1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Slow connection/mouse problems -- malware?

Discussion in 'Virus & Other Malware Removal' started by iluvtolaff, May 13, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. iluvtolaff

    iluvtolaff Thread Starter

    Joined:
    Oct 6, 2004
    Messages:
    593
    I've been having trouble with my mouse -- same ones I had with a previous mouse and this one is only a couple months old and doing the same thing. All problems are the same whether using IE, FF, or Chrome. Mouse problems are also when using offline documents:

    -- Double-clicks on it's own
    -- opens 2 tabs for every link clicked on
    -- won't highlight for copy/paste (it took almost 20 minutes to copy/paste the logs!)
    -- drag and drop not working most of the time -- when I click to drag, it opens the program instead of moving the icon on the
    desktop.

    My connection has become very slow the past 3 weeks with pages loading very slowly.
    I'm wondering if I have a virus or malware problem???

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz, Intel64 Family 6 Model 37 Stepping 5
    Processor Count: 4
    RAM: 3895 Mb
    Graphics Card: Intel(R) HD Graphics, 1723 Mb
    Hard Drives: C: Total - 939685 MB, Free - 882256 MB;
    Motherboard: Dell Inc., 0C2KJT
    Antivirus: avast! Antivirus, Updated and Enabled

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:55:21 PM, on 5/13/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v10.0 (10.00.9200.16537)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Users\Barbara\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://draggo.com/Benni
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
    R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
    O2 - BHO: IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Barbara\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
    O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 14072 bytes

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2
    Run by Barbara at 19:59:50 on 2013-05-13
    Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3895.2370 [GMT -5:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\Dwm.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
    C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://draggo.com/Benni
    uSearchMigratedDefaultURL = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZS&fl=0&ptb=x5dlYbFHN7iwxlKphbhubg&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
    uProxyOverride = 127.0.0.1;*.local
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
    uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
    mURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
    mWinlogon: Userinit = userinit.exe,
    BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
    BHO: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: IncrediMail MediaBar 2 Toolbar: {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
    TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
    TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    uRun: [Google Update] "C:\Users\Barbara\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
    mRun: [NPSStartup] <no file>
    mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
    dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
    IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
    IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
    IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
    TCP: NameServer = 192.168.15.1
    TCP: Interfaces\{3141C221-7440-445F-9B20-B83D4F163158} : DHCPNameServer = 192.168.15.1
    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll
    x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\dnelpvml.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=DCF3DF&PC=DCF3&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://draggo.com/Benni/main-links
    FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid={EE150F9C-DC87-4963-A8CF-2C6497CB5873}&mid=b575200a82f547d0bd0ea9628d98cd5e-8231fb30af758533f507bebd11b93e5130804f4b&lang=en&ds=ts022&pr=sa&d=2012-04-22 21:47:42&v=12.2.5.32&sap=ku&q=
    FF - component: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\dnelpvml.default\extensions\[email protected]\components\RadioWMPCoreGecko19.dll
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll
    FF - plugin: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Barbara\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
    FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-3 65336]
    R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-3 189936]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-1-26 55856]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-30 1025808]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-2-5 378432]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-3 39768]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-2-5 33400]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-2-5 80816]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-5-13 46808]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-1-26 1692480]
    R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-2-18 968880]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-1-26 56344]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-1-26 271872]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-1-26 321064]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
    S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-1-26 158976]
    S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-9-21 351520]
    S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
    S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2011-10-25 16448]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-6 59392]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-5 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-05-10 13:55:36 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B72479CE-47CC-49F3-9F8D-E839D4EC2E91}\mpengine.dll
    2013-04-29 01:50:07 -------- d-----w- C:\Users\Barbara\AppData\Local\Sonic_Solutions
    2013-04-24 14:04:32 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2013-04-23 23:44:52 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    .
    ==================== Find3M ====================
    .
    2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2013-05-09 08:59:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2013-05-09 08:59:07 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2013-05-09 08:59:07 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr
    2013-05-02 07:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
    2013-04-23 23:44:43 866720 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2013-04-23 23:44:43 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2013-04-12 21:38:44 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-04-12 21:38:44 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
    2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
    2013-03-05 17:00:57 963488 ----a-w- C:\Windows\System32\deployJava1.dll
    2013-03-05 17:00:57 1085344 ----a-w- C:\Windows\System32\npDeployJava1.dll
    2013-03-01 03:36:04 3153408 ----a-w- C:\Windows\System32\win32k.sys
    2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll
    2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll
    2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
    2013-02-18 17:21:23 39768 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
    2013-02-15 06:08:40 44032 ----a-w- C:\Windows\System32\tsgqec.dll
    2013-02-15 06:06:11 3717632 ----a-w- C:\Windows\System32\mstscax.dll
    2013-02-15 06:02:26 158720 ----a-w- C:\Windows\System32\aaclient.dll
    2013-02-15 04:37:10 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
    2013-02-15 04:34:10 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
    2013-02-15 03:25:51 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
    .
    ============= FINISH: 20:00:23.58 ===============

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 2/3/2011 11:58:44 AM
    System Uptime: 5/13/2013 5:08:43 PM (3 hours ago)
    .
    Motherboard: Dell Inc. | | 0C2KJT
    Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz | CPU 1 | 3200/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 918 GiB total, 861.578 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    G: is Removable
    H: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP325: 4/16/2013 8:32:57 AM - Windows Update
    RP326: 4/19/2013 10:52:28 AM - Windows Update
    RP327: 4/22/2013 7:03:29 PM - Installed Java 7 Update 21
    RP328: 4/23/2013 8:59:34 AM - Windows Update
    RP329: 4/23/2013 6:13:08 PM - Removed Java 7 Update 15 (64-bit)
    RP330: 4/23/2013 6:13:59 PM - Removed Java 7 Update 21
    RP331: 4/23/2013 6:14:39 PM - Removed Java(TM) 6 Update 39
    RP332: 4/23/2013 6:44:32 PM - Installed Java 7 Update 21
    RP333: 4/24/2013 8:59:17 PM - Windows Update
    RP334: 4/30/2013 8:17:50 AM - Windows Update
    RP335: 5/3/2013 8:35:51 AM - Windows Update
    RP336: 5/7/2013 9:13:54 AM - Windows Update
    .
    ==== Installed Programs ======================
    .
    123 Free Solitaire 2009 v7.2
    64 Bit HP CIO Components Installer
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader XI (11.0.02)
    Adobe Shockwave Player 11.6
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Audacity 1.3.13 (Unicode)
    Audacity 2.0.3
    avast! Free Antivirus
    AVG Security Toolbar
    Belarc Advisor 8.1
    Bonjour
    BonusBingo 1.0
    BufferChm
    CameraHelperMsi
    Conduit Engine
    Consumer In-Home Service Agreement
    Cool Timer 3.7
    Copy
    D3DX10
    Dell DataSafe Local Backup
    Dell DataSafe Local Backup - Support Software
    Dell DataSafe Online
    Dell Edoc Viewer
    Dell Getting Started Guide
    Dell Support Center
    Destinations
    DeviceDiscovery
    DirectX 9 Runtime
    DJ_AIO_05_F4400_Software_Min
    Download Updater (AOL LLC)
    erLT
    F4400
    Foxit Reader
    Freez FLV to AVI/MPEG/WMV Converter
    Google Chrome
    Google Drive
    Google Toolbar for Internet Explorer
    Google Update Helper
    GoToAssist Corporate
    GPBaseService2
    HP Customer Participation Program 13.0
    HP Deskjet F4400 Printer Driver 14.0 Rel. 5
    HP Imaging Device Functions 13.0
    HP Print Projects 1.0
    HP Smart Web Printing 4.5
    HP Solution Center 13.0
    HP Update
    HPDiagnosticAlert
    HPPhotoGadget
    hpPrintProjects
    HPProductAssistant
    HPSSupply
    hpWLPGInstaller
    IncrediMail
    IncrediMail 2.0
    IncrediMail MediaBar 2 Toolbar
    Intel(R) Graphics Media Accelerator Driver
    Internet Explorer
    IrfanView (remove only)
    iTunes
    Jasc Paint Shop Pro 8 Dell Edition
    Java 7 Update 21
    Java Auto Updater
    Junk Mail filter update
    K-Lite Codec Pack 7.0.0 (Standard)
    KG-Chart LE for Cross Stitch 1.24.04
    LAME v3.98.3 for Audacity
    LAME v3.99.3 (for Windows)
    Logitech Webcam Software
    LWS Facebook
    LWS Gallery
    LWS Help_main
    LWS Launcher
    LWS Motion Detection
    LWS Pictures And Video
    LWS Twitter
    LWS Webcam Software
    LWS WLM Plugin
    LWS YouTube Plugin
    MarketResearch
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Starter 2010 - English
    Microsoft PowerPoint Viewer
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable - KB2467175
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft Works 2000
    Moffsoft FreeCalc
    Mozilla Firefox 20.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MP3 Ringtone Extractor 1.5
    MSVC80_x64
    MSVC80_x86
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Multimedia Card Reader
    Orbit Downloader
    PC Connectivity Solution
    PeaZip 3.6
    Photo Notifier and Animation Creator
    PhotoShowExpress
    Plugin Commander Light 1.61
    Quick Cribbage 3.4 (remove only)
    QuickTime
    RBVirtualFolder64Inst
    Realtek High Definition Audio Driver
    Revo Uninstaller 1.92
    Roxio Activation Module
    Roxio BackOnTrack
    Roxio Creator Starter
    Roxio Express Labeler 3
    Roxio File Backup
    Samsung Mobile phone USB driver Drive Software
    Samsung PC Studio 3 USB Driver Installer
    SAMSUNG USB Driver for Mobile Phones
    SamsungConnectivityCableDriver
    Scan
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Shop for HP Supplies
    Skype Toolbars
    Skype™ 6.3
    SlimCleaner
    SmartWebPrinting
    SolutionCenter
    Sonic CinePlayer Decoder Pack
    Status
    swMSM
    System Requirements Lab for Intel
    Time Calculator Pro v2.2
    Toolbox
    TrayApp
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    WebReg
    Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Player Firefox Plugin
    Yahoo! Messenger
    Youtube Downloader HD v. 2.9.2
    .
    ==== Event Viewer Messages From Past Week ========
    .
    5/13/2013 5:09:43 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: StarOpen
    5/13/2013 5:08:50 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    .
    ==== End Of File ===========================

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    GMER 2.1.19163 - http://www.gmer.net
    Rootkit scan 2013-05-13 20:08:59
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST31000528AS rev.CC46 931.51GB
    Running: znbld2p2.exe; Driver: C:\Users\Barbara\AppData\Local\Temp\ufliyfog.sys


    ---- Threads - GMER 2.1 ----

    Thread [1224:1276] 000000007362345e
    Thread [1224:1288] 0000000074e97587
    Thread [1224:1396] 0000000073149a90
    Thread [1224:1412] 00000000731ecce0
    Thread [1224:1452] 0000000072ebbf60
    Thread [1224:1456] 0000000072ebb770
    Thread [1224:1460] 0000000077192e25
    Thread [1224:1468] 000000007362345e
    Thread [1224:1472] 000000007362345e
    Thread [1224:1476] 000000007362345e
    Thread [1224:1484] 000000007362345e
    Thread [1224:1488] 0000000072eaf2b0
    Thread [1224:1492] 0000000072eaf2b0
    Thread [1224:1496] 0000000072eaf2b0
    Thread [1224:1500] 0000000072eaf2b0
    Thread [1224:1504] 0000000072eaf2b0
    Thread [1224:1508] 0000000072eb0580
    Thread [1224:1512] 0000000072eafb70
    Thread [1224:1516] 0000000072eda0f0
    Thread [1224:1520] 0000000072ed8ed0
    Thread [1224:1524] 0000000072ed92a0
    Thread [1224:1528] 0000000072eb1d60
    Thread [1224:1532] 0000000072eb1d60
    Thread [1224:1536] 0000000072eb1d60
    Thread [1224:1540] 0000000072eb1d60
    Thread [1224:1544] 0000000072eb1d60
    Thread [1224:1548] 00000000727812f0
    Thread [1224:1552] 0000000072782c80
    Thread [1224:1556] 0000000072782c80
    Thread [1224:1560] 0000000072751070
    Thread [1224:1564] 000000007362345e
    Thread [1224:1568] 000000007362345e
    Thread [1224:1572] 00000000726b12f0
    Thread [1224:1576] 00000000726915e0
    Thread [1224:1580] 0000000072ebcb90
    Thread [1224:1584] 0000000072eb1860
    Thread [1224:1588] 000000007362345e
    Thread [1224:1592] 0000000072edfa70
    Thread [1224:1596] 0000000073015400
    Thread [1224:1600] 0000000072751630
    Thread [1224:1604] 0000000072337510
    Thread [1224:1612] 000000007362345e
    Thread [1224:1616] 0000000077193e45
    Thread [1224:1624] 000000007362345e
    Thread [1224:1632] 00000000731541a0
    Thread [1224:1636] 00000000731581e0
    Thread [1224:1640] 000000007362345e
    Thread [1224:1648] 0000000071f01670
    Thread [1224:1652] 0000000071f01840
    Thread [1224:1656] 0000000073151f10
    Thread [1224:1668] 000000007362345e
    Thread [1224:1836] 000000007362345e
    Thread [1224:1844] 00000000736232ce
    Thread [1224:1848] 00000000736232ce
    Thread [1224:1852] 00000000736232ce
    Thread [1224:1856] 00000000736232ce
    Thread [1224:1860] 00000000736232ce
    Thread [1224:1864] 00000000736232ce
    Thread [1224:1868] 00000000736232ce
    Thread [1224:1876] 00000000736232ce
    Thread [1224:1880] 00000000736232ce
    Thread [1224:1884] 00000000736232ce
    Thread [1224:1932] 000000007362345e
    Thread [1224:4988] 0000000074d5d864
    Thread [1224:3556] 00000000736232ce
    Thread [1224:844] 00000000736232ce
    Thread [1224:1976] 00000000736232ce
    Thread [1224:4748] 00000000736232ce
    Thread [1224:3568] 0000000077193e45
    Thread [1224:3680] 00000000721362ee
    Thread [1224:2488] 00000000736232ce
    Thread [1224:1240] 000000007362345e
    Thread [1224:3320] 0000000077193e45
    Thread [1224:836] 0000000077193e45
    Thread [1224:1392] 0000000077193e45
    Thread [1224:4272] 0000000077193e45
    Thread [1224:3548] 0000000077193e45
    Thread [1224:3240] 0000000077193e45
    Thread C:\Windows\System32\svchost.exe [3640:3244] 000007fef19b9688

    ---- EOF - GMER 2.1 ----
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  2. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    There is some Adware on your system, remnants of Adaware and the error log shows an incompatible driver: StarOpen.SYS

    We will start by removing all the Adware and a scan for rogue items.

    Please run these two scans and post the logs:

    SCAN 1
    Click on this link to download : ADWCleaner and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Delete button (as indicated), accept any prompts that appear and allow it to reboot the PC. When the PC has rebooted you will be presented with the report, copy & paste it into your next post. If the log does not appear you should find it on your C: drive, using Windows Explorer, as ADWCleaner[S1].

    [​IMG]



    SCAN 2
    Download RogueKiller (by tigzy) and save direct to your Desktop.
    On the web page select the 32bit or 64bit button to match the bit rate of your version of Windows.

    • Quit all running programs.
    • Start RogueKiller.exe by double clicking on the icon.
    • Wait until Prescan has finished.
    • Ensure all boxes are ticked under "Report" tab.
    • Click on Scan.
    • Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
    • NOTE: DO NOT attempt to remove anything that the scan detects.

    [​IMG]
     
  3. iluvtolaff

    iluvtolaff Thread Starter

    Joined:
    Oct 6, 2004
    Messages:
    593
    Thank you for your fast reply. :)

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    # AdwCleaner v2.300 - Logfile created 05/14/2013 at 12:37:17
    # Updated 28/04/2013 by Xplode
    # Operating system : Windows 7 Professional Service Pack 1 (64 bits)
    # User : Barbara - BARBARA-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Barbara\Desktop\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****

    Stopped & Deleted : vToolbarUpdater14.2.0

    ***** [Files / Folders] *****

    File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
    Folder Deleted : C:\Program Files (x86)\AVG Secure Search
    Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Program Files (x86)\ConduitEngine
    Folder Deleted : C:\Program Files (x86)\IncrediMail_MediaBar_2
    Folder Deleted : C:\ProgramData\AVG Secure Search
    Folder Deleted : C:\Users\Barbara\AppData\Local\AVG Secure Search
    Folder Deleted : C:\Users\Barbara\AppData\LocalLow\AVG Secure Search
    Folder Deleted : C:\Users\Barbara\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Barbara\AppData\LocalLow\ConduitEngine
    Folder Deleted : C:\Users\Barbara\AppData\LocalLow\IncrediMail_MediaBar_2
    Folder Deleted : C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\dnelpvml.default\Conduit
    Folder Deleted : C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\dnelpvml.default\ConduitEngine
    Folder Deleted : C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\dnelpvml.default\StumbleUpon
    Folder Deleted : C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\n5hohhfm.default\StumbleUpon

    ***** [Registry] *****

    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
    Key Deleted : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_2
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\AVG Secure Search
    Key Deleted : HKCU\Software\IGearSettings
    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\ImInstaller
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
    Key Deleted : HKLM\Software\AVG Secure Search
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
    Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\conduitEngine
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\Software\ImInstaller
    Key Deleted : HKLM\Software\IncrediMail_MediaBar_2
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EAB2B29B-6E88-4452-B607-F24D66DD311A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\Software\PIP
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EAB2B29B-6E88-4452-B607-F24D66DD311A}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55B32D19-DD35-4566-B54B-05B98D6720C2}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E21BB5A-41A4-4C73-B7C9-916B7D8C150B}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar_2 Toolbar
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v10.0.9200.16537

    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - SearchMigratedDefaultName] = My Web Search --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - SearchMigratedDefaultUrl] = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZS&fl=0&ptb=x5dlYbFHN7iwxlKphbhubg&url=hxxp://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms} --> hxxp://www.google.com

    -\\ Mozilla Firefox v20.0.1 (en-US)

    File : C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\dnelpvml.default\prefs.js

    C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\dnelpvml.default\user.js ... Deleted !

    Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1116652/1112356/US", "\"0\"[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2724386", [...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2724386", [...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2724386",[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2724386/CT2724386[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2724386/CT2724386[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
    Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
    Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "[email protected]");
    Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
    Deleted : user_pref("CommunityToolbar.IsEngineShown", false);
    Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
    Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Barbara\\AppData\\Roaming\\Mozilla\[...]
    Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
    Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2724386");
    Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}");
    Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "incredimail_mediabar_2");
    Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://mystart.incredimail.com/?loc=ff_a[...]
    Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
    Deleted : user_pref("CommunityToolbar.ToolbarsList2", "");
    Deleted : user_pref("CommunityToolbar.ToolbarsList4", "");
    Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Jun 02 2011 08:51:41 GMT-05[...]
    Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
    Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jun 21 2011 11:19:56 GMT-0500 (Centr[...]
    Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Deleted : user_pref("CommunityToolbar.alert.locale", "");
    Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 0);
    Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jun 21 2011 10:19:48 GMT-0500 (Central D[...]
    Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "");
    Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
    Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
    Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
    Deleted : user_pref("CommunityToolbar.alert.userId", "9d7ac81d-5e41-4993-9fb9-16ee8d3657b3");
    Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jul 21 2011 19:07:21 GMT-0500 (Cen[...]
    Deleted : user_pref("CommunityToolbar.globalUserId", "12232059-0f84-4b38-b2c6-c0b3fed5d3f8");
    Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Jul 21 2011 19:07:2[...]
    Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
    Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Jul 21 2011 19:07:19 GMT-0500 (C[...]
    Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");
    Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Deleted : user_pref("CommunityToolbar.notifications.userId", "b8ffde7d-361e-4550-b976-944cf7c29d81");
    Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun Jun 12 2011 10:18:22 GMT-0500 (Central Dayl[...]
    Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Thu Jun 02 2011 08:51:40 GMT-0500 (Central Da[...]
    Deleted : user_pref("ConduitEngine.FirstServerDate", "06/02/2011 16");
    Deleted : user_pref("ConduitEngine.FirstTime", true);
    Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
    Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
    Deleted : user_pref("ConduitEngine.HideEngineAfterRestart", false);
    Deleted : user_pref("ConduitEngine.Initialize", true);
    Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
    Deleted : user_pref("ConduitEngine.InstalledDate", "Thu Jun 02 2011 08:51:40 GMT-0500 (Central Daylight Time)"[...]
    Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
    Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
    Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
    Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Jun 02 2011 08:51:40 GMT-0500 (Central Day[...]
    Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Jun 02 2011 08:51:40 GMT-0500 (Central Daylight Ti[...]
    Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
    Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
    Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jun 02 2011 08:51:39 GMT-0500 (Central Dayligh[...]
    Deleted : user_pref("ConduitEngine.UserID", "UN37874574945747086");
    Deleted : user_pref("ConduitEngine.engineLocale", "en-US");
    Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Jun 02 2011 08:51:40 GMT-0500 (Centr[...]
    Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Jun 02 2011 12:51:40 GMT-0500 (Cent[...]
    Deleted : user_pref("ConduitEngine.initDone", true);
    Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
    Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\12.2.5.32");
    Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
    Deleted : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid={EE150F9C-DC87-4963-A8CF-2C6497CB5873}&[...]

    File : C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\n5hohhfm.default\prefs.js

    C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\n5hohhfm.default\user.js ... Deleted !

    Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
    Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

    -\\ Google Chrome v26.0.1410.64

    File : C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Deleted [l.48] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
    Deleted [l.51] : keyword = "isearch.avg.com",
    Deleted [l.55] : search_url = "hxxp://isearch.avg.com/search?cid={EE150F9C-DC87-4963-A8CF-2C6497CB5873}&mid=b5[...]

    *************************

    AdwCleaner[S1].txt - [21747 octets] - [14/05/2013 12:37:17]

    ########## EOF - C:\AdwCleaner[S1].txt - [21808 octets] ##########
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Barbara [Admin rights]
    Mode : Scan -- Date : 05/14/2013 12:49:38
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 7 ¤¤¤
    [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
    [HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
    [HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
    [HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts



    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: ST31000528AS ATA Device +++++
    --- User ---
    [MBR] ea36cda5ba9fa90284d78fce8da150ee
    [BSP] 2443d7138d44605c205800f5c869ff21 : Windows Vista MBR Code
    Partition table:
    0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 14142 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29044736 | Size: 939686 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[2]_S_05142013_02d1249.txt >>
    RKreport[1]_S_05142013_02d1246.txt ; RKreport[2]_S_05142013_02d1249.txt

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  4. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    There ware several items of Adware removed by ADWCleaner, we need to run it again to make sure it has all gone, please reboot the system and run another scan in just the same way as you did before and post the new log.

    Please also run this:


    • Click on Start and type cmd in the search box. Right click on cmd in the popup menu and select Run as Administrator.
    • Another box will open, at the Command Prompt, type sfc /scannow and press Enter. (Note the gap between the c and the /)
    • Let the check run to completion. DO NOT reboot the PC or close the cmd window.
    • Copy & Paste the following command at the Command Prompt and press Enter:

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt

    • This will place a file on your desktop called sfcdetails.txt which contains the results of the scan.
    • Copy and Paste the contents of the file into your next post.
     
  5. iluvtolaff

    iluvtolaff Thread Starter

    Joined:
    Oct 6, 2004
    Messages:
    593
    I followed the instructions for the 'cmd' -- however when I copy/pasted what was written above, it showed as "^U" (no quotes). So I backtracked and typed it in by hand very carefully. All it did was go to another prompt. However, after the scan, it said "Windows Resource Protection did not find any integrity violations."

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    # AdwCleaner v2.300 - Logfile created 05/14/2013 at 19:16:18
    # Updated 28/04/2013 by Xplode
    # Operating system : Windows 7 Professional Service Pack 1 (64 bits)
    # User : Barbara - BARBARA-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Barbara\Desktop\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****


    ***** [Registry] *****


    ***** [Internet Browsers] *****

    -\\ Internet Explorer v10.0.9200.16537

    [OK] Registry is clean.

    -\\ Mozilla Firefox v20.0.1 (en-US)

    File : C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\dnelpvml.default\prefs.js

    [OK] File is clean.

    File : C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\n5hohhfm.default\prefs.js

    [OK] File is clean.

    -\\ Google Chrome v26.0.1410.64

    File : C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[S1].txt - [21860 octets] - [14/05/2013 12:37:17]
    AdwCleaner[S2].txt - [999 octets] - [14/05/2013 19:16:18]

    ########## EOF - C:\AdwCleaner[S2].txt - [1058 octets] ##########

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  6. iluvtolaff

    iluvtolaff Thread Starter

    Joined:
    Oct 6, 2004
    Messages:
    593
    Yikes! I just now found the sfcdetails.txt on my desktop. Sorry!

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    2013-05-14 19:20:31, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:31, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:33, Info CSI 0000000c [SR] Verify complete
    2013-05-14 19:20:34, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:34, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:36, Info CSI 00000010 [SR] Verify complete
    2013-05-14 19:20:36, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:36, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:38, Info CSI 00000014 [SR] Verify complete
    2013-05-14 19:20:38, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:38, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:40, Info CSI 00000018 [SR] Verify complete
    2013-05-14 19:20:40, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:40, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:43, Info CSI 0000001c [SR] Verify complete
    2013-05-14 19:20:43, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:43, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:45, Info CSI 00000020 [SR] Verify complete
    2013-05-14 19:20:45, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:45, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:48, Info CSI 00000024 [SR] Verify complete
    2013-05-14 19:20:48, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:48, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:50, Info CSI 00000028 [SR] Verify complete
    2013-05-14 19:20:50, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:50, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:53, Info CSI 0000002c [SR] Verify complete
    2013-05-14 19:20:53, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:53, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:55, Info CSI 00000030 [SR] Verify complete
    2013-05-14 19:20:55, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:55, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:57, Info CSI 00000034 [SR] Verify complete
    2013-05-14 19:20:57, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:20:57, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:20:59, Info CSI 00000038 [SR] Verify complete
    2013-05-14 19:21:00, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:00, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:04, Info CSI 0000003d [SR] Verify complete
    2013-05-14 19:21:05, Info CSI 0000003e [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:05, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:13, Info CSI 00000044 [SR] Verify complete
    2013-05-14 19:21:14, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:14, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:19, Info CSI 00000049 [SR] Verify complete
    2013-05-14 19:21:19, Info CSI 0000004a [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:19, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:22, Info CSI 0000004d [SR] Verify complete
    2013-05-14 19:21:22, Info CSI 0000004e [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:22, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:26, Info CSI 00000057 [SR] Verify complete
    2013-05-14 19:21:26, Info CSI 00000058 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:26, Info CSI 00000059 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:31, Info CSI 00000078 [SR] Verify complete
    2013-05-14 19:21:31, Info CSI 00000079 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:31, Info CSI 0000007a [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:35, Info CSI 0000007c [SR] Verify complete
    2013-05-14 19:21:35, Info CSI 0000007d [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:35, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:39, Info CSI 00000080 [SR] Verify complete
    2013-05-14 19:21:39, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:39, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:42, Info CSI 00000084 [SR] Verify complete
    2013-05-14 19:21:42, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:42, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:47, Info CSI 00000088 [SR] Verify complete
    2013-05-14 19:21:47, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:47, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:49, Info CSI 0000008c [SR] Verify complete
    2013-05-14 19:21:50, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:50, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
    2013-05-14 19:21:54, Info CSI 00000090 [SR] Verify complete
    2013-05-14 19:21:54, Info CSI 00000091 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:21:54, Info CSI 00000092 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:01, Info CSI 000000b5 [SR] Verify complete
    2013-05-14 19:22:01, Info CSI 000000b6 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:01, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:06, Info CSI 000000b9 [SR] Verify complete
    2013-05-14 19:22:06, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:06, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:14, Info CSI 000000bd [SR] Verify complete
    2013-05-14 19:22:14, Info CSI 000000be [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:14, Info CSI 000000bf [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:19, Info CSI 000000c3 [SR] Verify complete
    2013-05-14 19:22:20, Info CSI 000000c4 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:20, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:21, Info CSI 000000c7 [SR] Verify complete
    2013-05-14 19:22:21, Info CSI 000000c8 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:21, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:22, Info CSI 000000cb [SR] Verify complete
    2013-05-14 19:22:22, Info CSI 000000cc [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:22, Info CSI 000000cd [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:24, Info CSI 000000cf [SR] Verify complete
    2013-05-14 19:22:25, Info CSI 000000d0 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:25, Info CSI 000000d1 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:31, Info CSI 000000e4 [SR] Verify complete
    2013-05-14 19:22:31, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:31, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:32, Info CSI 000000e8 [SR] Verify complete
    2013-05-14 19:22:32, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:32, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:35, Info CSI 000000ec [SR] Verify complete
    2013-05-14 19:22:35, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:35, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:36, Info CSI 000000f0 [SR] Verify complete
    2013-05-14 19:22:37, Info CSI 000000f1 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:37, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:41, Info CSI 000000f5 [SR] Verify complete
    2013-05-14 19:22:41, Info CSI 000000f6 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:41, Info CSI 000000f7 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:47, Info CSI 000000fa [SR] Verify complete
    2013-05-14 19:22:47, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:47, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:49, Info CSI 000000fe [SR] Verify complete
    2013-05-14 19:22:49, Info CSI 000000ff [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:49, Info CSI 00000100 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:51, Info CSI 00000102 [SR] Verify complete
    2013-05-14 19:22:51, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:51, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:55, Info CSI 00000106 [SR] Verify complete
    2013-05-14 19:22:55, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:55, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:22:59, Info CSI 0000010a [SR] Verify complete
    2013-05-14 19:22:59, Info CSI 0000010b [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:22:59, Info CSI 0000010c [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:03, Info CSI 0000010e [SR] Verify complete
    2013-05-14 19:23:03, Info CSI 0000010f [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:03, Info CSI 00000110 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:10, Info CSI 00000128 [SR] Verify complete
    2013-05-14 19:23:11, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:11, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:14, Info CSI 0000012c [SR] Verify complete
    2013-05-14 19:23:15, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:15, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:24, Info CSI 00000130 [SR] Verify complete
    2013-05-14 19:23:24, Info CSI 00000131 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:24, Info CSI 00000132 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:29, Info CSI 00000135 [SR] Verify complete
    2013-05-14 19:23:29, Info CSI 00000136 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:29, Info CSI 00000137 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:35, Info CSI 00000139 [SR] Verify complete
    2013-05-14 19:23:36, Info CSI 0000013a [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:36, Info CSI 0000013b [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:40, Info CSI 0000013d [SR] Verify complete
    2013-05-14 19:23:40, Info CSI 0000013e [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:40, Info CSI 0000013f [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:44, Info CSI 00000141 [SR] Verify complete
    2013-05-14 19:23:44, Info CSI 00000142 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:44, Info CSI 00000143 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:48, Info CSI 00000145 [SR] Verify complete
    2013-05-14 19:23:48, Info CSI 00000146 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:48, Info CSI 00000147 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:51, Info CSI 0000014b [SR] Verify complete
    2013-05-14 19:23:51, Info CSI 0000014c [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:51, Info CSI 0000014d [SR] Beginning Verify and Repair transaction
    2013-05-14 19:23:54, Info CSI 0000014f [SR] Verify complete
    2013-05-14 19:23:55, Info CSI 00000150 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:23:55, Info CSI 00000151 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:04, Info CSI 00000153 [SR] Verify complete
    2013-05-14 19:24:04, Info CSI 00000154 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:04, Info CSI 00000155 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:08, Info CSI 00000158 [SR] Verify complete
    2013-05-14 19:24:08, Info CSI 00000159 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:08, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:12, Info CSI 0000015d [SR] Verify complete
    2013-05-14 19:24:12, Info CSI 0000015e [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:12, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:17, Info CSI 00000161 [SR] Verify complete
    2013-05-14 19:24:17, Info CSI 00000162 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:17, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:23, Info CSI 00000166 [SR] Verify complete
    2013-05-14 19:24:24, Info CSI 00000167 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:24, Info CSI 00000168 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:27, Info CSI 0000016a [SR] Verify complete
    2013-05-14 19:24:27, Info CSI 0000016b [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:27, Info CSI 0000016c [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:31, Info CSI 0000016e [SR] Verify complete
    2013-05-14 19:24:31, Info CSI 0000016f [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:31, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:35, Info CSI 00000172 [SR] Verify complete
    2013-05-14 19:24:35, Info CSI 00000173 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:35, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:39, Info CSI 00000177 [SR] Verify complete
    2013-05-14 19:24:40, Info CSI 00000178 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:40, Info CSI 00000179 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:43, Info CSI 0000017b [SR] Verify complete
    2013-05-14 19:24:43, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:43, Info CSI 0000017d [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:46, Info CSI 0000017f [SR] Verify complete
    2013-05-14 19:24:47, Info CSI 00000180 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:47, Info CSI 00000181 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:50, Info CSI 00000184 [SR] Verify complete
    2013-05-14 19:24:51, Info CSI 00000185 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:51, Info CSI 00000186 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:55, Info CSI 00000189 [SR] Verify complete
    2013-05-14 19:24:55, Info CSI 0000018a [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:55, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
    2013-05-14 19:24:58, Info CSI 0000018e [SR] Verify complete
    2013-05-14 19:24:59, Info CSI 0000018f [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:24:59, Info CSI 00000190 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:04, Info CSI 00000192 [SR] Verify complete
    2013-05-14 19:25:04, Info CSI 00000193 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:04, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:08, Info CSI 00000197 [SR] Verify complete
    2013-05-14 19:25:09, Info CSI 00000198 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:09, Info CSI 00000199 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:10, Info CSI 0000019b [SR] Verify complete
    2013-05-14 19:25:11, Info CSI 0000019c [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:11, Info CSI 0000019d [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:13, Info CSI 0000019f [SR] Verify complete
    2013-05-14 19:25:13, Info CSI 000001a0 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:13, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:15, Info CSI 000001a3 [SR] Verify complete
    2013-05-14 19:25:16, Info CSI 000001a4 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:16, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:21, Info CSI 000001a7 [SR] Verify complete
    2013-05-14 19:25:21, Info CSI 000001a8 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:21, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:25, Info CSI 000001ab [SR] Verify complete
    2013-05-14 19:25:25, Info CSI 000001ac [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:25, Info CSI 000001ad [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:27, Info CSI 000001af [SR] Verify complete
    2013-05-14 19:25:28, Info CSI 000001b0 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:28, Info CSI 000001b1 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:32, Info CSI 000001b3 [SR] Verify complete
    2013-05-14 19:25:32, Info CSI 000001b4 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:32, Info CSI 000001b5 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:39, Info CSI 000001b7 [SR] Verify complete
    2013-05-14 19:25:39, Info CSI 000001b8 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:39, Info CSI 000001b9 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:46, Info CSI 000001bb [SR] Verify complete
    2013-05-14 19:25:47, Info CSI 000001bc [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:47, Info CSI 000001bd [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:50, Info CSI 000001bf [SR] Verify complete
    2013-05-14 19:25:50, Info CSI 000001c0 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:50, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:51, Info CSI 000001c3 [SR] Verify complete
    2013-05-14 19:25:51, Info CSI 000001c4 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:51, Info CSI 000001c5 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:54, Info CSI 000001c7 [SR] Verify complete
    2013-05-14 19:25:55, Info CSI 000001c8 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:55, Info CSI 000001c9 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:25:57, Info CSI 000001cb [SR] Verify complete
    2013-05-14 19:25:57, Info CSI 000001cc [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:25:57, Info CSI 000001cd [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:00, Info CSI 000001cf [SR] Verify complete
    2013-05-14 19:26:00, Info CSI 000001d0 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:00, Info CSI 000001d1 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:01, Info CSI 000001d3 [SR] Verify complete
    2013-05-14 19:26:01, Info CSI 000001d4 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:01, Info CSI 000001d5 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:02, Info CSI 000001d7 [SR] Verify complete
    2013-05-14 19:26:02, Info CSI 000001d8 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:02, Info CSI 000001d9 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:07, Info CSI 000001e1 [SR] Verify complete
    2013-05-14 19:26:07, Info CSI 000001e2 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:07, Info CSI 000001e3 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:10, Info CSI 000001e5 [SR] Verify complete
    2013-05-14 19:26:10, Info CSI 000001e6 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:10, Info CSI 000001e7 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:12, Info CSI 000001e9 [SR] Verify complete
    2013-05-14 19:26:13, Info CSI 000001ea [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:13, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:15, Info CSI 000001ed [SR] Verify complete
    2013-05-14 19:26:16, Info CSI 000001ee [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:16, Info CSI 000001ef [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:19, Info CSI 000001f1 [SR] Verify complete
    2013-05-14 19:26:20, Info CSI 000001f2 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:20, Info CSI 000001f3 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:25, Info CSI 000001f6 [SR] Verify complete
    2013-05-14 19:26:25, Info CSI 000001f7 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:25, Info CSI 000001f8 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:27, Info CSI 000001fa [SR] Verify complete
    2013-05-14 19:26:27, Info CSI 000001fb [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:27, Info CSI 000001fc [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:28, Info CSI 000001fe [SR] Verify complete
    2013-05-14 19:26:28, Info CSI 000001ff [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:28, Info CSI 00000200 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:37, Info CSI 00000205 [SR] Verify complete
    2013-05-14 19:26:38, Info CSI 00000206 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:38, Info CSI 00000207 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:45, Info CSI 0000020a [SR] Verify complete
    2013-05-14 19:26:45, Info CSI 0000020b [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:45, Info CSI 0000020c [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:49, Info CSI 00000210 [SR] Verify complete
    2013-05-14 19:26:49, Info CSI 00000211 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:49, Info CSI 00000212 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:26:54, Info CSI 0000021a [SR] Verify complete
    2013-05-14 19:26:54, Info CSI 0000021b [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:26:54, Info CSI 0000021c [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:00, Info CSI 00000223 [SR] Verify complete
    2013-05-14 19:27:00, Info CSI 00000224 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:00, Info CSI 00000225 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:03, Info CSI 0000022a [SR] Verify complete
    2013-05-14 19:27:04, Info CSI 0000022b [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:04, Info CSI 0000022c [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:07, Info CSI 00000230 [SR] Verify complete
    2013-05-14 19:27:07, Info CSI 00000231 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:07, Info CSI 00000232 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:10, Info CSI 00000234 [SR] Verify complete
    2013-05-14 19:27:10, Info CSI 00000235 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:10, Info CSI 00000236 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:14, Info CSI 0000025b [SR] Verify complete
    2013-05-14 19:27:14, Info CSI 0000025c [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:14, Info CSI 0000025d [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:17, Info CSI 0000025f [SR] Verify complete
    2013-05-14 19:27:17, Info CSI 00000260 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:17, Info CSI 00000261 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:20, Info CSI 00000263 [SR] Verify complete
    2013-05-14 19:27:21, Info CSI 00000264 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:21, Info CSI 00000265 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:24, Info CSI 00000267 [SR] Verify complete
    2013-05-14 19:27:25, Info CSI 00000268 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:25, Info CSI 00000269 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:27, Info CSI 00000276 [SR] Verify complete
    2013-05-14 19:27:28, Info CSI 00000277 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:28, Info CSI 00000278 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:30, Info CSI 0000027b [SR] Verify complete
    2013-05-14 19:27:31, Info CSI 0000027c [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:31, Info CSI 0000027d [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:36, Info CSI 00000280 [SR] Verify complete
    2013-05-14 19:27:36, Info CSI 00000281 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:36, Info CSI 00000282 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:40, Info CSI 0000028f [SR] Verify complete
    2013-05-14 19:27:40, Info CSI 00000290 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:40, Info CSI 00000291 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:42, Info CSI 00000293 [SR] Verify complete
    2013-05-14 19:27:42, Info CSI 00000294 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:42, Info CSI 00000295 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:47, Info CSI 00000298 [SR] Verify complete
    2013-05-14 19:27:48, Info CSI 00000299 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:48, Info CSI 0000029a [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:49, Info CSI 0000029c [SR] Verify complete
    2013-05-14 19:27:49, Info CSI 0000029d [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:49, Info CSI 0000029e [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:52, Info CSI 000002a0 [SR] Verify complete
    2013-05-14 19:27:52, Info CSI 000002a1 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:52, Info CSI 000002a2 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:54, Info CSI 000002a4 [SR] Verify complete
    2013-05-14 19:27:55, Info CSI 000002a5 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:55, Info CSI 000002a6 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:27:58, Info CSI 000002a8 [SR] Verify complete
    2013-05-14 19:27:58, Info CSI 000002a9 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:27:58, Info CSI 000002aa [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:04, Info CSI 000002c4 [SR] Verify complete
    2013-05-14 19:28:04, Info CSI 000002c5 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:04, Info CSI 000002c6 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:07, Info CSI 000002c8 [SR] Verify complete
    2013-05-14 19:28:07, Info CSI 000002c9 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:07, Info CSI 000002ca [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:20, Info CSI 000002cc [SR] Verify complete
    2013-05-14 19:28:21, Info CSI 000002cd [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:21, Info CSI 000002ce [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:23, Info CSI 000002d0 [SR] Verify complete
    2013-05-14 19:28:24, Info CSI 000002d1 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:24, Info CSI 000002d2 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:26, Info CSI 000002d6 [SR] Verify complete
    2013-05-14 19:28:26, Info CSI 000002d7 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:26, Info CSI 000002d8 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:28, Info CSI 000002da [SR] Verify complete
    2013-05-14 19:28:29, Info CSI 000002db [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:29, Info CSI 000002dc [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:32, Info CSI 000002de [SR] Verify complete
    2013-05-14 19:28:32, Info CSI 000002df [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:32, Info CSI 000002e0 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:35, Info CSI 000002e2 [SR] Verify complete
    2013-05-14 19:28:35, Info CSI 000002e3 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:35, Info CSI 000002e4 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:37, Info CSI 000002e7 [SR] Verify complete
    2013-05-14 19:28:38, Info CSI 000002e8 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:38, Info CSI 000002e9 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:40, Info CSI 000002eb [SR] Verify complete
    2013-05-14 19:28:40, Info CSI 000002ec [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:40, Info CSI 000002ed [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:43, Info CSI 000002ef [SR] Verify complete
    2013-05-14 19:28:43, Info CSI 000002f0 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:43, Info CSI 000002f1 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:46, Info CSI 000002f3 [SR] Verify complete
    2013-05-14 19:28:46, Info CSI 000002f4 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:46, Info CSI 000002f5 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:51, Info CSI 000002f8 [SR] Verify complete
    2013-05-14 19:28:51, Info CSI 000002f9 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:51, Info CSI 000002fa [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:53, Info CSI 000002fc [SR] Verify complete
    2013-05-14 19:28:53, Info CSI 000002fd [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:53, Info CSI 000002fe [SR] Beginning Verify and Repair transaction
    2013-05-14 19:28:58, Info CSI 00000300 [SR] Verify complete
    2013-05-14 19:28:58, Info CSI 00000301 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:28:58, Info CSI 00000302 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:29:00, Info CSI 00000304 [SR] Verify complete
    2013-05-14 19:29:01, Info CSI 00000305 [SR] Verifying 100 (0x0000000000000064) components
    2013-05-14 19:29:01, Info CSI 00000306 [SR] Beginning Verify and Repair transaction
    2013-05-14 19:29:05, Info CSI 00000308 [SR] Verify complete
    2013-05-14 19:29:05, Info CSI 00000309 [SR] Verifying 37 (0x0000000000000025) components
    2013-05-14 19:29:05, Info CSI 0000030a [SR] Beginning Verify and Repair transaction
    2013-05-14 19:29:06, Info CSI 0000030c [SR] Verify complete
    2013-05-14 19:29:06, Info CSI 0000030d [SR] Repairing 0 components
    2013-05-14 19:29:06, Info CSI 0000030e [SR] Beginning Verify and Repair transaction
    2013-05-14 19:29:06, Info CSI 00000310 [SR] Repair

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  7. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Thanks for the logs, they are clean. We need to do a search for Adaware remnants and the incompatible driver reported in the error log. Staropen.sys apparently belongs to "Samsung PC Studio" if you use this software please let me know, if not please uninstall it.

    Please download SystemLook from the following link below and save it to your Desktop.



    • Double-click SystemLook.exe to run it.
    • Vista/Windows 7 users right-click and select Run As Administrator.
    • Copy and paste everything in the codebox below into the main textfield:

    Code:
    :filefind
    *staropen*
    *adaware*
    :folderfind
    *staropen*
    *adaware*
    :regfind
    startopen
    adaware
    
    • Click the Look button to start the scan.
    • When finished, a Notepad window will open SystemLook.txt with the results of the search and save a copy on your Desktop.
    • Please copy and paste the contents of that log in your next reply.
    ==========================================================================


    &#8226; Run through this routine and locate any/all mouse drivers listed under "mice and other pointing devices" and delete them.
    &#8226; Now uninstall all/any mouse drivers in Device Manager. Your mouse will freeze when you uninstall the driver it is using so you will need to hold in the power button to shut down the system.
    &#8226; Next restart the PC and the system should reinstall the driver for your mouse.
     
  8. iluvtolaff

    iluvtolaff Thread Starter

    Joined:
    Oct 6, 2004
    Messages:
    593
    Did the SystemLook, then followed instructions for uninstalling mouse drivers. Still had problems copy/pasting the log file -- was able to highlight but as soon as I let go of the mouse, the highlighting disappeared, but was able to copy/paste from web pages ok. This is my 3rd mouse in 2 1/2 years -- always the same brand Logitech M100 -- maybe it's time to try another brand. ???

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    SystemLook 30.07.11 by jpshortstuff
    Log created at 20:25 on 15/05/2013 by Barbara
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "*staropen*"
    C:\Windows\SysWOW64\drivers\StarOpen.sys --a---- 5632 bytes [21:37 08/07/2011] [18:51 30/09/2011] 306521935042FC0A6988D528643619B3

    Searching for "*adaware*"
    C:\ProgramData\Lavasoft\License\adaware.da2 --a---- 0 bytes [19:15 05/02/2012] [19:15 05/02/2012] D41D8CD98F00B204E9800998ECF8427E
    C:\Users\All Users\Lavasoft\License\adaware.da2 --a---- 0 bytes [19:15 05/02/2012] [19:15 05/02/2012] D41D8CD98F00B204E9800998ECF8427E

    ========== folderfind ==========

    Searching for "*staropen*"
    No folders found.

    Searching for "*adaware*"
    C:\Users\Barbara\AppData\Local\adaware d------ [23:52 27/07/2012]
    C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\adawaretb d------ [19:15 05/02/2012]

    ========== regfind ==========

    Searching for "startopen"
    No data found.

    Searching for "adaware"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\adawarebp_RASAPI32]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\adawarebp_RASMANCS]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdawareBrowsingProtection_setup_RASAPI32]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdawareBrowsingProtection_setup_RASMANCS]
    [HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\adaware]
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "adaware"="reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f"
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "adaware_XP"="reg.exe delete "HKCU\Software\adaware" /f"
    [HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\adaware]
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "adaware"="reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f"
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "adaware_XP"="reg.exe delete "HKCU\Software\adaware" /f"

    -= EOF =-
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  9. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Before we delete the files found please tell me if you use "Samsung PC Studio 3 USB Driver Installer"
    this is the software that the StartOpen.sys file comes from which is shown in the DDS log as being incompatible with your system.
     
  10. iluvtolaff

    iluvtolaff Thread Starter

    Joined:
    Oct 6, 2004
    Messages:
    593
    I uninstalled Samsung PC Studio 3 a few months ago. I just checked in my Program files and the Driver Installer was still there. I successfully uninstalled that just now.
     
  11. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    For the mouse, go here: http://www.logitech.com/en-us/support/mouse-m100?osid=14&bit=32

    Download and install the driver, see if it helps.


    Please download OTM by OldTimer. Save it to your desktop.

    Double click OTM.exe to start the tool.

    • Copy the text in the code box below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    Code:
    :Processes
    explorer.exe
    :Services
    :Files
    C:\Windows\SysWOW64\drivers\StarOpen.sys
    C:\ProgramData\Lavasoft
    C:\Users\All Users\Lavasoft
    C:\Users\Barbara\AppData\Local\adaware
    C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\adawaretb
    :Reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\adawarebp_RASAPI3 2]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\adawarebp_RASMANC S]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdawareBrowsingPr otection_setup_RASAPI32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdawareBrowsingPr otection_setup_RASMANCS]
    [-HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\adaware]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "adaware"=-
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "adaware_XP"=-
    [HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\adaware]
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "adaware"=-
    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "adaware_XP"=-
    :Commands
    [createrestorepoint]
    [emptyflash]
    [emptytemp]
    [resethosts]
    [reboot]
    
    • Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
    • Click the red Moveit! button.
    • All your desktop icons will disappear as the scan begins. It should complete within a few minutes.
    • Once complete you may see a box appear asking you to Restart the system to complete the file removal, accept it and it will reboot.
    • Even if that box does not appear the system should reboot as the command is included in the script.
    • When the system has come back to the desktop a Notepad document will open, please copy and paste that into your next post.

      -- Note: The logs are saved here: C:\_OTM\MovedFiles
     
  12. iluvtolaff

    iluvtolaff Thread Starter

    Joined:
    Oct 6, 2004
    Messages:
    593
    I had gone to that link before posting my problem. The page says "No documentation or support" for that model of mouse. I have a new one coming. :)

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== SERVICES/DRIVERS ==========
    ========== FILES ==========
    C:\Windows\SysWOW64\drivers\StarOpen.sys moved successfully.
    C:\ProgramData\Lavasoft\License folder moved successfully.
    C:\ProgramData\Lavasoft folder moved successfully.
    File/Folder C:\Users\All Users\Lavasoft not found.
    C:\Users\Barbara\AppData\Local\adaware\data folder moved successfully.
    C:\Users\Barbara\AppData\Local\adaware folder moved successfully.
    C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\adawaretb folder moved successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\adawarebp_RASAPI3 2\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\adawarebp_RASMANC S\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdawareBrowsingPr otection_setup_RASAPI32\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdawareBrowsingPr otection_setup_RASMANCS\ not found.
    Registry key HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\adaware\ deleted successfully.
    Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\ deleted successfully.
    Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
    Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
    Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
    Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
    ========== COMMANDS ==========
    Restore point Set: OTM Restore Point

    [EMPTYFLASH]

    User: All Users

    User: Barbara
    ->Flash cache emptied: 62476 bytes

    User: Default
    ->Flash cache emptied: 57472 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0.00 mb


    [EMPTYTEMP]

    User: All Users

    User: Barbara
    ->Temp folder emptied: 242506591 bytes
    ->Temporary Internet Files folder emptied: 365892 bytes
    ->Java cache emptied: 2194508 bytes
    ->FireFox cache emptied: 124483980 bytes
    ->Google Chrome cache emptied: 11663643 bytes
    ->Flash cache emptied: 0 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 64624909 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 38290 bytes
    %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78294 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
    RecycleBin emptied: 19968 bytes

    Total Files Cleaned = 425.00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    OTM by OldTimer - Version 3.1.21.0 log created on 05172013_124923

    Files moved on Reboot...
    C:\Users\Barbara\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Barbara\AppData\Local\Temp\FXSTIFFDebugLogFile.txt moved successfully.
    C:\Users\Barbara\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
    File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
    File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

    Registry entries deleted on Reboot...

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  13. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    That only means that there are no documents available, it doesn't mean that the driver isn't available.

    On the page for the mouse driver, that I gave you the link for, click on the Download tab and you will see the driver is available. Check it has correctly detected you version of Windows and change it if required, then hit the Download button. Save the driver to your desktop and then double click on it to install, reboot the system when done and see if it works any better.
     
  14. iluvtolaff

    iluvtolaff Thread Starter

    Joined:
    Oct 6, 2004
    Messages:
    593
    Oh, well, I feel like an idiot for not noticing the download tab -- jeez. Ok, I did all of that and still was not able to copy/paste or drag and drop. I'm using an older mouse I had until my new one comes in. Thank you anyway. :)
     
  15. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Ok, obviously the other mouse is incompatible with your system.

    How well is the PC performing now, any remaining issues?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1098637

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice