PDA

View Full Version : SDSCAN.EXE Create Process Failed Code 740 Win 8 Machine (Internet Access Denied)



PeteJC21PJC
2015-04-04, 04:49
I have my sister in law's and my nieces laptops with the same symptoms. They can connect to WIFI but they cannot access the internet. (local access only). I've run Malwarebytes successfully, CCleaner several times until clean successfully, ran TDSSKILLER successfully, RKILL successfully, without fixing the problem. I might think that it's not a malware problem however when I try to run SPYBOT I get the SDCAN.EXE create process failed CODE 740. Spybot opens and I can immunize but when I try to run a scan it opens the scan window and it tells me it's loaded and ready but nothing happens when I click on Start Scan. These scan results are from my Neices Windows 8 machine. Hopefully what I learn here will help me fix the sister in law's Vista Machine. Thank you. Sincerely, Pete

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Toshiba) C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3710416 2015-02-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2503704 2015-03-05] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3250219255-3088369896-3076986109-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3250219255-3088369896-3076986109-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3250219255-3088369896-3076986109-1001\...\MountPoints2: {f927782b-cf4b-11e4-8289-008cfaa90a7d} - "E:\LaunchU3.exe" -a
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-3250219255-3088369896-3076986109-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,204,0_0,StartPage,20141040,19891,0,31,6944
HKU\S-1-5-21-3250219255-3088369896-3076986109-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com/
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3250219255-3088369896-3076986109-1001 -> {3D2A53FF-8436-40D0-A0EB-26BA0D033256} URL = https://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20141040,19890,0,31,0
SearchScopes: HKU\S-1-5-21-3250219255-3088369896-3076986109-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={1D17560B-A1C3-49D5-A801-8DA92E231E03}&mid=21d5c642404747d2a1d8d1c5bc4de38e-15bd02e6fe5ed40ed2c7069e9a2634a5444687bd&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-10-07 10:43:53&v=18.3.0.885&pid=avg&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2014-03-18] (Yahoo! Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.3.0.885\AVG Secure Search_toolbar.dll [2015-03-05] (AVG Secure Search)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2014-03-18] (Yahoo! Inc.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.3.0.885\AVG Secure Search_toolbar.dll [2015-03-05] (AVG Secure Search)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-03-05] (AVG Secure Search)
Winsock: Catalog9 01 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Winsock: Catalog9 02 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Winsock: Catalog9 03 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Winsock: Catalog9 04 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Winsock: Catalog9 05 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Winsock: Catalog9 16 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Brittany Renee\AppData\Roaming\Mozilla\Firefox\Profiles\uoy1adcc.default
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-09-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2015-04-03]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF

Chrome:
=======
CHR Profile: C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-15]
CHR Extension: (Google Docs) - C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-15]
CHR Extension: (Google Drive) - C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-15]
CHR Extension: (YouTube) - C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-15]
CHR Extension: (Google Search) - C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-15]
CHR Extension: (Google Sheets) - C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-15]
CHR Extension: (Norton Identity Safe) - C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-15]
CHR Extension: (Gmail) - C:\Users\Brittany Renee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-15]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-09-25]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-09-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-30] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1508656 2015-02-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3411408 2015-02-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [308720 2015-02-20] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S4 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-11-19] (WildTangent)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
S4 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1802776 2015-03-05] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========


==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-03 19:10 - 2014-10-03 21:06 - 00000358 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-04-03 19:07 - 2014-05-17 13:37 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3250219255-3088369896-3076986109-1001
2015-04-03 19:00 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-03 18:53 - 2014-10-07 11:14 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-03 18:40 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-03 18:30 - 2014-01-27 23:03 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-03 16:10 - 2015-01-11 23:04 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3403BDA6-5372-4B01-B43A-CD845294F3A9}
2015-04-03 14:49 - 2014-10-11 19:10 - 00000000 ____D () C:\Windows\Minidump
2015-04-03 14:49 - 2014-10-11 18:59 - 00000000 ____D () C:\Users\Brittany Renee\AppData\Local\CrashDumps
2015-04-03 14:49 - 2013-11-05 02:16 - 00000000 ____D () C:\Windows\Panther
2015-04-03 14:27 - 2014-08-18 16:05 - 00005006 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for BLOVEPC-Brittany Renee BLovePC
2015-04-03 14:16 - 2014-08-05 20:23 - 00000000 ___DO () C:\Users\Brittany Renee\SkyDrive
2015-04-03 10:54 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-03 10:52 - 2014-01-27 23:03 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-03 10:51 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-03 10:50 - 2013-08-22 08:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-04-03 09:39 - 2015-01-15 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-03 09:39 - 2014-05-17 13:33 - 00000000 ____D () C:\Users\Brittany Renee\AppData\Local\TOSHIBA
2015-04-03 09:39 - 2013-11-05 03:40 - 00000000 ____D () C:\ProgramData\Norton
2015-04-03 09:39 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-03 09:39 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-03 09:39 - 2013-08-22 10:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-03 09:39 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-03 09:38 - 2015-01-06 13:16 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-03 09:38 - 2014-08-11 02:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-03 09:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-03 09:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\WinStore
2015-04-03 09:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\Bthprops
2015-04-03 09:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared
2015-04-03 09:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\Bthprops
2015-04-03 09:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\schemas
2015-04-03 09:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2015-04-03 09:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-04-03 09:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\FileManager
2015-04-03 09:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\Camera
2015-04-03 09:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-04-03 09:24 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\registration
2015-04-03 04:28 - 2015-01-15 20:15 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-03 00:51 - 2015-02-24 22:06 - 00000000 ____D () C:\Program Files\iTunes
2015-04-03 00:51 - 2014-01-27 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-04-03 00:51 - 2013-08-22 14:12 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\Services
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-04-03 00:51 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-03 00:50 - 2013-08-22 10:36 - 00000000 __RSD () C:\Windows\Media
2015-04-03 00:50 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-04-03 00:50 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-03 00:50 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-03 00:50 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-03 00:50 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-03 00:50 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-03 00:50 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\L2Schemas
2015-04-03 00:50 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\IME
2015-04-03 00:50 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\addins
2015-04-03 00:50 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\servicing
2015-04-03 00:49 - 2014-01-27 22:59 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2015-04-03 00:49 - 2013-08-22 14:12 - 00000000 ____D () C:\Windows\ShellNew
2015-04-03 00:49 - 2013-08-22 10:36 - 00000000 ___SD () C:\Windows\system32\Configuration
2015-04-03 00:49 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\Com
2015-04-03 00:49 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\ras
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\MSDRM
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\icsxml
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\WinMetadata
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sppui
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\setup
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\ras
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\MSDRM
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\Macromed
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\InputMethod
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\IME
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\icsxml
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\ias
2015-04-03 00:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system\Speech
2015-04-03 00:48 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-04-03 00:48 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-03 00:48 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-04-02 22:46 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-02 22:35 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-04-02 22:31 - 2014-10-19 20:29 - 00000000 ____D () C:\Windows\Hewlett-Packard
2015-04-02 21:20 - 2013-11-05 02:48 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-30 21:20 - 2014-01-27 22:28 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-30 21:08 - 2014-05-17 13:30 - 00000000 ____D () C:\Users\Brittany Renee\AppData\Local\Packages
2015-03-20 16:24 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-03-20 00:38 - 2014-08-05 20:30 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-19 23:04 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-03-19 23:00 - 2013-08-22 10:36 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2015-03-19 23:00 - 2013-08-22 10:36 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2015-03-19 22:36 - 2014-08-04 18:49 - 00000000 ____D () C:\Users\Brittany Renee\AppData\Roaming\HpUpdate
2015-03-13 00:44 - 2014-08-07 18:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-13 00:33 - 2014-08-07 18:18 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-12 01:48 - 2013-08-22 09:44 - 00482672 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-10 23:05 - 2014-09-09 00:13 - 00003112 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3250219255-3088369896-3076986109-1001
2015-03-05 10:35 - 2014-10-07 12:43 - 00000000 ____D () C:\Program Files\AVG Secure Search
2015-03-05 10:35 - 2014-10-07 12:43 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2015-03-04 16:24 - 2014-08-19 18:31 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 16:24 - 2014-08-19 18:31 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-08-04 18:48 - 2014-08-04 18:48 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-01-27 22:34 - 2014-01-27 22:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-03 06:39
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Brittany Renee at 2015-04-03 19:24:48
Running from E:\Anti Virus
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security 2015 (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG Internet Security 2015 (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.03) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{B280788C-B671-E08D-4219-CE907B7BFF75}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5751 - AVG Technologies)
AVG 2015 (Version: 15.0.4311 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5751 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.3.0.885 - AVG Technologies)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4106.05 - CyberLink Corp.)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Expert PDF 7 Reader (HKLM-x32\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 7.0.1370.0 - Avanquest software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3250219255-3088369896-3076986109-1001\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Should I Remove It (HKU\S-1-5-21-3250219255-3088369896-3076986109-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.4 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v2.1.0.14 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.9.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{A74C9CC1-2211-4A75-A688-6F7CFE2C2B12}) (Version: 1.00.02 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 2.2.0 - Tweaking.com)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
UpdateAdmin (HKLM-x32\...\{07B4B423-E4DA-47D1-8327-B589EB4BEB58}) (Version: 2.0.1885 - DownloadAdmin)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.20 - WildTangent) Hidden
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3250219255-3088369896-3076986109-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Brittany Renee\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

20-03-2015 15:45:58 Restore Operation
02-04-2015 21:56:42 Windows Update
02-04-2015 23:43:28 Restore Operation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2015-04-02 23:15 - 00450709 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {069AB65E-8F86-4999-9D90-C6B775696148} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {0CCA5CB9-8A17-4A05-9BE4-A38FB1C9F385} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3250219255-3088369896-3076986109-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {3135A53F-CB58-41D7-B87B-70BDC3FD98BC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)
Task: {39D198AE-0A3D-49FE-9ADF-9BB8A9DD1267} - System32\Tasks\Microsoft Office 15 Sync Maintenance for BLOVEPC-Brittany Renee BLovePC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {3C0440B7-2CC0-428D-9586-80A013A8885C} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {424AE0D6-E44E-40BB-9767-5B291BB02770} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {42F38766-FE70-4EF4-9864-C2D42F3B09E0} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {50246D11-5836-4FCE-8D64-35B4B34B478A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {56B10307-6A89-441B-8B54-2425C189955D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.)
Task: {755F0203-17F9-4A10-8B8B-56181B7124EC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-21] (Realtek Semiconductor)
Task: {7B57A83B-B0BD-4A24-B82E-459B2404E473} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.)
Task: {835FFA9C-F1B4-4043-A740-C05529649E3E} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {94805632-E8EE-4D23-9BBD-629228981ECF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-13] (Microsoft Corporation)
Task: {9B852558-BDE9-4FE2-9094-AF9DC6A79E46} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {A414BC00-C327-4599-8047-2488A8E6AE56} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A57CF85A-02A2-46F1-9691-1B73BB44C4B0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {ACFC4C32-AF9C-4629-ABD0-F4E74C0C267F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {B8E5BB58-954D-4E4B-B820-219A93F07E6B} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {BB06D9C5-4E0A-4C9B-B41D-5FDD88C3D26D} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-10-03] ()
Task: {E00870F1-F64F-4103-B477-413EDE96864B} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {E9B7081C-4467-483A-A2E3-DF3C810B536E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {FA4D41A5-5601-4054-929F-716EFD37F999} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-21 01:35 - 2015-01-21 01:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-21 01:35 - 2015-01-21 01:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-09 12:44 - 2014-05-20 10:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-23 19:26 - 2015-01-27 10:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-07-18 20:38 - 2012-07-18 20:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-10-07 12:43 - 2015-03-05 10:35 - 02503704 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2015-03-05 10:35 - 2015-03-05 10:35 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\log4cplusU.dll
2015-02-23 19:26 - 2015-01-27 09:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-09-25 12:54 - 2014-11-15 19:50 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Brittany Renee\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Brittany Renee\Downloads\Issues+with+Blackboard.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CatWSPrx => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CatWSw8 => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3250219255-3088369896-3076986109-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Brittany Renee\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdaptiveSleepService => 2
MSCONFIG\Services: dts_apo_service => 2
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: vToolbarUpdater18.3.0 => 2
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "SDTray"

==================== Accounts: =============================

Administrator (S-1-5-21-3250219255-3088369896-3076986109-500 - Administrator - Disabled)
Brittany Renee (S-1-5-21-3250219255-3088369896-3076986109-1001 - Administrator - Enabled) => C:\Users\Brittany Renee
Guest (S-1-5-21-3250219255-3088369896-3076986109-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2015 01:56:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShouldIRemoveIt.exe, version: 1.0.4.30407, time stamp: 0x54078dde
Faulting module name: LSASRV.dll, version: 6.3.9600.17415, time stamp: 0x54504358
Exception code: 0xc0000005
Fault offset: 0x000000000005036a
Faulting process id: 0x19ac
Faulting application start time: 0xShouldIRemoveIt.exe0
Faulting application path: ShouldIRemoveIt.exe1
Faulting module path: ShouldIRemoveIt.exe2
Report Id: ShouldIRemoveIt.exe3
Faulting package full name: ShouldIRemoveIt.exe4
Faulting package-relative application ID: ShouldIRemoveIt.exe5

Error: (04/03/2015 10:54:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_winethc.dll, version: 6.3.9600.17415, time stamp: 0x54504eb8
Faulting module name: USER32.dll, version: 6.3.9600.17668, time stamp: 0x54c850f5
Exception code: 0xc0000142
Fault offset: 0x00000000000ec500
Faulting process id: 0xc8c
Faulting application start time: 0xrundll32.exe_winethc.dll0
Faulting application path: rundll32.exe_winethc.dll1
Faulting module path: rundll32.exe_winethc.dll2
Report Id: rundll32.exe_winethc.dll3
Faulting package full name: rundll32.exe_winethc.dll4
Faulting package-relative application ID: rundll32.exe_winethc.dll5

Error: (04/03/2015 10:19:10 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Restore Operation). Additional information: 0x80070005.

Error: (04/03/2015 09:47:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_winethc.dll, version: 6.3.9600.17415, time stamp: 0x54504eb8
Faulting module name: USER32.dll, version: 6.3.9600.17668, time stamp: 0x54c850f5
Exception code: 0xc0000142
Fault offset: 0x00000000000ec500
Faulting process id: 0x1158
Faulting application start time: 0xrundll32.exe_winethc.dll0
Faulting application path: rundll32.exe_winethc.dll1
Faulting module path: rundll32.exe_winethc.dll2
Report Id: rundll32.exe_winethc.dll3
Faulting package full name: rundll32.exe_winethc.dll4
Faulting package-relative application ID: rundll32.exe_winethc.dll5

Error: (04/03/2015 09:44:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: loggingserver.exe, version: 17.2.0.0, time stamp: 0x51d41c91
Faulting module name: ntdll.dll, version: 6.3.9600.17668, time stamp: 0x54c846bb
Exception code: 0xc0000005
Fault offset: 0x00042249
Faulting process id: 0xbbc
Faulting application start time: 0xloggingserver.exe0
Faulting application path: loggingserver.exe1
Faulting module path: loggingserver.exe2
Report Id: loggingserver.exe3
Faulting package full name: loggingserver.exe4
Faulting package-relative application ID: loggingserver.exe5

Error: (04/03/2015 08:58:39 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070005.

Error: (04/03/2015 07:53:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2143485936

Error: (04/03/2015 07:53:31 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {74F205F4-97DA-4E38-B7F9-970DAD357D53}

Error: (04/03/2015 07:53:31 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {74F205F4-97DA-4E38-B7F9-970DAD357D53}

Error: (04/03/2015 06:39:54 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (04/03/2015 10:49:44 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (04/03/2015 10:49:44 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (04/03/2015 10:49:44 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (04/03/2015 09:44:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (04/03/2015 09:44:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (04/03/2015 09:08:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SDScannerService service.

Error: (04/03/2015 01:25:42 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SDScannerService service.

Error: (04/03/2015 00:59:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (04/03/2015 00:59:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (04/02/2015 11:46:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SDScannerService service.


Microsoft Office Sessions:
=========================
Error: (04/03/2015 01:56:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ShouldIRemoveIt.exe1.0.4.3040754078ddeLSASRV.dll6.3.9600.1741554504358c0000005000000000005036a19ac01d06e3fcbe2df4eC:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exeC:\Windows\SYSTEM32\LSASRV.dll168610f9-da33-11e4-828e-008cfaa90a7d

Error: (04/03/2015 10:54:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.1766854c850f5c000014200000000000ec500c8c01d06e267721bb77C:\Windows\System32\rundll32.exeUSER32.dllb5241bc8-da19-11e4-828e-008cfaa90a7d

Error: (04/03/2015 10:19:10 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Restore Operation0x80070005

Error: (04/03/2015 09:47:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.1766854c850f5c000014200000000000ec500115801d06e1d2d530d88C:\Windows\System32\rundll32.exeUSER32.dll6ba84a99-da10-11e4-828d-008cfaa90a7d

Error: (04/03/2015 09:44:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: loggingserver.exe17.2.0.051d41c91ntdll.dll6.3.9600.1766854c846bbc000000500042249bbc01d06e1caffcbe3aC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exeC:\Windows\SYSTEM32\ntdll.dllf6ced5e9-da0f-11e4-828d-008cfaa90a7d

Error: (04/03/2015 08:58:39 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0x80070005

Error: (04/03/2015 07:53:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2143485936

Error: (04/03/2015 07:53:31 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {74F205F4-97DA-4E38-B7F9-970DAD357D53}

Error: (04/03/2015 07:53:31 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {74F205F4-97DA-4E38-B7F9-970DAD357D53}

Error: (04/03/2015 06:39:54 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1


==================== Memory info ===========================

Processor: AMD A6-5200 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 56%
Total physical RAM: 3534.26 MB
Available physical RAM: 1527.29 MB
Total Pagefile: 9166.26 MB
Available Pagefile: 6776.29 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (TI10684500B) (Fixed) (Total:689.08 GB) (Free:643.89 GB) NTFS
Drive d: (BBR 2014) (CDROM) (Total:4.38 GB) (Free:4.08 GB) UDF
Drive e: (STORE N GO) (Removable) (Total:7.45 GB) (Free:7.34 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 4F166DC1)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)

==================== End Of Log ============================

Juliet
2015-04-05, 14:15
Hi and welcome

First thing I pick up on is there is 2 antivirus/security suites on the computer.
Norton Internet Security
AVG\AVG2015 Security

Kinda surprised the computer can function well with this load on here. What we will need to do is remove/uninstall one of these or fixes we try to run wont work or the machine will throw out errors.
Chose which to delete and which to keep. If you need help with the uninstall let me know.

~~~~~~~~~~~~~~~~~~~~~~~

Running from E:\Anti Virus

It's best we move Farbar's to desktop.

Please go to your E drive, locate Farbar Recovery Scan Tool, right click and select CUT
Go to an open spot on your desktop, right click and select PASTE
You should now have Farbar Recovery Scan Tool on your desktop.


Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)


https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG




start
CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\Users\Brittany Renee\SkyDrive:ms-properties
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Winsock: Catalog9 01 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Winsock: Catalog9 02 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Winsock: Catalog9 03 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Winsock: Catalog9 04 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Winsock: Catalog9 05 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
Winsock: Catalog9 16 C:\Users\Brittany Renee\AppData\Local\DesktopTemperature\bD381Q.dll File Not found ()
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
End


Open FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~~~~~~~~~~

http://i.imgur.com/BY4dvz9.png AdwCleaner

Please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) and save the file to your Desktop.
Right-Click AdwCleaner.exe and select http://i.imgur.com/AVOiBNU.jpg Run as administrator to run the programme.
Follow the prompts.
Click Scan.
Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
Follow the prompts and allow your computer to reboot.
After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please open Malwarebytes' Anti-Malware


On the Dashboard click on Update Now
Go to the Setting Tab
Under Setting go to Detection and Protection
Under PUP and PUM make sure both are set to show Treat Dections as Malware
Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
Then on the Dashboard click on Scan
Make sure to select THREAT SCAN
Then click on Scan
When the scan is finished and the log pops up...select Copy to Clipboard
Please paste the log back into this thread for review
Exit Malwarebytes


~~~~

post
Fixlog.txt
AdwCleaner.txt
Malwarebytes log

PeteJC21PJC
2015-04-05, 19:06
Thank you. Might not get far today, due to Easter activities.

PeteJC21PJC
2015-04-05, 21:07
I've attached two of the result files you asked for and copied in the XML file. Can I use this same process with the same input file on the VISTA machine I have with seemingly the same problems or would it be better if I posted a new thread with the initial logs first? Thanks again for your valuable help. My Sister-in-law and niece thank you as well. Sincerely, Pete

<?xml version="1.0" encoding="UTF-16" ?>
- <mbam-log>
- <header>
<date>2015/04/05 12:21:00 -0500</date>
<logfile>mbam-log-2015-04-05 (12-20-14).xml</logfile>
<isadmin>yes</isadmin>
</header>
- <engine>
<version>2.01.4.1018</version>
<malware-database>v2015.04.05.02</malware-database>
<rootkit-database>v2015.03.31.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
- <system>
<osversion>Windows 8.1</osversion>
<arch>x64</arch>
<username>Brittany Renee</username>
<filesys>NTFS</filesys>
</system>
- <summary>
<type>threat</type>
<result>completed</result>
<objects>344522</objects>
<time>1562</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
- <options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items />
</mbam-log>

Juliet
2015-04-06, 03:04
Can I use this same process with the same input file on the VISTA machine I have with seemingly the same problems or would it be better if I posted a new thread with the initial logs first?
I'm sorry no, things we might do to a windows 8.1 machine we wont be able to do to a Windows Vista.

After we finish with the first one (Windows 8.1) we can then start cleaning on the Vista.

~~~~~~~~~~~~~~~~~`
First thing I pick up on is there is 2 antivirus/security suites on the computer.
Norton Internet Security
AVG\AVG2015 Security

Did you uninstall one?

~~~~~~~~~~~~~~~~`

For the Malwarebytes Anti-Malware 2.0 scan log, you have posted the protection log instead.
Did the Malwarebytes scan find any threats?



To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)

Open Malwarebytes Anti-Malware.
Click the History Tab at the top and select Application Logs.
Select (check) the box next to Scan Log. Choose the most current scan.
Click the View button.
Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)

Open Malwarebytes Anti-Malware.
Click the Scan Tab at the top.
Click the View detailed log link on the right.
Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd

PeteJC21PJC
2015-04-06, 04:58
The windows 8 laptop now seems operational. I can now access the internet.
I did remove the Norton software. That alone did not fix the laptop.
Once I ran your fix txt file the laptop started working.
I did run Malwarebytes as instructed and it did not find any issues.

Here is the log.


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/5/2015
Scan Time: 12:21:00 PM
Logfile:
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.04.05.02
Rootkit Database: v2015.03.31.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Brittany Renee

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 344522
Time Elapsed: 26 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Juliet
2015-04-06, 12:24
Thank you for the information.

What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.
Most reliable and thorough.
The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
This scanner can take quite a bit of time to run, depending of course how full your computer is.


ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

***

Hold down Control and click on the following link to open ESET OnlineScan in a new window.


ESET OnlineScan (http://eset.com/onlinescan)

Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button.

For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.

Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop.

Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button.

Accept any security warnings from your browser.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png

Make sure that the option "Remove found threats" is Unchecked

Push the Start button.

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.


When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png

Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as

ESETScan. Include the contents of this report in your next reply.

Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button.

Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png

Please make sure you include the following items in your next post:
The log that was produced after running ESET Online Scanner.

PeteJC21PJC
2015-04-07, 04:12
ESET ran to completion and found zero infected files and zero cleaned files. I did not see an option to create a log but it looks like there was more to the screen that I could not get to by scrolling down. Does that mean that we are cured?

Juliet
2015-04-07, 14:04
If Eset ran and no infections found then posting a log is not necessary.

If the machine is running normal now I think we can remove tools and quarantine folders.

http://i.imgur.com/AFZxnZc.jpg DelFix

Please download DelFix (http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/9-delfix)
or from here http://www.bleepingcomputer.com/download/delfix/ and save the file to your Desktop.
Double-click DelFix.exe to run the programme.
Place a checkmark next to the following items:

Activate UAC
Remove disinfection tools


Click the Run button.

-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

~~~~~~~~~~~~~~~~~~~~~~~`
Some of the tools listed below may not work on Windows 8.1


Answers to common security questions - Best Practices (http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/) by quietman7, MVP
How Malware Spreads - How did I get infected? (http://www.bleepingcomputer.com/forums/t/287710/how-malware-spreads-how-did-i-get-infected/) by quietman7, MVP
Simple and easy ways to keep your computer safe and secure on the Internet (http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/) by Lawrence Abrams, MVP
How to Prevent Malware (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html) by miekiemoes, MVP
How to backup and restore your data using Cobian Backup (http://www.bleepingcomputer.com/tutorials/backup-and-restore-data-with-cobian-backup/) by YourHighness
Slow Computer/browser? It May Not Be Malware (http://www.bleepingcomputer.com/forums/t/87058/slow-computerbrowser-check-here-first;-it-may-not-be-malware/) by quietman7, MVP


The following programmes come highly recommended in the security community.

http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xKsUqI5A.png.pagespeed.ic.vn1Hlvqi8h.jpgAdBlock (https://adblockplus.org/en/firefox) is a browser add-on that blocks annoying banners, pop-ups and video ads.
http://i.imgur.com/E8I37RF.pngCryptoPrevent (https://www.foolishit.com/) places policy restrictions on loading points for ransomware (eg.CryptoPrevent), preventing your files from being encrypted.
http://i.imgur.com/EG85Vjt.png Malwarebytes Anti-Exploit (https://www.malwarebytes.org/antiexploit/) (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/x6YRrgUC.png.pagespeed.ic.HjgFxjvw2Z.jpgMalwarebytes Anti-Malware Premium (https://www.malwarebytes.org/) (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xjv4nhMJ.png.pagespeed.ic.A5YbWn1eDO.png NoScript (http://noscript.net/) is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
http://i.imgur.com/3O8r9Uq.png (http://www.sandboxie.com/) Sandboxie (http://www.sandboxie.com/) isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/DgW1XL2.png.pagespeed.ce.v1OlJl_ZAS.png Secuina PSI (http://secunia.com/vulnerability_scanning/personal/) will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you.
http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xj1OLIec.png.pagespeed.ic.k6hhwopU0q.jpg SpywareBlaster (https://www.brightfort.com/spywareblaster.html) is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xJEP5iWI.png.pagespeed.ic.4tmM1lM7DQ.pngWeb of Trust (https://www.mywot.com/) (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.


Want to help others? Join the ClassRoom (http://forums.whatthetech.com/What_the_Tech_Classroom_t80368.html) and learn how.

PeteJC21PJC
2015-04-09, 05:34
Process completed. Thank you so much Juliet! I've created a new post for the Vista Machine with the same symptoms. Your help is greatly appreciated!

Juliet
2015-04-09, 11:38
Glad we could help. :)http://i204.photobucket.com/albums/bb106/Juliet702/sparkle.gif

Since this issue appears resolved ... this Topic is closed.