Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Gale_Tx

Pages: [1] 2 3 ... 7
1
Corrine, I give up.  I couldn't get the download to work on the lap top.  I'm back on the internet now and I tried a total of 10 times (from the beginning) to get FRST along with the fixlist.txt (the newest version) to work and I'm done.  I hate for somebody to mess with my computer but it's very clear now that I'm incapable of doing it myself even with your expert help.  I'm taking it into the shop tomorrow. 

I sincerely appreciate all your effort and time you spent trying to help me.  Believe me when I say it's not taken for granted. Thanking you doesn't seem adequate, but a huge thank you is all I have. 

2
Corrine, as of this morning, I can't get my computer to connect to the internet.  Can I do any of this stuff in safe mode?  I'm using the laptop now. 

BTW, I worked on my desktop. :thanks:     :wink:

3
I downloaded a fresh copy of FRST and it automatically scanned and placed itself on my desktop.  The saved copy of fixlist.txt that I copied and saved from your *start* to *end* is on my desktop.  BOTH of them are on my desktop.  It's still doing the same thing.  "No fixlist found"  I can take a screenshot of my desktop if you want.  I'm at a loss as to what to do.  If you are too, I will understand.   

4
Corrine, pls don't give up on me.  I'll tackle this in the AM.  :flowers:

5
I feel like such a dunce.  I didn't copy & paste the entire box the first time, but I'm getting a similar result.  I copied and pasted from *start* to *end* and created the fixlist.txt in Notepad.  Ran the program again and it tells me "No fixlist.text found. It should be in the same folder/directory the tool is located".

So, I tried placing the fixlist.txt at the bottom of the first run of FRST, ran program using FIX and get the same result.  What in the world am I doing wrong?  I've done stuff like this before with your expert instructions without a problem. I don't understand what's happening.     

6
Morning, Corrine.  If I understand this right, I'm to run FRST again since I somehow deleted it, then, type your fixlist.txt info and run it again except this time run it with FIX, right?  It keeps telling me that there isn't a fixlist.txt available and that I don't know what I'm doing.  Well, duh, we all know that.  Seriously it said that to me one time.... the nerve!  lol.  Obviously I'm doing something wrong.  I hope you can make sense of this mess I've created. 

7
dditional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03
Ran by larry at 2014-08-25 13:54:52
Running from C:\Users\larry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUVTK2UE
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{1CAFFEC6-23B4-484B-B17B-3200BE5C5636}) (Version: 99.9 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Amazon MP3 Downloader 1.0.18 (HKCU\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.0.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.0.0 - Amazon Services LLC) Hidden
AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 11.6.0.10914 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E85D1C80-28C4-76B8-5A5A-2C8D8B38D5D9}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70727.2220 - Advanced Micro Devices, Inc.) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Barn Yarn Collector's Edition (HKLM-x32\...\Barn Yarn Collector's Edition_is1) (Version: 1.0 - Playrix Entertainment)
Belarc Advisor 8.2 (HKLM-x32\...\Belarc Advisor) (Version: 8.2.7.6 - Belarc Inc.)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: 1.1.3.0 - PopCap Games)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
Chicktionary (HKLM-x32\...\Chicktionary) (Version: 32.0.0.0 - Shockwave.com)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel PaintShop Pro X5 (HKLM-x32\...\_{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}) (Version: 15.0.0.183 - Corel Corporation)
Corel PaintShop Pro X5 (x32 Version: 15.3.0.8 - Corel Corporation) Hidden
Criminal Investigation Agents: Petrodollars (HKLM-x32\...\Criminal Investigation Agents: Petrodollars) (Version: 32.0.0.0 - Shockwave.com)
Dream Inn: The Driftwood (HKLM-x32\...\Dream Inn: The Driftwood) (Version: 32.0.0.0 - Shockwave.com)
Easy Tune 6 B11.1124.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.1124.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.1214.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
EZ Fonts (HKLM-x32\...\{02F5BEE7-0AB6-4E42-9BF8-2588AAECC7F2}) (Version: 1.0.0 - EZ Fonts)
Farmington Tales (HKLM-x32\...\Farmington Tales) (Version: 32.0.0.0 - Shockwave.com)
Farmscapes™ Collector’s Edition (HKLM-x32\...\Farmscapes™ Collector’s Edition_is1) (Version:  - Playrix Entertainment)
Fishdom H2O - Hidden Odyssey (HKLM-x32\...\Fishdom H2O - Hidden Odyssey_is1) (Version: 1.0 - Playrix Entertainment)
Flip Words 2 (HKLM-x32\...\Flip Words 2) (Version: 32.0.0.0 - Shockwave.com)
GameFly (HKLM-x32\...\GameFly) (Version: 1.2.361 - GameFly, Inc.)
Gardenscapes 2 Collector's Edition (HKLM-x32\...\Gardenscapes 2 Collector's Edition_is1) (Version: 1.0 - Playrix Entertainment)
Golden Trails 2: The Lost Legacy (HKLM-x32\...\Golden Trails 2: The Lost Legacy) (Version: 32.0.0.0 - Shockwave.com)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
ICA (x32 Version: 15.0.0.183 - Corel Corporation) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IPM_PSP_COM (x32 Version: 15.0.0.183 - Corel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
LightScribe System Software (HKLM-x32\...\{705B639E-FAAF-40D7-AD58-C445321C7C3F}) (Version: 1.18.18.1 - LightScribe)
Little Shop - Memories (HKLM-x32\...\Little Shop - Memories) (Version: 32.0.0.0 - Shockwave.com)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Menu Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office XP Professional (HKLM-x32\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files: Huntsville (HKLM-x32\...\Mystery Case Files: Huntsville) (Version: 32.0.0.0 - Shockwave.com)
Nero 9 Essentials (HKLM-x32\...\{7a2e8ed1-44ea-4693-b40f-46cd50121ccd}) (Version:  - Nero AG)
Nero BurnRights (x32 Version: 3.4.13.100 - Nero AG) Hidden
Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.23.100 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.39.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.27.100 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.40.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.40.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
Nero Vision (x32 Version: 6.4.19.100 - Nero AG) Hidden
Nero Vision Help (x32 Version: 6.4.15.100 - Nero AG) Hidden
NeroExpress (x32 Version: 1.0.0.0 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
PSPPContent (x32 Version: 15.3.0.8 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 15.0.0.183 - Corel Corporation) Hidden
PSPPro64 (Version: 15.0.0.183 - Corel Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Revo Uninstaller Pro 2.5.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.9 - VS Revo Group, Ltd.)
Royal Envoy Campaign for the Crown Collector's Edition (HKLM-x32\...\Royal Envoy Campaign for the Crown Collector's Edition_is1) (Version: 1.0 - Playrix Entertainment)
Royal Envoy™ (HKLM-x32\...\Royal Envoy™) (Version: 32.0.0.0 - Shockwave.com)
Royal Envoy™ 2 Collector’s Edition (HKLM-x32\...\Royal Envoy™ 2 Collector’s Edition_is1) (Version:  - Playrix Entertainment)
Settings Alerter (HKLM-x32\...\Settings Alerter) (Version: 4.5.0.5054 - Koyote-Lab, Inc) <==== ATTENTION
Setup (x32 Version: 15.0.0.183 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1016 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-08-2014 23:29:41 Windows Update
08-08-2014 21:47:18 Installed Java 7 Update 67
10-08-2014 20:57:27 Windows Update
16-08-2014 16:24:11 Installed Adblock Plus for IE (32-bit and 64-bit)
16-08-2014 16:28:42 Windows Update
16-08-2014 18:17:13 Windows Update
20-08-2014 08:56:09 Windows Update
23-08-2014 21:35:09 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-01-31 15:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {15430D86-E600-47CA-8092-40AE3B44EAB8} - \Security Center Update - 2868679412 No Task File <==== ATTENTION
Task: {1A6F7CC1-52E2-4081-A99C-B5CC303AF92C} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe
Task: {3E689F9A-B5C0-4ECC-A707-23D43C1EB5C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {481018DA-D45D-4147-96E1-AC46F8DBDC0D} - System32\Tasks\SUPERAntiSpyware Scheduled Task 0351668c-57dc-4b09-ae48-cf24ad17e8ec => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com)
Task: {63AC7CDD-D6AA-4371-831E-C93675266F12} - \BrowserSafeguard Update Task No Task File <==== ATTENTION
Task: {797DE3E2-8A54-46EC-8FC3-A3A40E7EBA6E} - System32\Tasks\SUPERAntiSpyware Scheduled Task b2c42573-be2c-40ec-9f68-979cc2b41323 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com)
Task: {7C0038D7-5E2A-4B97-BC70-0CCA97DBD57A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {8EE6A209-23FC-4B39-B25C-F6DECC38191F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {94BE5994-9589-43FA-BBA0-2C6F96D06ACC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {D9EC3C9F-8EA8-4B14-8062-F704138261CC} - \BitGuard No Task File <==== ATTENTION
Task: {E38A01BC-5D05-46EF-B4A3-40623C95A02C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-16] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0351668c-57dc-4b09-ae48-cf24ad17e8ec.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c42573-be2c-40ec-9f68-979cc2b41323.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe

==================== Loaded Modules (whitelisted) =============

2012-06-16 09:06 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2012-09-28 15:44 - 2012-09-28 15:44 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 13:53 - 2012-09-23 13:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 13:53 - 2012-09-23 13:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-04-27 11:11 - 2009-08-24 14:38 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2013-04-05 16:55 - 2013-04-05 16:55 - 00397632 _____ () C:\Users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2014-08-05 14:21 - 2014-07-22 15:46 - 03356480 _____ () C:\Users\larry\AppData\Local\Amazon Music\Amazon Music Helper.exe
2012-04-27 11:11 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\larry:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\TEMP:24164710
AlternateDataStreams: C:\ProgramData\TEMP:268BA8AB
AlternateDataStreams: C:\ProgramData\TEMP:43A31AEA
AlternateDataStreams: C:\ProgramData\TEMP:4A93D042
AlternateDataStreams: C:\ProgramData\TEMP:581B0446
AlternateDataStreams: C:\Users\larry\Application Data:gs5sys
AlternateDataStreams: C:\Users\larry\Cookies:gs5sys
AlternateDataStreams: C:\Users\larry\Local Settings:gs5sys
AlternateDataStreams: C:\Users\larry\Templates:gs5sys
AlternateDataStreams: C:\Users\larry\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\larry\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\larry\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\larry\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Advanced SystemCare 5 => "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/25/2014 01:31:13 PM) (Source: Windows Backup) (EventID: 4100) (User: )
Description: Backup did not complete successfully because a shadow copy could not be created. Free up disk space on the drive that you are backing up by deleting unnecessary files and then try again.

8
an result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by larry (administrator) on HOME1 on 25-08-2014 13:51:02
Running from C:\Users\larry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUVTK2UE
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
() C:\Users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Users\larry\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-09-14] (AMD)
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [7762712 2014-08-16] (SUPERAntiSpyware)
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [397632 2013-04-05] ()
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [qthpasbq] => "C:\Users\larry\AppData\Local\vquwgtcj.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [kbibbtgk] => "C:\Users\larry\AppData\Local\igqvwbce.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [baoahvmi] => "C:\Users\larry\AppData\Local\kuxgnqmn.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [eocotoee] => "C:\Users\larry\AppData\Local\lnfolkwv.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [iatkrmxk] => "C:\Users\larry\AppData\Local\xrptkxuh.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [eevbsngh] => "C:\Users\larry\AppData\Local\motvtevx.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [svhjwjhd] => "C:\Users\larry\AppData\Local\corvckfv.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [wercfltq] => "C:\Users\larry\AppData\Local\ovduoxjk.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [pxtmgnvh] => "C:\Users\larry\AppData\Local\kjnanhlp.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [jnggmoga] => "C:\Users\larry\AppData\Local\rbkvkehn.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [uhmqhoxc] => "C:\Users\larry\AppData\Local\ckkxfbks.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [mexkpebw] => "C:\Users\larry\AppData\Local\puploaeo.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [faucijbp] => "C:\Users\larry\AppData\Local\uwktopvl.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [ebjrgxan] => "C:\Users\larry\AppData\Local\qfnkbele.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [trrhqjxu] => "C:\Users\larry\AppData\Local\thatwabv.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [etaidlur] => "C:\Users\larry\AppData\Local\fmgnfogj.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [knfrbcbs] => "C:\Users\larry\AppData\Local\obpfdijk.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [Udaqagas] => "C:\Users\larry\AppData\Roaming\Arfeowfi\ywbea.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [nmmjqabq] => "C:\Users\larry\AppData\Local\jocmxnqo.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [spbxdurg] => "C:\Users\larry\AppData\Local\mgxvhapw.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [rnvgpwbf] => "C:\Users\larry\AppData\Local\wpsiiwli.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [hvdxpxil] => "C:\Users\larry\AppData\Local\bqjrdcsf.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [ftmqsirc] => "C:\Users\larry\AppData\Local\execegqw.exe"
HKU\S-1-5-21-1206203810-745790748-3442225455-1000\...\Run: [Amazon Music] => C:\Users\larry\AppData\Local\Amazon Music\Amazon Music Helper.exe [3356480 2014-07-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:49160;https=127.0.0.1:49160
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x721F25E33D26CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {13253A44-8294-4edd-9F52-72B8767DA487} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKCU - {13253A44-8294-4edd-9F52-72B8767DA487} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKCU - {6FBEFB5C-187E-4975-AAA2-9E5E655E3273} URL = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKCU - {BCEF986A-41D4-4BA8-9E1A-1CEA54E1CE7F} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {FB34E09A-A38A-4891-8862-940579420660} URL = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: VideoFileDownload -> {9194649F-7143-4308-90C1-D6A35B0E354E} -> C:\Program Files (x86)\OApps\bho_project.dll No File
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.shockwave.com/content/bookwormadventures/sis/popcaploader_v10_en.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75

FireFox:
========
FF ProfilePath: C:\Users\larry\AppData\Roaming\Mozilla\Firefox\Profiles\07vbiqdk.default-1382562802549
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\larry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMcAfeeSRPlgn.dll (McAfee, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\larry\AppData\Roaming\Mozilla\Firefox\Profiles\07vbiqdk.default-1382562802549\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-29]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (SiteAdvisor) - C:\Users\larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-09-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-16] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-08-16] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
S3 McAfee ScanAndRepair Svc; "C:\Program Files (x86)\McAfeeScanAndRepair\McAfeeScanRepairSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-06-01] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [15712 2013-04-19] ()
S1 bliohipk; \??\C:\Windows\system32\drivers\bliohipk.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 13:50 - 2014-08-25 13:51 - 00000000 ____D () C:\FRST
2014-08-24 13:13 - 2014-08-24 13:13 - 00000203 _____ () C:\Users\larry\Desktop\Analysis and Malware Removal.url
2014-08-24 11:17 - 2014-08-24 11:17 - 00001308 _____ () C:\Users\larry\Desktop\attach.txt
2014-08-24 11:14 - 2014-08-24 11:15 - 00688992 ____R (Swearware) C:\Users\larry\Downloads\dds (1).scr
2014-08-24 10:51 - 2014-08-24 10:51 - 00688992 _____ (Swearware) C:\Users\larry\Downloads\dds.scr
2014-08-24 09:51 - 2014-08-24 09:51 - 00001095 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-24 09:51 - 2014-08-24 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-24 09:51 - 2014-08-24 09:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-24 09:51 - 2014-05-12 08:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-24 09:51 - 2014-05-12 08:19 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-24 09:51 - 2014-05-12 08:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-24 09:47 - 2014-08-24 09:47 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\larry\Downloads\mbam_premium.exe
2014-08-23 21:42 - 2014-08-23 21:42 - 00000169 _____ () C:\Users\larry\Desktop\Quilter's Design Board  Key West Beauty.url
2014-08-23 11:39 - 2014-08-23 11:39 - 00000204 _____ () C:\Users\larry\Desktop\Star Blocks.url
2014-08-23 11:22 - 2014-08-23 11:22 - 00000204 _____ () C:\Users\larry\Desktop\Free Design Sheets For English Paper Piecing.url
2014-08-19 15:14 - 2014-08-19 15:14 - 00000000 ____D () C:\Users\larry\AppData\Local\Adobe
2014-08-19 05:19 - 2014-08-19 05:19 - 00000000 ____D () C:\Users\larry\Desktop\Quilted Purses
2014-08-17 13:05 - 2014-08-17 13:05 - 00000146 _____ () C:\Users\larry\Desktop\True Blue Curve  Quilted Classics  QuiltedClassics.com.url
2014-08-17 11:01 - 2014-08-17 11:01 - 00000210 _____ () C:\Users\larry\Desktop\Mail Service Pharmacy  Walgreens.url
2014-08-17 09:28 - 2014-08-17 09:28 - 00000316 _____ () C:\Users\larry\Desktop\Heroin Wings Recipe  Just A Pinch Recipes.url
2014-08-16 22:16 - 2014-08-16 22:16 - 00000244 _____ () C:\Users\larry\Desktop\Ms. Elaineous Teaches Sewing Crazy Quilt Block.url
2014-08-16 21:51 - 2014-08-16 21:51 - 00000195 _____ () C:\Users\larry\Desktop\Merrell Dassie Moc Expresso - Zappos.com Free Shipping BOTH Ways.url
2014-08-16 20:18 - 2014-08-16 20:18 - 00000275 _____ () C:\Users\larry\Desktop\Quilted Pillows Tutorial ~ Experiment with Walking Foot Quilting  Sew Mama Sew .url
2014-08-16 13:18 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 13:18 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-16 13:18 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-16 13:18 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-16 13:18 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 13:18 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 13:18 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-16 13:18 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-16 11:24 - 2014-07-31 18:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-16 11:24 - 2014-07-31 18:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-16 11:24 - 2014-07-25 09:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-16 11:24 - 2014-07-25 09:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-16 11:24 - 2014-07-25 09:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-16 11:24 - 2014-07-25 08:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-16 11:24 - 2014-07-25 08:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-16 11:24 - 2014-07-25 08:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-16 11:24 - 2014-07-25 08:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-16 11:24 - 2014-07-25 08:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-16 11:24 - 2014-07-25 08:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-16 11:24 - 2014-07-25 08:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-16 11:24 - 2014-07-25 08:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-16 11:24 - 2014-07-25 08:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-16 11:24 - 2014-07-25 08:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-16 11:24 - 2014-07-25 08:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-16 11:24 - 2014-07-25 08:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-16 11:24 - 2014-07-25 07:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-16 11:24 - 2014-07-25 07:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-16 11:24 - 2014-07-25 07:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-16 11:24 - 2014-07-25 07:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-16 11:24 - 2014-07-25 07:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-16 11:24 - 2014-07-25 07:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-16 11:24 - 2014-07-25 07:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-16 11:24 - 2014-07-25 07:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-16 11:24 - 2014-07-25 07:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-16 11:24 - 2014-07-25 07:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-16 11:24 - 2014-07-25 07:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-16 11:24 - 2014-07-25 07:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-16 11:24 - 2014-07-25 07:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-16 11:24 - 2014-07-25 07:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-16 11:24 - 2014-07-25 07:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-16 11:24 - 2014-07-25 07:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-16 11:24 - 2014-07-25 07:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-16 11:24 - 2014-07-25 07:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-16 11:24 - 2014-07-25 07:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-16 11:24 - 2014-07-25 06:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-16 11:24 - 2014-07-25 06:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-16 11:24 - 2014-07-25 06:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-16 11:24 - 2014-07-25 06:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-16 11:24 - 2014-07-25 06:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-16 11:24 - 2014-07-25 06:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-16 11:24 - 2014-07-25 06:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-16 11:24 - 2014-07-25 06:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-16 11:24 - 2014-07-25 06:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-16 11:24 - 2014-07-25 06:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-16 11:24 - 2014-07-25 06:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-16 11:24 - 2014-07-25 06:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-16 11:24 - 2014-07-25 06:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-16 11:24 - 2014-07-25 06:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-16 11:24 - 2014-07-25 05:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-16 11:24 - 2014-07-25 05:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-16 11:24 - 2014-07-25 05:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-16 11:24 - 2014-07-25 05:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-16 11:24 - 2014-07-25 05:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-16 11:24 - 2014-07-25 05:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-16 11:24 - 2014-07-15 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-16 11:24 - 2014-07-15 21:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-16 11:24 - 2014-06-24 21:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-16 11:24 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-16 11:24 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-16 11:24 - 2014-06-03 05:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-16 11:24 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-16 11:24 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-16 11:24 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-16 11:24 - 2014-06-03 04:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-16 11:24 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-16 11:24 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-16 11:23 - 2014-08-06 21:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-16 11:23 - 2014-08-06 21:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-16 11:23 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-16 11:23 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-11 18:35 - 2014-08-11 18:35 - 00000128 _____ () C:\Users\larry\Desktop\Math for On-Point Quilts.url
2014-08-09 10:16 - 2014-08-16 15:56 - 00000186 _____ () C:\Users\larry\Desktop\Die Spotlight GO! Hunter Star  AccuQuilt Blog.url
2014-08-07 16:40 - 2014-08-07 16:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-07 12:29 - 2014-08-07 12:30 - 00001604 _____ () C:\Users\larry\Downloads\receipt_nbr
2014-08-06 01:27 - 2014-08-06 01:27 - 00000117 _____ () C:\Users\larry\Desktop\ChairWear Fashion™ – Chirt™ – Patent Pending  Custom Office Chair Cover.url
2014-08-05 23:25 - 2014-08-05 23:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-08-05 14:28 - 2014-08-05 14:28 - 00001225 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon Music Importer.lnk
2014-08-05 14:28 - 2014-08-05 14:28 - 00000000 ____D () C:\Users\larry\Documents\Amazon Music Importer
2014-08-05 14:28 - 2014-08-05 14:28 - 00000000 ____D () C:\Users\larry\AppData\Roaming\com.amazon.music.uploader
2014-08-05 14:28 - 2014-08-05 14:28 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-05 14:28 - 2014-08-05 14:28 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-05 14:28 - 2014-08-05 14:28 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-08-03 15:28 - 2014-08-03 15:28 - 00000265 _____ () C:\Users\larry\Desktop\Amazon.com  Moroccan Tile.url
2014-08-03 15:00 - 2014-08-03 15:00 - 00000222 _____ () C:\Users\larry\Desktop\Television Broadcast  Jerry Savelle Ministries.url
2014-08-03 08:10 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-03 08:10 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-03 08:10 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-03 08:10 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-03 08:10 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-03 08:10 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-03 08:10 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-03 08:10 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-03 08:10 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-03 08:10 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-03 08:09 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-03 08:09 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-03 08:09 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-03 08:09 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-02 18:00 - 2014-08-02 18:00 - 00000209 _____ () C:\Users\larry\Desktop\Quilt Binding.url
2014-08-01 12:07 - 2014-08-01 12:07 - 00000270 _____ () C:\Users\larry\Desktop\Men's Longtail T Short Sleeve T Shirt - Duluth Trading (2).url
2014-08-01 12:06 - 2014-08-24 14:22 - 00000229 _____ () C:\Users\larry\Desktop\Men's Longtail T Short Sleeve T Shirt - Duluth Trading.url
2014-08-01 10:20 - 2014-08-01 10:20 - 00000226 _____ () C:\Users\larry\Desktop\Lover's knot quilt.url
2014-07-31 11:04 - 2014-07-31 11:04 - 00000279 _____ () C:\Users\larry\Desktop\Old Country Store Fabrics - MODA Indigo Crossing.url
2014-07-29 13:08 - 2014-07-29 18:17 - 00000000 ____D () C:\Users\larry\Desktop\Drugs

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 13:51 - 2014-08-25 13:50 - 00000000 ____D () C:\FRST
2014-08-25 13:33 - 2012-04-28 08:06 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{85D65596-4002-4DE9-8471-719120ADB0EB}
2014-08-25 13:32 - 2012-08-02 14:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-25 13:25 - 2012-04-28 10:50 - 01162890 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 13:20 - 2009-07-13 23:45 - 00027360 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-25 13:20 - 2009-07-13 23:45 - 00027360 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-25 13:19 - 2012-07-29 22:51 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-25 13:14 - 2012-09-06 12:48 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-25 13:13 - 2013-04-17 14:52 - 00056744 _____ () C:\Windows\setupact.log
2014-08-25 13:13 - 2012-07-29 22:51 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-25 13:13 - 2012-04-27 22:41 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-08-25 13:13 - 2012-04-27 11:11 - 00000144 _____ () C:\service.log
2014-08-25 13:13 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-24 14:22 - 2014-08-01 12:06 - 00000229 _____ () C:\Users\larry\Desktop\Men's Longtail T Short Sleeve T Shirt - Duluth Trading.url
2014-08-24 14:09 - 2012-12-16 14:18 - 00000000 ____D () C:\Users\larry\AppData\Local\CrashDumps
2014-08-24 13:15 - 2012-04-30 15:43 - 00000000 ___RD () C:\Users\larry\Desktop\Forums
2014-08-24 13:13 - 2014-08-24 13:13 - 00000203 _____ () C:\Users\larry\Desktop\Analysis and Malware Removal.url
2014-08-24 11:17 - 2014-08-24 11:17 - 00001308 _____ () C:\Users\larry\Desktop\attach.txt
2014-08-24 11:15 - 2014-08-24 11:14 - 00688992 ____R (Swearware) C:\Users\larry\Downloads\dds (1).scr
2014-08-24 11:02 - 2009-07-14 00:13 - 00006450 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 10:51 - 2014-08-24 10:51 - 00688992 _____ (Swearware) C:\Users\larry\Downloads\dds.scr
2014-08-24 09:51 - 2014-08-24 09:51 - 00001095 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-24 09:51 - 2014-08-24 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-24 09:51 - 2014-08-24 09:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-24 09:47 - 2014-08-24 09:47 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\larry\Downloads\mbam_premium.exe
2014-08-24 09:03 - 2012-09-06 12:49 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0351668c-57dc-4b09-ae48-cf24ad17e8ec.job
2014-08-24 02:00 - 2012-10-25 08:50 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c42573-be2c-40ec-9f68-979cc2b41323.job
2014-08-23 21:42 - 2014-08-23 21:42 - 00000169 _____ () C:\Users\larry\Desktop\Quilter's Design Board  Key West Beauty.url
2014-08-23 11:39 - 2014-08-23 11:39 - 00000204 _____ () C:\Users\larry\Desktop\Star Blocks.url
2014-08-23 11:22 - 2014-08-23 11:22 - 00000204 _____ () C:\Users\larry\Desktop\Free Design Sheets For English Paper Piecing.url
2014-08-19 15:14 - 2014-08-19 15:14 - 00000000 ____D () C:\Users\larry\AppData\Local\Adobe
2014-08-19 05:19 - 2014-08-19 05:19 - 00000000 ____D () C:\Users\larry\Desktop\Quilted Purses
2014-08-18 18:00 - 2013-10-19 09:32 - 00000000 ____D () C:\Users\larry\Desktop\Metal Sculpture
2014-08-17 13:05 - 2014-08-17 13:05 - 00000146 _____ () C:\Users\larry\Desktop\True Blue Curve  Quilted Classics  QuiltedClassics.com.url
2014-08-17 11:01 - 2014-08-17 11:01 - 00000210 _____ () C:\Users\larry\Desktop\Mail Service Pharmacy  Walgreens.url
2014-08-17 09:28 - 2014-08-17 09:28 - 00000316 _____ () C:\Users\larry\Desktop\Heroin Wings Recipe  Just A Pinch Recipes.url
2014-08-17 04:32 - 2012-04-30 10:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-16 22:16 - 2014-08-16 22:16 - 00000244 _____ () C:\Users\larry\Desktop\Ms. Elaineous Teaches Sewing Crazy Quilt Block.url
2014-08-16 21:51 - 2014-08-16 21:51 - 00000195 _____ () C:\Users\larry\Desktop\Merrell Dassie Moc Expresso - Zappos.com Free Shipping BOTH Ways.url
2014-08-16 20:18 - 2014-08-16 20:18 - 00000275 _____ () C:\Users\larry\Desktop\Quilted Pillows Tutorial ~ Experiment with Walking Foot Quilting  Sew Mama Sew .url
2014-08-16 16:37 - 2013-07-10 15:27 - 00000252 _____ () C:\Users\larry\Desktop\Mg Plus Protein 100 tablets.url
2014-08-16 16:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-08-16 15:56 - 2014-08-09 10:16 - 00000186 _____ () C:\Users\larry\Desktop\Die Spotlight GO! Hunter Star  AccuQuilt Blog.url
2014-08-16 14:28 - 2012-08-02 14:16 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-16 14:28 - 2012-04-30 13:49 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-16 14:28 - 2012-04-30 13:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-16 14:02 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 13:23 - 2013-08-07 17:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-16 13:22 - 2012-06-29 08:26 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-16 13:17 - 2014-05-07 08:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-16 11:25 - 2014-06-04 10:53 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-08-11 18:35 - 2014-08-11 18:35 - 00000128 _____ () C:\Users\larry\Desktop\Math for On-Point Quilts.url
2014-08-07 16:41 - 2014-08-07 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-07 12:30 - 2014-08-07 12:29 - 00001604 _____ () C:\Users\larry\Downloads\receipt_nbr
2014-08-06 21:06 - 2014-08-16 11:23 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 21:01 - 2014-08-16 11:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 01:27 - 2014-08-06 01:27 - 00000117 _____ () C:\Users\larry\Desktop\ChairWear Fashion™ – Chirt™ – Patent Pending  Custom Office Chair Cover.url
2014-08-05 23:25 - 2014-08-05 23:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-08-05 14:28 - 2014-08-05 14:28 - 00001225 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon Music Importer.lnk
2014-08-05 14:28 - 2014-08-05 14:28 - 00000000 ____D () C:\Users\larry\Documents\Amazon Music Importer
2014-08-05 14:28 - 2014-08-05 14:28 - 00000000 ____D () C:\Users\larry\AppData\Roaming\com.amazon.music.uploader
2014-08-05 14:28 - 2014-08-05 14:28 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-05 14:28 - 2014-08-05 14:28 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-05 14:28 - 2014-08-05 14:28 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-08-05 14:28 - 2013-03-11 09:13 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-05 14:28 - 2012-05-02 07:49 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-05 14:28 - 2012-04-30 13:49 - 00000000 ____D () C:\Users\larry\AppData\Roaming\Adobe
2014-08-03 18:50 - 2014-07-18 23:43 - 00000000 ____D () C:\Users\larry\Desktop\Chairs
2014-08-03 15:28 - 2014-08-03 15:28 - 00000265 _____ () C:\Users\larry\Desktop\Amazon.com  Moroccan Tile.url
2014-08-03 15:00 - 2014-08-03 15:00 - 00000222 _____ () C:\Users\larry\Desktop\Television Broadcast  Jerry Savelle Ministries.url
2014-08-02 18:00 - 2014-08-02 18:00 - 00000209 _____ () C:\Users\larry\Desktop\Quilt Binding.url
2014-08-01 12:07 - 2014-08-01 12:07 - 00000270 _____ () C:\Users\larry\Desktop\Men's Longtail T Short Sleeve T Shirt - Duluth Trading (2).url
2014-08-01 10:20 - 2014-08-01 10:20 - 00000226 _____ () C:\Users\larry\Desktop\Lover's knot quilt.url
2014-07-31 18:41 - 2014-08-16 11:24 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 18:16 - 2014-08-16 11:24 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 11:04 - 2014-07-31 11:04 - 00000279 _____ () C:\Users\larry\Desktop\Old Country Store Fabrics - MODA Indigo Crossing.url
2014-07-29 18:17 - 2014-07-29 13:08 - 00000000 ____D () C:\Users\larry\Desktop\Drugs
2014-07-29 13:16 - 2012-07-29 02:26 - 00000000 ____D () C:\Users\larry\Desktop\Quilt Blocks
2014-07-29 13:06 - 2012-10-21 16:01 - 00000000 ____D () C:\Users\larry\Desktop\Supplies
2014-07-29 12:50 - 2014-05-21 11:06 - 00000000 ____D () C:\Users\larry\Desktop\Tutorials
2014-07-29 12:49 - 2014-01-06 14:41 - 00000000 ____D () C:\Users\larry\Desktop\Now Fabrics
2014-07-26 09:43 - 2014-07-23 10:05 - 00000000 ____D () C:\Users\larry\Desktop\Boys Socks

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 14:00

==================== End Of Log ============================

9
 :( :sos:  First of all, hello to the best site on the web for computer problems, I'm not just saying that because I'm in over my head once again either..... really. 

This all started when I kept getting a pop-up that said that Windows was shutting down.  I'd click on it and it would go back to normal soon enough.  A few days ago after running the MS Security Essentials, it said I had two viruses and a trojan, clicked on the clean button, after which it said it needed Windows Defender to complete the clean-up and to download the WD on a disc or a flash drive which I did, however, WD never downloaded as far as I can tell. 

Next, I tried to run Malwarebytes and couldn't find it, so, I deleted it from my Control Panel and reinstalled another premium version and I can't get that to work either.  That was probably the wrong way to do it, but, there you have it.

Here are the files you requested (hope I can find them again).  If I sound a little frustrated, you have no idea.  That beer up there is looking good up there and I don't even drink, lol.

NLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 4/27/2012 11:02:58 AM
System Uptime: 8/24/2014 11:05:49 AM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. |  | GA-970A-D3
Processor: AMD FX(tm)-4100 Quad-Core Processor             | Socket M2 | 3600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 858.035 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 371.59 GiB free.
Y: is CDROM ()
Z: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP604: 8/5/2014 6:29:41 PM - Windows Update
RP605: 8/8/2014 4:47:18 PM - Installed Java 7 Update 67
RP606: 8/10/2014 3:57:27 PM - Windows Update
RP632: 8/16/2014 11:24:11 AM - Installed Adblock Plus for IE (32-bit and 64-bit)
RP633: 8/16/2014 11:28:42 AM - Windows Update
RP634: 8/16/2014 1:17:13 PM - Windows Update
RP660: 8/20/2014 3:56:09 AM - Windows Update
RP661: 8/23/2014 4:35:09 PM - Windows Update
.
==== Image File Execution Options =============
.
.
==== Installed Programs ======================
.
.
==== End Of File ===========================

I couldn't get the other one to work, sorry.

Also note that I'm having to change between IE and FF to get anywhere.  I'm in a world of hurt.



10
Analysis and Malware Removal / Re: Problem on DH's computer
« on: April 02, 2014, 01:05:51 AM »
I had to run this two times, the first time windows shut down, and I had to start over. Here is the log, I hope I did it properly. I did not delete anything from the scan.

C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zPlugin.dll.vir   probably a variant of Win32/Toolbar.MyWebSearch potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\AppIntegrator64.exe.vir   Win64/Toolbar.MyWebSearch.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\AppIntegratorStub64.dll.vir   Win64/Toolbar.MyWebSearch.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\Hpg64.dll.vir   Win64/Toolbar.MyWebSearch.A potentially unwanted application
C:\Users\larry\AppData\Local\Temp\1389167153_the_wedownload_manager1.exe   Win32/Packed.ScrambleWrapper.H potentially unwanted application
C:\Users\larry\AppData\Local\Temp\is1658163471\8912406_stp\wajam_validate.exe   Win32/Wajam.F potentially unwanted application
C:\Users\larry\AppData\Local\Temp\{D9E0275E-70F0-4344-9D72-08A3F2725DEE}\setup.exe   multiple threats
C:\Users\larry\Downloads\Shockwave_Installer_Slim.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\System32\Adobe\Shockwave 11\gt.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\SysWOW64\Adobe\Shockwave 11\gt.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application
D:\$RECYCLE.BIN\S-1-5-21-1704957591-3368010084-2260364653-1000\$R2HOY85\bar\1.bin\4zPlugin.dll   probably a variant of Win32/Toolbar.MyWebSearch potentially unwanted application
D:\$RECYCLE.BIN\S-1-5-21-1704957591-3368010084-2260364653-1000\$R2HOY85\bar\1.bin\AppIntegrator64.exe   Win64/Toolbar.MyWebSearch.A potentially unwanted application
D:\$RECYCLE.BIN\S-1-5-21-1704957591-3368010084-2260364653-1000\$R2HOY85\bar\1.bin\AppIntegratorStub64.dll   Win64/Toolbar.MyWebSearch.A potentially unwanted application
D:\$RECYCLE.BIN\S-1-5-21-1704957591-3368010084-2260364653-1000\$R2HOY85\bar\1.bin\Hpg64.dll   Win64/Toolbar.MyWebSearch.A potentially unwanted application
D:\LARZILLA\Backup Set 2014-02-08 102454\Backup Files 2014-02-08 102454\Backup files 1.zip   JS/Toolbar.Crossrider.B potentially unwanted application
D:\LARZILLA\Backup Set 2014-02-08 102454\Backup Files 2014-02-08 102454\Backup files 3.zip   a variant of Win32/OutBrowse.D potentially unwanted application
D:\LARZILLA\Backup Set 2014-02-08 102454\Backup Files 2014-02-08 102454\Backup files 4.zip   a variant of Win32/FirseriaInstaller.C potentially unwanted application
D:\LARZILLA\Backup Set 2014-02-09 190006\Backup Files 2014-02-09 190006\Backup files 4.zip   Win32/Bundled.Toolbar.Google.D potentially unsafe application
D:\LARZILLA\Backup Set 2014-03-17 003555\Backup Files 2014-03-17 003555\Backup files 5.zip   Win32/Bundled.Toolbar.Google.D potentially unsafe application
I:\PC Ultra Speed\PCUltraSpeed.exe   a variant of Win32/SpeedingUpMyPC application
I:\PC Ultra Speed\PCUSSmartScan.exe   a variant of Win32/Adware.SpeedingUpMyPC.C application

11
Analysis and Malware Removal / Re: Problem on DH's computer
« on: April 01, 2014, 03:00:33 PM »
Hello Corrine, this Larry, I am trying to do all the stuff you tell me, but I am old and slow. I purchased a 2.0 version of Malwarebytes and ran it today, attached is a copy of the file.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/1/2014
Scan Time: 10:31:54 AM
Logfile: Malware Scan Log 4-01-2014.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.04.01.04
Rootkit Database: v2014.03.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: larry

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 281691
Time Elapsed: 5 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

I think it got all the malware, but all along with the malware problems I have been fighting, this other problem has been there also; by computer will drop off-line, with a message, it had to shutdown to protect itself. I do not know if that is a malware problem or what. But I can not do any homework on the thing for fear of it shutting down and me losing everything I had been working on. Thanks for all your help. If I need to send you a new scan of my computer as before, you will have to tell me how to do that.

12
Analysis and Malware Removal / Re: Problem on DH's computer
« on: March 30, 2014, 06:15:45 PM »
I'm new to this and apparently I didn't follow the directions (per my wife). I 'think' I cleaned the computer with one or both the JRT and ADW.  Here's what I have, hope it helps.

# AdwCleaner v3.022 - Report created 30/03/2014 at 14:06:56
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : larry - LARZILLA
# Running from : C:\Users\larry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1CSE5WR\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v27.0 (en-US)

[ File : C:\Users\larry\AppData\Roaming\Mozilla\Firefox\Profiles\m5seznuu.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\larry\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [13286 octets] - [29/03/2014 11:43:10]
AdwCleaner[R1].txt - [1071 octets] - [30/03/2014 13:26:08]
AdwCleaner[R2].txt - [1124 octets] - [30/03/2014 13:35:31]
AdwCleaner[R3].txt - [992 octets] - [30/03/2014 14:06:56]
AdwCleaner[S0].txt - [13253 octets] - [29/03/2014 11:44:03]
AdwCleaner[S1].txt - [1133 octets] - [30/03/2014 13:27:02]
AdwCleaner[S2].txt - [1186 octets] - [30/03/2014 13:36:59]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1232 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x64
Ran by larry on Sun 03/30/2014 at 13:16:53.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\larry\AppData\Roaming\mozilla\firefox\profiles\m5seznuu.default\extensions\4zffxtbr@videodownloadconverter_4z.com
Emptied folder: C:\Users\larry\AppData\Roaming\mozilla\firefox\profiles\m5seznuu.default\minidumps [14 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/30/2014 at 13:21:10.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




13
Analysis and Malware Removal / malwarebytes pop-up continuously
« on: March 29, 2014, 03:08:05 PM »
Hi, this is Larry, Gale's DH.  Hope you can help me.  I'm getting a constant malwarebytes pop-up indicating pups having to do with Video download converter _4Z\bar.  I should have continued with your recommendations that you so graciously advised me to do.  My bad.  TIA   

14
Analysis and Malware Removal / Re: Slooow computer, Flash problem?
« on: March 17, 2014, 10:56:24 PM »
Thank you all so much!  I like IE, been using forever, I just like a back-up.  I'm going to do some research to get everything Firefox off of my computer.  Again, I appreciate y'all very much.

15
Analysis and Malware Removal / Re: Slooow computer, Flash problem?
« on: March 10, 2014, 04:53:17 PM »
I'm afraid that the Shockwave Flash is still there.  It says 'shockwave flash may be busy or it may have stopped responding. You can stop the plugin now...."  It only happens in Firefox.  I'd like to get completely get rid of FF and download another browser.  Is that feasible?  IE is still working fine.

Thank you for your patience and help.  It's greatly appreciated.  You guys are the best!   

Pages: [1] 2 3 ... 7