Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

COMPUTER IS RUNNING SLOW AND POP UP WINDOWS KEEP POPPING UP

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

COMPUTER IS RUNNING SLOW AND POP UP WINDOWS KEEP POPPING UP

Unread postby tdc2719 » March 6th, 2013, 3:10 pm

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2
Run by Tracy at 14:00:41 on 2013-03-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2663.1126 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Users\Tracy\AppData\Local\Skillbrains\lightshot\3.4.0.0\LightShot.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Novatel Wireless\Virgin Mobile\MobiLink3.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Users\Tracy\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Users\Tracy\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
C:\Users\Tracy\AppData\Roaming\IMVUClient\IMVUClient.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT32878 ... 691A10AEAF
uDefault_Page_URL = hxxp://start.toshiba.com
mStart Page = hxxp://www.aol.com/?mtmhp=hyplogusaolp00000044
uProxyOverride = <local>
uURLSearchHooks: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll
uURLSearchHooks: VisualBee V.3 Toolbar: {bf9194c2-b86d-4ebc-9b53-1c08b6ff779e} - C:\Program Files (x86)\VisualBee_V.3\prxtbVis0.dll
mURLSearchHooks: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll
mURLSearchHooks: VisualBee V.3 Toolbar: {bf9194c2-b86d-4ebc-9b53-1c08b6ff779e} - C:\Program Files (x86)\VisualBee_V.3\prxtbVis0.dll
mWinlogon: Userinit = userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll
BHO: VisualBee V.3 Toolbar: {bf9194c2-b86d-4ebc-9b53-1c08b6ff779e} - C:\Program Files (x86)\VisualBee_V.3\prxtbVis0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: smartdownloader Class: {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Program Files (x86)\PutLockerDownloader\smarterdownloader.dll
TB: IMVU Inc Toolbar: {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll
TB: VisualBee V.3 Toolbar: {bf9194c2-b86d-4ebc-9b53-1c08b6ff779e} - C:\Program Files (x86)\VisualBee_V.3\prxtbVis0.dll
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
uRun: [LightShot] C:\Users\Tracy\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
uRun: [MobiLink3] C:\Program Files (x86)\Novatel Wireless\Virgin Mobile\MobiLink3.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [SearchProtect] C:\Users\Tracy\AppData\Roaming\SearchProtect\bin\cltmng.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
StartupFolder: C:\Users\Tracy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download Photo... - C:\Program Files (x86)\DelorTech, Ltd\dfp 1.0\FBDownloader.dll/500
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {1D082E71-DF20-4AAF-863B-596428C49874} - hxxp://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} - hxxp://www.worldwinner.com/games/v53/ww ... hearts.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launch ... wwload.cab
DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} - hxxp://www.worldwinner.com/games/v41/ha ... angman.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} - hxxp://www.worldwinner.com/games/v54/ww ... spades.cab
TCP: NameServer = 64.89.70.2 64.89.74.2
TCP: Interfaces\{BD8D8D44-C99A-4463-ACFD-C0040303F56A} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{C26F29B9-266B-4AF9-B233-1DD79F1A164E} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{C26F29B9-266B-4AF9-B233-1DD79F1A164E} : DHCPNameServer = 64.89.70.2 64.89.74.2
TCP: Interfaces\{C26F29B9-266B-4AF9-B233-1DD79F1A164E}\D4F657E6471696E66596374716 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{C26F29B9-266B-4AF9-B233-1DD79F1A164E}\D4F657E6471696E66596374716 : DHCPNameServer = 10.0.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp msoidssp
x64-mStart Page = hxxp://www.aol.com/?mtmhp=hyplogusaolp00000044
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\2pd4k8h0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?q={searchTerms}&s_it=outbrowseaol-ff&s_qt=sb&tb_uuid=20121112073721658&tb_oid=12-11-2012&tb_mrud=16-02-2013
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT32878 ... 691A10AEAF
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npkimi.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\2pd4k8h0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\2pd4k8h0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\2pd4k8h0.default\extensions\{bf9194c2-b86d-4ebc-9b53-1c08b6ff779e}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\2pd4k8h0.default\extensions\{bf9194c2-b86d-4ebc-9b53-1c08b6ff779e}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-23 10:55; savevalet@savevalet.com; C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\2pd4k8h0.default\extensions\savevalet@savevalet.com.xpi
FF - ExtSQL: 2013-01-31 19:07; {90b49673-5506-483e-b92b-ca0265bd9ca8}; C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\2pd4k8h0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
FF - ExtSQL: 2013-03-06 13:55; {bf9194c2-b86d-4ebc-9b53-1c08b6ff779e}; C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\2pd4k8h0.default\extensions\{bf9194c2-b86d-4ebc-9b53-1c08b6ff779e}
.
---- FIREFOX POLICIES ----
user_pref('extensions.dealply.partner', 'vita');
.
user_pref('extensions.dealply.channel', 'vitausfilewincom');
.
user_pref('extensions.dealply.installId', 'v24300296422608759728792012110619595928');
.
user_pref('extensions.dealply.installIdSource', 'inst');
.
user_pref('extensions.dealply.sampleGroup', '8');
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_de ... 4486d89&q=
FF - user.js: extensions.BabylonToolbar.id - 481207b2000000000000e0ca94486d89
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15651
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.820:01:18
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
, en);
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=nv1&ir ... 2048955309
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Funmoods
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=nv1&ir ... 2048955309
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=nv1&ir ... 8955309&q=
FF - user.js: extensions.funmoods.id - E0CA94486D8907B2
FF - user.js: extensions.funmoods.instlDay - 15684
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.223:6:49
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - nv1
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - nv1
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 481207b2000000000000e0ca94486d89
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15755
FF - user.js: extensions.delta.vrsn - 1.8.10.0
FF - user.js: extensions.delta.vrsni - 1.8.10.0
FF - user.js: extensions.delta.vrsnTs - 1.8.10.016:39:56
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-8-31 75904]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-8-31 38016]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2012-2-17 482384]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-11-2 984144]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-11-2 370288]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-2-17 204288]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-11-2 25232]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-11-2 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-1 44808]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2010-8-17 2024864]
R2 NvtlService;NovaCore SDK Service;C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [2009-8-24 82432]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-8-31 126392]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-11-11 137512]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-8-31 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-9-27 76912]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-8-31 38096]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-8-31 1109096]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S2 SProtection;SProtection;C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe --> C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe [?]
S3 NWVMModem;Virgin Mobile USB Modem Driver;C:\windows\System32\drivers\nwvmmdm.sys [2009-5-15 213376]
S3 NWVMPort;Virgin Mobile USB Status Port Driver;C:\windows\System32\drivers\nwvmser.sys [2009-5-15 213376]
S3 NWVMPort2;Virgin Mobile USB Status2 Port Driver;C:\windows\System32\drivers\nwvmser2.sys [2009-5-15 213376]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-8-31 243712]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
.
=============== Created Last 30 ================
.
2013-03-06 18:39:58 -------- d-----w- C:\Users\Tracy\AppData\Local\VisualBeeClient
2013-03-06 18:38:42 -------- d-----w- C:\Program Files (x86)\VisualBee_V.3
2013-03-06 18:37:44 -------- d-----w- C:\Users\Tracy\AppData\Local\VisualBeeExe
2013-03-06 18:37:22 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-03-06 18:36:41 -------- d-----w- C:\Users\Tracy\AppData\Roaming\SearchProtect
2013-03-06 18:34:14 -------- d-----w- C:\ProgramData\VisualBee
2013-03-06 18:33:16 -------- d-----w- C:\Users\Tracy\AppData\Roaming\PerformerSoft
2013-03-06 18:33:11 19632 ----a-w- C:\windows\System32\roboot64.exe
2013-03-06 18:33:06 -------- d-----w- C:\ProgramData\IBUpdaterService
2013-03-06 18:33:02 -------- d-----w- C:\Users\Tracy\AppData\Roaming\File Scout
2013-03-06 18:26:43 388096 ----a-r- C:\Users\Tracy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-03-06 18:26:42 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-03-05 15:43:38 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DB94480B-BB6F-42FD-9D91-97CB3873E8A6}\mpengine.dll
2013-03-02 00:30:44 -------- d-----w- C:\Users\Tracy\AppData\Local\{8D5BE544-7260-46B2-8358-C8ADDFEC908C}
2013-02-27 08:02:26 2284544 ----a-w- C:\windows\SysWow64\msmpeg2vdec.dll
2013-02-27 08:02:25 2776576 ----a-w- C:\windows\System32\msmpeg2vdec.dll
2013-02-27 08:02:25 221184 ----a-w- C:\windows\System32\UIAnimation.dll
2013-02-27 08:02:25 187392 ----a-w- C:\windows\SysWow64\UIAnimation.dll
2013-02-27 08:02:09 465920 ----a-w- C:\windows\System32\WMPhoto.dll
2013-02-27 08:02:09 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll
2013-02-20 17:07:55 96664 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2013-02-19 21:42:14 -------- d-----w- C:\Program Files (x86)\SaveValet
2013-02-19 21:42:07 -------- d-----w- C:\Users\Tracy\AppData\Local\Solid Savings
2013-02-19 21:40:28 -------- d-----w- C:\Users\Tracy\AppData\Local\Wajam
2013-02-18 19:03:53 -------- d-----w- C:\Users\Tracy\AppData\Local\{E69E7D88-B3C9-4EB8-8625-8FBB9F7649A8}
2013-02-13 04:58:00 -------- d-----w- C:\Users\Tracy\AppData\Local\{0CC68B22-2262-4323-BB7A-E9907F238868}
2013-02-13 04:08:13 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 04:08:12 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-12 19:54:34 5553512 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-02-12 19:54:32 3967848 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-02-12 19:54:30 3913064 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-02-12 19:49:32 3153408 ----a-w- C:\windows\System32\win32k.sys
2013-02-12 19:35:45 215040 ----a-w- C:\windows\System32\winsrv.dll
2013-02-12 19:35:44 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2013-02-12 19:35:44 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2013-02-12 19:35:44 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2013-02-12 19:35:44 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2013-02-12 19:35:40 2048 ----a-w- C:\windows\SysWow64\user.exe
2013-02-12 19:34:43 1913192 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-02-12 19:34:42 288088 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2013-02-12 18:07:58 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-09 05:23:56 -------- d-----w- C:\Users\Tracy\AppData\Local\{60BD0C74-6B93-40C7-B767-071308953AC9}
2013-02-05 21:27:30 -------- d-----w- C:\Users\Tracy\AppData\Roaming\DealPly
.
==================== Find3M ====================
.
2013-03-06 10:38:36 770384 ----a-w- C:\windows\SysWow64\msvcr100.dll
2013-03-06 10:38:36 421200 ----a-w- C:\windows\SysWow64\msvcp100.dll
2013-02-27 06:53:19 691568 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 06:53:18 71024 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 18:07:41 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-02-12 18:07:41 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-01-17 06:28:58 273840 ------w- C:\windows\System32\MpSigStub.exe
2013-01-13 21:17:03 9728 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\windows\System32\d3d10level9.dll
2013-01-13 19:20:42 194560 ----a-w- C:\windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\windows\System32\d2d1.dll
2013-01-13 18:34:58 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:09:52 522752 ----a-w- C:\windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\windows\System32\XpsPrint.dll
2013-01-09 01:19:09 2312704 ----a-w- C:\windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-01-04 04:43:21 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2012-12-16 17:11:22 46080 ----a-w- C:\windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\windows\System32\esrb.rs
.
============= FINISH: 14:03:19.04 ===============





.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/25/2011 9:08:05 AM
System Uptime: 3/6/2013 12:02:28 PM (2 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: AMD E-300 APU with Radeon(tm) HD Graphics | Socket FT1 | 1300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 452 GiB total, 402.822 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP111: 3/5/2013 10:42:17 AM - Windows Update
RP112: 3/6/2013 1:25:51 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4) MUI
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
ATI Catalyst Install Manager
avast! Free Antivirus
Broadband2Go
Canon MP280 series MP Drivers
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Conexant HD Audio
D3DX10
dfp 1.0
ETDWare PS/2-X64 8.0.8.0_R01
Gyazo 1.0
HiJackThis
Imikimi Plugin
IMVU Avatar Chat Software
IMVU Inc Toolbar
InstallVC90Support
iTunes
Java 7 Update 13
Java Auto Updater
Java(TM) 6 Update 31
Junk Mail filter update
Label@Once 1.0
lightshot-3.4.0.0
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office Click-to-Run 2010
Microsoft Online Services Sign-in Assistant
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 19.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
ooVoo
OpenOffice.org 3.1
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
RealUpgrade 1.1
Search Protect by conduit
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Skype Launcher
Skype™ 6.1
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Laptop Checkup
TOSHIBA Media Controller
Toshiba Online Backup
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA VIDEO PLAYER
TOSHIBA Web Camera Application
TOSHIBARegistration
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Virgin Mobile Broadband Modem Drivers
Visual Studio 2008 x64 Redistributables
VisualBee for Microsoft PowerPoint
VisualBee V.3 Toolbar
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Messenger
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
3/6/2013 12:03:05 PM, Error: Service Control Manager [7000] - The SProtection service failed to start due to the following error: The system cannot find the file specified.
3/5/2013 11:32:05 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer JACKIE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C26F29B9-266B-4AF9-B233-1DD79F1A164E}. The master browser is stopping or an election is being forced.
3/4/2013 11:44:00 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.10.0.76. The computer with the IP address 10.10.0.47 did not allow the name to be claimed by this computer.
.
==== End Of File ===========================
tdc2719
Regular Member
 
Posts: 53
Joined: July 23rd, 2009, 10:11 pm
Advertisement
Register to Remove

Re: COMPUTER IS RUNNING SLOW AND POP UP WINDOWS KEEP POPPING

Unread postby pgmigg » March 6th, 2013, 3:56 pm

Hello tdc2719,

Welcome back to the forum! :)

My nickname is pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: COMPUTER IS RUNNING SLOW AND POP UP WINDOWS KEEP POPPING

Unread postby tdc2719 » March 6th, 2013, 5:35 pm

thanks i will await your response...
tdc2719
Regular Member
 
Posts: 53
Joined: July 23rd, 2009, 10:11 pm

Re: COMPUTER IS RUNNING SLOW AND POP UP WINDOWS KEEP POPPING

Unread postby pgmigg » March 6th, 2013, 5:43 pm

Hello tdc2719,
thanks i will await your response...
You got it... :D

Step 1.
For safety reason (to have a good registry to restore if needed), I will ask you to create a System Restore Point (SRP) before
most of my instructions sets...
Create a System Restore Point
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks please click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection, then choose Create.
  4. In the System Restore dialog box, type a description for the restore point and then click Create again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK, then close the System Restore dialog.

If you have successfully created a System Restore Point... we can proceed.
If you have NOT successfully created a System Restore Point... do not go any further!
Please post back so we can determine why it was unsuccessful.


Step 2.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the word Code: into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Java Auto Updater
    Java 7 Update 9
    Java 7 Update 9 (64-bit)
    Search Protect by conduit
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.

Step 3.
Image Junkware Removal Tool
  1. Please download Junkware Removal Tool and save JRT.exe to your Desktop.
  2. Shut down your protection software as shown in This topic now to avoid potential conflicts.
  3. Right click on JRT.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  4. Please be patient as this can take a while to complete depending on your system's specifications.
  5. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  6. Please post the contents of JRT.txt into your next reply.

Step 4.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL - Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Include 64 bit scans
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.


Step 5.
SystemLook
Please download SystemLook_x64.exe by jpshortstuff and save it to your Desktop.
Alternate download site.
  1. Right click on SystemLook_x64.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries into SystemLook's main text entry window:
    Code: Select all
    :filefind
    *Bandoo*
    *Babylon*
    *Community*
    *Conduit*
    *datamngr*
    *Fun4IM*
    *Funmoods*
    *iLivid*
    *IObit*
    *Iminent*
    *Searchqu*
    *Searchnu*
    *Tarma*
    *trolltech*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :folderfind
    *Babylon*
    *Bandoo*
    *Community*
    *Conduit*
    *datamngr*
    *Fun4IM*
    *Funmoods*
    *iLivid*
    *IObit*
    *Iminent*
    *Searchqu*
    *Searchnu*
    *Tarma*
    *trolltech*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :Regfind
    Babylon
    Bandoo
    Community
    Conduit
    datamngr
    Fun4IM
    Funmoods
    iLivid
    IObit
    Iminent
    Searchqu
    Searchnu
    Tarma
    trolltech
    vshare
    whitesmoke
    Yontoo
    
  3. Press the Look button to start the scan.
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the JRT.txt log file
  3. Contents of a OTL.txt log file
  4. Contents of a Extras.txt log file
  5. Contents of the SystemLook.txt log file
  6. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: COMPUTER IS RUNNING SLOW AND POP UP WINDOWS KEEP POPPING

Unread postby tdc2719 » March 9th, 2013, 11:01 pm

doing the scans now will have your logs shortly sry for the delay
tdc2719
Regular Member
 
Posts: 53
Joined: July 23rd, 2009, 10:11 pm

Re: COMPUTER IS RUNNING SLOW AND POP UP WINDOWS KEEP POPPING

Unread postby pgmigg » March 12th, 2013, 12:30 pm

Hello tdc2719,
doing the scans now will have your logs shortly sry for the delay
I am still waiting for your logs... :(

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: COMPUTER IS RUNNING SLOW AND POP UP WINDOWS KEEP POPPING

Unread postby Cypher » March 16th, 2013, 2:24 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 46 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware