGUtils Key Deleted : HKLM\SOFTWARE\Classes\driverscanner Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [bCU] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3288691 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_comicrack_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_comicrack_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{77E8143B-6759-416E-B521-82CFED75150B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77E8143B-6759-416E-B521-82CFED75150B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77E8143B-6759-416E-B521-82CFED75150B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{77E8143B-6759-416E-B521-82CFED75150B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B6147A6-FE7F-4D06-A668-1F39C82A6A14} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C05E1E9-CC59-4878-8B4D-8863A889E14E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{77E8143B-6759-416E-B521-82CFED75150B}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{77E8143B-6759-416E-B521-82CFED75150B}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKCU\Software\AGI Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\AVG SafeGuard toolbar Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DeviceVM Key Deleted : HKCU\Software\ParetoLogic Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar Key Deleted : HKLM\Software\AGI Key Deleted : HKLM\Software\AVG SafeGuard toolbar Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DeviceVM Key Deleted : HKLM\Software\ParetoLogic Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\Uniblue Key Deleted : HKLM\Software\DivX_Browser_Bar Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17041 -\\ Mozilla Firefox v28.0 (en-US) [ File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\lays53kr.default\prefs.js ] Line Deleted : user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM2NTM5ODU5NiwidXVpZCI6NDAxNDA1MTU2MzMzMzY1LCJzZXFfaWQiOjEzLCJzc2IiOjEzNDk3MDEyODZ9"); Line Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3220468.FirstTime", "true"); Line Deleted : user_pref("CT3220468.FirstTimeFF3", "true"); Line Deleted : user_pref("CT3220468.PG_ENABLE", "dHJ1ZQ=="); Line Deleted : user_pref("CT3220468.PG_ENABLE.enc", "ZEhKMVpRPT0="); Line Deleted : user_pref("CT3220468.SF_JUST_INSTALLED.enc", "RkFMU0U="); Line Deleted : user_pref("CT3220468.SF_STATUS.enc", "RU5BQkxFRA=="); Line Deleted : user_pref("CT3220468.SF_USER_ID.enc", "Y2lkXzg0MjAxMzE2NTgxMjkzMzQ0MDE="); Line Deleted : user_pref("CT3220468.UserID", "UN48904327915112615"); Line Deleted : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true"); Line Deleted : user_pref("CT3220468.autoDisableScopes", -1); Line Deleted : user_pref("CT3220468.cb_experience_000.enc", "Mw=="); Line Deleted : user_pref("CT3220468.cb_firstuse0100.enc", "MQ=="); Line Deleted : user_pref("CT3220468.cb_user_id_000.enc", "Q0I5NTMxNDc5MDQxNzNfMTM2NDc0MTI1MTgzMV9GaXJlZm94"); Line Deleted : user_pref("CT3220468.cbcountry_001", "US"); Line Deleted : user_pref("CT3220468.cbfirsttime.enc", "TW9uIE9jdCAwOCAyMDEyIDA4OjAxOjE3IEdNVC0wNTAwIChDZW50cmFsIERheWxpZ2h0IFRpbWUp"); Line Deleted : user_pref("CT3220468.countryCode", "US"); Line Deleted : user_pref("CT3220468.defaultSearch", "FALSE"); Line Deleted : user_pref("CT3220468.enableAlerts", "always"); Line Deleted : user_pref("CT3220468.enableFix404ByUser", "FALSE"); Line Deleted : user_pref("CT3220468.enableSearchFromAddressBar", "FALSE"); Line Deleted : user_pref("CT3220468.firstTimeDialogOpened", "true"); Line Deleted : user_pref("CT3220468.fixPageNotFoundError", "true"); Line Deleted : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true"); Line Deleted : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true"); Line Deleted : user_pref("CT3220468.fixUrls", true); Line Deleted : user_pref("CT3220468.fullUserID", "UN48904327915112615.UP.20130706151606"); Line Deleted : user_pref("CT3220468.homepageuserchanged", true); Line Deleted : user_pref("CT3220468.hxxp___toolbar_utorrent_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsc2F2ZXJlc2l6ZWRzaXplPTAsdGl0bGViYXI9MCxjbG9zZW9uZXh0ZXJuYWxjbGljaz0xLHNhdmVsb2NhdGlvbj0wLG9wZW5wb3NpdGlvbj1vZmZ[...] Line Deleted : user_pref("CT3220468.installId", "fft77CE.tmp.exe"); Line Deleted : user_pref("CT3220468.installType", "XPE"); Line Deleted : user_pref("CT3220468.isCheckedStartAsHidden", true); Line Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3220468.isFirstTimeToolbarLoading", "false"); Line Deleted : user_pref("CT3220468.isNewTabEnabled", false); Line Deleted : user_pref("CT3220468.isPerformedSmartBarTransition", "true"); Line Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Line Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3220468.lastVersion", "10.20.0.513"); Line Deleted : user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM2NTQ3MjY5MzA4NQ=="); Line Deleted : user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24="); Line Deleted : user_pref("CT3220468.mam_gk_appState_Find-a-Pro.enc", "b24="); Line Deleted : user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24="); Line Deleted : user_pref("CT3220468.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...] Line Deleted : user_pref("CT3220468.mam_gk_appsDefaultEnabled.enc", "bnVsbA=="); Line Deleted : user_pref("CT3220468.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5IiwiY3JpdGVyaWFzIjpbeyJjcml0ZXJpYUlkIjoiZTk3Yjc3NWQtMjNlMS00YjA5LWIzNDItZDExZjEyOTJhMjA2IiwiZG9tYWlucyI[...] Line Deleted : user_pref("CT3220468.mam_gk_currentVersion.enc", "MS40LjQuNg=="); Line Deleted : user_pref("CT3220468.mam_gk_first_time.enc", "MQ=="); Line Deleted : user_pref("CT3220468.mam_gk_installer_preapproved.enc", "dHJ1ZQ=="); Line Deleted : user_pref("CT3220468.mam_gk_lastLoginTime.enc", "MTM2NTQ3MjY4MzY5NQ=="); Line Deleted : user_pref("CT3220468.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...] Line Deleted : user_pref("CT3220468.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ=="); Line Deleted : user_pref("CT3220468.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjE1Xy0xIiwiaXNUZXN0IjpmYWxzZSwiaXNXZWxjb21lRXhwZXJpZW5jZUVuYWJsZWRCeURlZmF1b[...] Line Deleted : user_pref("CT3220468.mam_gk_showCloseButton.enc", "dHJ1ZQ=="); Line Deleted : user_pref("CT3220468.mam_gk_showWelcomeGadget.enc", "ZmFsc2U="); Line Deleted : user_pref("CT3220468.mam_gk_userId.enc", "MDU5YWUxYmYtM2RjMy00NmEwLTkyN2ItYmNhZDZiOGQ0M2Ri"); Line Deleted : user_pref("CT3220468.migrateAppsAndComponents", true); Line Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.pogo.com%2Fgames%2Ftripeaks%3FpageSection%3Dcp_home_game_list_card%23game\",\"EB_MAIN_FR[...] Line Deleted : user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3220468.openThankYouPage", "true"); Line Deleted : user_pref("CT3220468.openUninstallPage", "FALSE"); Line Deleted : user_pref("CT3220468.search.searchAppId", "129813684258939747"); Line Deleted : user_pref("CT3220468.search.searchCount", "0"); Line Deleted : user_pref("CT3220468.searchInNewTabEnabled", "false"); Line Deleted : user_pref("CT3220468.searchInNewTabEnabledByUser", "false"); Line Deleted : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true"); Line Deleted : user_pref("CT3220468.searchSuggestEnabledByUser", "false"); Line Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}"); Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}"); Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2 \"}"); Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); Line Deleted : user_pref("CT3220468.serviceLayer_services_Configuration_lastUpdate", "1386733796758"); Line Deleted : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1365286994007"); Line Deleted : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1365398220357"); Line Deleted : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1364422992896"); Line Deleted : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1372937198645"); Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1353495405595"); Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364364358313"); Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363241162334"); Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369278357978"); Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372937331809"); Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.16.4.519_lastUpdate", "1375070704855"); Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.16.70.505_lastUpdate", "1379301628065"); Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.20.0.513_lastUpdate", "1386733796460"); Line Deleted : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1364422992873"); Line Deleted : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1386733796305"); Line Deleted : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1386733796254"); Line Deleted : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1364422992842"); Line Deleted : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1386740996950"); Line Deleted : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1386733796710"); Line Deleted : user_pref("CT3220468.settingsINI", true); Line Deleted : user_pref("CT3220468.shouldFirstTimeDialog", "false"); Line Deleted : user_pref("CT3220468.showToolbarPermission", "false"); Line Deleted : user_pref("CT3220468.smartbar.CTID", "CT3220468"); Line Deleted : user_pref("CT3220468.smartbar.Uninstall", "0"); Line Deleted : user_pref("CT3220468.smartbar.isHidden", true); Line Deleted : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 "); Line Deleted : user_pref("CT3220468.toolbarBornServerTime", "8-10-2012"); Line Deleted : user_pref("CT3220468.toolbarCurrentServerTime", "11-12-2013"); Line Deleted : user_pref("CT3220468.toolbarLoginClientTime", "Thu Mar 14 2013 17:34:48 GMT-0500 (Central Daylight Time)"); Line Deleted : user_pref("CT3220468.upgradeFromClearSBVersion", true); Line Deleted : user_pref("CT3220468.url_history0001.enc", "aHR0cHM6Ly9ibHUxNjkubWFpbC5saXZlLmNvbS9tYWlsLyM6OjpjbGlja2hhbmRsZXI6OjoxMzY1NDcwNTEwNDc3LCwsaHR0cDovL3hoYW1zdGVyLmNvbS9yYW5raW5ncy93ZWVrbHktdG9wLXZpZGVvcy5o[...] Line Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386733806289,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"); Line Deleted : user_pref("CT3288691.CONDUIT_UPDATE_converterVersion", "%BE%B4%B7%B4%B7%B4%B7%B6"); Line Deleted : user_pref("CT3288691.CONDUIT_UPDATE_converterVersion.enc", "OC4xLjEuMTA="); Line Deleted : user_pref("CT3288691.CONDUIT_UPDATE_playerVersion", "%B7%B7%B4%B6%B4%B6%B4%B9%BC%BA"); Line Deleted : user_pref("CT3288691.CONDUIT_UPDATE_playerVersion.enc", "MTEuMC4wLjM2NA=="); Line Deleted : user_pref("CT3288691.CONDUIT_UPDATE_streamerVersion", "%B7%B4%B7%B4%B7%B4%B8%BB"); Line Deleted : user_pref("CT3288691.CONDUIT_UPDATE_streamerVersion.enc", "MS4xLjEuMjU="); Line Deleted : user_pref("CT3288691.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3288691.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3288691.FF19Solved", "true"); Line Deleted : user_pref("CT3288691.FirstTime", "true"); Line Deleted : user_pref("CT3288691.FirstTimeFF3", "true"); Line Deleted : user_pref("CT3288691.RestartDialogFirstTime", "false"); Line Deleted : user_pref("CT3288691.RestartDialogShouldDisplay", "false"); Line Deleted : user_pref("CT3288691.UserID", "UN29238774651820727"); Line Deleted : user_pref("CT3288691.addressBarTakeOverEnabledInHidden", "true"); Line Deleted : user_pref("CT3288691.countryCode", "US"); Line Deleted : user_pref("CT3288691.defaultSearch", "false"); Line Deleted : user_pref("CT3288691.enableAlerts", "true"); Line Deleted : user_pref("CT3288691.enableSearchFromAddressBar", "true"); Line Deleted : user_pref("CT3288691.firstTimeDialogOpened", "true"); Line Deleted : user_pref("CT3288691.fixPageNotFoundError", "false"); Line Deleted : user_pref("CT3288691.fixPageNotFoundErrorByUser", "false"); Line Deleted : user_pref("CT3288691.fixPageNotFoundErrorInHidden", "true"); Line Deleted : user_pref("CT3288691.fullUserID", "UN29238774651820727.IN.20131108175914"); Line Deleted : user_pref("CT3288691.installDate", "08/11/2013 17:59:15"); Line Deleted : user_pref("CT3288691.installId", "stub.exe"); Line Deleted : user_pref("CT3288691.installSessionId", "{122D7695-2869-4F27-88DE-F9D7C850D76B}"); Line Deleted : user_pref("CT3288691.installSp", "false"); Line Deleted : user_pref("CT3288691.installType", "conduitnsisintegration"); Line Deleted : user_pref("CT3288691.installUsage", "2013-11-09T02:59:23.4613663+03:00"); Line Deleted : user_pref("CT3288691.installUsageEarly", "2013-11-09T02:59:22.7113519+03:00"); Line Deleted : user_pref("CT3288691.installerVersion", "1.8.0.14"); Line Deleted : user_pref("CT3288691.isCheckedStartAsHidden", true); Line Deleted : user_pref("CT3288691.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3288691.isFirstTimeToolbarLoading", "false"); Line Deleted : user_pref("CT3288691.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Line Deleted : user_pref("CT3288691.keyword", "true"); Line Deleted : user_pref("CT3288691.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT3288691&octid=CT3288691&ISID=ISID_ID&SearchSource=15&CUI=UN29238774651820727&Lay=1[...] Line Deleted : user_pref("CT3288691.lastVersion", "10.29.0.520"); Line Deleted : user_pref("CT3288691.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.bobandtom.com%2Fcommon%2Fpage.php%3Fpt%3DR.I.P.%2BTim%2BWilson%26id%3D994%26is_corp%3D0\[...] Line Deleted : user_pref("CT3288691.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3288691.openThankYouPage", "false"); Line Deleted : user_pref("CT3288691.openUninstallPage", "true"); Line Deleted : user_pref("CT3288691.originalSearchAddressUrl", ""); Line Deleted : user_pref("CT3288691.performedDomainChangesMigration", "true"); Line Deleted : user_pref("CT3288691.revertSettingsEnabled", "false"); Line Deleted : user_pref("CT3288691.search.searchAppId", "10000002"); Line Deleted : user_pref("CT3288691.search.searchCount", "0"); Line Deleted : user_pref("CT3288691.searchInNewTabEnabledByUser", "false"); Line Deleted : user_pref("CT3288691.searchInNewTabEnabledInHidden", "true"); Line Deleted : user_pref("CT3288691.searchRevert", "false"); Line Deleted : user_pref("CT3288691.searchSuggestEnabledByUser", "true"); Line Deleted : user_pref("CT3288691.searchUserMode", "2"); Line Deleted : user_pref("CT3288691.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3288691.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3288691.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); Line Deleted : user_pref("CT3288691.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3288691\"}"); Line Deleted : user_pref("CT3288691.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DivXBrowserBar.OurToolbar.com//xpi\"}"); Line Deleted : user_pref("CT3288691.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DivX Browser Bar \"}"); Line Deleted : user_pref("CT3288691.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT3288691.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); Line Deleted : user_pref("CT3288691.serviceLayer_services_Configuration_lastUpdate", "1397942871338"); Line Deleted : user_pref("CT3288691.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1383955194727"); Line Deleted : user_pref("CT3288691.serviceLayer_services_appsMetadata_lastUpdate", "1383955196165"); Line Deleted : user_pref("CT3288691.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1383955192284"); Line Deleted : user_pref("CT3288691.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1383955190413"); Line Deleted : user_pref("CT3288691.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1383955191149"); Line Deleted : user_pref("CT3288691.serviceLayer_services_login_10.21.1.507_lastUpdate", "1384412023407"); Line Deleted : user_pref("CT3288691.serviceLayer_services_login_10.21.1.7_lastUpdate", "1384228840732"); Line Deleted : user_pref("CT3288691.serviceLayer_services_login_10.22.3.518_lastUpdate", "1384931808585"); Line Deleted : user_pref("CT3288691.serviceLayer_services_login_10.22.5.510_lastUpdate", "1386733796557"); Line Deleted : user_pref("CT3288691.serviceLayer_services_login_10.23.0.822_lastUpdate", "1396503299019"); Line Deleted : user_pref("CT3288691.serviceLayer_services_login_10.29.0.520_lastUpdate", "1397971678170"); Line Deleted : user_pref("CT3288691.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1383955192631"); Line Deleted : user_pref("CT3288691.serviceLayer_services_searchAPI_lastUpdate", "1397942871791"); Line Deleted : user_pref("CT3288691.serviceLayer_services_serviceMap_lastUpdate", "1397942871103"); Line Deleted : user_pref("CT3288691.serviceLayer_services_toolbarContextMenu_lastUpdate", "1383955191849"); Line Deleted : user_pref("CT3288691.serviceLayer_services_toolbarSettings_lastUpdate", "1397971672999"); Line Deleted : user_pref("CT3288691.serviceLayer_services_translation_lastUpdate", "1397962135964"); Line Deleted : user_pref("CT3288691.settingsINI", true); Line Deleted : user_pref("CT3288691.shouldFirstTimeDialog", "false"); Line Deleted : user_pref("CT3288691.showToolbarPermission", "false"); Line Deleted : user_pref("CT3288691.smartbar.CTID", "CT3288691"); Line Deleted : user_pref("CT3288691.smartbar.Uninstall", "0"); Line Deleted : user_pref("CT3288691.smartbar.toolbarName", "DivX Browser Bar "); Line Deleted : user_pref("CT3288691.startPage", "false"); Line Deleted : user_pref("CT3288691.toolbarBornServerTime", "9-11-2013"); Line Deleted : user_pref("CT3288691.toolbarCurrentServerTime", "20-4-2014"); Line Deleted : user_pref("CT3288691.toolbarInstallDate", "08-11-2013 17:59:14"); Line Deleted : user_pref("CT3288691.toolbarLoginClientTime", "Fri Nov 08 2013 17:59:58 GMT-0600 (Central Standard Time)"); Line Deleted : user_pref("CT3288691.versionFromInstaller", "10.21.1.7"); Line Deleted : user_pref("CT3288691.xpeMode", "0"); Line Deleted : user_pref("CT3288691_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1397856488080,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"); Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", ""); Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2); Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3288691"); Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN29238774651820727&UM=2&q="); Line Deleted : user_pref("smartbar.machineId", "TOZZNJDKJHALHAYSBEV7KCROF/VSOPJGVHG6ZOTTQNAPX0ODBKHI4DMB5AVX/HUDV94WVYO6QOHO8EF6MDON3A"); Line Deleted : user_pref("smartbar.searchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN29238774651820727&UM=2&q="); Line Deleted : user_pref("valueApps.CT3288691.mam_gk_currentVersion", "312E31332E302E3137"); Line Deleted : user_pref("valueApps.CT3288691.mam_gk_currentVersion.storedInFile", false); Line Deleted : user_pref("valueApps.CT3288691.mam_gk_globalKeysMigratedToLocalStorage", "31"); Line Deleted : user_pref("valueApps.CT3288691.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false); Line Deleted : user_pref("valueApps.CT3288691.mam_gk_migrated_from_ls", "31"); Line Deleted : user_pref("valueApps.CT3288691.mam_gk_migrated_from_ls.storedInFile", false); Line Deleted : user_pref("valueApps.CT3288691.mam_gk_userBornDate", "4E2F41"); Line Deleted : user_pref("valueApps.CT3288691.mam_gk_userBornDate.storedInFile", false); ************************* AdwCleaner[R0].txt - [29428 octets] - [20/04/2014 08:46:20] AdwCleaner[s0].txt - [29298 octets] - [20/04/2014 08:54:31] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [29359 octets] ########## JRT log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.4.6 (03.22.2015:1) OS: Windows 7 Professional x64 Ran by Mike on Thu 03/26/2015 at 22:22:34.29 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateWhilokii_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateWhilokii_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateWhilokii_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateWhilokii_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E862C728-AF17-40E3-BCDF-584932ABFDEE} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Mike\AppData\Roaming\getrighttogo" Successfully deleted: [Folder] "C:\Users\Mike\appdata\local\cre" Successfully deleted: [Folder] "C:\Users\Mike\appdata\local\downloadmanager" Successfully deleted: [Empty Folder] C:\Users\Mike\appdata\local\{5337168D-21D1-468D-9116-42566BA49C47} Successfully deleted: [Empty Folder] C:\Users\Mike\appdata\local\{77E810EE-6A26-45FA-AF47-D668C959146B} ~~~ FireFox Successfully deleted the following from C:\Users\Mike\AppData\Roaming\mozilla\firefox\profiles\lays53kr.default\prefs.js user_pref("WebVideoDownloaderHistory.HistoryArray_0.url", "hxxp://o-o.preferred.ccitexas-ord1.v18.lscache5.c.youtube.com/videoplayback?burst=40&itag=34&fexp=914073%2C919319%2C user_pref("WebVideoDownloaderHistory.HistoryArray_15.url", "hxxp://game3.pogo.com/v/F5Spug/applet/sounds/premspin/blnc.au"); user_pref("WebVideoDownloaderHistory.HistoryArray_16.url", "hxxp://game3.pogo.com/v/F5Spug/applet/sounds/premspin/prizeaward.au"); user_pref("WebVideoDownloaderHistory.HistoryArray_17.url", "hxxp://game3.pogo.com/v/F5Spug/applet/sounds/premspin/Positiveding.au"); user_pref("WebVideoDownloaderHistory.HistoryArray_20.url", "hxxp://o-o---preferred---ccitexas-ord1---v9---lscache2.c.youtube.com/videoplayback?algorithm=throttle-factor&burst= user_pref("WebVideoDownloaderHistory.HistoryArray_5.url", "hxxp://game3.pogo.com/v/F2-ALQ/applet/sounds/premspin/Positiveding.au"); user_pref("WebVideoDownloaderHistory.HistoryArray_6.url", "hxxp://game3.pogo.com/v/F2-ALQ/applet/sounds/premspin/blnc.au"); user_pref("WebVideoDownloaderHistory.HistoryArray_7.url", "hxxp://game3.pogo.com/v/F2-ALQ/applet/sounds/premspin/prizeaward.au"); user_pref("valueApps.storage.mam_gk_userId", "61366439623432362D303437342D346364372D613932382D356433383066333534373730"); Emptied folder: C:\Users\Mike\AppData\Roaming\mozilla\firefox\profiles\lays53kr.default\minidumps [47 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 03/26/2015 at 22:25:51.78 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  14. I have performed the requested tasks. Because of the disclaimer, I want to mention that the HiJack This scan did include this line: 04 - HKCU..Run [uTorrent] "C:\Program Files(x86) uTorrent\uTorrent.exe"/MINIMIZED. This program has been uninstalled for 2-3 years and do not know why it shows up here; perhaps just the remnant in the registry. Malwarebytes log: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 3/26/2015 Scan Time: 4:37:13 PM Logfile: MBAM_3-26-15.txt Administrator: Yes Version: 2.01.4.1018 Malware Database: v2015.03.26.07 Rootkit Database: v2015.03.26.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Mike Scan Type: Threat Scan Result: Completed Objects Scanned: 467685 Time Elapsed: 38 min, 19 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) FRST and Additional logs are large and will attach. Rogue Killer log: RogueKiller V10.5.7.0 (x64) [Mar 22 2015] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Mike [Administrator] Started from : C:\Users\Mike\Desktop\RogueKillerX64.exe Mode : Scan -- Date : 03/26/2015 17:44:25 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 12 ¤¤¤ [suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run | ROC_ROC_APR2013_AV : C:\Users\Mike\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid ddbae792321c47d1ba9ed15426e99490-dea33aeff6aaebca622fc55477b442c3c67ca2ee --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 -> Found [suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run | AVG-Secure-Search-Update_0913a : C:\Users\Mike\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid ddbae792321c47d1ba9ed15426e99490-dea33aeff6aaebca622fc55477b442c3c67ca2ee --CMPID 0913a -> Found [suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run | AVG-Secure-Search-Update_1113a : C:\Users\Mike\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=ddbae792321c47d1ba9ed15426e99490-dea33aeff6aaebca622fc55477b442c3c67ca2ee /CMPID=1113a -> Found [suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run | ROC_ROC_APR2013_AV : C:\Users\Mike\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid ddbae792321c47d1ba9ed15426e99490-dea33aeff6aaebca622fc55477b442c3c67ca2ee --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 -> Found [suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run | AVG-Secure-Search-Update_0913a : C:\Users\Mike\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid ddbae792321c47d1ba9ed15426e99490-dea33aeff6aaebca622fc55477b442c3c67ca2ee --CMPID 0913a -> Found [suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Run | AVG-Secure-Search-Update_1113a : C:\Users\Mike\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=ddbae792321c47d1ba9ed15426e99490-dea33aeff6aaebca622fc55477b442c3c67ca2ee /CMPID=1113a -> Found [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1754454339-2153682011-3722641661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found ¤¤¤ Tasks : 4 ¤¤¤ [suspicious.Path] 0814avUpdateInfo.job -- C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe ( /SETINFO /CMPID=0814av /INFORETRY=3) -> Found [suspicious.Path] ROC_REG_JAN_DELETE.job -- C:\ProgramData\AVG January 2013 Campaign\ROC.exe (/DELETE_FROM_SYSTEM=1) -> Found [suspicious.Path] \\0814avUpdateInfo -- C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe (/SETINFO /CMPID=0814av /INFORETRY=3) -> Found [suspicious.Path] \\ROC_REG_JAN_DELETE -- C:\ProgramData\AVG January 2013 Campaign\ROC.exe (/DELETE_FROM_SYSTEM=1) -> Found ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 [Too big!] ¤¤¤ ¤¤¤ Antirootkit : 1 (Driver: Loaded) ¤¤¤ [Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\System32\drivers\volmgrx.sys) ¤¤¤ Web browsers : 1 ¤¤¤ [PUM.HomePage][FIREFX:Config] lays53kr.default : user_pref("browser.startup.homepage", "http://my.ebay.com/ws/eBayISAPI.dll?MyEbay&gbh=1&CurrentPage=MyeBaySummary&ssPageName=STRK:ME:LNLK:MESUMX");-> Found ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: WDC WD1001FALS-00J7B0 ATA Device +++++ --- User --- [MBR] eccf1e8dcb5e3920b6dea69b052fa7d1 [bSP] ce2aa0a90325b0e7c3aa954f5afc1bce : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: HP Photosmart 6510 USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) Addition.txt FRST.txt
  15. For the last few days I have had trouble getting some web pages to load. Some will load very slowly and some not at all. A few days ago I ran Malwarebytes and I got a clean report. Yesterday I ran Hijack This and it showed "For some reason your system denied write access to the Hosts file." Overnight Malwarebytes ran again and it showed three instances of Conduit which I quarantined and deleted. After this, I again tried to refresh some of the pages and they still would not load. It look probably five or six times to get this page to load on my PC, but could never get this post to send. I am sending from my phone. I am running Windows 7 with 8GB memory. I use Firefox and also tried IE with the same results. Does anyone have a clue what I can do to get my internet connection going again? Thanks.
  16. I guess the problem is gone. At least I can get Windows Updates.
  17. I had been to that page and downloaded the tool, but it did not good. This time, I went to the Microsoft Answers link on the page and browsed until I found the answer. The updated succeeded after that. I looked again at the Hijack This site and it showed that the file works equally with 32 and 64 bit Win7. I downloaded again in case I hadn't got the right file before, but I still get the same results. Of course I know nothing abut the DDS program, but I see several errors in the lower part of the second log. Is that not anything to worry about?
  18. All of the files missing did raise concern, but with the Windows Update not working correctly after running their recommended fixes it made me think there could be an underlying cause. The update error code is 8024200D, if that means anything to you. This particular laptop was without internet connection for a long period and therefore did not get updates. I put the laptop on my network to get updates and after some time could get some, but there is a security update for Windows 7 that continually fails. Is there not a version of Hijack This that is compatible with Windows 7? I got this from the CNET Download.com website.
  19. Things don't seem absolutely right on this laptop. There had been an issue with Windows Update, but I may have gotten that corrected. I ran HiJackThis and got the message "Your system denied write access to the Hosts file." When I looked at the screen, there were numerous files reported to be missing. I did not want to modify anything with that being the case. I just purchased Malwarebytes, but it doesn't show anything. I have the DDS and Attach logs below. Please let me know if you want the HiJackThis log. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16518 Run by Owner at 9:49:21 on 2014-02-15 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2006 [GMT -6:00] . AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\SafeConnect\scManager.sys C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\SafeConnect\scClient.exe C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: MRI_DISABLED - <orphaned> BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r mRun: [HControlUser] "C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" mRun: [ATKOSD2] "C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" mRun: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" mRun: [WebrootTrayApp] "C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe" mRun: [HP Software Update] "C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [Wondershare Helper Compact.exe] "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" mRun: [browserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAFECO~1.LNK - C:\Program Files (x86)\SafeConnect\scClient.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe uPolicies-Explorer: NoDriveAutoRun = dword:0 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 10.140.225.136 TCP: Interfaces\{2F811FA5-00F9-4670-8D94-01384D4DC838} : DHCPNameServer = 10.140.225.136 TCP: Interfaces\{2F811FA5-00F9-4670-8D94-01384D4DC838}\07F647475627 : DHCPNameServer = 192.168.254.254 192.168.254.254 TCP: Interfaces\{2F811FA5-00F9-4670-8D94-01384D4DC838}\271646C6F66666 : DHCPNameServer = 192.168.254.254 192.168.254.254 TCP: Interfaces\{2F811FA5-00F9-4670-8D94-01384D4DC838}\6627F6E64796562733633383 : DHCPNameServer = 192.168.254.254 192.168.254.254 TCP: Interfaces\{2F811FA5-00F9-4670-8D94-01384D4DC838}\6627F6E64796562763333354 : DHCPNameServer = 192.168.254.254 192.168.254.254 TCP: Interfaces\{2F811FA5-00F9-4670-8D94-01384D4DC838}\861627465627 : DHCPNameServer = 192.168.254.254 192.168.254.254 TCP: Interfaces\{2F811FA5-00F9-4670-8D94-01384D4DC838}\E45445745414252373 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{364AC872-62C8-4D20-A6E8-8229A045CD4F} : DHCPNameServer = 168.94.0.15 168.94.0.14 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL SSODL: WebCheck - <orphaned> x64-BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [ETDWare] "C:\Program Files\Elantech\ETDCtrl.exe" x64-Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jplbdksp.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll . ============= SERVICES / DRIVERS =============== . R0 lullaby;lullaby;C:\Windows\System32\drivers\lullaby.sys [2010-6-12 15928] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240] R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-6-12 379520] R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2010-6-12 14904] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-12 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-12 701512] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944] R2 SCManager;SafeConnect Manager;C:\Program Files (x86)\SafeConnect\scManager.sys [2012-11-19 176520] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944] R2 ssfmonm;ssfmonm;C:\Windows\System32\drivers\ssfmonm.sys [2010-8-13 55360] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-10-15 117760] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-12 25928] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2009-7-9 1222144] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;"C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe" --> C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe [?] S2 WRConsumerService;Webroot Client Service;"C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe" --> C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe [?] S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-8-21 44032] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-6-12 61792] S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-13 111616] S3 Leapfrog-USBLAN;Leapfrog-USBLAN;C:\Windows\System32\drivers\btblan.sys [2012-9-28 40320] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-2-13 19456] S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2014-2-12 31800] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-13 56832] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-14 1255736] . =============== Created Last 30 ================ . 2014-02-15 03:28:56 388096 ----a-r- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2014-02-15 03:28:53 -------- d-----w- C:\Program Files (x86)\Trend Micro 2014-02-15 02:38:07 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{77CE6705-03E7-461D-8AC4-8A2A7BCA5B77}\mpengine.dll 2014-02-15 01:37:46 -------- d-----w- C:\Windows\CheckSur 2014-02-14 11:51:53 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2014-02-14 06:11:26 270496 ------w- C:\Windows\System32\MpSigStub.exe 2014-02-14 05:08:14 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC2DF78F-43FA-4FB9-A20D-6AEA3C6B5895}\gapaengine.dll 2014-02-14 04:37:47 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2014-02-14 04:37:39 -------- d-----w- C:\Program Files\Microsoft Security Client 2014-02-14 04:29:21 6573056 ----a-w- C:\Windows\System32\mstscax.dll 2014-02-14 04:29:21 5693440 ----a-w- C:\Windows\SysWow64\mstscax.dll 2014-02-14 04:12:58 243200 ----a-w- C:\Windows\System32\rdpudd.dll 2014-02-14 04:12:58 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll 2014-02-14 04:12:58 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll 2014-02-14 04:12:57 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll 2014-02-14 04:11:50 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll 2014-02-14 04:11:50 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll 2014-02-14 04:11:44 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2014-02-14 04:11:44 366592 ----a-w- C:\Windows\System32\qdvd.dll 2014-02-14 03:47:00 353280 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll 2014-02-14 03:47:00 293080 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll 2014-02-14 03:47:00 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-02-14 03:47:00 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-02-14 03:47:00 271360 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll 2014-02-14 03:47:00 251392 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll 2014-02-14 03:47:00 235224 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll 2014-02-14 03:29:49 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2014-02-14 03:29:49 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2014-02-14 03:29:44 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2014-02-14 03:29:44 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2014-02-14 03:15:15 548864 ----a-w- C:\Windows\System32\vbscript.dll 2014-02-14 03:15:15 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll 2014-02-14 03:12:58 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2014-02-14 03:12:58 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2014-02-14 03:12:58 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2014-02-14 03:12:58 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2014-02-14 03:03:04 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2014-02-14 03:02:24 -------- d-----w- C:\Program Files\iPod 2014-02-14 03:02:23 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-02-14 03:02:23 -------- d-----w- C:\Program Files\iTunes 2014-02-14 03:02:23 -------- d-----w- C:\Program Files (x86)\iTunes 2014-02-14 03:01:13 -------- d-----w- C:\Program Files\Bonjour 2014-02-14 03:01:13 -------- d-----w- C:\Program Files (x86)\Bonjour 2014-02-14 03:00:12 67072 ----a-w- C:\Windows\splwow64.exe 2014-02-14 03:00:12 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2014-02-14 02:37:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll 2014-02-14 02:37:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll 2014-02-14 02:37:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll 2014-02-14 02:37:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll 2014-02-14 02:37:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll 2014-02-13 12:00:26 -------- d-----w- C:\Windows\Migration 2014-02-13 06:25:36 -------- d-----w- C:\11fbc9e7b8cd7679cc0c 2014-02-13 06:03:26 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2014-02-13 06:03:26 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2014-02-13 06:03:26 12625920 ----a-w- C:\Windows\System32\wmploc.DLL 2014-02-13 06:03:25 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL 2014-02-13 04:13:06 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll 2014-02-13 04:02:39 376768 ----a-w- C:\Windows\System32\drivers\netio.sys 2014-02-13 04:02:39 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-02-13 03:59:07 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2014-02-13 03:59:06 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2014-02-13 03:58:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2014-02-13 03:58:03 2048 ----a-w- C:\Windows\System32\tzres.dll 2014-02-13 03:57:52 70656 ----a-w- C:\Windows\System32\nlaapi.dll 2014-02-13 03:57:52 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll 2014-02-13 03:57:52 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll 2014-02-13 03:57:52 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2014-02-13 03:57:52 303104 ----a-w- C:\Windows\System32\nlasvc.dll 2014-02-13 03:57:52 246272 ----a-w- C:\Windows\System32\netcorehc.dll 2014-02-13 03:57:52 216576 ----a-w- C:\Windows\System32\ncsi.dll 2014-02-13 03:57:52 18944 ----a-w- C:\Windows\SysWow64\netevent.dll 2014-02-13 03:57:52 18944 ----a-w- C:\Windows\System32\netevent.dll 2014-02-13 03:57:52 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll 2014-02-13 03:57:52 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll 2014-02-13 03:57:27 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2014-02-13 03:55:59 1474048 ----a-w- C:\Windows\System32\crypt32.dll 2014-02-13 03:54:37 1192448 ----a-w- C:\Windows\System32\certutil.exe 2014-02-13 03:53:56 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-02-13 03:51:50 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2014-02-13 02:51:34 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2014-02-13 02:51:34 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2014-02-13 02:51:33 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2014-02-13 02:51:33 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2014-02-13 02:51:33 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2014-02-13 02:51:33 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2014-02-13 02:51:33 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2014-02-13 02:49:25 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2014-02-13 02:49:24 478208 ----a-w- C:\Windows\System32\dpnet.dll 2014-02-13 02:49:24 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll 2014-02-13 02:31:37 -------- d-----w- C:\Windows\System32\MRT 2014-02-13 02:01:47 715776 ----a-w- C:\Windows\System32\kerberos.dll 2014-02-13 02:01:47 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2014-02-13 02:01:43 95744 ----a-w- C:\Windows\System32\synceng.dll 2014-02-13 02:01:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll 2014-02-13 01:42:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2014-02-13 01:20:54 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2014-02-13 01:19:56 2002432 ----a-w- C:\Windows\System32\msxml6.dll 2014-02-13 01:19:56 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2014-02-13 01:15:24 209920 ----a-w- C:\Windows\System32\profsvc.dll 2014-02-13 00:59:15 800768 ----a-w- C:\Windows\System32\usp10.dll 2014-02-13 00:59:15 626688 ----a-w- C:\Windows\SysWow64\usp10.dll 2014-02-13 00:52:52 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2014-02-13 00:47:43 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2014-02-13 00:47:41 3216384 ----a-w- C:\Windows\System32\msi.dll 2014-02-13 00:47:41 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2014-02-13 00:47:31 362496 ----a-w- C:\Windows\System32\wow64win.dll 2014-02-13 00:47:31 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2014-02-13 00:47:31 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2014-02-13 00:27:33 -------- d-----w- C:\Windows\System32\SPReview 2014-02-13 00:25:53 -------- d-----w- C:\Windows\System32\EventProviders 2014-02-12 23:51:04 59392 ----a-w- C:\Windows\System32\browcli.dll 2014-02-12 23:51:04 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2014-02-12 23:51:04 136704 ----a-w- C:\Windows\System32\browser.dll 2014-02-12 23:50:59 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2014-02-12 23:50:29 503808 ----a-w- C:\Windows\System32\srcore.dll 2014-02-12 23:50:29 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2014-02-12 23:44:00 956928 ----a-w- C:\Windows\System32\localspl.dll 2014-02-12 23:09:49 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2014-02-12 23:09:49 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2014-02-12 23:09:49 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2014-02-12 21:42:34 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes 2014-02-12 21:42:11 -------- d-----w- C:\ProgramData\Malwarebytes 2014-02-12 21:42:10 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-02-12 21:42:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-12 21:09:53 -------- d-----w- C:\Users\Owner\AppData\Local\ElevatedDiagnostics 2014-02-12 21:04:53 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2014-02-12 21:04:41 99840 ----a-w- C:\Windows\System32\wudriver.dll 2014-02-12 21:04:28 36864 ----a-w- C:\Windows\System32\wuapp.exe 2014-02-12 21:04:28 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2014-02-12 19:38:43 -------- d-----w- C:\Users\Owner\AppData\Local\VS Revo Group 2014-02-12 19:38:38 -------- d-----w- C:\ProgramData\VS Revo Group 2014-02-12 19:38:37 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys 2014-02-12 19:38:34 -------- d-----w- C:\Program Files\VS Revo Group 2014-02-12 19:37:29 -------- d-----w- C:\Users\Owner\AppData\Local\Programs 2014-02-04 13:31:57 -------- d-----w- C:\Program Files (x86)\SafeConnect 2014-01-22 03:28:23 -------- d-----w- C:\Windows\9155DB04A032491A88B27C19B9E9F945.TMP . ==================== Find3M ==================== . 2014-02-13 05:20:47 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-02-13 00:42:41 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2014-02-13 00:42:40 175616 ----a-w- C:\Windows\System32\msclmd.dll 2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll 2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll 2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll 2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll 2013-12-06 02:02:08 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll 2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll 2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll 2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll 2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll 2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll 2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe 2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe 2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe 2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe 2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll 2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll 2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll 2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll 2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe 2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe 2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe 2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe 2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys 2009-04-08 17:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll 2008-08-12 04:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll . ============= FINISH: 9:50:16.96 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 8/13/2010 9:43:22 PM System Uptime: 2/14/2014 9:09:02 PM (12 hours ago) . Motherboard: ASUSTeK Computer Inc. | | K50IJ Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz | Socket 478 | 2300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 446 GiB total, 391.069 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP87: 2/13/2014 5:55:05 AM - Windows Update RP88: 2/13/2014 9:05:13 PM - Windows Update RP89: 2/13/2014 9:14:41 PM - Windows Update RP90: 2/13/2014 9:46:14 PM - Windows Update RP91: 2/13/2014 10:12:03 PM - Windows Update RP92: 2/13/2014 10:21:27 PM - Windows Update RP93: 2/13/2014 10:29:23 PM - Windows Update RP94: 2/13/2014 10:30:52 PM - Windows Update RP95: 2/13/2014 10:36:28 PM - Windows Update RP96: 2/13/2014 10:40:29 PM - Windows Update RP97: 2/14/2014 3:00:12 AM - Windows Update RP98: 2/14/2014 5:50:58 AM - Windows Update RP99: 2/14/2014 6:25:35 AM - Windows Update RP100: 2/14/2014 7:37:25 PM - Windows Update RP101: 2/14/2014 8:07:27 PM - Windows Update RP102: 2/14/2014 8:20:58 PM - Windows Update RP103: 2/14/2014 8:27:50 PM - Windows Update RP104: 2/14/2014 8:46:18 PM - Windows Update RP105: 2/14/2014 9:01:33 PM - Windows Update RP106: 2/14/2014 9:28:24 PM - Installed HiJackThis RP107: 2/15/2014 3:00:13 AM - Windows Update . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Alcor Micro USB Card Reader Apple Application Support Apple Mobile Device Support Apple Software Update ASUS AI Recovery ASUS CopyProtect ASUS Data Security Manager ASUS FancyStart ASUS LifeFrame3 ASUS Live Update ASUS MultiFrame ASUS Power4Gear Hybrid ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS Virtual Camera ASUS_Screensaver ATK Generic Function Service ATK Hotkey ATK Media ATKOSD2 Best Buy Software Installer Bonjour Choice Guard ControlDeck CyberLink LabelPrint CyberLink Power2Go Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition ETDWare PS/2-x64 7.0.5.9_WHQL Fast Boot Geek Squad 24 Hour Computer Support HiJackThis HP Deskjet 2050 J510 series Basic Device Software HP Deskjet 2050 J510 series Help HP Deskjet 2050 J510 series Product Improvement Study HP Photo Creations HP Update Intel® Control Center Intel® Graphics Media Accelerator Driver iTunes Junk Mail filter update LeapFrog Connect LeapFrog LeapPad Explorer Plugin LeapFrog My Pals Plugin Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Mozilla Firefox 27.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) Platform QuickTime Revo Uninstaller Pro 3.0.8 SafeConnect Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2863902) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SRS Premium Sound Control Panel Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition USB 2.0 1.3M UVC WebCam Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) VIA Platform Device Manager Webroot Software Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer WinFlash Wireless Console 3 . ==== Event Viewer Messages From Past Week ======== . 2/15/2014 9:50:07 AM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.140.225.117. The computer with the IP address 10.140.225.136 did not allow the name to be claimed by this computer. 2/15/2014 3:02:40 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2667402). 2/14/2014 9:30:52 PM, Error: BROWSER [8009] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is MEYERHOLZ. 2/14/2014 9:09:45 PM, Error: Service Control Manager [7000] - The Webroot Spy Sweeper Engine service failed to start due to the following error: The system cannot find the file specified. 2/14/2014 9:09:20 PM, Error: Service Control Manager [7000] - The Webroot Client Service service failed to start due to the following error: The system cannot find the file specified. 2/14/2014 6:25:49 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 for x64-based Systems (KB2667402). 2/14/2014 11:14:16 PM, Error: BROWSER [8019] - The browser was unable to promote itself to master browser. The browser will continue to attempt to promote itself to the master browser, but will no longer log any events in the event log in Event Viewer. 2/13/2014 9:01:01 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/13/2014 3:31:11 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2909921). 2/12/2014 7:38:43 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 2/12/2014 2:27:20 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 2/12/2014 2:27:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 2/12/2014 2:27:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 2/12/2014 2:26:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 2/12/2014 2:26:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 2/12/2014 2:26:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 2/12/2014 2:26:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 2/12/2014 2:26:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 2/12/2014 2:26:44 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start. 2/12/2014 2:26:43 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/12/2014 2:26:43 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 2/12/2014 2:26:43 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 2/12/2014 2:26:43 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 2/12/2014 2:26:43 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 2/12/2014 2:26:43 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 2/12/2014 2:26:43 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/12/2014 2:26:43 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/12/2014 2:26:43 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 2/12/2014 2:26:43 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. . ==== End Of File ===========================
  20. The laptop owner says everything works fine. Thanks.
  21. I will have the computer's owner test to verify it works to suit him. Thank you for your assistance.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.