Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: X Vidly problems  (Read 2536 times)

0 Members and 1 Guest are viewing this topic.

MP1975

    Topic Starter


    Apprentice
    X Vidly problems
    « on: October 19, 2013, 08:22:50 AM »
    Hello all ,

    HP Pavilion Entertainment PC, Vista.

    Everything on my daughters computer seems to be accountable to X Vidly. I used Ccleaner and uninstalled it to no avail. When I look in ccleaner again the entry is no longer there but I'm sure the software is here someplace. I uninstalled and reinstalled Mozilla and that didn't work.  I just ran Malwarebytes and showed 29 bad files. If I get 1 thats odd 29 is way out of the ballpark. Removed all 29 entries and retarted PC. rerunning MWB - this time it showed 0 infections.

    Another very odd thing, In mozilla there are no graphics just alpha characters underlined and when in IE it wants me to update my browser but wants to take me to a http//rvzr-a-akamaihd.net site which I did not do.

    I just stumbled onto this, when In Mozilla, if I go to netflix the initial attempt I just gets words o the screen but no graphics when I refresh the screen using the circle on the toolbar the correct netflix screen comes up graphics and all. This also worked for yahoo but it did not work for clubwpt. More when I get it.

    Again TY in advance.


    # AdwCleaner v3.008 - Report created 18/10/2013 at 11:10:20
    # Updated 17/10/2013 by Xplode
    # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Username : Gab - GAB-PC
    # Running from : C:\Users\Gab\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****

    Service Found : BackupStack
    Service Found : Update lucky leap
    Service Found : Viewpoint Manager Service

    ***** [ Files / Folders ] *****

    File Found : C:\END
    File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    File Found : C:\Users\Gab\AppData\Roaming\Mozilla\Firefox\Profiles\b5363pub.default\Extensions\firefox@luckyleap.net.xpi
    File Found : C:\Users\Gab\Desktop\MyPC Backup.lnk
    File Found : C:\Users\Public\Desktop\eBay.lnk
    Folder Found : C:\Users\Gab\AppData\Roaming\Mozilla\Firefox\Profiles\b5363pub.default\Extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com
    Folder Found C:\Program Files\Common Files\AVG Secure Search
    Folder Found C:\Program Files\lucky leap
    Folder Found C:\Program Files\MyPC Backup
    Folder Found C:\Program Files\MyPC Backup
    Folder Found C:\Program Files\Viewpoint
    Folder Found C:\ProgramData\Viewpoint
    Folder Found C:\Users\Gab\AppData\Local\SwvUpdater
    Folder Found C:\Users\Gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
    Folder Found C:\Users\Gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\Software\Crossrider
    Key Found : HKCU\Software\AppDataLow\Software\Plus-HD-1.6
    Key Found : HKCU\Software\installedbrowserextensions
    Key Found : HKCU\Software\InstalledThirdPartyPrograms
    Key Found : HKCU\Software\lucky leap
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lucky leap
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\Software\AVG Security Toolbar
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Found : HKLM\SOFTWARE\Classes\S
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Key Found : HKLM\Software\InstalledThirdPartyPrograms
    Key Found : HKLM\Software\lucky leap
    Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lucky leap
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
    Key Found : HKLM\Software\Viewpoint
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v9.0.8112.16514


    -\\ Mozilla Firefox v24.0 (en-US)

    [ File : C:\Users\Gab\AppData\Roaming\Mozilla\Firefox\Profiles\b5363pub.default\prefs.js ]

    Line Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
    Line Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.InstallationThankYouPage", false);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.InstallationTime", 1382061288);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.active", true);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.addressbar", "NA");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.addressbarenhanced", "");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.asyncdb_dbWasSet", true);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.asyncinternaldb_dbWasSet", true);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.backgroundver", 2);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.certdomaininstaller", "");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.changeprevious", false);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.cookie.InstallationTime.ex piration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.cookie.InstallationTime.va lue", "1382061288");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.description", "Turn YouTube videos to High Definition by default");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.domain", "");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.enablesearch", false);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.homepage", "");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.iframe", false);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.InstallerIdenti fiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight [...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.InstallerIdenti fiers.value", "%7B%22installer_bic%22%3A%22D85CD810EF92409195D8A74B59125[...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.Resources_appVe r.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time[...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.Resources_appVe r.value", "90");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.Resources_lastV ersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight[...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.Resources_lastV ersion.value", "2");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.Resources_meta. expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)"[...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.Resources_meta. value", "%7B%7D");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.Resources_nextC heck.expiration", "Fri Oct 18 2013 14:09:36 GMT-0700 (Pacific Standard T[...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.Resources_nextC heck.value", "true");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.Resources_queue .expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)[...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.Resources_queue .value", "%7B%7D");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb._country_code_. expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)"[...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb._country_code_. value", "%22US%22");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.installer.expir ation", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.installer.value ", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22D85CD810[...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.monetization_pl ugin_last_executable_request.expiration ", "Fri Oct 18 2013 20:56:24 GMT-[...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.internaldb.monetization_pl ugin_last_executable_request.value", "%22hxxp%3A//sdlc-esd.sun.com/ESD6/[...]
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.lastDailyReport", "1382108009520");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.lastUpdate", "1382108009525");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.manifesturl", "");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.name", "Plus-HD-1.6");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.newtab", "");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.opensearch", "");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/32002/plugins/092/ff/plugins.json");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.pluginsversion", 77);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.publisher", "Plus HD");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.searchstatus", 0);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.setnewtab", false);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.thankyou", "");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.updateinterval", 360);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.32002.ver", 90);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.apps", "32002");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.bic", "141c945a95d62c16d9e594701b8a6979");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.cid", 32002);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.firstrun", false);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.hadappinstalled", true);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.installationdate", 1382061288);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.modetype", "production");
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.reportInstall", true);
    Line Found : user_pref("extensions.a6c937ed6be664f729a60ce5789c c7f0953ba67122cae46e2b82195baea44e049co m32002.statsDailyCounter", 3);
    Line Found : user_pref("extensions.crossrider.bic", "141c945a95d62c16d9e594701b8a6979");

    *************************

    AdwCleaner[R0].txt - [18199 octets] - [18/10/2013 11:10:20]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [18260 octets] ##########

    MP.
    « Last Edit: October 19, 2013, 09:11:55 AM by MP1975 »
    Dream untill your dreams come true.

    SuperDave

    • Malware Removal Specialist
    • Moderator


    • Sage
    • Thanked: 847
    • Certifications: List
    • Experience: Expert
    • OS: Windows 8
    Re: X Vidly problems
    « Reply #1 on: October 19, 2013, 04:14:09 PM »
    Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

    1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
    2. The fixes are specific to your problem and should only be used for this issue on this machine.
    3. If you don't know or understand something, please don't hesitate to ask.
    4. Please DO NOT run any other tools or scans while I am helping you.
    5. It is important that you reply to this thread. Do not start a new topic.
    6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    7. Absence of symptoms does not mean that everything is clear.

    If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
    *************************************************************************
    Remove the Adware:
    • Please close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with OK
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
    *********************************************
    Please download Junkware Removal Tool to your desktop.

    Warning! Once the scan is complete JRT will shut down your browser with NO warning.

    Shut down your protection software now to avoid potential conflicts.

    •Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

    •Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

    •The tool will open and start scanning your system.

    •Please be patient as this can take a while to complete depending on your system's specifications.

    •On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

    •Copy and Paste the JRT.txt log into your next message.
    *******************************************
    Download Security Check by screen317 from one of the following links and save it to your desktop.

    Link 1
    Link 2

    * Double-click Security Check.bat
    * Follow the on-screen instructions inside of the black box.
    * A Notepad document should open automatically called checkup.txt
    * Post the contents of that document in your next reply.

    Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
    Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

    MP1975

      Topic Starter


      Apprentice
      Re: X Vidly problems
      « Reply #2 on: October 20, 2013, 12:02:47 PM »
      Hello Dave,

      I tried , twice, to install the adwcleaner from from the path given here and :
      1. It does not save to my desktop
      2. I do not see a delete option.

      The only two function not greyed out are scan and uninstall.
      Not sure if you wanted me to continue with junk removal so I stopped here.

      Thanks for the help,
      MP.
      Dream untill your dreams come true.

      SuperDave

      • Malware Removal Specialist
      • Moderator


      • Sage
      • Thanked: 847
      • Certifications: List
      • Experience: Expert
      • OS: Windows 8
      Re: X Vidly problems
      « Reply #3 on: October 20, 2013, 06:57:13 PM »
      Quote
      I do not see a delete option.

      The only two function not greyed out are scan and uninstall.
      Not sure if you wanted me to continue with junk removal so I stopped here.
      First run the scan and then hit the delete button. Please continue with the other scans.
      Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

      MP1975

        Topic Starter


        Apprentice
        Re: X Vidly problems
        « Reply #4 on: October 25, 2013, 04:11:18 PM »
        # AdwCleaner v3.010 - Report created 24/10/2013 at 18:07:21
        # Updated 20/10/2013 by Xplode
        # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
        # Username : Gab - GAB-PC
        # Running from : C:\Users\Gab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KE1Q6YLS\adwcleaner.exe
        # Option : Clean

        ***** [ Services ] *****


        ***** [ Files / Folders ] *****

        File Deleted : C:\END

        ***** [ Shortcuts ] *****


        ***** [ Registry ] *****

        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366206602}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416658}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416678}
        Key Deleted : HKLM\Software\systweak

        ***** [ Browsers ] *****

        -\\ Internet Explorer v9.0.8112.16514


        -\\ Mozilla Firefox v24.0 (en-US)

        [ File : C:\Users\Gab\AppData\Roaming\Mozilla\Firefox\Profiles\k9kl0sg1.default-1382124064032\prefs.js ]


        *************************

        AdwCleaner[R0].txt - [18341 octets] - [18/10/2013 11:10:20]
        AdwCleaner[R1].txt - [1288 octets] - [24/10/2013 17:56:57]
        AdwCleaner[S0].txt - [18445 octets] - [18/10/2013 11:43:40]
        AdwCleaner[S1].txt - [1219 octets] - [24/10/2013 18:07:21]

        ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1279 octets] ##########



        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        Junkware Removal Tool (JRT) by Thisisu
        Version: 6.0.7 (10.15.2013:3)
        OS: Windows Vista (TM) Home Premium x86
        Ran by Gab on Thu 10/24/2013 at 18:15:24.90
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




        ~~~ Services



        ~~~ Registry Values

        Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
        Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
        Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



        ~~~ Registry Keys

        Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322202202}
        Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422412258}
        Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422412278}



        ~~~ Files



        ~~~ Folders

        Successfully deleted: [Folder] "C:\Users\Gab\AppData\Roaming\xvidly"



        ~~~ Event Viewer Logs were cleared





        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        Scan was completed on Thu 10/24/2013 at 18:22:17.10
        End of JRT log
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


        Screen 317 did not like this computer.

         UNSUPPORTED OPERATING SYSTEM! ABORTED!
        « Last Edit: October 25, 2013, 04:23:53 PM by MP1975 »
        Dream untill your dreams come true.

        SuperDave

        • Malware Removal Specialist
        • Moderator


        • Sage
        • Thanked: 847
        • Certifications: List
        • Experience: Expert
        • OS: Windows 8
        Re: X Vidly problems
        « Reply #5 on: October 26, 2013, 12:43:05 PM »
        Download Combofix from any of the links below, and save it to your DESKTOP
        If your version of Windows defaults to you download folder you will need to copy it to your desktop.

        Link 1
        Link 2
        Link 3

        To prevent your anti-virus application interfering with  ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.
        • Close any open windows and double click ComboFix.exe to run it.

          You will see the following image:


        Click I Agree to start the program.

        ComboFix will then extract the necessary files and you will see this:



        As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to  have this pre-installed on your machine before doing any malware  removal. This will not occur in Windows Vista and 7

        It will allow you to boot up into a special recovery/repair  mode that will allow us to more easily help you should your computer  have a problem after an attempted removal of malware.

        If you did not have it installed, you will see the prompt below. Choose YES.



        Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

        **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

        Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



        Click on Yes, to continue scanning for malware.

        When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

        Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

        Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
        Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

        MP1975

          Topic Starter


          Apprentice
          Re: X Vidly problems
          « Reply #6 on: October 27, 2013, 09:06:12 AM »
          Dave ,

          Thanks again for the help. Here is the Combofix report.
          And before I forget I use AVG, Malewarebyte and superanitispyware.
          Run them weekly. Is there anything else I shoudl add to this regimen.

          ComboFix 13-10-26.01 - Gab 10/26/2013  10:53:05.1.2 - x86
          Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2813.1919 [GMT -7:00]
          Running from: c:\users\Gab\Downloads\ComboFix.exe
          AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
          SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
          SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          .
          .
          (((((((((((((((((((((((((   Files Created from 2013-09-26 to 2013-10-26  )))))))))))))))))))))))))))))))
          .
          .
          2013-10-26 18:03 . 2013-10-26 18:03   --------   d-----w-   c:\users\Gab\AppData\Local\temp
          2013-10-26 18:03 . 2013-10-26 18:03   --------   d-----w-   c:\users\Default\AppData\Local\temp
          2013-10-25 01:15 . 2013-10-25 01:15   --------   d-----w-   c:\windows\ERUNT
          2013-10-20 02:53 . 2013-10-20 02:53   --------   d-----w-   c:\program files\Microsoft Silverlight
          2013-10-19 10:09 . 2013-10-19 10:09   0   ----a-w-   c:\windows\system32\updB7C6.tmp
          2013-10-19 07:09 . 2013-10-19 07:09   0   ----a-w-   c:\windows\system32\updD936.tmp
          2013-10-19 04:09 . 2013-10-19 04:09   0   ----a-w-   c:\windows\system32\upd1A8.tmp
          2013-10-18 19:38 . 2013-10-08 20:46   36152   ----a-w-   c:\windows\system32\TURegOpt.exe
          2013-10-18 19:38 . 2013-10-08 20:46   25400   ----a-w-   c:\windows\system32\authuitu.dll
          2013-10-18 19:37 . 2013-10-18 19:37   --------   d-----w-   c:\users\Gab\AppData\Roaming\AVG
          2013-10-18 19:31 . 2013-10-18 19:51   --------   d-----w-   c:\programdata\AVG
          2013-10-18 19:31 . 2013-10-18 19:56   --------   d-sh--w-   c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
          2013-10-18 18:30 . 2013-10-18 18:30   388096   ----a-r-   c:\users\Gab\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
          2013-10-18 18:30 . 2013-10-18 18:30   --------   d-----w-   c:\program files\Trend Micro
          2013-10-18 18:09 . 2013-10-25 01:07   --------   d-----w-   C:\AdwCleaner
          2013-10-18 17:56 . 2013-10-18 17:56   --------   d-----w-   c:\users\Gab\AppData\Local\AVG SafeGuard toolbar
          2013-10-18 17:55 . 2013-10-18 17:55   37664   ----a-w-   c:\windows\system32\drivers\avgtpx86.sys
          2013-10-18 17:55 . 2013-10-18 17:56   --------   d-----w-   c:\programdata\AVG SafeGuard toolbar
          2013-10-18 17:55 . 2013-10-18 17:55   --------   d-----w-   c:\program files\AVG SafeGuard toolbar
          2013-10-18 16:31 . 2013-10-18 16:31   --------   d-----w-   c:\program files\DIFX
          2013-10-18 16:24 . 2013-10-20 00:44   --------   d-----w-   c:\users\Gab\AppData\Local\Hewlett-Packard
          2013-10-18 16:19 . 2013-10-18 16:58   --------   d-----w-   C:\Downloads
          2013-10-18 15:59 . 2013-10-08 14:50   94632   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
          2013-10-18 15:31 . 2013-10-18 15:31   --------   d-----w-   c:\windows\en
          2013-10-18 15:30 . 2012-03-09 01:32   39272   ----a-w-   c:\windows\system32\drivers\fssfltr.sys
          2013-10-18 15:27 . 2013-10-18 15:27   --------   d-----w-   c:\program files\Microsoft SQL Server Compact Edition
          2013-10-18 15:25 . 2013-10-18 15:31   --------   d-----w-   c:\program files\Windows Live
          2013-10-18 15:24 . 2009-09-05 00:44   69464   ----a-w-   c:\windows\system32\XAPOFX1_3.dll
          2013-10-18 15:24 . 2009-09-05 00:44   515416   ----a-w-   c:\windows\system32\XAudio2_5.dll
          2013-10-18 15:24 . 2009-09-05 00:29   453456   ----a-w-   c:\windows\system32\d3dx10_42.dll
          2013-10-18 15:24 . 2006-11-29 20:06   3426072   ----a-w-   c:\windows\system32\d3dx9_32.dll
          2013-10-18 15:23 . 2013-10-18 15:23   --------   d-----w-   c:\users\Gab\AppData\Local\Windows Live
          2013-10-18 15:23 . 2013-10-18 15:23   --------   d-----w-   c:\program files\Common Files\Windows Live
          2013-10-18 15:22 . 2009-08-04 08:02   754688   ----a-w-   c:\windows\system32\webservices.dll
          2013-10-18 15:16 . 2013-10-18 15:16   --------   d-----w-   c:\program files\LSI SoftModem
          2013-10-18 15:08 . 2013-10-18 15:08   0   ----a-w-   c:\windows\system32\updF.tmp
          2013-10-18 06:18 . 2013-10-18 06:18   0   ----a-w-   c:\windows\system32\upd48B6.tmp
          2013-10-18 02:50 . 2013-10-18 02:50   0   ----a-w-   c:\windows\system32\upd3ABF.tmp
          2013-10-18 02:50 . 2013-10-18 02:50   0   ----a-w-   c:\windows\system32\upd28C4.tmp
          2013-10-18 02:47 . 2013-10-18 02:47   0   ----a-w-   c:\windows\system32\upd7271.tmp
          2013-10-18 02:46 . 2013-09-17 20:41   364544   ----a-w-   c:\windows\system32\webmakerplus.dll
          2013-10-18 02:45 . 2013-10-18 02:45   --------   d-----w-   c:\users\Gab\AppData\Roaming\Online Download Accelerator
          2013-10-18 02:45 . 2013-10-18 03:14   --------   d-----w-   c:\users\Gab\AppData\Roaming\5261c755160ba0fb78005c00
          2013-10-18 02:41 . 2013-10-18 02:41   --------   d-----w-   c:\program files\Lightspark 0.5.3-git
          2013-10-12 10:07 . 2013-10-12 10:07   --------   d-----w-   c:\users\Default\AppData\Local\Microsoft Help
          2013-10-08 00:57 . 2013-07-20 10:44   102608   ----a-w-   c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
          2013-10-08 00:56 . 2013-07-03 02:10   25472   ----a-w-   c:\windows\system32\drivers\hidparse.sys
          2013-10-07 01:00 . 2013-10-07 01:00   --------   d-----w-   c:\programdata\WindowsSearch
          2013-10-06 04:30 . 2013-10-18 19:56   --------   d-----w-   c:\users\Gab\AppData\Roaming\HpUpdate
          2013-10-06 04:29 . 2013-10-06 04:29   --------   d-----w-   c:\windows\Hewlett-Packard
          2013-10-04 18:50 . 2013-10-04 18:50   --------   d-----w-   c:\users\Gab\AppData\Local\AOL
          2013-10-04 18:48 . 2013-10-04 18:48   --------   d-----w-   c:\program files\CCleaner
          2013-10-04 18:35 . 2013-10-04 18:35   --------   d-----w-   c:\users\Gab\AppData\Roaming\SUPERAntiSpyware.com
          2013-10-04 18:35 . 2013-10-04 18:35   --------   d-----w-   c:\program files\SUPERAntiSpyware
          2013-10-04 18:35 . 2013-10-04 18:35   --------   d-----w-   c:\programdata\SUPERAntiSpyware.com
          2013-10-04 18:12 . 2013-10-04 18:12   --------   d-----w-   c:\users\Gab\AppData\Roaming\Malwarebytes
          2013-10-04 18:12 . 2013-10-04 18:12   --------   d-----w-   c:\programdata\Malwarebytes
          2013-10-04 18:12 . 2013-10-04 18:12   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
          2013-10-04 18:12 . 2013-04-04 21:50   22856   ----a-w-   c:\windows\system32\drivers\mbam.sys
          2013-10-03 03:40 . 2011-03-12 21:55   876032   ----a-w-   c:\windows\system32\XpsPrint.dll
          2013-10-02 10:59 . 2013-10-02 10:59   --------   d-----w-   c:\program files\Windows Portable Devices
          2013-10-02 10:24 . 2009-09-10 02:00   92672   ----a-w-   c:\windows\system32\UIAnimation.dll
          2013-10-02 10:24 . 2009-09-10 02:01   3023360   ----a-w-   c:\windows\system32\UIRibbon.dll
          2013-10-02 10:24 . 2009-09-10 02:00   1164800   ----a-w-   c:\windows\system32\UIRibbonRes.dll
          2013-10-02 10:23 . 2009-09-25 01:33   369664   ----a-w-   c:\windows\system32\WMPhoto.dll
          2013-10-02 10:23 . 2009-09-25 02:10   974848   ----a-w-   c:\windows\system32\WindowsCodecs.dll
          2013-10-02 10:23 . 2009-09-25 02:07   189440   ----a-w-   c:\windows\system32\WindowsCodecsExt.dll
          2013-10-02 10:23 . 2009-09-25 02:04   321024   ----a-w-   c:\windows\system32\PhotoMetadataHandler.dll
          2013-10-02 10:23 . 2009-09-25 01:33   195584   ----a-w-   c:\windows\system32\dxdiagn.dll
          2013-10-02 10:23 . 2009-09-25 01:32   252928   ----a-w-   c:\windows\system32\dxdiag.exe
          2013-10-02 10:23 . 2009-09-25 01:31   519680   ----a-w-   c:\windows\system32\d3d11.dll
          2013-10-02 10:17 . 2012-02-29 15:11   5120   ----a-w-   c:\windows\system32\wmi.dll
          2013-10-02 10:17 . 2012-02-29 15:09   157696   ----a-w-   c:\windows\system32\imagehlp.dll
          2013-10-02 10:17 . 2012-02-29 13:32   12800   ----a-w-   c:\windows\system32\drivers\fs_rec.sys
          2013-10-01 10:35 . 2011-07-29 16:01   293376   ----a-w-   c:\windows\system32\psisdecd.dll
          2013-10-01 10:35 . 2011-07-29 16:01   217088   ----a-w-   c:\windows\system32\psisrndr.ax
          2013-10-01 10:35 . 2011-07-29 16:00   57856   ----a-w-   c:\windows\system32\MSDvbNP.ax
          2013-10-01 10:35 . 2011-07-29 16:00   69632   ----a-w-   c:\windows\system32\Mpeg2Data.ax
          2013-10-01 10:35 . 2013-06-15 13:22   15872   ----a-w-   c:\windows\system32\icaapi.dll
          2013-10-01 10:35 . 2013-06-15 11:23   24064   ----a-w-   c:\windows\system32\drivers\tssecsrv.sys
          2013-10-01 10:34 . 2011-10-14 16:03   189952   ----a-w-   c:\windows\system32\winmm.dll
          2013-10-01 10:34 . 2011-10-14 16:00   23552   ----a-w-   c:\windows\system32\mciseq.dll
          2013-10-01 10:34 . 2012-05-11 15:57   623616   ----a-w-   c:\windows\system32\localspl.dll
          2013-10-01 10:31 . 2012-09-25 16:19   75776   ----a-w-   c:\windows\system32\synceng.dll
          2013-10-01 10:31 . 2013-07-05 04:53   905664   ----a-w-   c:\windows\system32\drivers\tcpip.sys
          2013-10-01 10:30 . 2011-10-14 16:02   429056   ----a-w-   c:\windows\system32\EncDec.dll
          2013-10-01 10:30 . 2013-07-17 19:41   2048   ----a-w-   c:\windows\system32\tzres.dll
          2013-10-01 10:29 . 2012-11-02 10:18   376320   ----a-w-   c:\windows\system32\dpnet.dll
          2013-10-01 10:29 . 2012-11-02 08:26   23040   ----a-w-   c:\windows\system32\dpnsvr.exe
          2013-10-01 10:29 . 2012-03-20 23:28   53120   ----a-w-   c:\windows\system32\drivers\partmgr.sys
          2013-10-01 10:29 . 2013-07-10 09:47   783360   ----a-w-   c:\windows\system32\rpcrt4.dll
          2013-10-01 10:29 . 2012-08-21 11:47   224640   ----a-w-   c:\windows\system32\drivers\volsnap.sys
          2013-10-01 10:28 . 2011-02-22 14:13   288768   ----a-w-   c:\windows\system32\XpsGdiConverter.dll
          2013-10-01 10:28 . 2011-01-20 14:28   1554432   ----a-w-   c:\windows\system32\xpsservices.dll
          2013-10-01 10:28 . 2011-01-20 14:25   847360   ----a-w-   c:\windows\system32\OpcServices.dll
          2013-10-01 10:27 . 2011-11-18 17:47   66560   ----a-w-   c:\windows\system32\packager.dll
          2013-10-01 10:26 . 2013-08-03 02:06   304128   ----a-w-   c:\program files\Internet Explorer\ieuser.exe
          2013-10-01 10:24 . 2012-11-20 04:22   204288   ----a-w-   c:\windows\system32\ncrypt.dll
          2013-10-01 10:24 . 2013-03-03 19:07   1082232   ----a-w-   c:\windows\system32\drivers\ntfs.sys
          2013-10-01 10:24 . 2011-12-14 16:17   680448   ----a-w-   c:\windows\system32\msvcrt.dll
          2013-10-01 10:24 . 2012-11-08 03:48   1314816   ----a-w-   c:\windows\system32\quartz.dll
          2013-10-01 10:23 . 2012-06-05 16:47   708608   ----a-w-   c:\program files\Common Files\System\ado\msado15.dll
          2013-10-01 10:23 . 2013-05-02 04:04   443904   ----a-w-   c:\windows\system32\win32spl.dll
          2013-10-01 10:23 . 2013-05-02 04:03   37376   ----a-w-   c:\windows\system32\printcom.dll
          2013-10-01 10:23 . 2013-08-02 04:09   1548288   ----a-w-   c:\windows\system32\WMVDECOD.DLL
          2013-10-01 10:23 . 2013-04-24 01:46   812544   ----a-w-   c:\windows\system32\certutil.exe
          2013-10-01 10:23 . 2013-04-24 04:00   41984   ----a-w-   c:\windows\system32\certenc.dll
          2013-10-01 10:22 . 2012-11-02 10:19   1400832   ----a-w-   c:\windows\system32\msxml6.dll
          2013-10-01 10:22 . 2011-10-25 15:58   497152   ----a-w-   c:\windows\system32\qdvd.dll
          2013-10-01 10:22 . 2013-07-16 04:35   615936   ----a-w-   c:\windows\system32\themeui.dll
          2013-10-01 10:22 . 2013-07-09 12:10   1205168   ----a-w-   c:\windows\system32\ntdll.dll
          2013-10-01 10:22 . 2013-07-08 04:55   3603904   ----a-w-   c:\windows\system32\ntkrnlpa.exe
          2013-10-01 10:22 . 2013-07-08 04:55   3551680   ----a-w-   c:\windows\system32\ntoskrnl.exe
          2013-10-01 10:22 . 2013-03-09 01:28   64000   ----a-w-   c:\windows\system32\smss.exe
          2013-10-01 10:22 . 2013-03-09 03:45   49152   ----a-w-   c:\windows\system32\csrsrv.dll
          2013-10-01 10:21 . 2011-08-25 16:15   555520   ----a-w-   c:\windows\system32\UIAutomationCore.dll
          2013-10-01 10:21 . 2011-08-25 16:14   238080   ----a-w-   c:\windows\system32\oleacc.dll
          2013-10-01 10:21 . 2011-08-25 13:31   4096   ----a-w-   c:\windows\system32\oleaccrc.dll
          2013-10-01 10:21 . 2011-08-25 16:14   563712   ----a-w-   c:\windows\system32\oleaut32.dll
          2013-10-01 10:21 . 2011-11-16 16:23   377344   ----a-w-   c:\windows\system32\winhttp.dll
          2013-10-01 10:21 . 2012-03-01 11:01   2409784   ----a-w-   c:\program files\Windows Mail\OESpamFilter.dat
          2013-10-01 10:21 . 2013-06-01 04:06   505344   ----a-w-   c:\windows\system32\qedit.dll
          2013-10-01 10:21 . 2012-06-05 16:47   1248768   ----a-w-   c:\windows\system32\msxml3.dll
          2013-10-01 10:20 . 2013-03-08 03:52   2067968   ----a-w-   c:\windows\system32\mstscax.dll
          2013-10-01 10:20 . 2012-05-01 14:03   180736   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
          .
          .
          ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2013-10-18 15:25 . 2011-03-29 01:36   22240   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
          2013-09-27 00:48 . 2003-03-19 02:14   499712   ----a-w-   c:\windows\system32\msvcp71.dll
          2013-09-27 00:48 . 2003-02-21 10:42   348160   ----a-w-   c:\windows\system32\msvcr71.dll
          2013-09-26 03:57 . 2013-09-26 03:57   120632   ----a-w-   c:\windows\system32\drivers\avgdiskx.sys
          2013-09-14 18:36 . 2013-09-14 18:36   6656   ----a-w-   c:\windows\system32\kbd106n.dll
          2013-09-11 05:11 . 2013-09-11 05:11   22840   ----a-w-   c:\windows\system32\drivers\avgidsshimx.sys
          2013-09-09 05:12 . 2013-09-09 05:12   27448   ----a-w-   c:\windows\system32\drivers\avgrkx86.sys
          2013-09-02 17:39 . 2013-09-02 17:39   176952   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
          2013-09-02 17:28 . 2013-09-02 17:28   145720   ----a-w-   c:\windows\system32\drivers\avgidshx.sys
          2013-09-02 17:28 . 2013-09-02 17:28   209208   ----a-w-   c:\windows\system32\drivers\avgidsdriverx.sys
          2013-09-02 17:28 . 2013-09-02 17:28   223032   ----a-w-   c:\windows\system32\drivers\avglogx.sys
          2013-08-21 05:54 . 2013-08-21 05:54   102200   ----a-w-   c:\windows\system32\drivers\avgmfx86.sys
          2013-08-07 20:11 . 2013-08-07 20:11   7680037   ----a-w-   C:\xvidly.exe
          2013-08-03 04:22 . 2013-10-01 10:26   53760   ----a-w-   c:\windows\apppatch\iebrshim.dll
          2013-08-01 23:08 . 2013-08-01 23:08   193848   ----a-w-   c:\windows\system32\drivers\avgtdix.sys
          .
          .
          (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          *Note* empty entries & legit default entries are not shown
          REGEDIT4
          .
          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
          .
          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
          "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-15 468264]
          "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
          "OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-02 554288]
          "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
          "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
          "AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-10-08 4908592]
          "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-28 442467]
          "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
          "EnableUIADesktopToggle"= 0 (0x0)
          .
          [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
          "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
          .
          [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
          @=""
          .
          [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
          @="Driver"
          .
          [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
          @="Service"
          .
          [HKLM\~\startupfolder\C:^Users^Gab^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
          path=c:\users\Gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
          backup=c:\windows\pss\MyPC Backup.lnk.Startup
          backupExtension=.Startup
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
          2007-05-11 10:06   40048   ----a-w-   c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
          2008-02-26 21:08   2289664   ----a-w-   c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
          2013-10-02 19:54   5706480   ----a-w-   c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
          2011-10-14 11:36   2299176   ----a-w-   c:\program files\Synaptics\SynTP\SynTPEnh.exe
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
          2007-12-24 22:55   222504   ------w-   c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
          2008-01-21 02:23   1008184   ----a-w-   c:\program files\Windows Defender\MSASCui.exe
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
          "HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
          "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
          "TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" -osboot
          "HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
          "DisableMonitoring"=dword:00000001
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
          "DisableMonitoring"=dword:00000001
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
          "DisableMonitoring"=dword:00000001
          .
          S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-05-23 119056]
          S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe [2008-02-12 73728]
          .
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
          LocalServiceAndNoImpersonation   REG_MULTI_SZ      FontCache
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
          2008-02-26 21:06   451872   ----a-w-   c:\program files\Common Files\LightScribe\LSRunOnce.exe
          .
          Contents of the 'Scheduled Tasks' folder
          .
          2013-10-26 c:\windows\Tasks\Adobe Flash Player Updater.job
          - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-27 01:54]
          .
          2013-10-24 c:\windows\Tasks\HPCeeScheduleForGab.job
          - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-05-23 03:03]
          .
          .
          ------- Supplementary Scan -------
          .
          uStart Page = hxxp://yahoo.com/
          mStart Page = hxxp://www.google.com
          IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
          TCP: DhcpNameServer = 192.168.1.1
          FF - ProfilePath - c:\users\Gab\AppData\Roaming\Mozilla\Firefox\Profiles\k9kl0sg1.default-1382124064032\
          FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
          FF - ExtSQL: 2013-09-17 03:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
          .
          - - - - ORPHANS REMOVED - - - -
          .
          SafeBoot-WudfPf
          SafeBoot-WudfRd
          MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
          MSConfigStartUp-Free Download Manager - c:\program files\Free Download Manager\fdm.exe
          MSConfigStartUp-isCfgWiz - c:\program files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe
          AddRemove-Activation Assistant for the 2007 Microsoft Office suites - c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe
          AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
          .
          .
          .
          **************************************************************************
          .
          catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2013-10-26 11:03
          Windows 6.0.6002 Service Pack 2 NTFS
          .
          scanning hidden processes ... 
          .
          scanning hidden autostart entries ...
          .
          scanning hidden files ... 
          .
          .
          c:\users\Gab\AppData\Local\Temp\catchme.dll 53248 bytes executable
          .
          scan completed successfully
          hidden files: 1
          .
          **************************************************************************
          .
          --------------------- LOCKED REGISTRY KEYS ---------------------
          .
          [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
          @Denied: (A) (Users)
          @Denied: (A) (Everyone)
          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
          "BlindDial"=dword:00000000
          "MSCurrentCountry"=dword:000000b5
          .
          Completion time: 2013-10-26  11:05:00
          ComboFix-quarantined-files.txt  2013-10-26 18:04
          .
          Pre-Run: 171,173,908,480 bytes free
          Post-Run: 171,201,585,152 bytes free
          .
          - - End Of File - - 6EB6B75AAEF87DEA47C1D3354C90330D
          85D751F0E41B8E520AEE8C07A8DA777B
          Dream untill your dreams come true.

          SuperDave

          • Malware Removal Specialist
          • Moderator


          • Sage
          • Thanked: 847
          • Certifications: List
          • Experience: Expert
          • OS: Windows 8
          Re: X Vidly problems
          « Reply #7 on: October 27, 2013, 12:17:10 PM »
          Quote
          I use AVG, Malewarebyte and superanitispyware.
          Run them weekly. Is there anything else I shoudl add to this regimen.
          That looks good. You could also turn on Windows Defender and run AdwCleaner and Junkware Remove tool weekly.

          SysProt Antirootkit

          Download
          SysProt Antirootkit from the link below (you will find it at the bottom
          of the page under attachments, or you can get it from one of the
          mirrors).

          http://sites.google.com/site/sysprotantirootkit/

          Unzip it into a folder on your desktop.
          • Double click Sysprot.exe to start the program.
          • Click on the Log tab.
          • In the Write to log box select the following items.
            • Process << Selected
            • Kernel Modules << Selected
            • SSDT << Selected
            • Kernel Hooks << Selected
            • IRP Hooks << NOT Selected
            • Ports << NOT Selected
            • Hidden Files << Selected
          • At the bottom of the page
            • Hidden Objects Only << Selected
          • Click on the Create Log button on the bottom right.
          • After a few seconds a new window should appear.
          • Select Scan Root Drive. Click on the Start button.
          • When it is complete a new window will appear to indicate that the scan is finished.
          • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.
          Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

          MP1975

            Topic Starter


            Apprentice
            Re: X Vidly problems
            « Reply #8 on: November 02, 2013, 12:56:50 PM »
            Hello Dave ,

            Quick question. How long should that take to run ?
            Approx 1 hr now...Something is hitting my hard drive.
            Can only "Assume" thats it. Only thing I have running.

            Thanks,
            MP.
            Dream untill your dreams come true.

            SuperDave

            • Malware Removal Specialist
            • Moderator


            • Sage
            • Thanked: 847
            • Certifications: List
            • Experience: Expert
            • OS: Windows 8
            Re: X Vidly problems
            « Reply #9 on: November 03, 2013, 06:44:55 PM »
            Ok, please try this one.

            Malwarebytes' Anti-Rootkit

            Please download Malwarebytes' Anti-Rootkit and save it to your desktop.
            • Be sure to print out and follow the instructions provided on that same page for performing a scan.
            • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
            • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
            • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
            • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
            • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
            • Copy and paste the contents of these two log files in your next reply.
            Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

            MP1975

              Topic Starter


              Apprentice
              Re: X Vidly problems
              « Reply #10 on: November 08, 2013, 01:45:37 PM »
              ---------------------------------------
              Malwarebytes Anti-Rootkit BETA 1.07.0.1007

              (c) Malwarebytes Corporation 2011-2012

              OS version: 6.0.6002 Windows Vista Service Pack 2 x86

              Account is Administrative

              Internet Explorer version: 9.0.8112.16421

              File system is: NTFS
              Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
              CPU speed: 1.999000 GHz
              Memory total: 2949734400, free: 1638182912

              ---------------------------------------
              Malwarebytes Anti-Rootkit BETA 1.07.0.1007

              (c) Malwarebytes Corporation 2011-2012

              OS version: 6.0.6002 Windows Vista Service Pack 2 x86

              Account is Administrative

              Internet Explorer version: 9.0.8112.16421

              File system is: NTFS
              Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
              CPU speed: 1.999000 GHz
              Memory total: 2949734400, free: 1903628288

              Could not load protection driver
              Downloaded database version: v2013.11.08.07
              Downloaded database version: v2013.10.11.02
              =======================================
              Initializing...
              ------------ Kernel report ------------
                   11/08/2013 13:24:03
              ------------ Loaded modules -----------
              \SystemRoot\system32\ntkrnlpa.exe
              \SystemRoot\system32\hal.dll
              \SystemRoot\system32\kdcom.dll
              \SystemRoot\system32\PSHED.dll
              \SystemRoot\system32\BOOTVID.dll
              \SystemRoot\system32\CLFS.SYS
              \SystemRoot\system32\CI.dll
              \SystemRoot\system32\drivers\Wdf01000.sys
              \SystemRoot\system32\drivers\WDFLDR.SYS
              \SystemRoot\system32\drivers\acpi.sys
              \SystemRoot\system32\drivers\WMILIB.SYS
              \SystemRoot\system32\drivers\msisadrv.sys
              \SystemRoot\system32\drivers\pci.sys
              \SystemRoot\system32\drivers\isapnp.sys
              \SystemRoot\system32\drivers\mpio.sys
              \SystemRoot\System32\drivers\partmgr.sys
              \SystemRoot\system32\DRIVERS\compbatt.sys
              \SystemRoot\system32\DRIVERS\BATTC.SYS
              \SystemRoot\system32\drivers\volmgr.sys
              \SystemRoot\System32\drivers\volmgrx.sys
              \SystemRoot\system32\drivers\intelide.sys
              \SystemRoot\system32\drivers\PCIIDEX.SYS
              \SystemRoot\system32\drivers\pciide.sys
              \SystemRoot\system32\drivers\aliide.sys
              \SystemRoot\system32\drivers\amdide.sys
              \SystemRoot\system32\drivers\cmdide.sys
              \SystemRoot\System32\drivers\mountmgr.sys
              \SystemRoot\system32\drivers\msdsm.sys
              \SystemRoot\system32\drivers\nvraid.sys
              \SystemRoot\system32\drivers\CLASSPNP.SYS
              \SystemRoot\system32\drivers\viaide.sys
              \SystemRoot\system32\drivers\iastorv.sys
              \SystemRoot\system32\drivers\atapi.sys
              \SystemRoot\system32\drivers\ataport.SYS
              \SystemRoot\system32\drivers\lsi_scsi.sys
              \SystemRoot\system32\drivers\storport.sys
              \SystemRoot\system32\drivers\nvstor.sys
              \SystemRoot\system32\drivers\msahci.sys
              \SystemRoot\system32\drivers\hpcisss.sys
              \SystemRoot\system32\drivers\adp94xx.sys
              \SystemRoot\system32\drivers\adpahci.sys
              \SystemRoot\system32\drivers\adpu160m.sys
              \SystemRoot\system32\drivers\SCSIPORT.SYS
              \SystemRoot\system32\drivers\adpu320.sys
              \SystemRoot\system32\drivers\djsvs.sys
              \SystemRoot\system32\drivers\arc.sys
              \SystemRoot\system32\drivers\arcsas.sys
              \SystemRoot\system32\drivers\elxstor.sys
              \SystemRoot\system32\drivers\i2omp.sys
              \SystemRoot\system32\drivers\iirsp.sys
              \SystemRoot\system32\drivers\iteatapi.sys
              \SystemRoot\system32\drivers\iteraid.sys
              \SystemRoot\system32\drivers\lsi_fc.sys
              \SystemRoot\system32\drivers\lsi_sas.sys
              \SystemRoot\system32\drivers\megasas.sys
              \SystemRoot\system32\drivers\megasr.sys
              \SystemRoot\system32\drivers\mraid35x.sys
              \SystemRoot\system32\drivers\nfrd960.sys
              \SystemRoot\system32\drivers\ql2300.sys
              \SystemRoot\system32\drivers\ql40xx.sys
              \SystemRoot\system32\drivers\sisraid2.sys
              \SystemRoot\system32\drivers\sisraid4.sys
              \SystemRoot\system32\drivers\symc8xx.sys
              \SystemRoot\system32\drivers\sym_hi.sys
              \SystemRoot\system32\drivers\sym_u3.sys
              \SystemRoot\system32\drivers\uliahci.sys
              \SystemRoot\system32\drivers\ulsata.sys
              \SystemRoot\system32\drivers\ulsata2.sys
              \SystemRoot\system32\drivers\vsmraid.sys
              \SystemRoot\system32\drivers\fltmgr.sys
              \SystemRoot\system32\drivers\fileinfo.sys
              \SystemRoot\System32\Drivers\ksecdd.sys
              \SystemRoot\system32\drivers\ndis.sys
              \SystemRoot\system32\drivers\msrpc.sys
              \SystemRoot\system32\drivers\NETIO.SYS
              \SystemRoot\System32\drivers\tcpip.sys
              \SystemRoot\System32\drivers\fwpkclnt.sys
              \SystemRoot\System32\Drivers\Ntfs.sys
              \SystemRoot\system32\drivers\wd.sys
              \SystemRoot\system32\drivers\volsnap.sys
              \SystemRoot\System32\Drivers\spldr.sys
              \SystemRoot\system32\drivers\sbp2port.sys
              \SystemRoot\System32\Drivers\mup.sys
              \SystemRoot\System32\drivers\ecache.sys
              \SystemRoot\system32\DRIVERS\hpdskflt.sys
              \SystemRoot\system32\drivers\disk.sys
              \SystemRoot\system32\drivers\crcdisk.sys
              \SystemRoot\system32\DRIVERS\avgrkx86.sys
              \SystemRoot\system32\DRIVERS\avglogx.sys
              \SystemRoot\system32\DRIVERS\avgmfx86.sys
              \SystemRoot\system32\DRIVERS\avgidshx.sys
              \SystemRoot\system32\DRIVERS\AtiPcie.sys
              \SystemRoot\system32\DRIVERS\Amddfltr.sys
              \SystemRoot\system32\DRIVERS\ahcix86s.sys
              \SystemRoot\system32\DRIVERS\tunnel.sys
              \SystemRoot\system32\DRIVERS\tunmp.sys
              \SystemRoot\system32\DRIVERS\processr.sys
              \SystemRoot\system32\DRIVERS\atikmdag.sys
              \SystemRoot\System32\drivers\dxgkrnl.sys
              \SystemRoot\System32\drivers\watchdog.sys
              \SystemRoot\system32\DRIVERS\HDAudBus.sys
              \SystemRoot\system32\DRIVERS\athr.sys
              \SystemRoot\system32\DRIVERS\Rtlh86.sys
              \SystemRoot\system32\DRIVERS\cdrom.sys
              \SystemRoot\system32\DRIVERS\usbohci.sys
              \SystemRoot\system32\DRIVERS\USBPORT.SYS
              \SystemRoot\system32\DRIVERS\usbehci.sys
              \SystemRoot\system32\DRIVERS\i8042prt.sys
              \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
              \SystemRoot\system32\DRIVERS\kbdclass.sys
              \SystemRoot\system32\DRIVERS\SynTP.sys
              \SystemRoot\system32\DRIVERS\USBD.SYS
              \SystemRoot\system32\DRIVERS\mouclass.sys
              \SystemRoot\system32\DRIVERS\enecir.sys
              \SystemRoot\system32\DRIVERS\Accelerometer.sys
              \SystemRoot\system32\DRIVERS\CmBatt.sys
              \SystemRoot\system32\DRIVERS\wmiacpi.sys
              \SystemRoot\system32\DRIVERS\msiscsi.sys
              \SystemRoot\system32\DRIVERS\TDI.SYS
              \SystemRoot\system32\DRIVERS\rasl2tp.sys
              \SystemRoot\system32\DRIVERS\ndistapi.sys
              \SystemRoot\system32\DRIVERS\ndiswan.sys
              \SystemRoot\system32\DRIVERS\raspppoe.sys
              \SystemRoot\system32\DRIVERS\raspptp.sys
              \SystemRoot\system32\DRIVERS\rassstp.sys
              \SystemRoot\system32\DRIVERS\termdd.sys
              \SystemRoot\system32\DRIVERS\swenum.sys
              \SystemRoot\system32\DRIVERS\ks.sys
              \SystemRoot\system32\DRIVERS\circlass.sys
              \SystemRoot\system32\DRIVERS\mssmbios.sys
              \SystemRoot\system32\DRIVERS\umbus.sys
              \SystemRoot\system32\DRIVERS\usbhub.sys
              \SystemRoot\System32\Drivers\NDProxy.SYS
              \SystemRoot\system32\drivers\HdAudio.sys
              \SystemRoot\system32\drivers\portcls.sys
              \SystemRoot\system32\drivers\drmk.sys
              \SystemRoot\system32\DRIVERS\stwrt.sys
              \SystemRoot\system32\DRIVERS\AGRSM.sys
              \SystemRoot\system32\drivers\modem.sys
              \SystemRoot\system32\DRIVERS\hidir.sys
              \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
              \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
              \SystemRoot\system32\DRIVERS\kbdhid.sys
              \SystemRoot\system32\DRIVERS\mouhid.sys
              \SystemRoot\System32\Drivers\Fs_Rec.SYS
              \SystemRoot\System32\Drivers\Null.SYS
              \SystemRoot\System32\Drivers\Beep.SYS
              \??\C:\Windows\system32\drivers\avgtpx86.sys
              \SystemRoot\System32\drivers\vga.sys
              \SystemRoot\System32\drivers\VIDEOPRT.SYS
              \SystemRoot\System32\DRIVERS\RDPCDD.sys
              \SystemRoot\system32\DRIVERS\usbccgp.sys
              \SystemRoot\System32\Drivers\usbvideo.sys
              \SystemRoot\system32\drivers\rdpencdd.sys
              \SystemRoot\system32\drivers\RTSTOR.SYS
              \SystemRoot\System32\Drivers\Msfs.SYS
              \SystemRoot\System32\Drivers\Npfs.SYS
              \SystemRoot\System32\DRIVERS\rasacd.sys
              \SystemRoot\system32\DRIVERS\tdx.sys
              \SystemRoot\system32\DRIVERS\smb.sys
              \SystemRoot\system32\DRIVERS\avgtdix.sys
              \SystemRoot\System32\DRIVERS\netbt.sys
              \SystemRoot\system32\drivers\afd.sys
              \SystemRoot\system32\drivers\ws2ifsl.sys
              \SystemRoot\system32\DRIVERS\pacer.sys
              \SystemRoot\system32\DRIVERS\netbios.sys
              \SystemRoot\system32\DRIVERS\wanarp.sys
              \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
              \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
              \SystemRoot\system32\DRIVERS\rdbss.sys
              \SystemRoot\system32\drivers\nsiproxy.sys
              \SystemRoot\System32\Drivers\dfsc.sys
              \SystemRoot\system32\DRIVERS\avgldx86.sys
              \SystemRoot\system32\DRIVERS\avgidsshimx.sys
              \SystemRoot\system32\DRIVERS\avgidsdriverx.sys
              \SystemRoot\system32\DRIVERS\avgdiskx.sys
              \SystemRoot\system32\DRIVERS\cdfs.sys
              \SystemRoot\System32\Drivers\crashdmp.sys
              \SystemRoot\System32\Drivers\dump_diskdump.sys
              \SystemRoot\System32\Drivers\dump_ahcix86s.sys
              \SystemRoot\System32\win32k.sys
              \SystemRoot\System32\drivers\Dxapi.sys
              \SystemRoot\system32\DRIVERS\monitor.sys
              \SystemRoot\System32\TSDDD.dll
              \SystemRoot\System32\cdd.dll
              \SystemRoot\system32\drivers\luafv.sys
              \SystemRoot\system32\drivers\WudfPf.sys
              \SystemRoot\system32\drivers\spsys.sys
              \SystemRoot\system32\DRIVERS\lltdio.sys
              \SystemRoot\system32\DRIVERS\nwifi.sys
              \SystemRoot\system32\DRIVERS\ndisuio.sys
              \SystemRoot\system32\DRIVERS\rspndr.sys
              \SystemRoot\system32\drivers\HTTP.sys
              \SystemRoot\System32\DRIVERS\srvnet.sys
              \SystemRoot\system32\DRIVERS\bowser.sys
              \SystemRoot\System32\drivers\mpsdrv.sys
              \SystemRoot\system32\DRIVERS\mrxsmb.sys
              \SystemRoot\system32\DRIVERS\mrxsmb10.sys
              \SystemRoot\system32\DRIVERS\mrxsmb20.sys
              \SystemRoot\System32\DRIVERS\srv2.sys
              \SystemRoot\System32\DRIVERS\srv.sys
              \SystemRoot\system32\drivers\peauth.sys
              \SystemRoot\System32\Drivers\secdrv.SYS
              \SystemRoot\System32\drivers\tcpipreg.sys
              \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
              \WINDOWS\System32\ntdll.dll
              ----------- End -----------
              Done!
              <<<1>>>
              Upper Device Name: \Device\Harddisk0\DR0
              Upper Device Object: 0xffffffff868aa370
              Upper Device Driver Name: \Driver\disk\
              Lower Device Name: \Device\00000090\
              Lower Device Object: 0xffffffff85653890
              Lower Device Driver Name: \Driver\ahcix86s\
              <<<2>>>
              Physical Sector Size: 512
              Drive: 0, DevicePointer: 0xffffffff868aa370, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
              --------- Disk Stack ------
              DevicePointer: 0xffffffff869add18, DeviceName: Unknown, DriverName: \Driver\partmgr\
              DevicePointer: 0xffffffff868aa370, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
              DevicePointer: 0xffffffff868aac48, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
              DevicePointer: 0xffffffff867a7590, DeviceName: Unknown, DriverName: \Driver\Amddfltr\
              DevicePointer: 0xffffffff85653890, DeviceName: \Device\00000090\, DriverName: \Driver\ahcix86s\
              ------------ End ----------
              Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
              Upper DeviceData: 0x0, 0x0, 0x0
              Lower DeviceData: 0x0, 0x0, 0x0
              <<<3>>>
              Volume: C:
              File system type: NTFS
              SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
              <<<2>>>
              <<<3>>>
              Volume: C:
              File system type: NTFS
              SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
              Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
              <<<2>>>
              <<<3>>>
              Volume: C:
              File system type: NTFS
              SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
              Done!
              Drive 0
              Scanning MBR on drive 0...
              Inspecting partition table:
              MBR Signature: 55AA
              Disk Signature: 28C428C3

              Partition information:

                  Partition 0 type is Primary (0x7)
                  Partition is ACTIVE.
                  Partition starts at LBA: 63  Numsec = 467326913
                  Partition file system is NTFS
                  Partition is bootable

                  Partition 1 type is Primary (0x7)
                  Partition is NOT ACTIVE.
                  Partition starts at LBA: 467326976  Numsec = 21063680

                  Partition 2 type is Empty (0x0)
                  Partition is NOT ACTIVE.
                  Partition starts at LBA: 0  Numsec = 0

                  Partition 3 type is Empty (0x0)
                  Partition is NOT ACTIVE.
                  Partition starts at LBA: 0  Numsec = 0

              Disk Size: 250059350016 bytes
              Sector size: 512 bytes

              Scanning physical sectors of unpartitioned space on drive 0 (1-62-488377168-488397168)...
              Done!
              Read File:  File "c:\programdata\avg2014\chjw\84444a7e444a734a.dat:e2615729-56b5-447a-8d9a-630b161e027c" is sparse (flags = 32768)
              Read File: File "c:\windows\system32\config\systemprofile\appdata\local\avg2014\log\avg-c0d15817-367f-4153-9e22-8623c59cf41e.tmp" is compressed (flags = 1)
              Scan finished
              =======================================


              Removal queue found; removal started
              Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
              Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam...
              Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
              Removal finished



              Malwarebytes Anti-Rootkit BETA 1.07.0.1007
              www.malwarebytes.org

              Database version: v2013.11.08.07

              Windows Vista Service Pack 2 x86 NTFS
              Internet Explorer 9.0.8112.16421
              Gab :: GAB-PC [administrator]

              11/8/2013 1:24:11 PM
              mbar-log-2013-11-08 (13-24-11).txt

              Scan type: Quick scan
              Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
              Scan options disabled:
              Objects scanned: 210783
              Time elapsed: 15 minute(s), 38 second(s)

              Memory Processes Detected: 0
              (No malicious items detected)

              Memory Modules Detected: 0
              (No malicious items detected)

              Registry Keys Detected: 0
              (No malicious items detected)

              Registry Values Detected: 0
              (No malicious items detected)

              Registry Data Items Detected: 0
              (No malicious items detected)

              Folders Detected: 0
              (No malicious items detected)

              Files Detected: 0
              (No malicious items detected)

              Physical Sectors Detected: 0
              (No malicious items detected)

              (end)
              Dream untill your dreams come true.

              SuperDave

              • Malware Removal Specialist
              • Moderator


              • Sage
              • Thanked: 847
              • Certifications: List
              • Experience: Expert
              • OS: Windows 8
              Re: X Vidly problems
              « Reply #11 on: November 08, 2013, 06:53:08 PM »
              I'd like to scan your machine with ESET OnlineScan

              •Hold down Control and click on the following link to open ESET OnlineScan in a new window.
              ESET OnlineScan

              •Click the button.
              •For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
              • Click on to download the ESET Smart Installer. Save it to your desktop.
              • Double click on the icon on your desktop.
              •Check
              •Click the button.
              •Accept any security warnings from your browser.
              • Leave the check mark next to Remove found threats.
              •Check
              •Push the Start button.
              •ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
              •When the scan completes, push
              •Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
              •Push the button.
              •Push
              A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
              Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

              MP1975

                Topic Starter


                Apprentice
                Re: X Vidly problems
                « Reply #12 on: November 09, 2013, 08:15:18 AM »
                Dave ,

                I ran eset but at the end there was no export to text file or back, just a finish.

                There were no threats found but not sure where to get you the report.
                There's none on the desk top either.

                Thanks again,
                MP.
                Dream untill your dreams come true.

                SuperDave

                • Malware Removal Specialist
                • Moderator


                • Sage
                • Thanked: 847
                • Certifications: List
                • Experience: Expert
                • OS: Windows 8
                Re: X Vidly problems
                « Reply #13 on: November 09, 2013, 01:28:55 PM »
                Dave ,

                I ran eset but at the end there was no export to text file or back, just a finish.

                There were no threats found but not sure where to get you the report.
                There's none on the desk top either.

                Thanks again,
                MP.

                How's your computer running now? Any other issues before we clean up?
                Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8 with a dual boot to Windows XP  Home with SP3, Avira  with Windows Firewall & Windows Defender

                MP1975

                  Topic Starter


                  Apprentice
                  Re: X Vidly problems
                  « Reply #14 on: November 10, 2013, 07:20:25 AM »
                  Dave ,

                  Again I can't thank you eneough.

                  The computer seems just fine. The only thing that keeps popping up is a CLSched has stopped running message.
                  Otherwise running like a champ.

                  MP.
                  Dream untill your dreams come true.