Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

searchnu.com/406 & pc cleaner

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

searchnu.com/406 & pc cleaner

Unread postby NWynne74 » June 27th, 2012, 11:14 am

Hello I know that y'all are very busy & I know that this has been asked before - or at-least a version of it, but If you have any advice or more I would truly appreciate it. I have tried some of the fixes that y'all have recommended on this problem & I have do youtube fixes and other google fixes but I can not seem to make this thing go away. I have deleted that ilivid that was suppose to have put it on here but the rest just stays. I have downloaded and ran the scans that are requested in the Help section. I have honestly not noticed many "problems" with the comp but that it hijacks my homepage & runs those stupid scans, maybe a few pop ups. I got the pop ups to stop & I just turn the pc cleaner off whenever I turn on the comp..then type in google...but I would like to stop all those things if I can.... It probably has been on comp a year. Thank you for any assistance. Here are the logs:

Nikki

DDS
-------------------------------------------------------
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Greg at 10:54:48 on 2012-06-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1977.776 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Windows\system32\lxdqcoms.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\tinySpell\tinyspell.exe
C:\Program Files (x86)\HP\Button Manager\BM.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx? ... 5r4791t273
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx? ... 5r4791t273
mStart Page = hxxp://search.myheritage.com
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Play Pickle Text: {02f0243c-2e71-4a1a-a790-6c30888119d0} - C:\Program Files (x86)\Play Pickle\pptl.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine

\18.7.2.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine

\18.7.2.3\IPS\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared

\Windows Live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll
BHO: UrlHelper Class: {a40dc6c5-79d0-4ca8-a185-8ff989af1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar

\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer

\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient_2.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine

\18.7.2.3\coIEPlg.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
uRun: [tinySpell] C:\Program Files (x86)\tinySpell\tinyspell.exe
uRun: [AdobeBridge]
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Conime] %windir%\system32\conime.exe
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [PC Cleaners] "C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPBUTT~1.LNK - C:\Program Files (x86)\HP\Button Manager\BM.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer

\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet

Explorer\skypeieplugin.dll
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B34B2F9E-D53D-4F1C-9A68-FCFE01175683} : DhcpNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{EE70CC24-8C3B-4F8F-BA51-9B4345369881} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EE70CC24-8C3B-4F8F-BA51-9B4345369881}\055726C69636C496262716279775962756C6563737 : DhcpNameServer = 10.1.1.9
TCP: Interfaces\{EE70CC24-8C3B-4F8F-BA51-9B4345369881}\353405C4D2140513 : DhcpNameServer = 10.1.1.5
TCP: Interfaces\{EE70CC24-8C3B-4F8F-BA51-9B4345369881}\7596C6C69656D27657563747 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{EE70CC24-8C3B-4F8F-BA51-9B4345369881}\861657374796C656 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EE70CC24-8C3B-4F8F-BA51-9B4345369881}\B48405D23416D6077627F657E646 : DhcpNameServer = 192.168.254.2 192.168.254.3
TCP: Interfaces\{EE70CC24-8C3B-4F8F-BA51-9B4345369881}\C45747472756C6C602 : DhcpNameServer = 192.168.2.1 74.128.19.102 74.128.17.114
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer

\skypeieplugin.dll
AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
BHO-X64: Play Pickle Text: {02F0243C-2E71-4a1a-A790-6C30888119D0} - C:\Program Files (x86)\Play Pickle\pptl.dll
BHO-X64: Play Pickle Text - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine

\18.7.2.3\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security

\Engine\18.7.2.3\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared

\Windows Live\WindowsLiveLogin.dll
BHO-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll
BHO-X64: Searchqu Toolbar - No File
BHO-X64: UrlHelper Class: {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar

\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer

\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient_2.dll
BHO-X64: Yontoo Layers - No File
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine

\18.7.2.3\coIEPlg.dll
TB-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun-x64: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun-x64: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Conime] %windir%\system32\conime.exe
mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun-x64: [PC Cleaners] "C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -

launchedbylogin
AppInit_DLLs-X64: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\e4pvbsb3.default\
FF - prefs.js: browser.search.selectedEngine - Firefox Add-ons
FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Greg\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\e4pvbsb3.default\extensions\{a39975e6-69b0-40a4-b7e2-

fc8770f38132}\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS --> C:\Windows\system32\drivers

\NISx64\1207020.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS --> C:\Windows

\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs

\20110419.001\BHDrvx64.sys [2011-4-19 1127032]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs

\20110419.002\IDSviA64.sys [2011-4-20 476792]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS --> C:\Windows\system32\drivers

\NISx64\1207020.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1207020.003\SYMNETS.SYS --> C:\Windows

\system32\Drivers\NISx64\1207020.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-4-9 44768]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012

-1-4 822624]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2010-9-6 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology

\IAStorDataMgrSvc.exe [2010-7-22 13336]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center

\EKAiOHostService.exe [2011-12-19 394672]
R2 lxdq_device;lxdq_device;C:\Windows\system32\lxdqcoms.exe -service --> C:\Windows\system32\lxdqcoms.exe -service [?]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe [2012-6-11 130008]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader

\2.0\NitroPDFReaderDriverService2x64.exe [2012-3-6 343032]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

[2010-4-16 144640]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor

\StartManSvc.exe [2011-8-19 632792]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10

-1 508776]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-5-12 104960]
R2 Updater Service;Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2010-7-22 243232]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS

\ArcSoftKsUFilter.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011

-4-20 132656]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers

\IntcHdmi.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:

\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

[2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS

\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework

\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-21 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012

-4-11 250056]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers

\ssadadb.sys [?]
S3 DCamUSBNovatek;USB2.0 UVC Camera;C:\Windows\system32\Drivers\nvtcam.sys --> C:\Windows\system32\Drivers\nvtcam.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows

\system32\DRIVERS\ssudbus.sys [?]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-21 135664]
S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\Windows\system32\DRIVERS\btblan.sys --> C:\Windows\system32\DRIVERS\btblan.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5

113120]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-4-16

50432]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform

\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers

\RtsUStor.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS

\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys

[?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS

\ssudmdm.sys [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat

\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-06-23 18:25:04 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-23 18:25:04 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-05-14 18:51:20 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-05-14 18:51:18 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 17:06:40 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 05:11:19 249856 ------w- C:\Windows\Setup1.exe
2012-04-24 05:11:17 73216 ----a-w- C:\Windows\ST6UNST.EXE
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-23 13:58:43 10 ----a-w- C:\Windows\evypaths.bin
2012-04-23 13:57:55 93696 ----a-w- C:\Windows\evyrtd7.dll
2012-04-23 13:57:55 1950208 ----a-w- C:\Windows\evyrte7.exe
2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 10:56:45.88 ===============



Attach
----------------------------------------------------

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS

LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/19/2011 7:00:18 PM
System Uptime: 6/27/2012 10:18:29 AM (0 hours

ago)
.
Motherboard: eMachines | | HM55-MV


Processor: Intel(R) Celeron(R) CPU 900

@ 2.20GHz | U2E1 | 2194/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 125.593 GiB

free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-

0000F8753ED1}
Description: X5XSEx
Device ID: ROOT\LEGACY_X5XSEX\0000
Manufacturer:
Name: X5XSEx
PNP Device ID: ROOT\LEGACY_X5XSEX\0000
Service: X5XSEx
.
==== System Restore Points ===================
.
RP227: 6/14/2012 3:00:21 AM - Windows Update
RP228: 6/19/2012 7:27:28 AM - Windows Update
RP229: 6/19/2012 11:07:48 AM - Installed

Microsoft Visual C++ 2008 Redistributable - x64

9.0.30729.17
RP230: 6/19/2012 11:11:49 AM - Installed

Microsoft Visual C++ 2008 Redistributable - x86

9.0.30411
RP231: 6/19/2012 11:13:47 AM - Installed

OpenOffice.org 3.4
RP232: 6/22/2012 2:07:12 PM - Windows Update
RP233: 6/22/2012 2:17:48 PM - Windows Update
RP234: 6/24/2012 5:50:07 PM - Installed Digital

Voice Recorder
RP235: 6/26/2012 3:46:18 AM - Windows Update
RP236: 6/27/2012 6:24:13 AM - Removed Microsoft

Office Professional 2007
RP237: 6/27/2012 6:52:00 AM - Removed Times

Reader
.
==== Installed Programs ======================
.
18 Wheels of Steel - American Long Haul
AbiWord 2.8.6
Acrobat.com
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Agatha Christie - Death on the Nile
Agelong Tree 4
aioscnnr
Amazon Kindle
Ancestral Quest 12.1
Angry Birds Seasons
Apple Application Support
Apple Software Update
ArcSoft Magic-i Visual Effects 2
ArcSoft ShowBiz
ArcSoft WebCam Companion 3
Atheros Communications Inc.(R) AR81Family

Gigabit/Fast Ethernet Driver
avast! Free Antivirus
Barnes & Noble Desktop Reader
Bejeweled 2 Deluxe
Blackhawk Striker 2
Brother's Keeper 6.5
Build-a-lot 2
C4USelfUpdater
center
Chuzzle Deluxe
Daub Ages! 1.53
Digital Voice Recorder
Diner Dash 2 Restaurant Rescue
Dora's Carnival Adventure
eBay Worldwide
eMachines Games
eMachines Power Management
eMachines Recovery Management
eMachines Registration
eMachines ScreenSaver
eMachines Updater
essentials
Family Historian 5.0
Family Matters 97
Family Tree Legends
FamilySearch Indexing 3.13.1
FATE
Flashcards 1.0.0
FoxTab PDF Creator
FTPRush 2.1.5
GedHTree Version 2.80
Genbox Family History 3.7.1
GenealogyJ 6755
GeneoTree 3.40
GeneTree v. 2.3
GeoGebraPrim
Ghost Weather Station
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GrampsAIO
Homeschool Tracker Basic
HP Button Manager
HP Webcam User's Guide
Identity Card
Inkscape 0.48.2
Intel A/V Codecs V2.0
Intel(R) Control Center
Intel(r) Play(tm) QX3(tm) Computer Microscope
Intel(R) Rapid Storage Technology
Intel(r) System Information Viewer
Java Auto Updater
Java(TM) 6 Update 31
Jewel Quest - Heritage
Jewel Quest Solitaire 2
John Deere Drive Green
Junk Mail filter update
Kies mini
Kith and Kin Pro V3
KODAK AiO Software
Launch Manager
LeapFrog Connect
LeapFrog LeapPad Explorer Plugin
LEGO Universe
Math Games - Multiplication 1.1
McMartin's GedReporter 1.1.2
Microsoft Choice Guard
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office File Validation Add-In
Microsoft Office Starter 2010 - English
Microsoft PowerPoint Viewer
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable -

KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86

9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable -

10.0.40219
Microsoft Visual FoxPro OLE DB Provider
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multiplication Master
Music Manager
MyHeritage Family Tree Builder
NimoDoc Lite
Norton Internet Security
Norton Online Backup
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
ocr
OpenOffice.org 3.4
PC Cleaners
PDF Reader
PDF Settings CS6
Penguins!
Personal Ancestral File
Personal Ancestral File 5
Plants vs. Zombies
Polar Bowler
Polar Golfer
PreReq
PrimoPDF -- brought to you by Nitro PDF Software
PrintMaster 2011 Platinum
QuickTime
Realtek USB 2.0 Card Reader
Registry Mechanic 10.0
RekenTest 4.0.2
RootsMagic 5.0.3.1
Security Update for Microsoft .NET Framework 4

Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4

Client Profile (KB2686827)
Skype Click to Call
Skype™ 5.5
swMSM
The P.L.A.N. 2.3
TheSkyX First Light Edition
tinySpell 1.9.30
Transcript 2.3.2
UncleGED
Unity Web Player
Update for Microsoft .NET Framework 4 Client

Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client

Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client

Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client

Profile (KB2600217)
Update Installer for WildTangent Games App
Use the entry named LeapFrog Connect to uninstall

(LeapFrog LeapPad Explorer Plugin)
VaySoft PDF to EXE Converter 6.53
Virtual Villagers 4 - The Tree of Life
Welcome Center
WildTangent Games App (eMachines Games)
Windows iLivid Toolbar
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Wizard101
Zuma's Revenge
.
==== Event Viewer Messages From Past Week

========
.
6/27/2012 8:53:33 AM, Error: Service Control

Manager [7022] - The Windows Update service hung

on starting.
6/27/2012 8:45:26 AM, Error: Service Control

Manager [7009] - A timeout was reached (30000

milliseconds) while waiting for the Norton Online

Backup service to connect.
6/27/2012 8:45:26 AM, Error: Service Control

Manager [7000] - The Norton Online Backup

service failed to start due to the following

error: The service did not respond to the start

or control request in a timely fashion.
6/27/2012 8:45:17 AM, Error: Microsoft-Windows-

DistributedCOM [10016] - The application-

specific permission settings do not grant Local

Launch permission for the COM Server application

with CLSID {C97FCC79-E628-407D-AE68-

A06AD6D8B4D1} and APPID {344ED43D-D086-4961-

86A6-1106F4ACAD9B} to the user NT AUTHORITY

\SYSTEM SID (S-1-5-18) from address LocalHost

(Using LRPC). This security permission can be

modified using the Component Services

administrative tool.
6/27/2012 8:02:15 AM, Error: Microsoft-Windows-

DistributedCOM [10005] - DCOM got error "1053"

attempting to start the service WSearch with

arguments "" in order to run the server:

{9E175B6D-F52A-11D8-B9A5-505054503030}
6/27/2012 8:02:13 AM, Error: Service Control

Manager [7009] - A timeout was reached (30000

milliseconds) while waiting for the Windows

Search service to connect.
6/27/2012 8:02:13 AM, Error: Service Control

Manager [7000] - The Windows Search service

failed to start due to the following error: The

service did not respond to the start or control

request in a timely fashion.
6/27/2012 7:03:20 AM, Error: Service Control

Manager [7009] - A timeout was reached (30000

milliseconds) while waiting for the Windows Error

Reporting Service service to connect.
6/27/2012 5:32:05 AM, Error: Service Control

Manager [7011] - A timeout (30000 milliseconds)

was reached while waiting for a transaction

response from the NIS service.
6/27/2012 5:32:05 AM, Error: Service Control

Manager [7011] - A timeout (30000 milliseconds)

was reached while waiting for a transaction

response from the GREGService service.
6/27/2012 10:21:29 AM, Error: Service Control

Manager [7034] - The wampmysqld service

terminated unexpectedly. It has done this 1

time(s).
6/27/2012 10:20:51 AM, Error: Service Control

Manager [7000] - The X5XSEx service failed to

start due to the following error: The system

cannot find the path specified.
6/27/2012 10:20:49 AM, Error: Service Control

Manager [7024] - The wampapache service

terminated with service-specific error Incorrect

function..
6/26/2012 7:19:23 PM, Error: Microsoft-Windows-

DistributedCOM [10005] - DCOM got error "1053"

attempting to start the service gusvc with

arguments "" in order to run the server:

{89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
6/26/2012 7:19:20 PM, Error: Service Control

Manager [7009] - A timeout was reached (30000

milliseconds) while waiting for the Google

Software Updater service to connect.
6/26/2012 5:24:06 PM, Error: Service Control

Manager [7011] - A timeout (30000 milliseconds)

was reached while waiting for a transaction

response from the IPBusEnum service.
6/26/2012 3:10:18 PM, Error: Service Control

Manager [7011] - A timeout (30000 milliseconds)

was reached while waiting for a transaction

response from the Netman service.
6/26/2012 12:18:48 PM, Error: Service Control

Manager [7011] - A timeout (30000 milliseconds)

was reached while waiting for a transaction

response from the PCToolsSSDMonitorSvc service.
6/24/2012 7:51:11 PM, Error: Disk [11] - The

driver detected a controller error on \Device

\Harddisk1\DR12.
6/24/2012 6:57:01 PM, Error: Disk [11] - The

driver detected a controller error on \Device

\Harddisk1\DR7.
.
==== End Of File ===========================
NWynne74
Active Member
 
Posts: 1
Joined: June 27th, 2012, 11:01 am
Advertisement
Register to Remove

Re: searchnu.com/406 & pc cleaner

Unread postby askey127 » June 29th, 2012, 4:17 pm

Hi NWynne74,
Please do not Install, Remove , or scan with anything on your system unless I ask, until we are done.
Extra Additions and Removals of files make the analysis more difficult. Thanks.
We are removing programs involving Registry Cleaners. They don't do much good, and can corrupt your system.

Quite a lot to do here. Just take it one step at a time, in the order given.
------------------------------------------------
Open Notepad, click Format, and make sure Word Wrap is NOT checked.
If Word Wrap is checked, click it, and click Format again to make sure Word Wrap is now UNchecked.
Leave Notepad in this mode for all replies to this forum.
The logs are more difficult to analyze with Word Wrap ON.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

Windows iLivid Toolbar
Registry Mechanic 10.0
PC Cleaners
Norton Internet Security

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
---------------------------------------------
Run CKScanner
Download CKScanner from HERE
Important - Save it to your desktop.
Right-Click CKScanner.exe, choose Run as administrator and click Search For Files.
After a couple minutes or less, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved. Please run the program just once.
Double-click the CKFiles.txt icon on your desktop, give permission if asked, and copy/paste the contents in your next reply.
----------------------------------------------
Preliminary Removals with an OTL Custom Fix
Please right-click on the filename link below and select "Save target as..." or "Save Link as...", choose the Desktop location, and choose to save as the filename :Fix.txt
SQW7-Vista_x64.TXT
Make sure that Fix.txt is the exact filename used.
----------------------------------------------
Perform a Custom Fix with OTL
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
Right Click the OTL icon and choose "Run as administrator"
  • Click the Run Fix button at the top.
  • You will see a popup dialog reporting "No fix has been provided. Click OK to load from a file or Cancel". Click on OK
  • When the Open dialog comes up, Navigate to the Desktop, scroll to highlight the file named Fix.txt and click Open
  • Some text will appear in the Custom scans/Fixes box.
  • Click the Run Fix button in OTL.
  • Let the program run unhindered and reboot the PC when it is done.
    When the computer Reboots, and you start your usual account, a Notepad text file will appear.
  • Copy the contents of that file and post it in your next reply. The file will also appear on your desktop as OTL.txt

---------------------------------------------
Evaluate Leftovers
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it. OK the User Account Control.
  • Copy the content of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    
    :folderfind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    
    :Regfind
    Fun4IM
    Bandoo
    Searchnu
    Searchqu
    iLivid
    whitesmoke
    datamngr
    kelkoopartners
    trolltech
    
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The results log can also be found on your Desktop, entitled SystemLook.txt
---------------------------------------------------
So, In Your Reply, we will be looking for the following :
The contents of:
  • CKFiles.txt
  • OTL.txt
  • SystemLook.txt
Please feel free to use separate replies.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: searchnu.com/406 & pc cleaner

Unread postby askey127 » July 2nd, 2012, 4:57 pm

Due to Lack of Response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 25 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware