Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Computer slow, freezesup will not shut down normally  (Read 4870 times)

0 Members and 1 Guest are viewing this topic.

geised

    Topic Starter


    Rookie

    Computer slow, freezesup will not shut down normally
    « on: April 16, 2013, 05:42:12 PM »
    I'm posting this after being sent here from the windows 7 forum. My computer is a dell Optiplex 745 running windows seven it has been slow and freezing up, will not shut down normally. I had to force shut down and restart several time to get the logs to post. here they are.
      # AdwCleaner v2.200 - Logfile created 04/16/2013 at 19:03:01
    # Updated 02/04/2013 by Xplode
    # Operating system : Windows 7 Professional Service Pack 1 (32 bits)
    # User : kkoliiiiiiiiiiiiiiii - HOME
    # Boot Mode : Normal
    # Running from : C:\Users\kkoliiiiiiiiiiiiiiii\Downloads\adwcleaner (1).exe
    # Option [Search]


    ***** [Services] *****

    Found : DefaultTabSearch
    Found : DefaultTabUpdate
    Found : WajamUpdater

    ***** [Files / Folders] *****

    File Found : C:\END
    File Found : C:\Windows\Tasks\AmiUpdXp.job
    File Found : C:\Windows\Tasks\AmiUpdXp.job
    Folder Found : C:\Program Files\adawaretb
    Folder Found : C:\Program Files\Conduit
    Folder Found : C:\Program Files\DefaultTab
    Folder Found : C:\Program Files\Optimizer Pro
    Folder Found : C:\Program Files\SearchProtect
    Folder Found : C:\Program Files\SweetIM
    Folder Found : C:\Program Files\Wajam
    Folder Found : C:\ProgramData\Ask
    Folder Found : C:\ProgramData\Babylon
    Folder Found : C:\ProgramData\blekko toolbars
    Folder Found : C:\ProgramData\InstallMate
    Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
    Folder Found : C:\ProgramData\search protection
    Folder Found : C:\ProgramData\Tarma Installer
    Folder Found : C:\Users\Brian Geise\AppData\LocalLow\adawaretb
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Conduit
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\SwvUpdater
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Wajam
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\LocalLow\adawaretb
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\LocalLow\BabylonToolbar
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\LocalLow\blekko
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\LocalLow\Conduit
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\LocalLow\SweetIM
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\Babylon
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\DefaultTab
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
    Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\SearchProtect

    ***** [Registry] *****

    Key Found : HKCU\Software\5b08bd0b639e440
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\Crossrider
    Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Cr_Installer
    Key Found : HKCU\Software\DataMngr
    Key Found : HKCU\Software\DataMngr_Toolbar
    Key Found : HKCU\Software\Default Tab
    Key Found : HKCU\Software\DefaultTab
    Key Found : HKCU\Software\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
    Key Found : HKCU\Software\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
    Key Found : HKCU\Software\ilivid
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKCU\Software\Optimizer Pro
    Key Found : HKCU\Software\SmartBar
    Key Found : HKCU\Software\Softonic
    Key Found : HKCU\Software\Wajam
    Key Found : HKLM\SOFTWARE\5b08bd0b639e440
    Key Found : HKLM\Software\Babylon
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Key Found : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
    Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\Prod.cap
    Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
    Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
    Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
    Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3277370
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
    Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
    Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO
    Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
    Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
    Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\DataMngr
    Key Found : HKLM\Software\Default Tab
    Key Found : HKLM\Software\DefaultTab
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
    Key Found : HKLM\Software\SearchProtect
    Key Found : HKLM\Software\Tarma Installer
    Key Found : HKLM\Software\Wajam
    Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
    Key Found : HKU\S-1-5-21-46374021-3717160575-896625832-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : HKU\S-1-5-21-46374021-3717160575-896625832-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
    Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16476

    [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
    [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
    [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
    [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
    [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013

    -\\ Google Chrome v26.0.1410.64

    File : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Found [l.2763] : urls_to_restore_on_startup = [ "hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=D9AFE6B1E0F1090123BDE8516C21E88D", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=hp&installDate=17/03/2013" ]

    File : C:\Users\Brian Geise\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [19244 octets] - [16/04/2013 19:03:01]

    ########## EOF - C:\AdwCleaner[R1].txt - [19305 octets] ##########

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.04.16.10

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 9.0.8112.16421
    kkoliiiiiiiiiiiiiiii :: HOME [administrator]

    4/16/2013 7:07:32 PM
    mbam-log-2013-04-16 (19-07-32).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 222359
    Time elapsed: 7 minute(s), 15 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 6
    HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> No action taken.
    HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> No action taken.
    HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> No action taken.
    HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> No action taken.
    HKCR\Updater.AmiUpd (PUP.Software.Updater) -> No action taken.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 3
    C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> No action taken.
    C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> No action taken.
    C:\ProgramData\Vauudixx\51301d0c4169e.dll (Adware.MultiPlug) -> Quarantined and deleted successfully.

    (end)

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/2/2012 10:12:36 PM
    System Uptime: 4/16/2013 7:42:42 PM (0 hours ago)
    .
    Motherboard: Dell Inc.           |  | 0KW626
    Processor: Intel(R) Core(TM)2 CPU          6600  @ 2.40GHz | Microprocessor | 1584/1066mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 149 GiB total, 100.671 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: MpKsl8157b19e
    Device ID: ROOT\LEGACY_MPKSL8157B19E\0000
    Manufacturer:
    Name: MpKsl8157b19e
    PNP Device ID: ROOT\LEGACY_MPKSL8157B19E\0000
    Service: MpKsl8157b19e
    .
    ==== System Restore Points ===================
    .
    RP87: 4/15/2013 12:08:09 PM - Installed WeatherBug
    RP88: 4/15/2013 12:35:47 PM - Removed WeatherBug
    RP90: 4/15/2013 1:06:14 PM - Removed MediaImpression
    RP92: 4/15/2013 6:43:50 PM - Removed LEGO Star Wars II
    RP93: 4/16/2013 10:08:21 AM - Windows Update
    RP94: 4/16/2013 6:11:08 PM - Restore Operation
    RP95: 4/16/2013 6:24:35 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Ad-Aware Security Add-on
    Adobe Flash Player 11 ActiveX
    Adobe Reader XI (11.0.02)
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    CCleaner
    Cerber AntiVirus 2013
    Compatibility Pack for the 2007 Office system
    DefaultTab
    DNS Shield
    Fast Free Converter
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Intel(R) Graphics Media Accelerator Driver
    Internet Explorer Toolbar 4.7 by SweetPacks
    iTunes
    Java 7 Update 13
    Java Auto Updater
    McAfee Security Scan Plus
    Media Player Utilities 5.22
    Microsoft .NET Framework 4 Client Profile
    Microsoft Office XP Media Content
    Microsoft Office XP Professional
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
    Norton Security Scan
    OpenOffice.org 3.4.1
    RealDownloader
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealNetworks - Microsoft Visual C++ 2010 Runtime
    RealPlayer
    RealUpgrade 1.1
    Reset Your Browser
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    SMPlayer 0.6.9
    Software Version Updater
    Solitaire XP version 1.0
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Wajam
    .
    ==== Event Viewer Messages From Past Week ========
    .
    4/9/2013 9:52:16 AM, Error: Service Control Manager [7034]  - The spd Updater service terminated unexpectedly.  It has done this 1 time(s).
    4/9/2013 12:26:21 AM, Error: Service Control Manager [7030]  - The FastFreeConverterUpdt service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
    4/16/2013 7:43:26 PM, Error: Service Control Manager [7034]  - The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
    4/16/2013 6:13:57 PM, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.     Signatures Attempted: Current     Error Code: 0x80070002     Error description: The system cannot find the file specified.      Signature version: 0.0.0.0;0.0.0.0     Engine version: 0.0.0.0
    4/16/2013 5:49:06 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
    4/16/2013 5:49:05 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    4/16/2013 5:49:05 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    4/16/2013 5:49:05 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    4/16/2013 5:49:04 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    4/16/2013 5:48:59 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    4/16/2013 5:48:50 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD CSC DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
    4/16/2013 5:48:39 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
    4/16/2013 12:16:04 AM, Error: Service Control Manager [7023]  - The Software Protection service terminated with the following error:  The media is write protected.
    4/16/2013 12:15:58 AM, Error: Service Control Manager [7023]  - The Windows Update service terminated with the following error:  %%-2147467243
    4/15/2013 7:27:21 AM, Error: volsnap [25]  - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
    4/15/2013 12:29:15 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
    4/15/2013 12:29:15 PM, Error: Service Control Manager [7000]  - The Computer Backup (MyPC Backup) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
    4/15/2013 11:44:23 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
    4/15/2013 11:44:23 AM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
    4/15/2013 11:43:58 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    4/15/2013 11:43:55 AM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
    4/15/2013 11:43:55 AM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
    4/13/2013 6:15:59 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
    4/11/2013 8:30:10 PM, Error: Microsoft-Windows-Application-Experience [205]  - The Program Compatibility Assistant service failed to perform the phase two initialization.
    4/10/2013 5:25:54 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the defragsvc service.
    .
    ==== End Of File ===========================

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16476  BrowserJavaVersion: 10.13.2
    Run by kkoliiiiiiiiiiiiiiii at 19:47:24 on 2013-04-16
    Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.2038.997 [GMT -4:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Cerber AntiVirus\CerberService.exe
    C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
    C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe
    C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Real\RealPlayer\Update\realsched.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\ProgramData\Search Protection\SearchProtection.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=D9AFE6B1E0F1090123BDE8516C21E88D
    uSearch Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
    uSearch Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
    mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={6C96A609-8F22-11E2-A534-001AA0C84C40}
    uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
    BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\users\kkoliiiiiiiiiiiiiiii\appdata\roaming\defaulttab\defaulttab\DefaultTabBHO.dll
    BHO: Fast Free Converter 3.0: {A071936A-AB6B-4978-9342-E47C06FCDEC1} - c:\program files\fast free converter\fastfreeconverter\FastFreeConverter.dll
    BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - c:\program files\wajam\ie\priam_bho.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
    TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
    TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
    EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - c:\program files\internet explorer\iedvtool.dll
    uRun: [Cerber AntiVirus] c:\program files\cerber antivirus\cerber.exe -m
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
    mRun: [SearchProtection] c:\programdata\search protection\_run.bat
    StartupFolder: c:\users\kkolii~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.1.121\SSScheduler.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Video Converter... - c:\program files\media player utilities 5.22\aviconverter\grab.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 66.228.116.178,66.228.116.179
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{DFCDB7F2-6018-4187-BECC-DEDDD5A57ABF} : NameServer = 66.228.116.178,66.228.116.179
    TCP: Interfaces\{DFCDB7F2-6018-4187-BECC-DEDDD5A57ABF} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963} : NameServer = 66.228.116.178,66.228.116.179
    Notify: igfxcui - igfxdev.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-4-15 13560]
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
    R2 cerber;cerber;c:\windows\system32\drivers\cerber.sys [2013-2-25 16224]
    R2 CerberService;Cerber Antivirus Service;c:\program files\cerber antivirus\CerberService.exe [2013-2-26 1625824]
    R2 DefaultTabUpdate;DefaultTabUpdate;c:\users\kkoliiiiiiiiiiiiiiii\appdata\roaming\defaulttab\defaulttab\DTUpdate.exe [2013-3-8 107520]
    R2 FastFreeConverterUpdt;FastFreeConverterUpdt;c:\program files\fast free converter\FastFreeConverterUpdt.exe [2012-11-26 687104]
    R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-8-31 100328]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
    R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 DefaultTabSearch;DefaultTabSearch;c:\program files\defaulttab\DefaultTabSearch.exe [2013-2-11 572928]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
    S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-1-2 52224]
    S3 WajamUpdater;WajamUpdater;c:\program files\wajam\updater\WajamUpdater.exe [2013-1-9 109064]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-1-2 1343400]
    .
    =============== Created Last 30 ================
    .
    2013-04-16 22:25:02   7108640   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{a219b5ed-3986-4e67-af33-754f89dd32d4}\mpengine.dll
    2013-04-16 22:13:57   7108640   ------w-   c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2013-04-16 18:28:23   --------   d-----w-   c:\program files\common files\Symantec Shared
    2013-04-16 14:20:19   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\appdata\roaming\Malwarebytes
    2013-04-15 16:49:39   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\appdata\local\Torch
    2013-04-15 16:29:11   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\appdata\local\adawarebp
    2013-04-15 16:07:53   --------   d-----w-   c:\program files\MyPC Backup
    2013-04-15 16:02:27   15224   ----a-w-   c:\windows\system32\sdnclean.exe
    2013-04-15 16:02:20   --------   d-----w-   c:\program files\Spybot - Search & Destroy 2
    2013-04-15 15:52:26   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\appdata\roaming\LavasoftStatistics
    2013-04-15 15:51:37   --------   d-----w-   c:\programdata\Downloaded Installations
    2013-04-15 15:51:27   --------   d-----w-   c:\programdata\Search Protection
    2013-04-15 15:51:26   --------   d-----w-   c:\programdata\blekko toolbars
    2013-04-15 15:51:24   --------   d-----w-   c:\programdata\Ad-Aware Browsing Protection
    2013-04-15 15:51:15   --------   d-----w-   c:\program files\Toolbar Cleaner
    2013-04-15 15:51:03   --------   d-----w-   c:\program files\adawaretb
    2013-04-15 15:47:52   44424   ----a-w-   c:\windows\system32\sbbd.exe
    2013-04-15 15:47:52   13560   ----a-w-   c:\windows\system32\drivers\gfibto.sys
    2013-04-15 15:47:50   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\appdata\roaming\Ad-Aware Antivirus
    2013-04-15 15:01:25   --------   d-----w-   c:\program files\CCleaner
    2013-04-15 14:13:17   --------   d-----w-   c:\programdata\Malwarebytes
    2013-04-15 14:13:15   22856   ----a-w-   c:\windows\system32\drivers\mbam.sys
    2013-04-15 14:13:15   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
    2013-04-13 22:23:11   57344   ----a-w-   c:\windows\system32\ff_vfw.dll
    2013-04-13 22:23:10   60273   ----a-w-   c:\windows\system32\pthreadGC2.dll
    2013-04-13 22:23:10   --------   d-----w-   c:\program files\ffdshow
    2013-04-13 22:15:13   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\appdata\local\ArcSoft
    2013-04-13 22:15:13   --------   d-----w-   c:\programdata\ArcSoft
    2013-04-13 22:15:01   18688   ----a-w-   c:\windows\system32\drivers\afc.sys
    2013-04-11 10:30:02   420864   ----a-w-   c:\windows\system32\vbscript.dll
    2013-04-11 10:30:02   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
    2013-04-11 10:30:02   149616   ----a-w-   c:\program files\internet explorer\sqmapi.dll
    2013-04-11 10:30:01   768512   ----a-w-   c:\program files\common files\microsoft shared\vgx\VGX.dll
    2013-04-11 10:30:01   194048   ----a-w-   c:\program files\internet explorer\IEShims.dll
    2013-04-10 19:43:32   2347008   ----a-w-   c:\windows\system32\win32k.sys
    2013-04-10 19:43:31   196328   ----a-w-   c:\windows\system32\drivers\fvevol.sys
    2013-04-10 19:43:28   3968856   ----a-w-   c:\windows\system32\ntkrnlpa.exe
    2013-04-10 19:43:28   3913560   ----a-w-   c:\windows\system32\ntoskrnl.exe
    2013-04-10 19:43:27   69632   ----a-w-   c:\windows\system32\smss.exe
    2013-04-10 19:43:27   38912   ----a-w-   c:\windows\system32\csrsrv.dll
    2013-04-10 19:43:23   3217408   ----a-w-   c:\windows\system32\mstscax.dll
    2013-04-10 19:43:22   36864   ----a-w-   c:\windows\system32\tsgqec.dll
    2013-04-10 19:43:22   131584   ----a-w-   c:\windows\system32\aaclient.dll
    2013-04-10 19:43:14   1212264   ----a-w-   c:\windows\system32\drivers\ntfs.sys
    2013-04-09 04:27:54   --------   d-----w-   c:\program files\SMPlayer
    2013-04-09 04:26:58   --------   d-----w-   c:\program files\Optimizer Pro
    2013-04-09 04:26:23   --------   d-----w-   c:\program files\File Type Helper
    2013-04-09 04:26:20   --------   d-----w-   c:\program files\Fast Free Converter
    2013-04-09 04:26:11   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\appdata\local\SwvUpdater
    2013-04-09 04:23:59   --------   d-----w-   c:\program files\dnsshield
    2013-04-09 04:23:54   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\appdata\local\Shield
    2013-04-01 11:37:39   163088   ----a-w-   c:\programdata\microsoft\windows\sqm\manifest\Sqm10143.bin
    2013-03-28 11:34:04   --------   d-sh--w-   C:\found.000
    2013-03-26 00:12:09   15872   ----a-w-   c:\windows\system32\drivers\usb8023.sys
    2013-03-21 02:13:13   740840   ------w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{38e523da-12b3-4262-9eeb-cbfc555876f3}\gapaengine.dll
    .
    ==================== Find3M  ====================
    .
    2013-04-02 10:33:22   237088   ------w-   c:\windows\system32\MpSigStub.exe
    2013-03-14 19:20:01   499712   ----a-w-   c:\windows\system32\msvcp71.dll
    2013-03-14 19:20:01   348160   ----a-w-   c:\windows\system32\msvcr71.dll
    2013-03-12 21:50:17   73432   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-03-12 21:50:17   693976   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
    2013-02-25 16:26:54   16224   ----a-w-   c:\windows\system32\drivers\cerber.sys
    2013-02-22 03:46:00   1800704   ----a-w-   c:\windows\system32\jscript9.dll
    2013-02-22 03:38:00   1129472   ----a-w-   c:\windows\system32\wininet.dll
    2013-02-22 03:37:50   1427968   ----a-w-   c:\windows\system32\inetcpl.cpl
    2013-02-22 03:34:17   142848   ----a-w-   c:\windows\system32\ieUnatt.exe
    2013-02-16 00:54:56   94112   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
    2013-02-16 00:54:53   861088   ----a-w-   c:\windows\system32\npDeployJava1.dll
    2013-02-16 00:54:53   782240   ----a-w-   c:\windows\system32\deployJava1.dll
    2013-02-12 04:48:31   474112   ----a-w-   c:\windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48:26   2176512   ----a-w-   c:\windows\apppatch\AcGenral.dll
    2013-01-21 00:19:06   98304   ----a-w-   c:\windows\system32\CmdLineExt.dll
    2013-01-20 22:59:04   195296   ----a-w-   c:\windows\system32\drivers\MpFilter.sys
    2013-01-20 22:59:04   100328   ----a-w-   c:\windows\system32\drivers\NisDrvWFP.sys
    2013-01-17 15:14:50   152576   ----a-w-   c:\windows\system32\msclmd.dll
    .
    ============= FINISH: 19:49:46.52 ===============


    SuperDave

    • Malware Removal Specialist
    • Moderator


    • Sage
    • Thanked: 858
    • Certifications: List
    • Experience: Expert
    • OS: Windows 8
    Re: Computer slow, freezesup will not shut down normally
    « Reply #1 on: April 17, 2013, 12:27:24 PM »
    Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

    1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
    2. The fixes are specific to your problem and should only be used for this issue on this machine.
    3. If you don't know or understand something, please don't hesitate to ask.
    4. Please DO NOT run any other tools or scans while I am helping you.
    5. It is important that you reply to this thread. Do not start a new topic.
    6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    7. Absence of symptoms does not mean that everything is clear.

    If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
    *************************************************************************
    Remove the Adware:
    • Please close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with OK
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
    *********************************************
    Please run MBAM again and "remove the infections".

    *************************************************
    Download Security Check by screen317 from one of the following links and save it to your desktop.

    Link 1
    Link 2

    * Double-click Security Check.bat
    * Follow the on-screen instructions inside of the black box.
    * A Notepad document should open automatically called checkup.txt
    * Post the contents of that document in your next reply.

    Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
    Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

    geised

      Topic Starter


      Rookie

      Re: Computer slow, freezesup will not shut down normally
      « Reply #2 on: April 19, 2013, 06:15:56 AM »
      Here's the Adwarecleaner log. I haven't been able to run a Malwarebytes scan the machine freezes at 34510 files. I'll keep trying, is there something i can do if it won't finish the scan?
       AdwCleaner v2.200 - Logfile created 04/18/2013 at 16:56:11
      # Updated 02/04/2013 by Xplode
      # Operating system : Windows 7 Professional Service Pack 1 (32 bits)
      # User : kkoliiiiiiiiiiiiiiii - HOME
      # Boot Mode : Normal
      # Running from : C:\Users\kkoliiiiiiiiiiiiiiii\Downloads\adwcleaner (2).exe
      # Option [Search]


      ***** [Services] *****

      Found : DefaultTabSearch
      Found : DefaultTabUpdate
      Found : WajamUpdater

      ***** [Files / Folders] *****

      File Found : C:\END
      File Found : C:\Windows\Tasks\AmiUpdXp.job
      File Found : C:\Windows\Tasks\AmiUpdXp.job
      Folder Found : C:\Program Files\adawaretb
      Folder Found : C:\Program Files\Conduit
      Folder Found : C:\Program Files\DefaultTab
      Folder Found : C:\Program Files\Optimizer Pro
      Folder Found : C:\Program Files\SearchProtect
      Folder Found : C:\Program Files\SweetIM
      Folder Found : C:\Program Files\Wajam
      Folder Found : C:\ProgramData\Ask
      Folder Found : C:\ProgramData\Babylon
      Folder Found : C:\ProgramData\blekko toolbars
      Folder Found : C:\ProgramData\InstallMate
      Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
      Folder Found : C:\ProgramData\search protection
      Folder Found : C:\ProgramData\Tarma Installer
      Folder Found : C:\Users\Brian Geise\AppData\LocalLow\adawaretb
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Conduit
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\SwvUpdater
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Wajam
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\LocalLow\adawaretb
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\LocalLow\BabylonToolbar
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\LocalLow\blekko
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\LocalLow\Conduit
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\LocalLow\SweetIM
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\Babylon
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\DefaultTab
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
      Folder Found : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\SearchProtect

      ***** [Registry] *****

      Key Found : HKCU\Software\5b08bd0b639e440
      Key Found : HKCU\Software\AppDataLow\Software\Conduit
      Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
      Key Found : HKCU\Software\AppDataLow\Software\Crossrider
      Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
      Key Found : HKCU\Software\AppDataLow\Software\SmartBar
      Key Found : HKCU\Software\Conduit
      Key Found : HKCU\Software\Cr_Installer
      Key Found : HKCU\Software\DataMngr
      Key Found : HKCU\Software\DataMngr_Toolbar
      Key Found : HKCU\Software\Default Tab
      Key Found : HKCU\Software\DefaultTab
      Key Found : HKCU\Software\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
      Key Found : HKCU\Software\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
      Key Found : HKCU\Software\ilivid
      Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
      Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Key Found : HKCU\Software\Optimizer Pro
      Key Found : HKCU\Software\SmartBar
      Key Found : HKCU\Software\Softonic
      Key Found : HKCU\Software\Wajam
      Key Found : HKLM\SOFTWARE\5b08bd0b639e440
      Key Found : HKLM\Software\Babylon
      Key Found : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
      Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
      Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
      Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
      Key Found : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
      Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Classes\Prod.cap
      Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
      Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
      Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
      Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
      Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3277370
      Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
      Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
      Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
      Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
      Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
      Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
      Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
      Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
      Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO
      Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
      Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
      Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
      Key Found : HKLM\Software\Conduit
      Key Found : HKLM\Software\DataMngr
      Key Found : HKLM\Software\Default Tab
      Key Found : HKLM\Software\DefaultTab
      Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
      Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
      Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
      Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
      Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
      Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
      Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
      Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
      Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
      Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
      Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
      Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
      Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
      Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
      Key Found : HKLM\Software\SearchProtect
      Key Found : HKLM\Software\Tarma Installer
      Key Found : HKLM\Software\Wajam
      Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
      Key Found : HKU\S-1-5-21-46374021-3717160575-896625832-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
      Key Found : HKU\S-1-5-21-46374021-3717160575-896625832-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
      Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
      Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
      Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
      Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
      Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
      Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
      Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

      ***** [Internet Browsers] *****

      -\\ Internet Explorer v9.0.8112.16476

      [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
      [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
      [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
      [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013
      [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=ds&q={searchTerms}&installDate=17/03/2013

      -\\ Google Chrome v26.0.1410.64

      File : C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\Google\Chrome\User Data\Default\Preferences

      Found [l.2859] : urls_to_restore_on_startup = [ "hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=D9AFE6B1E0F1090123BDE8516C21E88D", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=61ae70d3-b18f-4d17-876f-ae5ae2d2c815&searchtype=hp&installDate=17/03/2013" ]

      File : C:\Users\Brian Geise\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] File is clean.

      *************************

      AdwCleaner[R1].txt - [19375 octets] - [16/04/2013 19:03:01]
      AdwCleaner[R2].txt - [19305 octets] - [18/04/2013 16:56:11]

      ########## EOF - C:\AdwCleaner[R2].txt - [19366 octets] ##########
      an?

      SuperDave

      • Malware Removal Specialist
      • Moderator


      • Sage
      • Thanked: 858
      • Certifications: List
      • Experience: Expert
      • OS: Windows 8
      Re: Computer slow, freezesup will not shut down normally
      « Reply #3 on: April 20, 2013, 11:34:28 AM »
      Quote
      I'll keep trying, is there something i can do if it won't finish the scan?
      Try running MBAM in Safe Mode.

      Remove the Adware:
      • Please close all open programs and internet browsers.
      • Double click on adwcleaner.exe to run the tool.
      • Click on Delete.
      • Confirm each time with OK
      • Your computer will be rebooted automatically. A text file will open after the restart.
      • Please post the content of that logfile in your reply.
      • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
      *************************************************
      Can you run the Security Check?

      Please download Junkware Removal Tool to your desktop.

      Warning! Once the scan is complete JRT will shut down your browser with NO warning.

      Shut down your protection software now to avoid potential conflicts.

      •Temporarily disable/B] your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

      •Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

      •The tool will open and start scanning your system.

      •Please be patient as this can take a while to complete depending on your system's specifications.

      •On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

      •Copy and Paste the JRT.txt log into your next message.
      Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

      geised

        Topic Starter


        Rookie

        Re: Computer slow, freezesup will not shut down normally
        « Reply #4 on: April 22, 2013, 02:23:54 AM »
        MBAM ran in safe mode here's the log file. The Security check froze and would not continue, will it work in safe mode?

        Malwarebytes Anti-Malware 1.75.0.1300
        www.malwarebytes.org

        Database version: v2013.04.16.10

        Windows 7 Service Pack 1 x86 NTFS
        Internet Explorer 9.0.8112.16421
        kkoliiiiiiiiiiiiiiii :: HOME [administrator]

        4/16/2013 7:07:32 PM
        mbam-log-2013-04-16 (19-07-32).txt

        Scan type: Quick scan
        Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
        Scan options disabled: P2P
        Objects scanned: 222359
        Time elapsed: 7 minute(s), 15 second(s)

        Memory Processes Detected: 0
        (No malicious items detected)

        Memory Modules Detected: 0
        (No malicious items detected)

        Registry Keys Detected: 6
        HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> No action taken.
        HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> No action taken.
        HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> No action taken.
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> No action taken.
        HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> No action taken.
        HKCR\Updater.AmiUpd (PUP.Software.Updater) -> No action taken.

        Registry Values Detected: 0
        (No malicious items detected)

        Registry Data Items Detected: 0
        (No malicious items detected)

        Folders Detected: 0
        (No malicious items detected)

        Files Detected: 3
        C:\Users\kkoliiiiiiiiiiiiiiii\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> No action taken.
        C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> No action taken.
        C:\ProgramData\Vauudixx\51301d0c4169e.dll (Adware.MultiPlug) -> Quarantined and deleted successfully.

        (end)

        SuperDave

        • Malware Removal Specialist
        • Moderator


        • Sage
        • Thanked: 858
        • Certifications: List
        • Experience: Expert
        • OS: Windows 8
        Re: Computer slow, freezesup will not shut down normally
        « Reply #5 on: April 22, 2013, 04:04:56 PM »
        Please run MBAM again and "remove the infections". Re-boot in Normal mode and try to run it again.
        Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

        geised

          Topic Starter


          Rookie

          Re: Computer slow, freezesup will not shut down normally
          « Reply #6 on: April 23, 2013, 05:38:25 AM »
          MBAM will only complete a scan in safe mode and doesn't give me an option to remove the infections

          SuperDave

          • Malware Removal Specialist
          • Moderator


          • Sage
          • Thanked: 858
          • Certifications: List
          • Experience: Expert
          • OS: Windows 8
          Re: Computer slow, freezesup will not shut down normally
          « Reply #7 on: April 23, 2013, 11:45:40 AM »
          Save these instructions so you can have access to them while in Safe Mode.

          Please click here to download AVP Tool by Kaspersky.
          • Save it to your desktop.
          • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
          • Double click the setup file to run it.
          • Click Next to continue.
          • Accept the License agreement and click on next.
          • It will, by default, install it to your desktop folder. Click Next.
          • It will then open a box There will be a tab that says Automatic scan.
          • Under Automatic scan make sure these are checked.
          • Hidden Startup Objects
          • System Memory
          • Disk Boot Sectors.
          • My Computer.
          • Also any other drives (Removable that you may have)
          Leave the rest of the settings as they appear as default.
          •Then click on Scan at the to right hand Corner.
          •It will automatically Neutralize any objects found.
          •If some objects are left un-neutralized then click the button that says Neutralize all
          •If it says it cannot be neutralized then choose the delete option when prompted.
          •After that is done click on the reports button at the bottom and save it to file name it Kas.
          •Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

          Note: This tool will self uninstall when you close it so please save the log before closing it.

          Please let me know when you can boot in Normal Mode.
          Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

          geised

            Topic Starter


            Rookie

            Re: Computer slow, freezesup will not shut down normally
            « Reply #8 on: April 24, 2013, 07:51:52 PM »
            Kaspersky doesn't show up after the download times out and I can't find it on the computer. I can't get to internet in safe mode, that is google chrome loads but will not show any webpage

            SuperDave

            • Malware Removal Specialist
            • Moderator


            • Sage
            • Thanked: 858
            • Certifications: List
            • Experience: Expert
            • OS: Windows 8
            Re: Computer slow, freezesup will not shut down normally
            « Reply #9 on: April 25, 2013, 03:36:07 PM »
            Can you boot in Normal Mode?
            Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

            geised

              Topic Starter


              Rookie

              Re: Computer slow, freezesup will not shut down normally
              « Reply #10 on: April 26, 2013, 05:32:26 AM »
              yes, I can boot in normal mode. My problem is freezing up after running a while usually when I try to go to another web page or open an application. Yesterday it froze when i tried to open a word document.

              SuperDave

              • Malware Removal Specialist
              • Moderator


              • Sage
              • Thanked: 858
              • Certifications: List
              • Experience: Expert
              • OS: Windows 8
              Re: Computer slow, freezesup will not shut down normally
              « Reply #11 on: April 26, 2013, 12:05:45 PM »
              Please keep trying to run MBAM in Normal Mode. There were some infections that were never fixed.
              The freezing could be caused my a hardware problem or memory problem but we'll continue checking.


              Download Combofix from any of the links below, and save it to your DESKTOP
              If your version of Windows defaults to you download folder you will need to copy it to your desktop.

              Link 1
              Link 2
              Link 3

              To prevent your anti-virus application interfering with  ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.
              • Close any open windows and double click ComboFix.exe to run it.

                You will see the following image:


              Click I Agree to start the program.

              ComboFix will then extract the necessary files and you will see this:



              As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to  have this pre-installed on your machine before doing any malware  removal. This will not occur in Windows Vista and 7

              It will allow you to boot up into a special recovery/repair  mode that will allow us to more easily help you should your computer  have a problem after an attempted removal of malware.

              If you did not have it installed, you will see the prompt below. Choose YES.



              Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

              **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

              Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



              Click on Yes, to continue scanning for malware.

              When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

              Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

              Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
              Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

              geised

                Topic Starter


                Rookie

                Re: Computer slow, freezesup will not shut down normally
                « Reply #12 on: April 26, 2013, 02:42:48 PM »
                ComboFix 13-04-26.01 - kkoliiiiiiiiiiiiiiii 04/26/2013  17:02:39.1.2 - x86
                Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.2038.952 [GMT -4:00]
                Running from: c:\users\kkoliiiiiiiiiiiiiiii\Downloads\ComboFix.exe
                AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
                SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
                SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                 * Created a new restore point
                .
                .
                (((((((((((((((((((((((((   Files Created from 2013-03-26 to 2013-04-26  )))))))))))))))))))))))))))))))
                .
                .
                2013-04-26 21:11 . 2013-04-26 21:11   --------   d-----w-   c:\users\Default\AppData\Local\temp
                2013-04-26 02:28 . 2013-04-10 03:08   6906960   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3EDF1014-14CE-4908-B3BA-70F76E0A6F18}\mpengine.dll
                2013-04-25 00:57 . 2013-04-10 03:08   6906960   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
                2013-04-24 02:30 . 2013-04-12 13:45   1211752   ----a-w-   c:\windows\system32\drivers\ntfs.sys
                2013-04-24 00:43 . 2013-04-24 00:41   706640   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A0478026-CDEE-4B25-A38A-18859AEE2D58}\gapaengine.dll
                2013-04-23 18:08 . 2013-04-23 18:08   40776   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
                2013-04-18 21:01 . 2013-04-18 21:01   187   ----a-w-   c:\windows\DeleteOnReboot.bat
                2013-04-16 18:28 . 2013-04-16 18:28   --------   d-----w-   c:\program files\Common Files\Symantec Shared
                2013-04-16 14:20 . 2013-04-16 14:20   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\Malwarebytes
                2013-04-15 16:49 . 2013-04-15 17:07   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\AppData\Local\Torch
                2013-04-15 16:29 . 2013-04-15 16:29   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\AppData\Local\adawarebp
                2013-04-15 16:07 . 2013-04-15 16:31   --------   d-----w-   c:\program files\MyPC Backup
                2013-04-15 16:02 . 2009-01-25 16:14   15224   ----a-w-   c:\windows\system32\sdnclean.exe
                2013-04-15 16:02 . 2013-04-15 16:02   --------   d-----w-   c:\program files\Spybot - Search & Destroy 2
                2013-04-15 15:52 . 2013-04-15 15:52   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\LavasoftStatistics
                2013-04-15 15:51 . 2013-04-15 15:51   --------   d-----w-   c:\programdata\Downloaded Installations
                2013-04-15 15:51 . 2013-04-15 16:28   --------   d-----w-   c:\programdata\Ad-Aware Browsing Protection
                2013-04-15 15:51 . 2013-04-15 15:51   --------   d-----w-   c:\program files\Toolbar Cleaner
                2013-04-15 15:47 . 2013-04-15 15:53   44424   ----a-w-   c:\windows\system32\sbbd.exe
                2013-04-15 15:47 . 2013-04-15 15:53   13560   ----a-w-   c:\windows\system32\drivers\gfibto.sys
                2013-04-15 15:47 . 2013-04-15 15:47   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\Ad-Aware Antivirus
                2013-04-15 15:01 . 2013-04-16 22:30   --------   d-----w-   c:\program files\CCleaner
                2013-04-15 14:13 . 2013-04-15 14:13   --------   d-----w-   c:\programdata\Malwarebytes
                2013-04-15 14:13 . 2013-04-15 14:13   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
                2013-04-15 14:13 . 2013-04-04 18:50   22856   ----a-w-   c:\windows\system32\drivers\mbam.sys
                2013-04-13 22:23 . 2008-12-17 23:22   57344   ----a-w-   c:\windows\system32\ff_vfw.dll
                2013-04-13 22:23 . 2013-04-13 22:23   --------   d-----w-   c:\program files\ffdshow
                2013-04-13 22:23 . 2008-12-11 17:26   60273   ----a-w-   c:\windows\system32\pthreadGC2.dll
                2013-04-13 22:15 . 2013-04-14 22:17   --------   d-----w-   c:\programdata\ArcSoft
                2013-04-13 22:15 . 2013-04-14 01:22   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\ArcSoft
                2013-04-13 22:15 . 2013-04-13 22:15   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\AppData\Local\ArcSoft
                2013-04-13 22:15 . 2006-11-10 19:05   18688   ----a-w-   c:\windows\system32\drivers\afc.sys
                2013-04-13 22:14 . 2013-04-15 17:07   --------   d-----w-   c:\program files\Common Files\ArcSoft
                2013-04-11 10:30 . 2013-02-22 04:10   149616   ----a-w-   c:\program files\Internet Explorer\sqmapi.dll
                2013-04-11 10:30 . 2013-02-22 03:34   420864   ----a-w-   c:\windows\system32\vbscript.dll
                2013-04-11 10:30 . 2013-02-22 03:31   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
                2013-04-11 10:30 . 2013-02-22 03:36   768512   ----a-w-   c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
                2013-04-11 10:30 . 2013-02-22 03:35   194048   ----a-w-   c:\program files\Internet Explorer\IEShims.dll
                2013-04-10 19:43 . 2013-03-01 03:09   2347008   ----a-w-   c:\windows\system32\win32k.sys
                2013-04-10 19:43 . 2013-01-24 04:47   196328   ----a-w-   c:\windows\system32\drivers\fvevol.sys
                2013-04-10 19:43 . 2013-03-19 05:04   3968856   ----a-w-   c:\windows\system32\ntkrnlpa.exe
                2013-04-10 19:43 . 2013-03-19 05:04   3913560   ----a-w-   c:\windows\system32\ntoskrnl.exe
                2013-04-10 19:43 . 2013-03-19 04:48   38912   ----a-w-   c:\windows\system32\csrsrv.dll
                2013-04-10 19:43 . 2013-03-19 02:49   69632   ----a-w-   c:\windows\system32\smss.exe
                2013-04-10 19:43 . 2013-02-15 04:37   3217408   ----a-w-   c:\windows\system32\mstscax.dll
                2013-04-10 19:43 . 2013-02-15 04:34   131584   ----a-w-   c:\windows\system32\aaclient.dll
                2013-04-10 19:43 . 2013-02-15 03:25   36864   ----a-w-   c:\windows\system32\tsgqec.dll
                2013-04-09 04:27 . 2013-04-09 04:28   --------   d-----w-   c:\program files\SMPlayer
                2013-04-09 04:26 . 2013-04-09 04:26   --------   d-----w-   c:\program files\File Type Helper
                2013-04-09 04:26 . 2013-04-09 04:26   --------   d-----w-   c:\program files\Fast Free Converter
                2013-04-09 04:23 . 2013-04-09 04:24   --------   d-----w-   c:\program files\dnsshield
                2013-04-09 04:23 . 2013-04-09 13:51   --------   d-----w-   c:\users\kkoliiiiiiiiiiiiiiii\AppData\Local\Shield
                2013-04-06 03:03 . 2013-04-16 22:13   --------   d-----w-   c:\users\Brian Geise
                2013-04-01 11:37 . 2013-04-01 11:37   163088   ----a-w-   c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10143.bin
                2013-03-28 11:34 . 2013-03-28 11:34   --------   d-----w-   C:\found.000
                .
                .
                .
                ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
                .
                2013-04-02 10:33 . 2013-01-01 23:10   237088   ------w-   c:\windows\system32\MpSigStub.exe
                2013-03-14 19:20 . 2013-03-14 19:20   499712   ----a-w-   c:\windows\system32\msvcp71.dll
                2013-03-14 19:20 . 2013-03-14 19:20   348160   ----a-w-   c:\windows\system32\msvcr71.dll
                2013-03-12 21:50 . 2013-01-02 04:04   73432   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
                2013-03-12 21:50 . 2013-01-02 04:04   693976   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
                2013-02-25 16:26 . 2013-02-25 16:26   16224   ----a-w-   c:\windows\system32\drivers\cerber.sys
                2013-02-16 00:54 . 2013-02-16 00:55   94112   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
                2013-02-16 00:54 . 2013-01-17 14:47   782240   ----a-w-   c:\windows\system32\deployJava1.dll
                2013-02-16 00:54 . 2013-01-17 14:47   861088   ----a-w-   c:\windows\system32\npDeployJava1.dll
                2013-02-12 04:48 . 2013-03-12 23:33   474112   ----a-w-   c:\windows\apppatch\AcSpecfc.dll
                2013-02-12 04:48 . 2013-03-12 23:33   2176512   ----a-w-   c:\windows\apppatch\AcGenral.dll
                2013-02-12 03:32 . 2013-03-26 00:12   15872   ----a-w-   c:\windows\system32\drivers\usb8023.sys
                .
                .
                (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
                .
                .
                *Note* empty entries & legit default entries are not shown
                REGEDIT4
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{A071936A-AB6B-4978-9342-E47C06FCDEC1}]
                .
                [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                "Cerber AntiVirus"="c:\program files\Cerber AntiVirus\cerber.exe" [2013-02-26 4746976]
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
                "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848]
                "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592]
                "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552]
                "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
                "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
                "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
                "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
                "TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2013-03-14 295512]
                "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-01-31 542632]
                .
                c:\users\kkoliiiiiiiiiiiiiiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                OpenOffice.org 3.4.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
                .
                c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
                McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-3 255536]
                Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                "ConsentPromptBehaviorAdmin"= 5 (0x5)
                "ConsentPromptBehaviorUser"= 3 (0x3)
                "EnableUIADesktopToggle"= 0 (0x0)
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
                "aux"=wdmaud.drv
                .
                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
                BootExecute   REG_MULTI_SZ      autocheck autochk *\0\0sdnclean.exe
                .
                [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
                @="Service"
                .
                R1 MpKsld2e189b2;MpKsld2e189b2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3EDF1014-14CE-4908-B3BA-70F76E0A6F18}\MpKsld2e189b2.sys

                R2 FastFreeConverterUpdt;FastFreeConverterUpdt;c:\program files\Fast Free Converter\FastFreeConverterUpdt.exe

                R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys

                R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.1.121\McCHSvc.exe

                R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe

                R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys

                R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe

                S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys

                S2 cerber;cerber;c:\windows\system32\DRIVERS\cerber.sys

                S2 CerberService;Cerber Antivirus Service;c:\program files\Cerber AntiVirus\CerberService.exe

                S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys

                S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe

                .
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
                LocalServiceAndNoImpersonation   REG_MULTI_SZ      SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
                .
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
                FontCache
                .
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                2013-04-11 15:47   1642448   ----a-w-   c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
                .
                Contents of the 'Scheduled Tasks' folder
                .
                2013-04-26 c:\windows\Tasks\Adobe Flash Player Updater.job
                - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-02 21:50]
                .
                2013-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                - c:\program files\Google\Update\GoogleUpdate.exe [2013-01-15 13:32]
                .
                2013-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                - c:\program files\Google\Update\GoogleUpdate.exe [2013-01-15 13:32]
                .
                2013-03-15 c:\windows\Tasks\Norton Security Scan for kkoliiiiiiiiiiiiiiii.job
                - c:\progra~1\NORTON~2\Engine\376~1.5\Nss.exe [2013-03-14 10:19]
                .
                2013-04-26 c:\windows\Tasks\shield check.job
                - c:\users\kkoliiiiiiiiiiiiiiii\AppData\Local\Shield\checkhp.exe [2013-02-26 07:31]
                .
                .
                ------- Supplementary Scan -------
                .
                uStart Page = hxxp://proxy.allsearchapp.com/app/start/
                mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={6C96A609-8F22-11E2-A534-001AA0C84C40}
                uSearchAssistant = hxxp://www.google.com
                IE: Add to Video Converter... - c:\program files\Media Player Utilities 5.22\AVIConverter\grab.html
                IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
                TCP: DhcpNameServer = 192.168.1.1
                TCP: Interfaces\{DFCDB7F2-6018-4187-BECC-DEDDD5A57ABF}: NameServer = 66.228.116.178,66.228.116.179
                TCP: Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963}: NameServer = 66.228.116.178,66.228.116.179
                .
                - - - - ORPHANS REMOVED - - - -
                .
                HKLM-Run-SearchProtection - c:\programdata\Search Protection\_run.bat
                AddRemove-adawaretb - c:\program files\adawaretb\uninstall.exe
                .
                .
                .
                --------------------- LOCKED REGISTRY KEYS ---------------------
                Here's the combofix log

                .
                [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                @Denied: (Full) (Everyone)
                .
                Completion time: 2013-04-26  17:13:28
                ComboFix-quarantined-files.txt  2013-04-26 21:13
                .
                Pre-Run: 104,721,096,704 bytes free
                Post-Run: 104,521,895,936 bytes free
                .
                - - End Of File - - E23A8521AD40B071F1E457B85608CC01

                SuperDave

                • Malware Removal Specialist
                • Moderator


                • Sage
                • Thanked: 858
                • Certifications: List
                • Experience: Expert
                • OS: Windows 8
                Re: Computer slow, freezesup will not shut down normally
                « Reply #13 on: April 26, 2013, 04:15:45 PM »
                Please tell me the size of the harddrive and how much free space you have. Click on My Computer, right-click on the C drive. and choose Properties.
                Please try MS-Fix-it. It's supposed to repair your system.


                Please download and run MS Fix-it from here.
                Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

                geised

                  Topic Starter


                  Rookie

                  Re: Computer slow, freezesup will not shut down normally
                  « Reply #14 on: April 26, 2013, 07:31:25 PM »
                  148 gb hard drive 97.4 free space. I ran MS fixit