Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

yahoo controls firefox, delays in loading, browsing

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 17th, 2014, 12:24 am

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.45.2
Run by suzanne at 20:17:02 on 2014-12-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3070.874 [GMT -8:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2015\avgfws.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\suzanne\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://mysearch.avg.com/?cid=%7BDE1319 ... g=0&sap=hp
uWindow Title = Internet Explorer provided by Dell
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [AVG-Secure-Search-Update_1113a] c:\users\suzanne\appdata\roaming\avg 1113a campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=22fb0c29680247d3bfd9d1544f7684f4-b4aeb2ffa57cb76ec3863b7deedcf62eddb442fb /CMPID=1113a
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HP Officejet 6700 (NET)] "c:\program files\hp\hp officejet 6700\bin\ScanToPCActivationApp.exe" -deviceID "CN31D9QJ8D05RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRunOnce: [Adobe Speed Launcher] 1418743159
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
StartupFolder: c:\users\suzanne\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\suzanne\appdata\roaming\dropbox\bin\Dropbox.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableVirtualization = dword:0
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smart print 2.0\smartprintsetup.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{DFE6386E-817F-499D-8CBD-28EBD9FF463A} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{DFE6386E-817F-499D-8CBD-28EBD9FF463A}\C41627279772370286F6573756 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{DFE6386E-817F-499D-8CBD-28EBD9FF463A}\C496E6B63797373383137333 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{DFE6386E-817F-499D-8CBD-28EBD9FF463A}\C696E6B6379737 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{DFE6386E-817F-499D-8CBD-28EBD9FF463A}\E4544574541425F5548545 : DHCPNameServer = 192.168.1.250
TCP: Interfaces\{DFE6386E-817F-499D-8CBD-28EBD9FF463A}\E65667164616D2E65647 : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\18.1.9\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\615\G2AWinLogon.dll
AppInit_DLLs= c:\progra~1\google\google~1\GO36F4~1.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\39.0.2171.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: k9filter.exe - c:\windows\1.EXE
IFEO: mpcmdrun - c:\windows\1.EXE
IFEO: mpsvc.dll - c:\windows\1.EXE
IFEO: mpuxsrv.exe - c:\windows\1.EXE
IFEO: msascui - c:\windows\1.EXE
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\suzanne\appdata\roaming\mozilla\firefox\profiles\9d0lcyki.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8 ... f-yff26&p=
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.7\npapicomadapter.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-18 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-10-5 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2013-9-26 47928]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-10-29 213784]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-28 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-10-10 200984]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-12-9 42784]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2015\avgfws.exe [2014-11-9 1486664]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2015\avgidsagent.exe [2014-11-9 3488784]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2015\avgwdsvc.exe [2014-11-9 298080]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2011-3-20 1500160]
R3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\DynCal.sys [2007-11-7 12928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-6-25 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-2-13 108032]
S3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2009-7-10 25856]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-30 52224]
S4 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
S4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128]
S4 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe -service --> c:\windows\system32\dleacoms.exe -service [?]
S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-5-7 30192]
S4 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackup\MemeoBackgroundService.exe [2010-4-22 25824]
S4 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-1-27 226624]
.
=============== Created Last 30 ================
.
2014-12-03 06:31:20 227048 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2014-11-26 16:56:50 -------- d-----w- c:\users\suzanne\appdata\roaming\AVG2015
2014-11-26 16:53:54 -------- d-----w- c:\programdata\AVG2015
2014-11-26 16:08:13 -------- d-----w- c:\users\suzanne\appdata\local\Avg2015
.
==================== Find3M ====================
.
2014-12-08 15:18:48 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-08 15:18:48 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-31 01:35:44 319456 ----a-w- c:\windows\DIFxAPI.dll
2014-10-30 05:34:52 213784 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-10-14 04:07:56 42784 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2014-10-10 22:13:58 200984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
============= FINISH: 20:19:04.06 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 1/2/2011 4:08:14 PM
System Uptime: 12/16/2014 1:51:03 PM (7 hours ago)
.
Motherboard: Dell Inc. | | 0RY007
Processor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz | Socket 775 | 2400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 456 GiB total, 393.213 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.952 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Pure Networks Wireless Driver
Device ID: ROOT\LEGACY_PURENDIS\0000
Manufacturer:
Name: Pure Networks Wireless Driver
PNP Device ID: ROOT\LEGACY_PURENDIS\0000
Service: purendis
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Image File Execution Options =============
.
IFEO: k9filter.exe - c:\windows\1.EXE
IFEO: mpcmdrun - c:\windows\1.EXE
IFEO: mpsvc.dll - c:\windows\1.EXE
IFEO: mpuxsrv.exe - c:\windows\1.EXE
IFEO: msascui - c:\windows\1.EXE
IFEO: msascui.exe - "c:\windows\1.exe" /z
IFEO: MSconfig.exe - c:\windows\1.EXE
IFEO: msmpeng.exe - "c:\windows\1.exe" /z
IFEO: MSseces - c:\windows\1.EXE
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Flash Player 15 ActiveX
Adobe Reader XI (11.0.10)
Adobe Shockwave Player 11.5
AVG 2014
AVG 2015
AVG SafeGuard toolbar
Bing Rewards Client Installer
Browser Address Error Redirector
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help English
CCC Help French
CCC Help German
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Polish
CCC Help Portuguese
CCC Help Spanish
CCC Help Thai
CCC Help Turkish
D3DX10
Dell DataSafe Online
Dell Driver Download Manager
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell V310-V510 Series
Dropbox
Google Chrome
Google Desktop
Google Earth
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist Corporate
Highlight Viewer (Windows Live Toolbar)
HP FWUpdateEDO2
HP Officejet 6700 Basic Device Software
HP Officejet 6700 Help
HP Officejet 6700 Product Improvement Study
HP Photo Creations
HP Print Diagnostic Utility
HP Update
HPDiagnosticAlert
I.R.I.S. OCR
Intel(R) PRO Network Connections 12.1.11.0
Java 7 Update 45
Java Auto Updater
Junk Mail filter update
Linksys Connect
Malwarebytes Anti-Malware version 1.75.0.1300
Memeo Instant Backup
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Flight Simulator X
Microsoft IntelliPoint 8.2
Microsoft IntelliType Pro 8.2
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007 Subscription
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MotoHelper 2.0.45 Driver 5.0.0
MotoHelper MergeModules
Motorola Mobile Drivers Installation 5.0.0
Mozilla Firefox 34.0.5 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Music, Photos & Videos Launcher
OGA Notifier 2.0.0048.0
Product Documentation Launcher
QualxServ Service Agreement
QuickTime
RealFlight G4 R/C Simulator
RealFlight G5 R/C Simulator
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Seagate Dashboard
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition
Segoe UI
Skins
Skype™ 6.3
Smart Menus (Windows Live Toolbar)
Spelling Dictionaries Support For Adobe Reader 8
TeamViewer 8
University of Washington
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User's Guides
VibrateGameDeviceDriver
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.0
WebEx Support Manager for Internet Explorer
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Updater Component
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
12/16/2014 7:17:53 AM, Error: Service Control Manager [7000] - The Pure Networks Wireless Driver service failed to start due to the following error: The system cannot find the file specified.
12/16/2014 7:17:53 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126
.
==== End Of File ===========================
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm
Advertisement
Register to Remove

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 17th, 2014, 6:29 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 17th, 2014, 6:38 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Infected? Virus, malware, adware, ransomware, oh my!" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi doby108

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

As an added safety precaution, before we start removing anything, I'd like you to make a backup of your Registry, which we can restore to if necessary.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Please observe these rules while we work:
  • Do not edit your logs in any way whatsoever.
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Windows 7, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


  • Download FRST to your Desktop.
  • Double click Frst.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.

Next ...

I need you to run a Search for me using FRST ....

  • Double click Frst.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to the disclaimer.
    • Copy/Paste or Type the following line into the Search: box.
    yahoo;1.exe

    • Press the Search Registry button.
    • When finished searching a log will open on your Desktop ... Search.txt
    • Please post it in your next reply.

Summary of the logs I need from you in your next post:
  • FRST.txt
  • Addition.txt
  • Search.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 19th, 2014, 7:49 pm

i have a Seagate external harddrive, don't know how to back up my harddrive. suzanne
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 19th, 2014, 8:24 pm

For a full backup, which will return your machine back to the way it is at present if anything goes wrong, the easiest way is using the inbuilt backup facility in Windows.

Connect your external Seagate drive to your computer and then do the following ...

  • Click Start > Control Panel
  • Under the System and Security category click Backup your computer
  • Click on Create a System Image
  • Check the button named on a hard disk is selected, then select your external drive from the drop down list to the right of it.
  • Click Next
  • Check that you've got enough space on the drive from the details shown, then click start backup

... you'll then have to wait until the backup is finished.

Depending on how much stuff you've got, that could take a while.

Alternatively, if you're only bothered about not losing your personal files and folders (pictures, music, films etc.) then just copy/paste them from your hard drive to the plugged in Seagate drive. Easiest way is to just right click on Documents and select Copy, then right click on your Seagate drive and click Paste, that usually gets most of them.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 19th, 2014, 10:45 pm

ok. backing up. will post logs asap. probably tomorrow sometime! thanks speedy gary r!
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 20th, 2014, 1:34 am

Talk to you then. :)
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 20th, 2014, 10:45 pm

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-12-2014
Ran by suzanne (administrator) on MCGILLCOGILPC on 20-12-2014 18:33:54
Running from C:\Users\suzanne\Desktop
Loaded Profiles: suzanne & Properties (Available profiles: suzanne & Properties)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\suzanne\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Tweaking.com) C:\Program Files\Tweaking.com\Registry Backup\TweakingRegistryBackup.exe
(Tweaking.com) C:\Program Files\Tweaking.com\Registry Backup\files\vss_start.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Program Files\Tweaking.com\Registry Backup\files\vss_7_8_2008_2012_32.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Tweaking.com) C:\Program Files\Tweaking.com\Registry Backup\files\vss_pause.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2640408 2014-11-06] ()
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\suzanne\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=22fb0c29680247d3bfd9d1544f7684f4-b4aeb2ffa57cb76ec3863b7deedcf62eddb442fb /CMPID=1113a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-05-07] (Google Inc.)
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [18643560 2013-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\RunOnce: [Adobe Speed Launcher] => 1418880565
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe [829832 2013-10-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {46605aef-1efb-11e2-8f4e-001d09926d07} - F:\MotoCastSetup.exe -a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {b84ff1ec-6d02-11e0-938e-806e6f6e6963} - F:\setup.exe -a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {ca33c8e7-848a-11e1-806f-001d09926d07} - L:\setup.exe -a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Winlogon: [Shell]
HKU\S-1-5-21-933171571-4239247224-1375863430-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-05-07] (Google Inc.)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-09-09] (Google)
IFEO\k9filter.exe: [Debugger] c:\windows\1.EXE
IFEO\mpcmdrun: [Debugger] c:\windows\1.EXE
IFEO\mpsvc.dll: [Debugger] c:\windows\1.EXE
IFEO\mpuxsrv.exe: [Debugger] c:\windows\1.EXE
IFEO\msascui: [Debugger] c:\windows\1.EXE
IFEO\msascui.exe: [Debugger] "c:\windows\1.exe" /z
IFEO\MSconfig.exe: [Debugger] c:\windows\1.EXE
IFEO\msmpeng.exe: [Debugger] "c:\windows\1.exe" /z
IFEO\MSseces: [Debugger] c:\windows\1.EXE
Startup: C:\Users\suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7BDE1319 ... g=0&sap=hp
HKU\S-1-5-21-933171571-4239247224-1375863430-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=0080507
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = http://searchservice.myspace.com/index. ... sults&qry={searchTerms}&type=Web&orig=IMC-IE
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.pogo.iplay.com/searchresul ... =chrome&q={searchTerms}
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=fYA7JN-E ... DDt7El8?q={searchTerms}
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={DE131920-30A6-45CD-8D5E-504D8AF4E88F}&mid=22fb0c29680247d3bfd9d1544f7684f4-b4aeb2ffa57cb76ec3863b7deedcf62eddb442fb&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-09 03:36:50&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {AB07185D-66FE-4177-804B-8603D172DA62} URL = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1003 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=n7ktXOje ... N6FflJM?q={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Dell\BAE\BAE.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\9d0lcyki.default
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://search.yahoo.com/search?ei=UTF-8 ... f-yff26&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @oberon-media.com/ONCAdapter -> C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Yahoo! Toolbar - C:\Users\suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\9d0lcyki.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-10-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-21]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 [2014-10-13]
FF Extension: No Name - {20a82645-c095-46ed-80e3-08825760534b} [Not Found]

Chrome:
=======
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> http://mysearch.avg.com/search?cid={DE131920-30A6-45CD-8D5E-504D8AF4E88F}&mid=22fb0c29680247d3bfd9d1544f7684f4-b4aeb2ffa57cb76ec3863b7deedcf62eddb442fb&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-12-09 03:36:50&v=17.1.2.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv=2&cid={DE131920-30A6-45CD-8D5E-504D8AF4E88F}&mid=22fb0c29680247d3bfd9d1544f7684f4-b4aeb2ffa57cb76ec3863b7deedcf62eddb442fb&lang=en&ds=AVG&pr=fr&d=2013-12-09 03:36:50&v=18.1.0.444&pid=safeguard&sg=0
CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Oberon com adapter) - C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.30.255) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Move Streaming Media Player) - C:\Users\suzanne\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\suzanne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-12]
CHR Extension: (Google Wallet) - C:\Users\suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2007-12-05] (Andrea Electronics Corporation)
R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S4 dlea_device; C:\Windows\system32\dleacoms.exe [598696 2010-05-21] ( )
S4 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-09] (Google)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2010-04-22] (Memeo)
S4 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [226624 2011-01-27] ()
S4 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2010-04-30] (Memeo)
S4 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-13] (SupportSoft, Inc.)
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-10-13] (AVG Secure Search)
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-04] (Atheros Communications, Inc.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213784 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-10-13] (AVG Technologies)
R3 DynCal; C:\Windows\System32\drivers\Dyncal.sys [12928 2007-11-07] (Padix Co., Ltd) [File not signed]
S3 motandroidusb; C:\Windows\System32\Drivers\motoandroid.sys [25856 2009-07-10] (Motorola)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [21784 2011-04-13] (Microsoft Corporation)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [24888 2008-04-08] (Pure Networks, Inc.)
S2 purendis; system32\DRIVERS\purendis.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 18:33 - 2014-12-20 18:34 - 00023083 _____ () C:\Users\suzanne\Desktop\FRST.txt
2014-12-20 18:33 - 2014-12-20 18:34 - 00000000 ____D () C:\FRST
2014-12-20 18:32 - 2014-12-20 18:32 - 01113600 _____ (Farbar) C:\Users\suzanne\Desktop\FRST.exe
2014-12-20 18:29 - 2014-12-20 18:29 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MCGILLCOGILPC-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2014-12-20 18:27 - 2014-12-20 18:27 - 00000000 ____D () C:\RegBackup
2014-12-20 18:26 - 2014-12-20 18:26 - 00002183 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-12-20 18:26 - 2014-12-20 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-12-20 18:26 - 2014-12-20 18:26 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-12-16 20:19 - 2014-12-16 20:19 - 00014785 _____ () C:\Users\suzanne\Desktop\dds.txt
2014-12-16 20:19 - 2014-12-16 20:19 - 00010979 _____ () C:\Users\suzanne\Desktop\attach.txt
2014-12-16 20:16 - 2014-12-16 20:16 - 00688992 ____R (Swearware) C:\Users\suzanne\Downloads\dds.scr
2014-12-12 07:15 - 2014-12-17 14:26 - 00029003 _____ () C:\Windows\setupact.log
2014-12-12 07:15 - 2014-12-12 07:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-09 10:20 - 2014-12-09 10:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-26 08:56 - 2014-11-26 08:56 - 00000000 ____D () C:\Users\suzanne\AppData\Roaming\AVG2015
2014-11-26 08:54 - 2014-11-26 08:54 - 00000937 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-26 08:53 - 2014-11-26 08:56 - 00000000 ____D () C:\ProgramData\AVG2015
2014-11-26 08:08 - 2014-12-01 08:00 - 00000000 ____D () C:\Users\suzanne\AppData\Local\Avg2015

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 18:30 - 2010-01-29 09:53 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-20 18:25 - 2013-10-15 17:12 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-20 18:19 - 2012-04-08 12:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-20 14:30 - 2010-01-29 09:53 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 18:43 - 2012-03-31 15:17 - 00000000 ____D () C:\Users\suzanne\Desktop\JASON
2014-12-19 18:26 - 2011-01-02 14:44 - 00009728 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-19 18:26 - 2011-01-02 14:44 - 00009728 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-19 15:44 - 2011-01-02 15:43 - 00801978 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-17 21:19 - 2014-11-16 12:05 - 00000000 ____D () C:\Users\suzanne\AppData\Roaming\Skype
2014-12-17 14:28 - 2010-12-18 15:06 - 00000000 ___RD () C:\Users\suzanne\Dropbox
2014-12-17 14:28 - 2010-12-18 14:49 - 00000000 ____D () C:\Users\suzanne\AppData\Roaming\Dropbox
2014-12-17 14:26 - 2009-07-13 20:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-16 07:17 - 2012-05-03 17:02 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-16 07:17 - 2011-01-02 15:09 - 02287628 _____ () C:\Windows\PFRO.log
2014-12-14 19:32 - 2011-01-02 15:11 - 01994788 _____ () C:\Windows\WindowsUpdate.log
2014-12-12 07:34 - 2013-10-15 16:19 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 07:24 - 2010-12-18 14:50 - 00000000 ____D () C:\Users\suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-11 18:17 - 2010-06-09 08:56 - 00000000 ____D () C:\Program Files\Windows Live Safety Center
2014-12-11 14:22 - 2013-10-15 16:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-08 07:18 - 2012-04-08 12:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-08 07:18 - 2011-11-09 08:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-08 07:16 - 2013-10-15 17:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-26 08:54 - 2014-04-09 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-26 08:53 - 2013-10-15 17:12 - 00000000 ____D () C:\Program Files\AVG
2014-11-21 15:50 - 2013-10-15 17:15 - 00000937 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

Some content of TEMP:
====================
C:\Users\suzanne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm25png.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 12:25

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-12-2014
Ran by suzanne at 2014-12-20 18:35:19
Running from C:\Users\suzanne\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.7.609 - Adobe Systems, Inc.)
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4253 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
ccc-core-static (Version: 2007.0914.2139.36828 - ATI) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Online (HKLM\...\{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}) (Version: 1.0.21 - Dell, Inc.)
Dell Driver Download Manager (HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\f031ef6ac137efc5) (Version: 2.0.0.0 - Dell Inc.)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.09085 - Dell)
Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version: - Dell, Inc.)
Dropbox (HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Google Chrome (HKLM\...\{61D1D65D-76AF-37E3-A2AC-006AACB51587}) (Version: 65.143.49253 - Google, Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist Corporate (HKLM\...\GoToAssist) (Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)
Highlight Viewer (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6700 Basic Device Software (HKLM\...\{020B8F22-46A5-44FE-89F3-5A8E131BFE4B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Help (HKLM\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6700 Product Improvement Study (HKLM\...\{5C2B63F5-0941-4C00-8CF8-91B83FFFF756}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Print Diagnostic Utility (HKLM\...\{5E06C076-E4E7-4239-A886-B3D8AC84C166}) (Version: 1.11.0001 - Hewlett-Packard)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) PRO Network Connections 12.1.11.0 (HKLM\...\PROSetDX) (Version: - Intel)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Linksys Connect (HKLM\...\Linksys Connect) (Version: 1.5.13225.3 - Linksys LLC)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Memeo Instant Backup (HKLM\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7252 - Memeo Inc.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2007 Subscription (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MotoHelper 2.0.45 Driver 5.0.0 (HKLM\...\MotoHelper) (Version: 2.0.45 - Motorola)
MotoHelper MergeModules (Version: 1.0.0 - Motorola) Hidden
MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.0.0 (Version: 5.0.0 - Motorola Inc.) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Music, Photos & Videos Launcher (HKLM\...\{D7769185-9A7C-48D4-8874-5388743A1DE2}) (Version: 1.00.0000 - Dell Inc.)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Product Documentation Launcher (HKLM\...\{89CEAE14-DD0F-448E-9554-15781EC9DB24}) (Version: 1.00.0000 - Dell Inc.)
QualxServ Service Agreement (HKLM\...\{0F756CD9-4A1E-409B-B101-601DDC4C03AA}) (Version: 1.11.0000 - Dell Inc.)
QuickTime (HKLM\...\QuickTime) (Version: - )
RealFlight G5 R/C Simulator (HKLM\...\RealFlightG5Pro) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - )
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.0.0.809 - Memeo Inc.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skins (Version: 2007.0914.2139.36828 - ATI) Hidden
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
University of Washington (HKLM\...\{AA3A1561-8649-48C3-BBA9-575EE39EF969}) (Version: 3.0.0 - Antech Systems, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )
VibrateGameDeviceDriver (HKLM\...\{DBB7F606-0C13-4182-AD7F-427A4773580E}) (Version: 4.07.1112G - VibrateGameDeviceDriver)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WebEx Support Manager for Internet Explorer (HKLM\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000010-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000011-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000013-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000014-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000015-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000016-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000017-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000018-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000019-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Users\suzanne\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Users\suzanne\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{7DA06D40-54A0-11CF-A521-0080C77A7786}\InprocServer32 -> C:\Windows\system32\tabctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Users\suzanne\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{BDC217C5-ED16-11CD-956C-0000C04E4C0A}\InprocServer32 -> C:\Windows\system32\tabctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Users\suzanne\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 02:23 - 2006-09-18 13:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C80202E-92BA-4DFA-84F9-D087C6C0D904} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {2C41D15B-E167-4CFF-95FD-0AED4BA1776F} - System32\Tasks\{F2DE7E06-06CB-4919-97D2-8A0283E6A14C} => pcalua.exe -a "C:\Users\suzanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K9S7J8S1\uninstall_flash_player[1].exe" -d C:\Users\suzanne\Desktop
Task: {32B92062-3761-45A2-9E62-91F8B71AB602} - System32\Tasks\{B1819A20-E1C1-4E89-85F9-EA87CADCF36D} => pcalua.exe -a F:\setup.exe -d F:\ -c -a
Task: {3BA3058B-6E11-42C5-B4D2-0FCBDF0AF5F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {6109739F-5903-4BFB-98BF-0CA8A99E3A48} - System32\Tasks\{F53AD887-3D8B-40EE-BBB7-0F56BD974574} => pcalua.exe -a K:\Setup.exe
Task: {6A9018F2-8AC8-40DD-A7C0-880D18D4BF22} - System32\Tasks\MotoHelper MUM => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {7994F470-E511-4083-BE2D-5116C87B7398} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {99CBEEA0-05A4-4839-BBC2-93F6BD05C8A8} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {9D1D5CA9-69AB-44A2-9A13-BD730A8E6676} - System32\Tasks\{AFD7E5C1-3687-432D-93FC-A721EBFD4389} => pcalua.exe -a E:\dcsstart.exe -d E:\
Task: {9F0F5020-968C-4DCC-A4AB-9563E0824096} - System32\Tasks\MotoHelper Routing => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {A224026B-CB59-4458-8B2E-15A92A941ECE} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {BB2FBC8A-87B0-48DB-87A7-C9AD50F35C12} - System32\Tasks\MotoHelper Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {DCA08292-3C24-4CCC-9092-616AD9FB48B8} - System32\Tasks\MotoHelper Initial Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {FC00101F-EF3B-4638-8EC3-DDF5F4DBDF48} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-08] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-01-02 19:06 - 2009-12-31 02:16 - 00049152 _____ () C:\Windows\System32\DLEAPMON.DLL
2011-01-02 19:06 - 2009-01-13 09:15 - 05709824 _____ () C:\Windows\System32\DLEAOEM.DLL
2011-12-26 16:20 - 2009-11-04 09:14 - 00157696 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\dleadrpp.dll
2014-10-13 20:08 - 2014-10-13 20:07 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-10-13 20:08 - 2014-10-13 20:07 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2013-12-10 03:37 - 2014-03-10 02:45 - 01593368 ____N () C:\Program Files\AVG SafeGuard toolbar\TBAPI.dll
2013-12-09 03:36 - 2014-11-06 19:59 - 02640408 _____ () C:\Program Files\AVG SafeGuard toolbar\vprot.exe
2014-10-21 16:22 - 2014-10-21 16:22 - 00750080 _____ () C:\Users\suzanne\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-17 14:27 - 2014-12-17 14:27 - 00043008 _____ () c:\users\suzanne\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm25png.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00047616 _____ () C:\Users\suzanne\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00863744 _____ () C:\Users\suzanne\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00200704 _____ () C:\Users\suzanne\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: dlea_device => 2
MSCONFIG\Services: GoogleDesktopManager-051210-111108 => 3
MSCONFIG\Services: GoToAssist => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: LinksysUpdater => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: MotoHelper => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nmservice => 2
MSCONFIG\Services: SeagateDashboardService => 2
MSCONFIG\Services: sprtsvc_dellsupportcenter => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^suzanne^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
MSCONFIG\startupreg: dleamon.exe => "C:\Program Files\Dell V310-V510 Series\dleamon.exe"
MSCONFIG\startupreg: dscactivate => "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
MSCONFIG\startupreg: ECenter => C:\Dell\E-Center\EULALauncher.exe
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: EzPrint => "C:\Program Files\Dell V310-V510 Series\ezprint.exe"
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: googletalk => C:\Users\suzanne\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: HP Officejet 6700 (NET) => "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN31D9QJ8D05RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: itype => "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: LELA => "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized
MSCONFIG\startupreg: Memeo Instant Backup => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: nmctxth => "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
MSCONFIG\startupreg: RTBatteryMeter => C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
MSCONFIG\startupreg: SearchEngineProtection => C:\Program Files\Gamesbar\SearchEngineProtection.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Trend Micro Titanium => "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
MSCONFIG\startupreg: Yousendit Sync Agent => "C:\Program Files\YouSendIt Desktop App\YSIAgent.exe"
MSCONFIG\startupreg: Zune Launcher => "c:\Program Files\Zune\ZuneLauncher.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-933171571-4239247224-1375863430-500 - Administrator - Disabled)
Guest (S-1-5-21-933171571-4239247224-1375863430-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-933171571-4239247224-1375863430-1002 - Limited - Enabled)
Properties (S-1-5-21-933171571-4239247224-1375863430-1003 - Administrator - Enabled) => C:\Users\Properties
suzanne (S-1-5-21-933171571-4239247224-1375863430-1000 - Administrator - Enabled) => C:\Users\suzanne

==================== Faulty Device Manager Devices =============

Name: Pure Networks Wireless Driver
Description: Pure Networks Wireless Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: purendis
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/20/2014 11:14:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/17/2014 03:01:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/16/2014 08:35:57 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/15/2014 02:33:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 6.3.73.105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 48c

Start Time: 01d0161f48def043

Termination Time: 609

Application Path: C:\Program Files\Skype\Phone\Skype.exe

Report Id:

Error: (12/14/2014 02:38:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/14/2014 11:57:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.16518 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1124

Start Time: 01d0171c0f668516

Termination Time: 889

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (12/12/2014 04:02:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/12/2014 07:54:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Exception code: 0x40000015
Fault offset: 0x00017b60
Faulting process id: 0x15a8
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3

Error: (12/11/2014 02:46:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/10/2014 09:35:36 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program PhotoCD.exe because of this error.

Program: PhotoCD.exe
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000102
Disk type: 0


System errors:
=============
Error: (12/17/2014 02:26:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (12/17/2014 02:26:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Pure Networks Wireless Driver service failed to start due to the following error:
%%2

Error: (12/16/2014 07:17:53 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (12/16/2014 07:17:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Pure Networks Wireless Driver service failed to start due to the following error:
%%2

Error: (12/15/2014 11:24:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {CA3A5461-96B5-46DD-9341-5350D3C94615}

Error: (12/12/2014 07:15:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (12/12/2014 07:15:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Pure Networks Wireless Driver service failed to start due to the following error:
%%2

Error: (12/08/2014 07:16:27 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (12/08/2014 07:16:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Pure Networks Wireless Driver service failed to start due to the following error:
%%2

Error: (12/05/2014 08:48:59 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.


Microsoft Office Sessions:
=========================
Error: (06/07/2012 01:49:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 261 seconds with 240 seconds of active time. This session ended with a crash.

Error: (05/15/2012 03:26:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 43 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/02/2012 10:07:28 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.

Error: (07/16/2009 02:09:45 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 24718 seconds with 600 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2011-01-02 13:34:24.841
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-01-02 13:34:24.623
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-01-02 13:34:24.436
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-01-02 13:34:24.202
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-01-02 13:34:23.968
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-11-23 15:40:49.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trend Micro\AMSP\module\20001\1.5.1381\Helper\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-11-23 15:40:49.685
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trend Micro\AMSP\module\20001\1.5.1381\Helper\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-11-23 15:40:49.561
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trend Micro\AMSP\module\20001\1.5.1381\Helper\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-11-23 15:40:49.451
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trend Micro\AMSP\module\20001\1.5.1381\Helper\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-11-23 15:23:45.998
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Public\Desktop\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\3.50.1166\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 3070.18 MB
Available physical RAM: 1384.92 MB
Total Pagefile: 6138.64 MB
Available Pagefile: 1538.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.64 MB

==================== Drives ================================

Drive b: (OS) (RAMDisk) (Total:455.71 GB) (Free:390.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive c: (OS) (Fixed) (Total:455.71 GB) (Free:389.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.95 GB) NTFS
Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:298.09 GB) (Free:201.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 38000000)
Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=455.7 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 298.1 GB) (Disk ID: 6286E507)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

Farbar Recovery Scan Tool (x86) Version: 21-12-2014
Ran by suzanne at 2014-12-20 18:44:20
Running from C:\Users\suzanne\Desktop
Boot Mode: Normal

================== Search Registry: "yahoo;1.exe" ===========


===================== Search result for "yahoo" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96F8C0C7-F106-437D-90DC-6C92793246C4}\LocalServer32]
""=""C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96F8C0C7-F106-437D-90DC-6C92793246C4}\VersionIndependentProgID]
""="Yahoo.Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar]
""="Yahoo! Toolbar"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]
"YahooMusicEngine.exe"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.ca"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOC~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.co.id"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOC~2.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.co.in"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOC~3.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.co.jp"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOC~4.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.co.nz"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YA186B~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.co.uk"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAE791~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.ar"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YA81CD~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.br"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YA6DAE~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.hk"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YA56AC~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.my"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YA0670~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.sg"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAC50A~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.vn"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YA38FD~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.de"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOD~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.dk"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOH~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.es"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOE~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.fr"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOF~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.ie"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOI~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.it"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOI~2.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.no"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOON~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.pl"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOP~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\User Settings\Outlook_AutoDiscover\Create\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.se"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOS~1.XML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\YahooAUService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Messenger (Yahoo!)]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Messenger (Yahoo!)]
"command"=""C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\YahooMessenger_RASMANCS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\YAHOOM~1_RASMANCS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo]

[HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\Companion]
"yid"="C:\PROGRA~1\Yahoo!"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023E9B51-8CA5-4303-8C03-5D410CE1D10E}"="v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe|Name=Yahoo! Messenger|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023E9B51-8CA5-4303-8C03-5D410CE1D10E}"="v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe|Name=Yahoo! Messenger|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023E9B51-8CA5-4303-8C03-5D410CE1D10E}"="v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe|Name=Yahoo! Messenger|"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\AppDataLow\Software\Yahoo]

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\IntelliPoint\AppSpecific\YahooMessenger.exe]

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\IntelliPoint\AppSpecific\Ymsgr_tray.exe]
"Path"="C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\IntelliType Pro\AppSpecific\YahooMessenger.exe]
"Path"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E66592B-8E7C-4A14-88A5-8BF21032F651}]
"AppPath"="C:\Program Files\Yahoo!\companion\installs\cpn"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\84a1f2da_0]
""="{0.0.0.00000000}.{d6ee871b-f4b3-4939-a6c1-8fb0ece2a236}|\Device\HarddiskVolume3\Program Files\Yahoo!\Messenger\YahooMessenger.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
"YAHOOM~1.EXE"="8888"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\MSNMessenger\RetailDbgZoneLevels]
"Zone_Yahoo"="10"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.ca"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOC~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.co.id"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOC~2.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.co.in"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOC~3.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.co.jp"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOC~4.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.co.kr"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAEF96~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.co.th"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YACB7D~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YA531A~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.au"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YA02CD~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.cn"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YA819F~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.mx"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAEA08~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.ph"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YA6D1B~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.com.tw"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAB0F6~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.de"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOD~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.dk"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOH~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.es"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOE~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.fr"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOF~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.ie"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOI~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.it"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOI~2.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.no"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOON~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.pl"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOP~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"yahoo.se"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOS~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"ybb.ne.jp"="C:\PROGRA~1\MICROS~3\Office12\OUTLOO~1\YAHOOJ~1.XML"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Users\suzanne\Downloads\yahoo_firefox_us_wrap_2013.09.18.01 (1).exe"="1"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Yahoo]
"ClientUpdatePage"="http://update.messenger.yahoo.com/msgrcli115.html"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1003\Software\AppDataLow\Software\Yahoo]

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1003\Software\Yahoo]

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1003\Software\Yahoo\pager]
"PreLogin"="http://msg.edit.yahoo.com/config/"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1003\Software\Yahoo\pager\defaults]
"VIP"="vcs1.msg.yahoo.com,vcs2.msg.yahoo.com"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1003\Software\Yahoo\pager\profiles\Skins]
"Default_SkinDir"="C:\PROGRA~1\Yahoo!\MESSEN~1\skins\Default"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1003\Software\Yahoo\pager\Ymsgip]
"Facebook Learn More"="http://help.yahoo.com/l/us/yahoo/messenger/messenger11/connectednetworks/ms11fbchat.html"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1003\Software\Yahoo\pager\YUrl]
"Product Overview"="http://messenger.yahoo.com/overview.php"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1003\Software\Yahoo\pager\YUrl]
"Send Feedback"="http://feedback.help.yahoo.com/feedback.php?.src=MSNGR10&.from=client"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1003\Software\Yahoo\pager\YUrl]
"New User Wizard"="https://invite.msg.yahoo.com/go/trueswitch/intro"

===================== Search result for "1.exe" ==========

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-net1-command-line-tool_31bf3856ad364e35_6.1.7601.17514_none_88e35d5cb2d54359]
"f!net1.exe"="0x6E006500740031002E00650078006500"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AIR.InstallerPackage\shell\open\command]
""="c:\PROGRA~1\COMMON~1\ADOBEA~1\Versions\1.0\ADOBEA~1.EXE "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96F8C0C7-F106-437D-90DC-6C92793246C4}\LocalServer32]
""=""C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D7EF780-518F-11D3-A1A2-00A0C9088422}\LocalServer32]
""="C:\PROGRA~1\TLI\LANGUA~1\TLASER~1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BABB2B95-9545-47DA-973E-298F292607CC}\InprocServer32]
""="c:\PROGRA~1\Zune\ZUNEWL~1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.aif\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\QUICKT~1.EXE,-131"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.aifc\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\QUICKT~1.EXE,-131"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.aiff\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\QUICKT~1.EXE,-131"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.dif\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\QUICKT~1.EXE,-134"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.dv\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\QUICKT~1.EXE,-134"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.mac\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\PICTUR~1.EXE,-134"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.mov\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\QUICKT~1.EXE,-137"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.pct\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\PICTUR~1.EXE,-136"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.pic\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\PICTUR~1.EXE,-136"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.psd\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\PICTUR~1.EXE,-135"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.qt\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\QUICKT~1.EXE,-137"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.qti\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\PICTUR~1.EXE,-138"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.qtif\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\PICTUR~1.EXE,-138"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\QuickTime.sd2\DefaultIcon]
""="C:\PROGRA~1\QUICKT~1\QUICKT~1.EXE,-138"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
"command"="C:\PROGRA~1\MCAFEE~1\21FF9D~1.121\SSSCHE~1.EXE "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\System Programs]
"icwconn1"="icwconn1.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\QuickTimePlayer.exe]
""="C:\PROGRA~1\QUICKT~1\QUICKT~1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2A62AF6226B56404CBA82C9362E6228F\00002119410000000000000000F01FEC]
"File"="WRD12EXE.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR]
"DisplayIcon"="c:\PROGRA~1\COMMON~1\ADOBEA~1\Versions\1.0\RESOUR~1\ADOBEA~1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpcmdrun]
"Debugger"="c:\windows\1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpuxsrv.exe]
"Debugger"="c:\windows\1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe]
"Debugger"=""c:\windows\1.exe" /z"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe]
"Debugger"=""c:\windows\1.exe" /z"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c58139ed_0]
""="{0.0.0.00000000}.{d6ee871b-f4b3-4939-a6c1-8fb0ece2a236}|\Device\HarddiskVolume3\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithList]
"c"="QUICKT~1.EXE"

====== End Of Search ======
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 21st, 2014, 2:29 am

You have disabled a large number of programs from starting at bootup using MSConfig.

MSConfig was not designed for this purpose, it was designed to be used for temporary fault finding processes. Using it this way can cause problems. If you don't want these programs to run at startup, then there are other more suitable ways that we can use once your machine is clean.

I need you to re-enable them, then run a new scan for me with FRST.

To do this ...

  • Click Start and type msconfig.exe in the Search programs and files box, then hit Enter
  • Click on the Startup tab
  • Click Enable All, then click OK
  • Restart your computer.

Now run a new scan for me with FRST ...

  • Double click Frst.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Check the Additions.txt box in the bottom right corner (or this time FRST will not produce an Addition.txt log)
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.

Next ...

Please download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan.
  • A logfile will automatically open after the scan has finished.
  • Close the adwCleaner window, click ok to the prompt.
  • Please post the contents of that logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[R1].txt.

AT THIS POINT, DO NOT ATTEMPT TO CLEAN ANYTHING THAT MAY BE FOUND

Summary of the logs I need from you in your next post:
  • New FRST.txt
  • New Additions.txt
  • ADWCleaner log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 21st, 2014, 3:09 am

' need you to re-enable them'
error comes up when i do your first step. and it says...
(Big ol red X) [ Windows cannot find ‘C:\Windows\system32\msconfig.exe’. Make sure you typed the name correctly, and then try again] I attempted 3x's

"You have disabled a large number of programs from starting at bootup using MSConfig."
i did not do this. i don't know how this happened. Cripes, it sounds serious. suzanne
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 21st, 2014, 3:12 am

I remember you said something about 'run as administrator' but that option did not come up while i was working through your process. could this have caused the problem w/ the msconfig.exe?? suzanne
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 21st, 2014, 1:36 pm

Try typing just MSConfig into the Search programs and files box, and then look to see if msconfig.exe appears in the list of items found by Windows (it should be near the top of the list).

If it's there, then click on it, and it should launch.

If it does, follow the instructions in my last post to re-enable your startup entries.

If it doesn't launch, or if it's not present in the list of items found by Windows, then let me know.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 21st, 2014, 2:43 pm

it appears, when i left click on it... i get that error message. You are half way around the world from me? suzanne
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 22nd, 2014, 5:47 am

Yes, I'm in the UK, and since your logs say your timezone is GMT -8, I would guess you're probably located somewhere on the West coast of the US.

OK, since it seems MSConfig is being a problem, I'll tell you what we'll do, we'll attend to the entries in your logs, and see where that takes us. I'm not happy about the problems with MSConfig, but we can attend to them later.

So ...

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the code box below into Notepad. (don't include Code: Select all)
Code: Select all
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {46605aef-1efb-11e2-8f4e-001d09926d07} - F:\MotoCastSetup.exe -a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {b84ff1ec-6d02-11e0-938e-806e6f6e6963} - F:\setup.exe -a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {ca33c8e7-848a-11e1-806f-001d09926d07} - L:\setup.exe -a
IFEO\k9filter.exe: [Debugger] c:\windows\1.EXE
IFEO\mpcmdrun: [Debugger] c:\windows\1.EXE
IFEO\mpsvc.dll: [Debugger] c:\windows\1.EXE
IFEO\mpuxsrv.exe: [Debugger] c:\windows\1.EXE
IFEO\msascui: [Debugger] c:\windows\1.EXE
IFEO\msascui.exe: [Debugger] "c:\windows\1.exe" /z
IFEO\MSconfig.exe: [Debugger] c:\windows\1.EXE
IFEO\msmpeng.exe: [Debugger] "c:\windows\1.exe" /z
IFEO\MSseces: [Debugger] c:\windows\1.EXE
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = http://searchservice.myspace.com/index. ... sults&qry= {searchTerms}&type=Web&orig=IMC-IE
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=fYA7JN-E ... DDt7El8?q= {searchTerms}
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1003 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=n7ktXOje ... N6FflJM?q= {searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
FF Keyword.URL: hxxp://search.yahoo.com/search?ei=UTF-8 ... f-yff26&p=
FF Extension: Yahoo! Toolbar - C:\Users\suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\9d0lcyki.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-10-22]
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpcmdrun" /v "Debugger" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpuxsrv.exe" /v "Debugger" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe" /v "Debugger" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe" /v "Debugger" /f
c:\windows\1.exe
Hosts:
EmptyTemp:

    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log, and let me know how your computer is behaving now.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 23rd, 2014, 9:22 pm

didn't work. when I type in FRST.exe under search programs... this is what appears
Unable to connect

Firefox can't establish a connection to the server at 127.0.0.1:4664.

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer's network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 134 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware