[SOLVED] Can't run sfc /scannow or do a reinstall of windows 7 pro and more

keeferis · Apr 3, 2014

I tried using sfcfix.exe with the sfcfix.txt, malwarebytes, using Microsoft security essentials, ran registry cleaner and tweaking.com windows all in one repair along with a few Microsoft fix it utility, I did a re register for my DLL files too but still having problems.
Don't be sorry Richard :) I understand that your very busy with every ones problem.
Thanks

Logs pasted:

Results of screen317's Security Check version 0.99.81
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 12.0.0.77
Adobe Reader 10.1.9 Adobe Reader out of Date!
Google Chrome 33.0.1750.152
Google Chrome 33.0.1750.154
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.45.2
Run by Morton at 17:58:58 on 2014-04-03
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3567.2202 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\DllHost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.addictinggames.com/
uSearch Bar = Preserve
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
uURLSearchHooks: Vuze Remote Toolbar: {05478A66-EDB6-4A22-A870-A5987F80A7DA} - c:\program files\vuze remote toolbar\ie\8.9\vuzeToolbarIE.dll
uURLSearchHooks: <No Name>: {0696f815-a3a9-490a-bb14-9ec3350b1276} - c:\program files\televisionfanatic\bar\1.bin\64SrcAs.dll
mURLSearchHooks: VisualBee V.1 Toolbar: {7aeae561-714b-45f6-ace3-4a8aed6e227b} - c:\program files\visualbee_v.1\prxtbVisu.dll
BHO: Vuze Remote Toolbar: {05478A66-EDB6-4A22-A870-A5987F80A7DA} - c:\program files\vuze remote toolbar\ie\8.9\vuzeToolbarIE.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Search Assistant BHO: {5d79f641-c168-40df-a32f-bacea7509e75} - c:\program files\televisionfanatic\bar\1.bin\64SrcAs.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: VisualBee V.1 Toolbar: {7aeae561-714b-45f6-ace3-4a8aed6e227b} - c:\program files\visualbee_v.1\prxtbVisu.dll
BHO: Toolbar BHO: {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - c:\program files\televisionfanatic\bar\1.bin\64bar.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.3.132.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: VisualBee V.1 Toolbar: {7AEAE561-714B-45F6-ACE3-4A8AED6E227B} - c:\program files\visualbee_v.1\prxtbVisu.dll
TB: TelevisionFanatic: {C98D5B61-B0EA-4D48-9839-1079D352D880} - c:\program files\televisionfanatic\bar\1.bin\64bar.dll
TB: VisualBee V.1 Toolbar: {7aeae561-714b-45f6-ace3-4a8aed6e227b} - c:\program files\visualbee_v.1\prxtbVisu.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} - c:\program files\televisionfanatic\bar\1.bin\64bar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\microsoft\bingbar\7.3.132.0\BingExt.dll
TB: Vuze Remote Toolbar: {05478A66-EDB6-4A22-A870-A5987F80A7DA} - c:\program files\vuze remote toolbar\ie\8.9\vuzeToolbarIE.dll
uRun: [HP Officejet Pro 8600 (NET)] "c:\program files\hp\hp officejet pro 8600\bin\ScanToPCActivationApp.exe" -deviceID "CN3B5E4H4X05KF:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\morton\appdata\roaming\micros~1\windows\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smart print 2.0\smartprintsetup.exe
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.1.0.0/GarminAxControl_32.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {42D683F7-9C1B-11D7-A860-005056C00001} - hxxp://207.236.74.46/client/TPClientInstall/english/TPRDPenN.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
TCP: NameServer = 64.71.255.204 64.71.255.198
TCP: Interfaces\{9155B386-C532-4E71-BC58-8C5647930CC0} : DHCPNameServer = 64.71.255.204 64.71.255.198
TCP: Interfaces\{C06AF652-9F10-4A2A-B815-B4840516065F} : DHCPNameServer = 64.71.255.198
Handler: intu-tt2012 - {02F985EF-502B-4597-993F-6BF9E004C138} - c:\program files\turbotax 2012\ic2012pp.dll
Handler: intu-tt2013 - {9FF5EC07-1645-43BF-828F-C73CFA7BC1AF} - c:\program files\turbotax 2013\ic2013pp.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.154\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2014-1-25 231960]
R1 MpKslb24d85e6;MpKslb24d85e6;c:\programdata\microsoft\microsoft antimalware\definition updates\{e6cf53c8-2487-4bc3-952e-fb13c8e46218}\MpKslb24d85e6.sys [2014-4-3 39464]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-3-25 1809720]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-3-25 857912]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-12-9 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-3-25 107736]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-3-25 51416]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\microsoft\bingdesktop\BingDesktopUpdater.exe [2013-6-27 173192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2014-2-13 88576]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-11 62464]
S3 HPOGEO;HPOGEO;c:\users\morton\appdata\local\temp\HPOGEO.exe [2014-3-24 535424]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-2-12 108032]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 104264]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2014-3-11 279776]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-10-4 14848]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2014-2-13 184192]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2013-1-20 37064]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-10-4 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-10-4 27136]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-3-31 1343400]
S4 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2014-3-17 807800]
S4 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-3-4 424280]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-8-14 39056]
S4 TelevisionFanaticService;TelevisionFanaticService;c:\progra~1\televi~2\bar\1.bin\64barsvc.exe [2013-12-10 88648]
S4 tor;Tor Win32 Service;c:\program files\tor\tor.exe [2013-8-23 3233806]
S4 YouTubeDownloaderConverter;YouTubeDownloaderConverter;c:\users\morton\appdata\roaming\gvu technologies\youtubedownloaderconverter\CertifiedBrowserService.exe [2013-7-2 104448]
.
=============== Created Last 30 ================
.
2014-04-03 21:40:23 62576 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e6cf53c8-2487-4bc3-952e-fb13c8e46218}\offreg.dll
2014-04-03 20:29:39 39464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e6cf53c8-2487-4bc3-952e-fb13c8e46218}\MpKslb24d85e6.sys
2014-04-03 03:32:03 7969936 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e6cf53c8-2487-4bc3-952e-fb13c8e46218}\mpengine.dll
2014-04-03 02:28:42 1094074 ----a-w- C:\re-regdll.bat
2014-04-03 02:27:40 1094074 ----a-w- c:\windows\re-regdll.bat
2014-04-02 03:18:06 -------- d-----w- C:\$WINDOWS.~LS
2014-04-02 03:15:58 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{12e3d2c2-f3a5-4080-aaaf-19cede7409c2}\gapaengine.dll
2014-04-02 03:14:54 7969936 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-04-02 03:12:30 -------- d-----w- C:\$UPGRADE.~OS
2014-04-02 03:11:05 -------- d-----w- C:\$WINDOWS.~BT
2014-04-02 02:58:56 -------- d-----w- c:\windows\system32\catroot2
2014-04-02 02:47:50 -------- d-----w- c:\windows\system32\wbem\repository
2014-04-02 02:29:40 -------- d-----w- C:\RegBackup
2014-04-02 02:22:29 -------- d-----w- c:\program files\Tweaking.com
2014-04-01 02:47:28 -------- d-----w- c:\program files\Application Updater
2014-04-01 02:47:26 -------- d-----w- c:\program files\Vuze Remote Toolbar
2014-03-29 21:30:43 -------- d-----w- c:\program files\Registry Recycler
2014-03-26 15:37:30 -------- d-----w- c:\program files\Garmin GPS Plugin
2014-03-25 13:30:39 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-03-25 13:30:39 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-03-25 13:29:19 107736 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-03-25 13:26:30 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-03-23 05:52:04 -------- d-----w- c:\program files\InstallConverter bundle uninstaller
2014-03-23 05:36:16 -------- d-----w- c:\users\morton\appdata\roaming\SpeedMaxPc
2014-03-23 05:36:16 -------- d-----w- c:\users\morton\appdata\roaming\DriverCure
2014-03-23 05:35:58 -------- d-----w- c:\programdata\SpeedMaxPc
2014-03-23 02:57:06 -------- d-----w- C:\SFCFix
2014-03-22 22:30:33 -------- d-----w- c:\users\morton\appdata\local\niemiro
2014-03-18 13:03:13 -------- d-----w- c:\programdata\ErrorEND
2014-03-18 13:03:05 -------- d-----w- c:\program files\ErrorEND
2014-03-17 13:39:32 -------- d-----w- c:\program files\CCleaner
2014-03-16 04:09:52 580712 ----a-w- c:\windows\system32\HPDiscoPM5912.dll
2014-03-16 03:56:15 -------- d-----w- c:\windows\Hewlett-Packard
2014-03-14 02:46:10 -------- d-----w- c:\program files\Readiris Pro 12
2014-03-14 02:06:29 -------- d-----w- c:\users\morton\appdata\roaming\Visan
2014-03-14 02:06:03 -------- d-----w- c:\programdata\Visan
2014-03-14 02:06:03 -------- d-----w- c:\programdata\HP Photo Creations
2014-03-14 02:06:03 -------- d-----w- c:\program files\HP Photo Creations
2014-03-14 01:19:29 -------- d-----w- c:\users\morton\appdata\roaming\HpUpdate
2014-03-14 01:14:57 -------- d-----w- c:\users\morton\appdata\local\HP
2014-03-10 21:34:30 -------- d-----w- c:\program files\iPod
2014-03-10 21:34:29 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-10 21:34:29 -------- d-----w- c:\program files\iTunes
2014-03-10 21:31:02 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-03-10 21:31:02 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-03-10 21:31:02 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-03-10 21:31:02 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-03-10 21:31:02 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2014-03-08 15:19:42 -------- d-----w- c:\users\morton\appdata\roaming\OpenOffice
2014-03-08 15:18:34 -------- d-----w- c:\program files\OpenOffice 4
.
==================== Find3M ====================
.
2014-03-31 03:23:12 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-31 03:23:11 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 13:52:30 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-05 13:26:02 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-07 21:33:14 4659712 ----a-w- c:\windows\system32\Redemption.dll
2014-02-06 10:20:26 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-02-06 10:19:55 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-02-06 10:01:36 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-02-06 09:47:22 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-02-06 09:47:18 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-02-06 09:46:27 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-02-06 09:09:30 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-01-25 05:19:42 231960 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2014-01-23 03:21:04 88576 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2014-01-23 03:21:04 184192 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-17 20:24:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2014-01-17 20:24:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-12-10 13:11:08 4188160 ----a-w- c:\program files\GUT50C6.tmp
.
============= FINISH: 17:59:30.00 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/4/2013 11:07:40 AM
System Uptime: 4/3/2014 4:28:50 PM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 0A58h
Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz | XU1 PROCESSOR | 1867/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 784.628 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 466 GiB total, 220.95 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&2BA5FD09&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&2BA5FD09&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP127: 3/28/2014 8:35:12 AM - Windows Update
RP128: 3/28/2014 8:42:35 AM - Windows Update
RP129: 3/28/2014 9:05:02 AM - Windows Update
RP130: 3/28/2014 9:13:00 AM - Windows Update
RP131: 3/29/2014 12:56:22 AM - Windows Update
RP132: 3/29/2014 5:46:20 PM - Windows Update
RP133: 3/29/2014 5:55:17 PM - Windows Update
RP134: 3/30/2014 1:52:05 AM - Windows Update
RP135: 3/30/2014 2:19:28 AM - Windows Update
RP136: 3/30/2014 6:11:58 PM - Windows Update
RP137: 3/30/2014 6:38:18 PM - Windows Update
RP138: 3/30/2014 7:06:53 PM - Windows Update
RP139: 3/31/2014 3:00:20 AM - Windows Update
RP140: 3/31/2014 11:14:53 PM - Windows Update
RP142: 4/1/2014 10:29:30 PM - Tweaking.com - Windows Repair
.
==== Installed Programs ======================
.
"Nero SoundTrax Help
µTorrent
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Photoshop 7.0
Adobe Reader X (10.1.9)
Advertising Center
ANT Drivers Installer x86
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ashampoo Burning Studio 10.0.1
ATI Catalyst Install Manager
Bing Bar
Bing Desktop
Bonjour
CameraHelperMsi
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Coby Media Manager
Compatibility Pack for the 2007 Office system
DivX Setup
DolbyFiles
DVD Shrink 3.2
DVD Shrink version 4.1
DVDFab 8.0.6.1 (18/12/2010)
DVDFab 9.0.4.0 (15/05/2013)
Elevated Installer
erLT
ffdshow v1.2.4422 [2012-04-09]
Free Opener
FrostWire 5.6.8
Garmin Communicator Plugin
Garmin Express
Garmin Express Tray
Garmin USB Drivers
Garmin VoiceStudio v2.40
Google Chrome
Google Update Helper
HP Officejet Pro 8600 Basic Device Software
HP Officejet Pro 8600 Help
HP Officejet Pro 8600 Product Improvement Study
HP Photo Creations
HP Product Detection
HP Update
HPDiagnosticCoreDll
I.R.I.S. OCR
iCloud
ImagXpress
InstallConverter bundle uninstaller
InstallIQ Updater
Intel(R) Active Management Technology Device Software
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Interface
iTunes
Java 7 Update 45
Java Auto Updater
K-Lite Codec Pack 7.0.0 (Standard)
LG USB Modem driver
LightScribe System Software
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Magic ISO Maker v5.5 (build 0281)
MagniPic
Malwarebytes Anti-Malware version 2.00.0.1000
Memorex exPressit Label Design Studio
Menu Templates - Starter Kit
Microsoft .NET Framework 4.5.1
Microsoft Office Access database engine 2007 (English)
Microsoft Office XP Media Content
Microsoft Office XP Professional
Microsoft Publisher 2002
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Streets & Trips 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
mIRC
Movie Templates - Starter Kit
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Installer
Nero Live
Nero Live Help
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
OpenOffice 4.0.1
PowerISO
PrivitizeVPN
QuickTime 7
Readiris Pro 12
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
Realtek High Definition Audio Driver
RealUpgrade 1.1
RegCross
Registry Recycler
ROBLOX Player for Morton
Safari
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Skins
SoundTrax
System Requirements Lab for Intel
TelevisionFanatic Internet Explorer Toolbar
The Weather Network
TurboTax 2012
TurboTax 2013
Tweaking.com - Windows Repair (All in One)
Uninstall Twain Driver
VC80CRTRedist - 8.0.50727.6195
VisualBee V.1 Toolbar
VLC media player 2.1.1
Vuze
Vuze Remote Toolbar v8.9
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
WinRAR archiver
WxDownload Expansion
wxDownload Fast 0.6.0
XBMC
Xerox WorkCentre M15 Series driver
YouTubeDownloaderConverter
.
==== Event Viewer Messages From Past Week ========
.
4/3/2014 4:29:50 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
4/3/2014 4:29:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Bing Desktop Update service service to connect.
4/3/2014 4:29:15 PM, Error: Service Control Manager [7023] - The Offline Files service terminated with the following error: The system cannot find the path specified.
4/2/2014 6:23:28 AM, Error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).
4/2/2014 6:23:15 AM, Error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: Access is denied.
4/2/2014 11:15:37 PM, Error: cdrom [15] - The device, \Device\CdRom0, is not ready for access yet.
4/2/2014 11:15:37 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort1.
4/2/2014 11:02:53 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
4/1/2014 11:25:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
4/1/2014 11:25:40 PM, Error: Service Control Manager [7000] - The Garmin Core Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/1/2014 10:24:27 PM, Error: volsnap [28] - The shadow copy of volume \\?\Volume{7c0cd213-7ba9-11e1-a338-806e6f6e6963} could not be created due to a failure in creating the necessary on disk structures.
3/31/2014 11:15:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 7 (KB2882822).
3/31/2014 11:15:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 (KB2872339).
3/31/2014 11:15:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 (KB2859537).
3/31/2014 11:15:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 (KB2676562).
3/30/2014 8:08:06 PM, Error: Schannel [36888] - The following fatal alert was generated: 43. The internal error state is 252.
3/29/2014 6:03:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7.
.
==== End Of File ===========================

Corrine · Apr 3, 2014

Hi, keeferis.

We will do our best to assist you. However, in order to do so, please follow all instructions provided in the sequence given. Do not install/re-install any programs or run any fixes or scanners that you have not been instructed to use. This may cause conflicts with the tools being used in the cleanup process.

If you have questions regarding any of the instructions or problems running any tools, please let us know.

1. Before making changes to your computer, whether installing software or cleaning, it is always advisable to create a fresh System Restore point. To create a restore point, do the following:

Click the Start button > right-click Computer > click Properties.
In the left pane, click System protection. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
Click the System Protection tab, and then click Create.
In the System Protection dialog box, type a description, and then click Create.
Wait until the message appears that it is completed and then click close.

2. P2P programs form a direct conduit on to your computer. They have always been a target of malware writers. P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.

With P2P file sharing, what means do you have of identifying or authenticating the source of the download? In addition, a file can be distributed among many hosts, and peers will provide for download the sections that they have already downloaded. This results in the distinct possibility of a distribution method in which malicious bits are mixed with with good files.

Considering the above, I strongly advise you to uninstall uTorrent and Vuze.

3. Update Vulnerable Programs:

-- Please update Oracle Java to the current version: Java Version 7 Update 51 (Note: The next critical security update for Java is scheduled for 15 April 2014 so plan on updating it again then!)

-- Please update Adobe Reader to the current version: Adobe Reader XI (11.0.06) for Windows is available here: Adobe - Adobe Reader : For Windows.

Note: With both Oracle Java and Adobe Reader, uncheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

4. Please download Junkware Removal Tool to your desktop. <--Note: The provided link is a direct download link. Please save it to your desktop!

Close all open programs and internet browsers.
Run the tool by double-clicking it. Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

5. Please download Adware Cleaner by Xplode to your Desktop. <--Note: The provided link is a direct download link. Please save it to your desktop!

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool. Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
Click the Scan button and wait for the process to complete.
Click the Report button and the report will open in Notepad.

IMPORTANT

If you click the Clean button all items listed in the report will be removed.

If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Check off the element(s) you wish to keep.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished.
Please post the content of that log file with your next answer.
You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).

6. Please do a Threat Scan with Malwarebytes.

Launch Malwarebytes and on the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.
After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

keeferis · Apr 3, 2014

here is what I got from all the scans and I sure hope this helps.
Thanks again for helping me

Adding logs:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x86
Ran by Morton on Thu 04/03/2014 at 22:59:22.35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] application updater
Successfully deleted: [Service] application updater
Successfully stopped: [Service] televisionfanaticservice
Successfully deleted: [Service] televisionfanaticservice

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\privitizevpninstalldates
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\visualbee
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricsing
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\application updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\visualbee
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3284024
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211391186}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211391186}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211391186}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7aeae561-714b-45f6-ace3-4a8aed6e227b}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7aeae561-714b-45f6-ace3-4a8aed6e227b}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\DealPly
Successfully deleted: [File] C:\Windows\System32\Tasks\epupdater
Successfully deleted: [File] C:\Windows\System32\Tasks\goforfilesupdate
Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\clsoft ltd"
Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\ProgramData\continuetosave"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\rightclick"
Successfully deleted: [Folder] "C:\ProgramData\speedmaxpc"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\visualbee"
Successfully deleted: [Folder] "C:\ProgramData\w3i"
Successfully deleted: [Folder] "C:\ProgramData\wxdownload"
Successfully deleted: [Folder] "C:\Users\Morton\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Morton\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Morton\AppData\Roaming\speedmaxpc"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\local\mobogenie"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\local\televisionfanatic"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\local\webplayer"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\locallow\continuetosave"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\locallow\iac"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\locallow\televisionfanatic"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\locallow\visualbee_v.1"
Successfully deleted: [Folder] "C:\Users\Morton\appdata\locallow\wxdownload"
Successfully deleted: [Folder] "C:\Program Files\amiext"
Successfully deleted: [Folder] "C:\Program Files\application updater"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\delta"
Successfully deleted: [Folder] "C:\Program Files\domaiq uninstaller"
Successfully deleted: [Folder] "C:\Program Files\free offers from freeze.com"
Successfully deleted: [Folder] "C:\Program Files\iminent"
Successfully deleted: [Folder] "C:\Program Files\magnipic"
Successfully deleted: [Folder] "C:\Program Files\mobogenie"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Folder] "C:\Program Files\televisionfanatic"
Successfully deleted: [Folder] "C:\Program Files\visualbee_v.1"
Successfully deleted: [Folder] "C:\Program Files\vuze remote toolbar"
Successfully deleted: [Folder] "C:\Program Files\w3i"
Successfully deleted: [Folder] "C:\Program Files\wxdownload"
Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot"
Successfully deleted: [Folder] "C:\Users\Morton\AppData\Roaming\microsoft\windows\start menu\programs\torntv.com"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Folder] "C:\Users\Morton\documents\optimizer pro"

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Morton\appdata\local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 04/03/2014 at 23:03:18.56
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.023 - Report created 03/04/2014 at 23:07:44
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Morton - MORTON-PC
# Running from : C:\Users\Morton\Desktop\1 help\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Registry Helper
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\MMAAgneiiPicc
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MMAAgneiiPicc
Folder Deleted : C:\Program Files\AskTBar
Folder Deleted : C:\Program Files\Movie2KDownloader.com
Folder Deleted : C:\Program Files\Registry Dr
Folder Deleted : C:\Program Files\Vuze
Folder Deleted : C:\Users\Morton\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Morton\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Morton\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\Morton\AppData\Local\RegistryDr
Folder Deleted : C:\Users\Morton\AppData\Local\Savings Vault
Folder Deleted : C:\Users\Morton\AppData\LocalLow\Hotspot_Shield
Folder Deleted : C:\Users\Morton\AppData\LocalLow\MMAAgneiiPicc
Folder Deleted : C:\Users\Morton\Documents\Mobogenie
Folder Deleted : C:\Users\Morton\Documents\RegistryDr
Folder Deleted : C:\Users\Morton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Folder Deleted : C:\Users\Morton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoealncnigkgnfjlfakeadlamcmldmka
Folder Deleted : C:\Users\Morton\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle
File Deleted : C:\Users\Morton\AppData\Roaming\BabMaint.exe
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\nationzoom.xml
File Deleted : C:\Users\Morton\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
File Deleted : C:\Users\Morton\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter bundle uninstaller\InstallConverter bundle uninstaller.lnk
Shortcut Disinfected : C:\Users\Morton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Morton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Morton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Deleted : HKCU\Software\Google\Chrome\Extensions\hoealncnigkgnfjlfakeadlamcmldmka
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hoealncnigkgnfjlfakeadlamcmldmka
Key Deleted : HKCU\Software\Google\Chrome\Extensions\oajgghejjpgkmpgbchgjieahoefimdle
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oajgghejjpgkmpgbchgjieahoefimdle
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{15F53574-C50B-4282-8A30-BB7B433ECD7A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15F53574-C50B-4282-8A30-BB7B433ECD7A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59AF552E-71D3-4DBA-86B2-EA39A321FAF2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{170CB207-0394-4E9E-B27C-2E155E99E2AA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59AF552E-71D3-4DBA-86B2-EA39A321FAF2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{170CB207-0394-4E9E-B27C-2E155E99E2AA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71CCA234-61F1-4729-BF22-CFB6FC6702AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71CCA234-61F1-4729-BF22-CFB6FC6702AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{934A25C4-BF81-4D87-8457-D18F69F5566C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{934A25C4-BF81-4D87-8457-D18F69F5566C}
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IminentMessenger
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtectAll
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_1d79ba3d
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_d8283021
Key Deleted : HKCU\Software\a55d7d9e73dba17
Key Deleted : HKLM\SOFTWARE\a55d7d9e73dba17
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C98D5B61-B0EA-4D48-9839-1079D352D880}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F02C0832-C85C-4B93-8C6F-9DF20121A10D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C9A7C20-9BA2-4A58-9317-B3244A359207}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C98D5B61-B0EA-4D48-9839-1079D352D880}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEAE561-714B-45F6-ACE3-4A8AED6E227B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C98D5B61-B0EA-4D48-9839-1079D352D880}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AEAE561-714B-45F6-ACE3-4A8AED6E227B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F02C0832-C85C-4B93-8C6F-9DF20121A10D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5C9A7C20-9BA2-4A58-9317-B3244A359207}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5398C42-AA3E-4A47-893C-D36BB8283399}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EE96076-0FEA-42F8-BE43-5DF9AD36F675}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{05478A66-EDB6-4A22-A870-A5987F80A7DA}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C98D5B61-B0EA-4D48-9839-1079D352D880}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AEAE561-714B-45F6-ACE3-4A8AED6E227B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C98D5B61-B0EA-4D48-9839-1079D352D880}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7AEAE561-714B-45F6-ACE3-4A8AED6E227B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{05478A66-EDB6-4A22-A870-A5987F80A7DA}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0696F815-A3A9-490A-BB14-9EC3350B1276}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7AEAE561-714B-45F6-ACE3-4A8AED6E227B}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\SpeedMaxPC
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Hotspot_Shield
Key Deleted : HKCU\Software\AppDataLow\Software\TelevisionFanatic
Key Deleted : HKCU\Software\AppDataLow\Software\VisualBee_V.1
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AskTBar
Key Deleted : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SpeedMaxPC
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\TelevisionFanatic
Key Deleted : HKLM\Software\VisualBee_V.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VisualBee_V.1 Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

-\\ Mozilla Firefox v

[ File : C:\Users\Morton\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

[ File : C:\Users\Morton\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Morton\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [17581 octets] - [03/04/2014 23:04:48]
AdwCleaner[S0].txt - [17055 octets] - [03/04/2014 23:07:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17116 octets] ##########

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 4/3/2014
Scan Time: 11:40:23 PM
Logfile:
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.04.03.11
Rootkit Database: v2014.03.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Morton

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 239216
Time Elapsed: 25 min, 17 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.MixiDJ.A, C:\Users\Morton\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle, No Action By User, [34c3e2431a612016fd643226c0429868],

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

Corrine · Apr 4, 2014

Hi, keeferis.

I edited your post to paste the logs for easier review. Let's see what an online scan shows. Note that it may take some time to complete.

Please go here to run an on-line scan from ESET.

Note: It is easiest if you use Internet explorer for this scan. (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)
Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
Copy and paste that log as a reply to this topic.

keeferis · Apr 5, 2014

wow over 9 hours and the log file is so small, it found 59 threats.
Hope this helps you, at the end it asked if I wanted to remove the files and I said no, hope that was the right choice.
Thanks again for helping me with this.

Corrine · Apr 5, 2014

This is all that was in the log:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

keeferis · Apr 7, 2014

that's what I found weird after 9 hours but that's all there was in that location C:\Program Files\Eset\Eset Online Scanner\log.txt
I let the program finish and that's all I got was that.
Do I try running it again?
It did find 59 threats and I tried to run sfc /scannow and my printer but it's still not working

Corrine · Apr 7, 2014

I don't expect that removing malware will make a difference for your printer. In addition, registry cleaner (RegCross, Registry Recycler) tend to do more damage than good. Windows is a closed source system. Developers of registry cleaners do not have the core code of Windows 7 and Windows 8 and are not working on definitive information, but rather they are going on past knowledge and experience. Automatic cleaners will usually have to do some guesswork. Modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. No registry cleaner is completely safe and the potential is ever present to cause more problems than they claim to fix.

However, I suspect that much of what ESET found was in the AdwCleaner quarantine. Let's uninstall AdwCleaner first.

Double-click on AdwCleaner.exe to run the tool again.

Click on the Uninstall button.
Click Yes when asked are you sure you want to uninstall.
Both AdwCleaner.exe, its folder and all logs will be removed.

Now scan with ESET again, this time checking the option "Remove found threats". In the event the log is not complete again, please try to take a screen capture of what is found by ESET.

keeferis · Apr 8, 2014

The log file was the same as before but it gave me an option to export the file that I have attached, hope this helps.
thanks again

Edit to paste log:

C:\Users\Morton\AppData\Local\Temp\is-A3SGA.tmp\OptProCrash.dll a variant of Win32/SProtector.E potentially unwanted application deleted - quarantined
C:\Users\Morton\AppData\Local\Temp\is-BPF98.tmp\OptProCrash.dll a variant of Win32/SProtector.E potentially unwanted application deleted - quarantined
C:\Users\Morton\AppData\Local\Temp\is2118366767\2885485_stp\Mobogenie_Setup_2.1.25_501.exe Win32/Mobogenie.B potentially unwanted application deleted - quarantined
C:\Users\Morton\AppData\Local\Temp\{18409EAE-B481-4038-AA97-2B9CB0948FCD}\setup.exe multiple threats cleaned by deleting - quarantined
C:\Users\Morton\AppData\Local\Temp\{53D47CB7-4387-45F7-985E-6B3D033C8B9D}\setup.exe multiple threats cleaned by deleting - quarantined
C:\Users\Morton\AppData\Local\Temp\{575206B9-8771-47E8-84E3-B9F81F08E21D}\setup.exe multiple threats cleaned by deleting - quarantined
C:\Users\Morton\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\31b47ed1-5c05d81b a variant of Java/Exploit.Agent.OBF trojan cleaned by deleting - quarantined
C:\Users\Morton\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\741659f7-7cd5e868 a variant of Java/Exploit.Agent.PQI trojan cleaned by deleting - quarantined
C:\Users\Morton\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\76c240f7-2d1b9f7a a variant of Java/Exploit.Agent.OLZ trojan cleaned by deleting - quarantined
C:\Users\Morton\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\63955afc-659fb5eb multiple threats cleaned by deleting - quarantined
C:\Users\Morton\Desktop\old mirc\Ashampoo.Burning.Studio.10.v10.0.1-TE\Ashampoo.Burning.Studio.10.v10.0.1-TE\Ashampoo.Burning.Studio.10.v10.0\tabs101\ashampoo_burning_studio_10_10.0.1_sm.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\Users\Morton\Desktop\songs\Windows 7 Ultimate 32-bit Original iso Team Rjaa\run-setup.exe NSIS/TrojanDownloader.Adload.I trojan cleaned by deleting - quarantined
C:\Users\Morton\Desktop\songs\Windows 7 Ultimate 32-bit Original iso Team Rjaa\Windows 7 Ultimate 32-bit Original iso Team Rjaa-setup.exe NSIS/TrojanDownloader.Adload.I trojan deleted - quarantined
C:\Users\Morton\Desktop\songs\Windows 7 Ultimate 32-bit Original iso Team Rjaa\Windows 7 Ultimate 32-bit Original iso Team Rjaa-setup\run-setup.exe NSIS/TrojanDownloader.Adload.I trojan cleaned by deleting - quarantined
C:\Users\Morton\Desktop\win7\DownloadSetup.exe Win32/InstalleRex.E potentially unwanted application deleted - quarantined
C:\Users\Morton\Desktop\win7\setup.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Morton\Desktop\win7\Windows 7 Activation.exe Win32/InstalleRex.E potentially unwanted application deleted - quarantined
C:\Users\Morton\Desktop\win7\windows 7 64bit\cbsidlm-tr1_10a-MagicISO_Maker-ORG-10191803.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
C:\Users\Morton\Downloads\cbsidlm-cbsi5_3_0_96-Pazera_Free_MKV_to_AVI_Converter-ORG-75450258.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\Morton\Downloads\cpu-z_1.62-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Users\Morton\Downloads\DownloadSetup.exe Win32/InstallMate.A potentially unwanted application deleted - quarantined
C:\Users\Morton\Downloads\SaveAs.exe Win32/InstalleRex.E potentially unwanted application deleted - quarantined
C:\Users\Morton\Downloads\setup (1).exe multiple threats cleaned by deleting - quarantined
C:\Users\Morton\Downloads\setup (2).exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Morton\Downloads\setup.exe Win32/InstalleRex.E potentially unwanted application deleted - quarantined
C:\Users\Morton\Downloads\Windows 7 Activation (1).exe Win32/InstalleRex.E potentially unwanted application deleted - quarantined
C:\Users\Morton\Downloads\Windows 7 Activation.exe Win32/InstalleRex.E potentially unwanted application deleted - quarantined
C:\Users\Morton\Downloads\Falco Registry Doctor computer program for PC free download new 2012\Falco Registry Doctor computer program for PC .exe Win32/InstallMonetizer.AN potentially unwanted application deleted - quarantined
C:\Windows\Installer\fc86e1.msi a variant of Win64/Toolbar.Widgi.A potentially unwanted application deleted - quarantined
C:\Windows\Temp\vuzeToolbar.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined

Corrine · Apr 8, 2014

Please download CKScanner from here: http://downloads.malwareremoval.com/CKScanner.exe

Important: Save it to your desktop.

Double-click CKScanner.exe (Right-click and select "Run as administrator" in Windows Vista/Windows 7).
Give permission if necessary, and click Search For Files.
After a very short time, when the cursor hour glass disappears, click Save List To File.
A message box will verify the file saved. Please run the program once only.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

keeferis · Apr 8, 2014

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\users\morton\appdata\roaming\apple computer\logs\crashreporter\mobiledevice\keith morton\crackle_2012-08-20-173519_keith-morton.crash
c:\users\morton\appdata\roaming\apple computer\logs\crashreporter\mobiledevice\keith morton\crackle_2012-08-25-040246_keith-morton.crash
c:\users\morton\appdata\roaming\apple computer\logs\crashreporter\mobiledevice\keith morton\retired\crackle_2012-11-02-235650_keith-morton.crash
c:\users\morton\appdata\roaming\apple computer\logs\crashreporter\mobiledevice\keith morton\retired\crackle_2012-11-03-004545_keith-morton.crash
c:\users\morton\desktop\old mirc\microsoft.streets.and.trips.2010-zwtiso\mirc.v6.35.incl.keygen.and.server.patch-f4cg\mirc.v6.35.incl.keygen.and.server.patch-f4cg\.date
c:\users\morton\desktop\old mirc\microsoft.streets.and.trips.2010-zwtiso\mirc.v6.35.incl.keygen.and.server.patch-f4cg\mirc.v6.35.incl.keygen.and.server.patch-f4cg\.message
c:\users\morton\desktop\old mirc\microsoft.streets.and.trips.2010-zwtiso\mirc.v6.35.incl.keygen.and.server.patch-f4cg\mirc.v6.35.incl.keygen.and.server.patch-f4cg\f4cg.nfo
c:\users\morton\desktop\old mirc\microsoft.streets.and.trips.2010-zwtiso\mirc.v6.35.incl.keygen.and.server.patch-f4cg\mirc.v6.35.incl.keygen.and.server.patch-f4cg\file_id.diz
c:\users\morton\desktop\old mirc\microsoft.streets.and.trips.2010-zwtiso\mirc.v6.35.incl.keygen.and.server.patch-f4cg\mirc.v6.35.incl.keygen.and.server.patch-f4cg\f4128901\f4cg.nfo
c:\users\morton\desktop\old mirc\microsoft.streets.and.trips.2010-zwtiso\mirc.v6.35.incl.keygen.and.server.patch-f4cg\mirc.v6.35.incl.keygen.and.server.patch-f4cg\f4128901\file_id.diz
c:\users\morton\desktop\old mirc\poweriso.v4.6.winall.incl.keygen-crd\new folder\setup\poweriso46.exe
c:\users\morton\desktop\old mirc\poweriso.v4.6.winall.incl.keygen-crd\poweriso.v4.6.winall.incl.keygen-crd\crude.nfo
c:\users\morton\desktop\old mirc\poweriso.v4.6.winall.incl.keygen-crd\poweriso.v4.6.winall.incl.keygen-crd\cxa1979a\crude.nfo
c:\users\morton\desktop\old mirc\poweriso.v4.6.winall.incl.keygen-crd\poweriso.v4.6.winall.incl.keygen-crd\cxa1979a\file_id.diz
c:\users\morton\desktop\old mirc\poweriso.v4.6.winall.incl.keygen-crd\poweriso.v4.6.winall.incl.keygen-crd\cxa1979a\cxa1979a\thumbs.db
c:\users\morton\desktop\old mirc\poweriso.v4.6.winall.incl.keygen-crd\poweriso.v4.6.winall.incl.keygen-crd\cxa1979a\cxa1979a\setup\poweriso46.exe
c:\users\morton\favorites\links\crackle.url
c:\users\morton\favorites\packetnews\cracks, hacks, cheats, keygens amd more!.url
c:\users\morton\favorites\ps3 hackes\ps3 hacks – hacks, cracks, mods, homebrew, utilities. hack sony play station portable.url
c:\users\morton\music\itunes\itunes media\mobile applications\crackle 3.0.3.ipa
scanner sequence 3.KI.11.FHAPJZ
----- EOF -----

Corrine · Apr 8, 2014

Thank you. Next, please download MGADiag and save it to your desktop.

Double click MGADiag.
Click Continue
Click Copy
Go to Start -> Run and type in "Notepad"
Go to Edit -> Paste in notepad.
Copy and paste that log here.

keeferis · Apr 8, 2014

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-xxxxx-xxxxx-xxxxx
Windows Product Key Hash: rWTb5ypP9nZtQ/nSq/63cGqfB8M=
Windows Product ID: 00371-OEM-9045073-30624
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 6.1.7601.2.00010100.1.0.048
ID: {3657416D-A77F-4FA4-8191-36A55BCC5B5A}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Professional
Architecture: 0x00000000
Build lab: 7601.win7sp1_gdr.130828-1532
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 101 Not Activated
Microsoft Office XP Professional - 101 Not Activated
Microsoft Publisher 2002 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_3E121E02-385-80004005_3E121E02-452-80004005_3E121E02-312-80004005_3E121E02-372-80004005_3E121E02-452-80004005_3E121E02-312-80004005
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{3657416D-A77F-4FA4-8191-36A55BCC5B5A}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-T34B4</PKey><PID>00371-OEM-9045073-30624</PID><PIDType>3</PIDType><SID>S-1-5-21-3352881120-5574024-2831554686</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP Compaq dc7700p Convertible Minitower</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>786E1 v02.10</Version><SMBIOSVersion major="2" minor="4"/><Date>20070413000000.000000+000</Date></BIOS><HWID>D2B93607018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-BPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>101</Result><Products><Product GUID="{91110409-6000-11D3-8CFE-0050048383C9}"><LegitResult>101</LegitResult><Name>Microsoft Office XP Professional</Name><Ver>10</Ver><Val>168826EF730A60</Val><Hash>egcHBa4/TlyijBFNdss1dERQuCA=</Hash><Pid>54186-OEM-1793492-05136</Pid><PidType>4</PidType></Product><Product GUID="{91190409-6000-11D3-8CFE-0050048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Publisher 2002</Name><Ver>10</Ver><Val>C2A02D6F9DC3E0</Val><Hash>QWaRjXwo+gcINp3CGaOTzufT7mE=</Hash><Pid>54197-OEM-1693637-05136</Pid><PidType>4</PidType></Product></Products><Applications><App Id="15" Version="10" Result="101"/><App Id="16" Version="10" Result="101"/><App Id="18" Version="10" Result="101"/><App Id="19" Version="10" Result="100"/><App Id="1A" Version="10" Result="101"/><App Id="1B" Version="10" Result="101"/></Applications></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
Software licensing service version: 6.1.7601.17514
Name: Windows(R) 7, Professional edition
Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
Activation ID: e120e868-3df2-464a-95a0-b52fa5ada4bf
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00371-00180-450-730624-02-1033-7601.0000-2772013
Installation ID: 021790322462180992510066672402479470057120507935640471
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: T34B4
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 4/8/2014 4:00:02 PM
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:

HWID Data-->
HWID Hash Current: MAAAAAEABAABAAEAAAABAAAAAQABAAEA6GE6N+AaLvcy7mCsQt6uDNhpWGikZCqF
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x0
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC COMPAQ BROADH2O
FACP COMPAQ BROADH2O
HPET COMPAQ BROADH2O
MCFG COMPAQ BROADH2O
ASF! COMPAQ BROADH2O
TCPA COMPAQ BROADH2O
SLIC HPQOEM SLIC-BPC

Corrine · Apr 9, 2014

Hi, keeferis.

Thank you for the additional log.

As I said in my first response to you,

With P2P file sharing, what means do you have of identifying or authenticating the source of the download? In addition, a file can be distributed among many hosts, and peers will provide for download the sections that they have already downloaded. This results in the distinct possibility of a distribution method in which malicious bits are mixed with with good files.

The logs are evidence that is certainly the case with the removed trojan downloaders included in the files from torrent sites. Although MDiag shows your OS is licensed, I need to be upfront with you. The indication in the logs of your use of cracks/keygens is still a form of stealing. Cracked/warez versions of programs sound "good" and "cheap", but they can cause all sorts of headaches for you and damage to your computer. No reputable forum will support any method of cracking, warez, workarounds, providing any methods, tools, or posting of links designed for this express purpose.

There are people who have spent a great deal of money on developing and testing hardware and software, marketing and distributing it, and then on education and support for it. They have spent long, tedious, difficult and brain-numbing days/nights on their endeavor. They are attempting to make an honest living and feed their families. Let's not support the thieves who rip them off and cheat them out of the fruits of their labor.

You can delete CKScanner and the Junkware Removal Tool from your desktop.

Other than your printer, which you may need to reinstall, how is your computer running now?

keeferis · Apr 9, 2014

Hi Corrine I deleted the torrent program along with the vuze and mirc, and as for my computer I still can't run sfc /scannow or take any update from windows, I get error code 80070002.

Corrine · Apr 9, 2014

Thank you for uninstalling those programs! Please refer to the Safe Computing Practices and other recommendations in this updated copy of "So how did I get infected in the first place?".

Since you still cannot get updates, please reply to Richard's last post in your topic in the Windows Update forum letting him know we're finished here and you're still getting error code 80070002: https://www.sysnative.com/forums/wi...un-system-file-checker-scannow.html#post70236

keeferis · Apr 24, 2014

Hi Corrine, I replied to Richard and as of today haven't got a response from him.
Here's what I ended up doing, I formatted my HD and when I tried to install windows 7 PRO it kept saying the files where corrupt and that's on the disk it self.
Took my tower in to the store I got it from and they did some test and it ended up being a memory stick that has gone bad, they put in a new one and now I'm slowly reinstalling all my programs.
Just wanted to say thanks for trying to help

Corrine · Apr 24, 2014

Richard has been really busy with school work so I suspect that is why he missed your update. However, I sincerely thank you for letting me know the outcome. :rose: We certainly depend on our computer these days.

[SOLVED] Can't run sfc /scannow or do a reinstall of windows 7 pro and more

Member

Attachments

Administrator, Microsoft MVP, Security Analyst

Member

Attachments

Administrator, Microsoft MVP, Security Analyst

Member

Attachments

Administrator, Microsoft MVP, Security Analyst

Member

Administrator, Microsoft MVP, Security Analyst

Member

Attachments

Administrator, Microsoft MVP, Security Analyst

Member

Administrator, Microsoft MVP, Security Analyst

Member

Administrator, Microsoft MVP, Security Analyst

Member

Administrator, Microsoft MVP, Security Analyst

Member

Administrator, Microsoft MVP, Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst