Solved IE running multiple processes

[kristiana price]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Kristiana at 2014-09-16 20:33:45
Running from C:\Users\Kristiana\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19480 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3485 - AVG Technologies)
AVG 2013 (Version: 13.0.3485 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.4015 - AVG Technologies) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.2.0.7 - )
Chrome Remote Desktop Host (HKLM-x32\...\{7D2C319D-3907-472D-9B55-EC1F240962FC}) (Version: 37.0.2062.28 - Google Inc.)
Cooliris for Internet Explorer (HKLM-x32\...\{14C52FEF-0236-4D8C-BBE2-E6D7C4F2926D}) (Version: 1.12.1.37152 - Cooliris Inc.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.2123 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 4.0.2123 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
EPSON Remote Print Uninstall (HKLM\...\EPSON Remote Print) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version: - SEIKO EPSON Corporation)
Epson XP-410 User's Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-410 User's Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gardenscapes: Mansion Makeover™ (HKLM-x32\...\BFG-Gardenscapes - Mansion Makeover) (Version: - )
Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.04.3503 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0225.2011 - Gateway Incorporated)
Gateway TouchPortal (HKLM-x32\...\{C652F86F-348A-4A65-8BE8-A3F7A6370D98}) (Version: 3.00.3011 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Gateway Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3504 - Gateway Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Gateway Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.02.0007 - ITE)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaShow Espresso (x32 Version: 5.5.1422_24072 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mobile Broadband Generic Drivers (HKLM-x32\...\Mobile Broadband Generic Drivers) (Version: 2.03.06.002.14 - Novatel Wireless)
Mobile Broadband Generic Drivers (x32 Version: 2.03.06.002.14 - Novatel Wireless) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mystery Case Files: Fate's Carnival Collector's Edition (HKLM-x32\...\BFG-Mystery Case Files - Fates Carnival Collectors Edition) (Version: - )
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickBooks (x32 Version: 22.0.4015.2206 - Intuit Inc.) Hidden
QuickBooks Premier: Accountant Edition 2012 (HKLM-x32\...\{2181214D-1954-4C60-91FD-EEA7EBB32022}) (Version: 22.0.4015.2206 - Intuit Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6423 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.108 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.2.0.0 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.2.0 - Shutterfly, Inc.) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
THX TruStudio Pro (HKLM-x32\...\{97BE901A-9940-4ACF-9921-A6FAA284AC03}) (Version: 1.0 - Creative Technology Limited)
Touch Movie (x32 Version: 9.0.9224 - CyberLink Corp.) Hidden
Touch MVP (x32 Version: 4.2.9519 - CyberLink Corp.) Hidden
TouchSettings (HKLM-x32\...\{75880CD4-9436-4EDD-B7E7-400EBFD60B2C}) (Version: 1.00.0008 - Gateway Incorporated)
Virtual Earth 3D (Beta) (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.02.3503 - Gateway Incorporated)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4151687038-3744135737-2022761113-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Kristiana\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4151687038-3744135737-2022761113-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Kristiana\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4151687038-3744135737-2022761113-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Kristiana\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4151687038-3744135737-2022761113-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Kristiana\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4151687038-3744135737-2022761113-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kristiana\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

11-09-2014 03:29:10 Sept 10
12-09-2014 04:57:45 Windows Update
17-09-2014 02:18:22 Windows Backup

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2014-09-01 20:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06337A50-A78F-4A25-9D7E-E94A4BD6FFC2} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Gateway\Gateway Recovery Management\NotificationCenter\Notification.exe [2011-06-17] (Acer)
Task: {0B6A247B-438B-43B9-8BF5-7566F49D50D0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-28] (Microsoft Corporation)
Task: {1C3D77B1-D961-48C0-992A-BD749A8E196C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2A508916-17A0-40E3-BDDF-920FF0969C07} - System32\Tasks\{536AEFA3-3628-4928-9442-123A07682D30} => C:\Windows\twain_32\escndv\escndv.exe [2009-01-27] (SEIKO EPSON CORP.)
Task: {52FBC554-0498-44A3-BB22-F7A60DE9C7CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-01] (Google Inc.)
Task: {6B945D7D-86EC-4108-8EE3-63E274BC3D0F} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
Task: {6EF58A99-79BE-4381-BCF0-C39E3CF5FABD} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {76B4BA5D-50BD-4CA9-830B-2616144918EC} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {78EF5049-B358-4E0A-845D-565A03395625} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {7E07DF14-BE69-42AF-8946-3B8F35F7B92A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {887A1DC4-3A76-46F4-B9A2-855CE40E928C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-01] (Google Inc.)
Task: {8F1620BA-ECD0-4CC2-BD08-A058C8C5C484} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {9338BB97-C826-4063-B5BE-212972B031F6} - System32\Tasks\EPSON XP-410 Series Invitation {2D083A89-14E8-437E-B716-4622F5B1E5DF} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {990FB3D1-C824-45D2-8D90-600928AE4837} - System32\Tasks\{56C14871-1764-45B3-B193-A8394C120F40} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/en/abandoninstall?page=tsProgressBar
Task: {A9820CB7-E42F-42B6-A5DE-A9A8A0752CD3} - \ITECIR Filter Application for RCMM No Task File <==== ATTENTION
Task: {ADDB8B30-5CAB-4DED-B0C7-64243479B0A1} - System32\Tasks\EPSON XP-410 Series Invitation {22687012-65A6-4BFD-8886-DD80F0F664D7} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {CF25733D-D3AA-4364-92F9-AEA04F65689F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CFA60985-7676-4AE6-B2E1-2278BD846C13} - System32\Tasks\EPSON XP-410 Series Update {22687012-65A6-4BFD-8886-DD80F0F664D7} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {E335F054-5991-4139-95BC-AFB8E64A8C47} - System32\Tasks\EPSON XP-410 Series Update {2D083A89-14E8-437E-B716-4622F5B1E5DF} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {F4DF4545-034B-446A-A117-74F7330D152C} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {F9D09623-7823-4FD8-8D38-5BEE3122FB40} - System32\Tasks\AdobeAAMUpdater-1.0-Kristiana-PC-Kristiana => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {FD648E87-8E09-4AC8-B622-00D84A64A19B} - System32\Tasks\{96ABA643-AE14-4B8C-A26B-1C43B6447076} => C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32PremierAccountant.exe [2013-11-08] (Intuit Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-410 Series Invitation {22687012-65A6-4BFD-8886-DD80F0F664D7}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\Windows\Tasks\EPSON XP-410 Series Invitation {2D083A89-14E8-437E-B716-4622F5B1E5DF}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\Windows\Tasks\EPSON XP-410 Series Update {22687012-65A6-4BFD-8886-DD80F0F664D7}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\Windows\Tasks\EPSON XP-410 Series Update {2D083A89-14E8-437E-B716-4622F5B1E5DF}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-18 19:00 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-11-08 02:01 - 2010-02-24 01:42 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2011-07-26 23:28 - 2011-04-15 10:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-04 21:17 - 2011-02-14 06:55 - 00043520 ____R () C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
2014-08-28 08:05 - 2014-08-28 08:05 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-09-12 12:09 - 2014-09-03 20:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 12:09 - 2014-09-03 20:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 12:09 - 2014-09-03 20:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 12:09 - 2014-09-03 20:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 12:09 - 2014-09-03 20:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-12 12:09 - 2014-09-03 20:01 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0474F714
AlternateDataStreams: C:\ProgramData\Temp:0BACBDD9
AlternateDataStreams: C:\ProgramData\Temp:0D060666
AlternateDataStreams: C:\ProgramData\Temp:120B3AFD
AlternateDataStreams: C:\ProgramData\Temp:1234ADAE
AlternateDataStreams: C:\ProgramData\Temp:12D21A9A
AlternateDataStreams: C:\ProgramData\Temp:1999DD0A
AlternateDataStreams: C:\ProgramData\Temp:1A8FDBA3
AlternateDataStreams: C:\ProgramData\Temp:1E942FB9
AlternateDataStreams: C:\ProgramData\Temp:2701CA70
AlternateDataStreams: C:\ProgramData\Temp:27A88EF2
AlternateDataStreams: C:\ProgramData\Temp:282CE153
AlternateDataStreams: C:\ProgramData\Temp:2A874675
AlternateDataStreams: C:\ProgramData\Temp:2AC146B9
AlternateDataStreams: C:\ProgramData\Temp:2AD33723
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:2D133896
AlternateDataStreams: C:\ProgramData\Temp:31C9BA96
AlternateDataStreams: C:\ProgramData\Temp:32AE8659
AlternateDataStreams: C:\ProgramData\Temp:3C4BD225
AlternateDataStreams: C:\ProgramData\Temp:3EC5BC08
AlternateDataStreams: C:\ProgramData\Temp:48862C37
AlternateDataStreams: C:\ProgramData\Temp:48BCFDB6
AlternateDataStreams: C:\ProgramData\Temp:5164A01F
AlternateDataStreams: C:\ProgramData\Temp:5539129F
AlternateDataStreams: C:\ProgramData\Temp:59C64924
AlternateDataStreams: C:\ProgramData\Temp:5A9F1AE5
AlternateDataStreams: C:\ProgramData\Temp:5D570144
AlternateDataStreams: C:\ProgramData\Temp:5E73E1C2
AlternateDataStreams: C:\ProgramData\Temp:5ECEFF17
AlternateDataStreams: C:\ProgramData\Temp:6294B369
AlternateDataStreams: C:\ProgramData\Temp:6896CCCE
AlternateDataStreams: C:\ProgramData\Temp:6A9CA6CB
AlternateDataStreams: C:\ProgramData\Temp:6BEADDC0
AlternateDataStreams: C:\ProgramData\Temp:6DD124E2
AlternateDataStreams: C:\ProgramData\Temp:6FF14C72
AlternateDataStreams: C:\ProgramData\Temp:7D938C9B
AlternateDataStreams: C:\ProgramData\Temp:7FA0D639
AlternateDataStreams: C:\ProgramData\Temp:922DA2DB
AlternateDataStreams: C:\ProgramData\Temp:934CA750
AlternateDataStreams: C:\ProgramData\Temp:96372A73
AlternateDataStreams: C:\ProgramData\Temp:997DA6D7
AlternateDataStreams: C:\ProgramData\Temp:9A88B65D
AlternateDataStreams: C:\ProgramData\Temp:9F3CEEE6
AlternateDataStreams: C:\ProgramData\Temp:A015B193
AlternateDataStreams: C:\ProgramData\Temp:A13B696A
AlternateDataStreams: C:\ProgramData\Temp:A391510C
AlternateDataStreams: C:\ProgramData\Temp:A6345BDA
AlternateDataStreams: C:\ProgramData\Temp:A6F30843
AlternateDataStreams: C:\ProgramData\Temp:A73595DE
AlternateDataStreams: C:\ProgramData\Temp:A9EBEE99
AlternateDataStreams: C:\ProgramData\Temp:AE34D87E
AlternateDataStreams: C:\ProgramData\Temp:AED4A2B7
AlternateDataStreams: C:\ProgramData\Temp:B01EC114
AlternateDataStreams: C:\ProgramData\Temp:B139DDF3
AlternateDataStreams: C:\ProgramData\Temp:B5FD4AA1
AlternateDataStreams: C:\ProgramData\Temp:B6E58523
AlternateDataStreams: C:\ProgramData\Temp:B8791731
AlternateDataStreams: C:\ProgramData\Temp:BAC2F271
AlternateDataStreams: C:\ProgramData\Temp:BEE39E9B
AlternateDataStreams: C:\ProgramData\Temp:C0BCE04B
AlternateDataStreams: C:\ProgramData\Temp:C370B84F
AlternateDataStreams: C:\ProgramData\Temp:C6920A5D
AlternateDataStreams: C:\ProgramData\Temp:CA1AFE85
AlternateDataStreams: C:\ProgramData\Temp:CA7E8F16
AlternateDataStreams: C:\ProgramData\Temp:CE506F23
AlternateDataStreams: C:\ProgramData\Temp086B88D
AlternateDataStreams: C:\ProgramData\Temp6D084A5
AlternateDataStreams: C:\ProgramData\Temp93AABC7
AlternateDataStreams: C:\ProgramData\Temp987CB43
AlternateDataStreams: C:\ProgramData\TempC7EDF41
AlternateDataStreams: C:\ProgramData\Temp:E5496666
AlternateDataStreams: C:\ProgramData\Temp:E6B95E40
AlternateDataStreams: C:\ProgramData\Temp:EB68CA55
AlternateDataStreams: C:\ProgramData\Temp:EE2DD6CC
AlternateDataStreams: C:\ProgramData\Temp:F2EDC57C
AlternateDataStreams: C:\ProgramData\Temp:F68CB1A4
AlternateDataStreams: C:\ProgramData\Temp:FBD274CF
AlternateDataStreams: C:\ProgramData\Temp:FF717A18
AlternateDataStreams: C:\Users\Kristiana\Documents\application pg 2.pdf:Roxio EMC Stream
AlternateDataStreams: C:\Users\Kristiana\Documents\application pg 4.pdf:Roxio EMC Stream

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\Windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
MSCONFIG\startupreg: LTCM Client => C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Gateway\Gateway TouchPortal\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Gateway\Gateway TouchPortal\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: THX Audio Control Panel => "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
MSCONFIG\startupreg: TouchMovieService => "C:\Program Files (x86)\Gateway\Gateway TouchPortal\Touch Movie\TouchMovieService.exe"
MSCONFIG\startupreg: TouchPortalV3Launcher => C:\Program Files (x86)\Gateway\Gateway TouchPortal\TouchPortalLauncher.exe na
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Gateway\Gateway TouchPortal\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Gateway\Gateway TouchPortal\YouCam\YouCamTray.exe" /s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-09-01 20:19:57.570
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-01 20:19:57.477
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-01 20:19:57.399
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-01 20:19:57.321
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-18 10:42:38.634
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-18 10:42:38.556
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-18 10:42:38.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-18 10:42:38.400
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-06-25 16:55:02.359
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-06-25 16:55:02.283
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Percentage of memory in use: 50%
Total physical RAM: 4000.29 MB
Available physical RAM: 1975.27 MB
Total Pagefile: 7998.76 MB
Available Pagefile: 5771.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:441.66 GB) (Free:361.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FAD8154D)
Partition 1: (Not Active) - (Size=24 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=441.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

[Broni]

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

[kristiana price]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Kristiana at 2014-09-17 18:32:34 Run:1
Running from C:\Users\Kristiana\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicyUsers\S-1-5-21-4151687038-3744135737-2022761113-1001\User: Group Policy restriction detected <======= ATTENTION
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
C:\Users\Kristiana\AppData\Local\Temp\Quarantine.exe
Task: {A9820CB7-E42F-42B6-A5DE-A9A8A0752CD3} - \ITECIR Filter Application for RCMM No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:0474F714
AlternateDataStreams: C:\ProgramData\Temp:0BACBDD9
AlternateDataStreams: C:\ProgramData\Temp:0D060666
AlternateDataStreams: C:\ProgramData\Temp:120B3AFD
AlternateDataStreams: C:\ProgramData\Temp:1234ADAE
AlternateDataStreams: C:\ProgramData\Temp:12D21A9A
AlternateDataStreams: C:\ProgramData\Temp:1999DD0A
AlternateDataStreams: C:\ProgramData\Temp:1A8FDBA3
AlternateDataStreams: C:\ProgramData\Temp:1E942FB9
AlternateDataStreams: C:\ProgramData\Temp:2701CA70
AlternateDataStreams: C:\ProgramData\Temp:27A88EF2
AlternateDataStreams: C:\ProgramData\Temp:282CE153
AlternateDataStreams: C:\ProgramData\Temp:2A874675
AlternateDataStreams: C:\ProgramData\Temp:2AC146B9
AlternateDataStreams: C:\ProgramData\Temp:2AD33723
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:2D133896
AlternateDataStreams: C:\ProgramData\Temp:31C9BA96
AlternateDataStreams: C:\ProgramData\Temp:32AE8659
AlternateDataStreams: C:\ProgramData\Temp:3C4BD225
AlternateDataStreams: C:\ProgramData\Temp:3EC5BC08
AlternateDataStreams: C:\ProgramData\Temp:48862C37
AlternateDataStreams: C:\ProgramData\Temp:48BCFDB6
AlternateDataStreams: C:\ProgramData\Temp:5164A01F
AlternateDataStreams: C:\ProgramData\Temp:5539129F
AlternateDataStreams: C:\ProgramData\Temp:59C64924
AlternateDataStreams: C:\ProgramData\Temp:5A9F1AE5
AlternateDataStreams: C:\ProgramData\Temp:5D570144
AlternateDataStreams: C:\ProgramData\Temp:5E73E1C2
AlternateDataStreams: C:\ProgramData\Temp:5ECEFF17
AlternateDataStreams: C:\ProgramData\Temp:6294B369
AlternateDataStreams: C:\ProgramData\Temp:6896CCCE
AlternateDataStreams: C:\ProgramData\Temp:6A9CA6CB
AlternateDataStreams: C:\ProgramData\Temp:6BEADDC0
AlternateDataStreams: C:\ProgramData\Temp:6DD124E2
AlternateDataStreams: C:\ProgramData\Temp:6FF14C72
AlternateDataStreams: C:\ProgramData\Temp:7D938C9B
AlternateDataStreams: C:\ProgramData\Temp:7FA0D639
AlternateDataStreams: C:\ProgramData\Temp:922DA2DB
AlternateDataStreams: C:\ProgramData\Temp:934CA750
AlternateDataStreams: C:\ProgramData\Temp:96372A73
AlternateDataStreams: C:\ProgramData\Temp:997DA6D7
AlternateDataStreams: C:\ProgramData\Temp:9A88B65D
AlternateDataStreams: C:\ProgramData\Temp:9F3CEEE6
AlternateDataStreams: C:\ProgramData\Temp:A015B193
AlternateDataStreams: C:\ProgramData\Temp:A13B696A
AlternateDataStreams: C:\ProgramData\Temp:A391510C
AlternateDataStreams: C:\ProgramData\Temp:A6345BDA
AlternateDataStreams: C:\ProgramData\Temp:A6F30843
AlternateDataStreams: C:\ProgramData\Temp:A73595DE
AlternateDataStreams: C:\ProgramData\Temp:A9EBEE99
AlternateDataStreams: C:\ProgramData\Temp:AE34D87E
AlternateDataStreams: C:\ProgramData\Temp:AED4A2B7
AlternateDataStreams: C:\ProgramData\Temp:B01EC114
AlternateDataStreams: C:\ProgramData\Temp:B139DDF3
AlternateDataStreams: C:\ProgramData\Temp:B5FD4AA1
AlternateDataStreams: C:\ProgramData\Temp:B6E58523
AlternateDataStreams: C:\ProgramData\Temp:B8791731
AlternateDataStreams: C:\ProgramData\Temp:BAC2F271
AlternateDataStreams: C:\ProgramData\Temp:BEE39E9B
AlternateDataStreams: C:\ProgramData\Temp:C0BCE04B
AlternateDataStreams: C:\ProgramData\Temp:C370B84F
AlternateDataStreams: C:\ProgramData\Temp:C6920A5D
AlternateDataStreams: C:\ProgramData\Temp:CA1AFE85
AlternateDataStreams: C:\ProgramData\Temp:CA7E8F16
AlternateDataStreams: C:\ProgramData\Temp:CE506F23
AlternateDataStreams: C:\ProgramData\Temp086B88D
AlternateDataStreams: C:\ProgramData\Temp6D084A5
AlternateDataStreams: C:\ProgramData\Temp93AABC7
AlternateDataStreams: C:\ProgramData\Temp987CB43
AlternateDataStreams: C:\ProgramData\TempC7EDF41
AlternateDataStreams: C:\ProgramData\Temp:E5496666
AlternateDataStreams: C:\ProgramData\Temp:E6B95E40
AlternateDataStreams: C:\ProgramData\Temp:EB68CA55
AlternateDataStreams: C:\ProgramData\Temp:EE2DD6CC
AlternateDataStreams: C:\ProgramData\Temp:F2EDC57C
AlternateDataStreams: C:\ProgramData\Temp:F68CB1A4
AlternateDataStreams: C:\ProgramData\Temp:FBD274CF
AlternateDataStreams: C:\ProgramData\Temp:FF717A18
AlternateDataStreams: C:\Users\Kristiana\Documents\application pg 2.pdf:Roxio EMC Stream
AlternateDataStreams: C:\Users\Kristiana\Documents\application pg 4.pdf:Roxio EMC Stream

*****************

C:\Windows\system32\GroupPolicyUsers\S-1-5-21-4151687038-3744135737-2022761113-1001\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
"HKCR\PROTOCOLS\Handler\intu-help-qb5" => Key deleted successfully.
"HKCR\CLSID\{867FCB77-9823-4cd6-8210-D85F968D466F}" => Key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\qbwc" => Key deleted successfully.
"HKCR\CLSID\{FC598A64-626C-4447-85B8-53150405FD57}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\linkscanner" => Key not found.
"HKCR\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
vToolbarUpdater18.1.9 => Service deleted successfully.
catchme => Service deleted successfully.
dgderdrv => Service deleted successfully.
C:\Users\Kristiana\AppData\Local\Temp\Quarantine.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A9820CB7-E42F-42B6-A5DE-A9A8A0752CD3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9820CB7-E42F-42B6-A5DE-A9A8A0752CD3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ITECIR Filter Application for RCMM" => Key not found.
C:\ProgramData\Temp => ":0474F714" ADS removed successfully.
C:\ProgramData\Temp => ":0BACBDD9" ADS removed successfully.
C:\ProgramData\Temp => ":0D060666" ADS removed successfully.
C:\ProgramData\Temp => ":120B3AFD" ADS removed successfully.
C:\ProgramData\Temp => ":1234ADAE" ADS removed successfully.
C:\ProgramData\Temp => ":12D21A9A" ADS removed successfully.
C:\ProgramData\Temp => ":1999DD0A" ADS removed successfully.
C:\ProgramData\Temp => ":1A8FDBA3" ADS removed successfully.
C:\ProgramData\Temp => ":1E942FB9" ADS removed successfully.
C:\ProgramData\Temp => ":2701CA70" ADS removed successfully.
C:\ProgramData\Temp => ":27A88EF2" ADS removed successfully.
C:\ProgramData\Temp => ":282CE153" ADS removed successfully.
C:\ProgramData\Temp => ":2A874675" ADS removed successfully.
C:\ProgramData\Temp => ":2AC146B9" ADS removed successfully.
C:\ProgramData\Temp => ":2AD33723" ADS removed successfully.
C:\ProgramData\Temp => ":2CB9631F" ADS removed successfully.
C:\ProgramData\Temp => ":2D133896" ADS removed successfully.
C:\ProgramData\Temp => ":31C9BA96" ADS removed successfully.
C:\ProgramData\Temp => ":32AE8659" ADS removed successfully.
C:\ProgramData\Temp => ":3C4BD225" ADS removed successfully.
C:\ProgramData\Temp => ":3EC5BC08" ADS removed successfully.
C:\ProgramData\Temp => ":48862C37" ADS removed successfully.
C:\ProgramData\Temp => ":48BCFDB6" ADS removed successfully.
C:\ProgramData\Temp => ":5164A01F" ADS removed successfully.
C:\ProgramData\Temp => ":5539129F" ADS removed successfully.
C:\ProgramData\Temp => ":59C64924" ADS removed successfully.
C:\ProgramData\Temp => ":5A9F1AE5" ADS removed successfully.
C:\ProgramData\Temp => ":5D570144" ADS removed successfully.
C:\ProgramData\Temp => ":5E73E1C2" ADS removed successfully.
C:\ProgramData\Temp => ":5ECEFF17" ADS removed successfully.
C:\ProgramData\Temp => ":6294B369" ADS removed successfully.
C:\ProgramData\Temp => ":6896CCCE" ADS removed successfully.
C:\ProgramData\Temp => ":6A9CA6CB" ADS removed successfully.
C:\ProgramData\Temp => ":6BEADDC0" ADS removed successfully.
C:\ProgramData\Temp => ":6DD124E2" ADS removed successfully.
C:\ProgramData\Temp => ":6FF14C72" ADS removed successfully.
C:\ProgramData\Temp => ":7D938C9B" ADS removed successfully.
C:\ProgramData\Temp => ":7FA0D639" ADS removed successfully.
C:\ProgramData\Temp => ":922DA2DB" ADS removed successfully.
C:\ProgramData\Temp => ":934CA750" ADS removed successfully.
C:\ProgramData\Temp => ":96372A73" ADS removed successfully.
C:\ProgramData\Temp => ":997DA6D7" ADS removed successfully.
C:\ProgramData\Temp => ":9A88B65D" ADS removed successfully.
C:\ProgramData\Temp => ":9F3CEEE6" ADS removed successfully.
C:\ProgramData\Temp => ":A015B193" ADS removed successfully.
C:\ProgramData\Temp => ":A13B696A" ADS removed successfully.
C:\ProgramData\Temp => ":A391510C" ADS removed successfully.
C:\ProgramData\Temp => ":A6345BDA" ADS removed successfully.
C:\ProgramData\Temp => ":A6F30843" ADS removed successfully.
C:\ProgramData\Temp => ":A73595DE" ADS removed successfully.
C:\ProgramData\Temp => ":A9EBEE99" ADS removed successfully.
C:\ProgramData\Temp => ":AE34D87E" ADS removed successfully.
C:\ProgramData\Temp => ":AED4A2B7" ADS removed successfully.
C:\ProgramData\Temp => ":B01EC114" ADS removed successfully.
C:\ProgramData\Temp => ":B139DDF3" ADS removed successfully.
C:\ProgramData\Temp => ":B5FD4AA1" ADS removed successfully.
C:\ProgramData\Temp => ":B6E58523" ADS removed successfully.
C:\ProgramData\Temp => ":B8791731" ADS removed successfully.
C:\ProgramData\Temp => ":BAC2F271" ADS removed successfully.
C:\ProgramData\Temp => ":BEE39E9B" ADS removed successfully.
C:\ProgramData\Temp => ":C0BCE04B" ADS removed successfully.
C:\ProgramData\Temp => ":C370B84F" ADS removed successfully.
C:\ProgramData\Temp => ":C6920A5D" ADS removed successfully.
C:\ProgramData\Temp => ":CA1AFE85" ADS removed successfully.
C:\ProgramData\Temp => ":CA7E8F16" ADS removed successfully.
C:\ProgramData\Temp => ":CE506F23" ADS removed successfully.
C:\ProgramData\Temp => "086B88D" ADS removed successfully.
C:\ProgramData\Temp => "6D084A5" ADS removed successfully.
C:\ProgramData\Temp => "93AABC7" ADS removed successfully.
C:\ProgramData\Temp => "987CB43" ADS removed successfully.
C:\ProgramData\Temp => "C7EDF41" ADS removed successfully.
C:\ProgramData\Temp => ":E5496666" ADS removed successfully.
C:\ProgramData\Temp => ":E6B95E40" ADS removed successfully.
C:\ProgramData\Temp => ":EB68CA55" ADS removed successfully.
C:\ProgramData\Temp => ":EE2DD6CC" ADS removed successfully.
C:\ProgramData\Temp => ":F2EDC57C" ADS removed successfully.
C:\ProgramData\Temp => ":F68CB1A4" ADS removed successfully.
C:\ProgramData\Temp => ":FBD274CF" ADS removed successfully.
C:\ProgramData\Temp => ":FF717A18" ADS removed successfully.
C:\Users\Kristiana\Documents\application pg 2.pdf => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Kristiana\Documents\application pg 4.pdf => ":Roxio EMC Stream" ADS removed successfully.


The system needed a reboot.

==== End of Fixlog ====

 

[Broni]

Good

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Internet Explorer users - Click on this link to open ESET OnlineScan.
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on ESET Smart Installer to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the http://www.bleepstatic.com/fhost/uploads/0/esetsmartinstaller_enu.png][/url] icon on your desktop.
    [/LIST]
    [*]Check [I]"YES, I accept the Terms of Use."[/I]
    [*]Click the [b]Start[/b] button.
    [*]Accept any security warnings from your browser.[/*]
    [*]Check [I]"Enable detection of potentially unwanted applications"[/I].
    [*]Click [I]Advanced settings[/I] and make sure all 4 boxes are checkmarked (two of them are already checkmarked by default).
    Do NOT checkmark [I]"Use custom proxy settings"[/I]
    [*]Click the [b]Start[/b] button.
    [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    [*]When the scan completes, click [b]List Threats[/b][/*]
    [*]Click [b]Export[/b], and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    [*]Click the [b]Back[/b] button.
    [*]Click the [b]Finish[/b] button.
    [/LIST]

 

[kristiana price]

Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Internet Security 2013
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Adobe Flash Player 15.0.0.152
Mozilla Firefox 29.0.1 Firefox out of Date!
Google Chrome 37.0.2062.103
Google Chrome 37.0.2062.120
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbam.exe
AVG avgwdsvc.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 

[kristiana price]

Farbar Service Scanner Version: 21-07-2014
Ran by Kristiana (administrator) on 17-09-2014 at 20:44:12
Running from "C:\Users\Kristiana\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

[kristiana price]

C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application deleted - quarantined
C:\Users\Kristiana\Documents\APNSetup1.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\Windows\Installer\MSI26E9.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Windows\Installer\MSI7C2C.tmp a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\Windows\Installer\MSIBAC9.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

 

[Broni]

Update Firefox to the current 32.0.1 version.

====================================

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

• Activate UAC (optional; some users prefer to keep it off)
• Remove disinfection tools
• Create registry backup
• Purge System Restore
• Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.

 

[kristiana price]

Thank you sooooo much. Computer is running great!

 

[Broni]

Yes!!

Good luck and stay safe