#121  
Old 03-22-2013, 10:54 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
No Extension IvoSoft C:\Program Files\Classic Shell\ClassicExplorer32.dll
No Extension IvoSoft C:\Program Files\Classic Shell\ClassicExplorer64.dll
Yes Extension ieSpell res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
Yes Extension ieSpell Options res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
No Helper Adobe PDF Link Helper Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
No Helper ExplorerBHO Class IvoSoft C:\Program Files\Classic Shell\ClassicExplorer32.dll
No Helper ExplorerBHO Class IvoSoft C:\Program Files\Classic Shell\ClassicExplorer64.dll
No Helper Java(tm) Plug-In 2 SSV Helper C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
No Helper SnagIt Toolbar Loader TechSmith Corporation C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll
No Helper SnagIt Toolbar Loader TechSmith Corporation C:\Program Files (x86)\TechSmith\SnagIt 8\DLLx64\SnagItBHO64.dll
No Helper Windows Live ID Sign-in Helper Microsoft Corporation C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
No Helper Windows Live ID Sign-in Helper Microsoft Corporation C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
No Helper Zonealarm Helper Object Montera Technologeis LTD C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.3.16\bh\zonealarm.dll
No Toolbar Classic Explorer Bar IvoSoft C:\Program Files\Classic Shell\ClassicExplorer32.dll
No Toolbar Classic Explorer Bar IvoSoft C:\Program Files\Classic Shell\ClassicExplorer64.dll
No Toolbar SnagIt TechSmith Corporation C:\PROGRA~2\TECHSM~1\SNAGIT~2\SNAGIT~4.DLL
No Toolbar ZoneAlarm Security Toolbar Montera Technologeis LTD C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.3.16\zonealarmTlbr.dll


Had to update my CC to the latest one
Reply With Quote
  #122  
Old 03-22-2013, 10:59 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,817
Quote:
Originally Posted by Mountain Man View Post
Foxfire dot shown

Yes HKCU:Run 6FBA4E8FAFB87A1087C16AA061E65B6E69A54B94._service_ run Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
Yes HKCU:Run ConduitFloatingPlugin_kdfbddbdpnahdahmamlolacimfdb eckk Microsoft Corporation "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3281675\plugins\ConduitFloatingPlu gin.dll",RunConduitFloatingPlugin kdfbddbdpnahdahmamlolacimfdbeckk
Yes HKCU:Run MobileDocuments Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
Yes HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes HKLM:Run avgnt Avira Operations GmbH & Co. KG "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
Yes HKLM:Run Classic Start Menu IvoSoft C:\Program Files\Classic Shell\ClassicStartMenu.exe
Yes HKLM:Run DownloadManagerService "C:\Program Files\Verizon Wireless\dist\servicerunner.exe" /action:startService
Yes HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
Yes HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
Yes HKLM:Run ISW
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Yes HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
Yes HKLM:Run SSBkgdUpdate Nuance Communications, Inc. "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
Yes HKLM:Run VMware hqtray VMware, Inc. "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
Yes HKLM:Run WD Button Manager WDBtnMgr.exe
Yes HKLM:Run WDCBG Cypress Semiconductor C:\Windows\WDCBG.EXE
Which Tab is this First Text File from??? Windows or Internet Explorer?
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.3, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #123  
Old 03-22-2013, 11:01 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,817
Quote:
Originally Posted by Mountain Man View Post
No Extension IvoSoft C:\Program Files\Classic Shell\ClassicExplorer32.dll
No Extension IvoSoft C:\Program Files\Classic Shell\ClassicExplorer64.dll
Yes Extension ieSpell res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
Yes Extension ieSpell Options res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
No Helper Adobe PDF Link Helper Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
No Helper ExplorerBHO Class IvoSoft C:\Program Files\Classic Shell\ClassicExplorer32.dll
No Helper ExplorerBHO Class IvoSoft C:\Program Files\Classic Shell\ClassicExplorer64.dll
No Helper Java(tm) Plug-In 2 SSV Helper C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
No Helper SnagIt Toolbar Loader TechSmith Corporation C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll
No Helper SnagIt Toolbar Loader TechSmith Corporation C:\Program Files (x86)\TechSmith\SnagIt 8\DLLx64\SnagItBHO64.dll
No Helper Windows Live ID Sign-in Helper Microsoft Corporation C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
No Helper Windows Live ID Sign-in Helper Microsoft Corporation C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
No Helper Zonealarm Helper Object Montera Technologeis LTD C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.3.16\bh\zonealarm.dll
No Toolbar Classic Explorer Bar IvoSoft C:\Program Files\Classic Shell\ClassicExplorer32.dll
No Toolbar Classic Explorer Bar IvoSoft C:\Program Files\Classic Shell\ClassicExplorer64.dll
No Toolbar SnagIt TechSmith Corporation C:\PROGRA~2\TECHSM~1\SNAGIT~2\SNAGIT~4.DLL
No Toolbar ZoneAlarm Security Toolbar Montera Technologeis LTD C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.3.16\zonealarmTlbr.dll


Had to update my CC to the latest one
Which Tab is this text file from?
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.3, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #124  
Old 03-22-2013, 11:04 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
1st one is windows. 2nd is internet exployer

I looked at uninstall part and Zone alarm is listed. Should I check it and uninstall?

Acrobat.com 6/27/2010
Adobe AIR Adobe Systems Incorporated 2/6/2013 3.5.0.1060
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 3/12/2013 6.00 MB 11.6.602.180
Adobe Reader X (10.1.6) Adobe Systems Incorporated 2/27/2013 28.0 KB 10.1.6
Amazon MP3 Uploader 6/27/2010
Apple Application Support Apple Inc. 3/22/2013 62.7 MB 2.3.3
Apple Mobile Device Support Apple Inc. 3/22/2013 25.2 MB 6.1.0.13
Apple Software Update 7/9/2011
Avira Free Antivirus Avira 3/20/2013 139 MB 13.0.0.3185
Belarc Advisor 8.1 3/17/2013
Bing Maps 3D Microsoft Corporation 7/8/2012 19.8 MB 4.0.903.16005
Bonjour Apple Inc. 12/6/2011 2.00 MB 3.0.0.10
CCleaner Piriform 2/25/2013 3.28
Classic Shell IvoSoft 10/11/2010 4.36 MB 2.8.3
Corel Paint Shop Pro X 4/22/2010
Do Not Track Plus Add-on 1.0.5403.0218 Abine 3/21/2013 3.08 MB 1.0.5403.0218
ESET Online Scanner v3 3/21/2013
FavOrg PC Magazine 3/17/2013
Garmin Communicator Plugin Garmin Ltd or its subsidiaries 3/17/2013 14.7 MB 2.9.2
Garmin Express Garmin Ltd or its subsidiaries 3/17/2013 28.0 MB 2.1.8
Garmin USB Drivers Garmin Ltd or its subsidiaries 3/17/2013 573 KB 2.3.1.0
Garmin WebUpdater Garmin Ltd or its subsidiaries 3/17/2013 15.7 MB 2.5.6
Google Chrome Google Inc. 2/6/2013 25.0.1364.172
Google Earth 11/16/2011
Google SketchUp 8 6/27/2010
iCloud Apple Inc. 3/21/2012 33.2 MB 1.1.0.40
Image Resizer Powertoy Clone for Windows (64 bit) Brice Lambson 8/31/2010 295 KB 2.1
Inpaint 3.0 teorex 3/17/2013 6.00 MB
Intel(R) Graphics Media Accelerator Driver Intel Corporation 8/14/2011 54.2 MB 8.15.10.2226
Internet Explorer (Enable DEP) 11/7/2010
iTunes Apple Inc. 3/22/2013 189 MB 11.0.2.26
LightScribe System Software 4/17/2011
LightScribe Template Labeler LightScribe 3/17/2013 20.2 MB 1.18.5.1
MAGIX Online Print Service 11/8/2011
MAGIX Photo Manager 10 6/27/2010
MAGIX Screenshare 11/8/2011
MAGIX Xtreme Photo & Graphic Designer 5 (Silver) 6/27/2010
MediaSmart DVD 4/17/2011
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 6/27/2010 38.8 MB 4.0.30319
Microsoft Mouse and Keyboard Center Microsoft Corporation 2/27/2013 2.1.177.0
Microsoft Office 2000 Standard 6/27/2010
Microsoft Silverlight Microsoft Corporation 3/12/2013 100 MB 5.1.20125.0
Microsoft VC9 runtime libraries 6/27/2010
Microsoft Virtual PC 2007 SP1 Microsoft Corporation 12/9/2011 38.1 MB 6.0.192.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 6/27/2010
Microsoft Visual C++ 2005 Redistributable 6/27/2010
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 6/27/2010
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 6/27/2010
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 6/27/2010
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2/13/2013 13.7 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 6/27/2010
MP3 Download Manager 6/27/2010
MSXML 4.0 SP2 (KB954430) 6/27/2010
MSXML 4.0 SP2 (KB973688) 6/27/2010
MSXML 4.0 SP3 Parser 6/27/2010
MSXML 4.0 SP3 Parser (KB2721691) 6/27/2010
MSXML 4.0 SP3 Parser (KB2758694) 6/27/2010
MSXML 4.0 SP3 Parser (KB973685) 6/27/2010
Paragon Partition Manager™ 12 Free 11/23/2012
Photo Explosion 5/10/2010
Retrospect 6.5 4/22/2010
Safari 5/16/2012
ScanSoft PaperPort 11 4/22/2010
Scrapbook Factory Deluxe 4.0 5/10/2010
SIW version 2010.03.10 Topala Software Solutions 3/17/2013 2.86 MB 2010.03.10
SnagIt 8 6/27/2010
Soft Organizer version 3.02 ChemTable Software 3/22/2013 10.3 MB 3.02
SpywareBlaster 5.0 BrightFort LLC 3/18/2013 8.83 MB 5.0.0
tools-windows 6/27/2010
USB Safely Remove 5.2 SafelyRemove.com 3/17/2013 11.8 MB
VC 9.0 Runtime 6/27/2010
Verizon Wireless Download Manager 2.2.8-SNAPSHOT-r11227 Verizon Wireless 2/9/2012 2.2.8-SNAPSHOT-r11227
Visioneer 9520 Driver 12/8/2010
VMware Player 12/8/2011
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) Garmin 3/17/2013 04/19/2012 2.3.1.0
Windows Live ID Sign-in Assistant Microsoft Corporation 11/8/2010 10.0 MB 6.500.3165.0
WinZip 15.0 6/27/2010
ZoneAlarm Antivirus 6/27/2010
Reply With Quote
  #125  
Old 03-22-2013, 11:07 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,817
Quote:
Originally Posted by Mountain Man View Post
1st one is windows. 2nd is internet exployer

I looked at uninstall part and Zone alarm is listed. Should I check it and uninstall?
Yes go ahead do that and I will post the logs back that you just posted and show you which ones you need to disable or delete
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.3, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #126  
Old 03-22-2013, 11:13 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,817
Quote:
Originally Posted by Mountain Man View Post
Foxfire dot shown

Yes HKCU:Run 6FBA4E8FAFB87A1087C16AA061E65B6E69A54B94._service_ run Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
Yes HKCU:Run ConduitFloatingPlugin_kdfbddbdpnahdahmamlolacimfdb eckk Microsoft Corporation "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3281675\plugins\ConduitFloatingPlu gin.dll",RunConduitFloatingPlugin kdfbddbdpnahdahmamlolacimfdbeckk
Yes HKCU:Run MobileDocuments Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
Yes HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes HKLM:Run avgnt Avira Operations GmbH & Co. KG "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
Yes HKLM:Run Classic Start Menu IvoSoft C:\Program Files\Classic Shell\ClassicStartMenu.exe
Yes HKLM:Run DownloadManagerService "C:\Program Files\Verizon Wireless\dist\servicerunner.exe" /action:startService
Yes HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
Yes HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
Yes HKLM:Run ISW
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Yes HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
Yes HKLM:Run SSBkgdUpdate Nuance Communications, Inc. "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
Yes HKLM:Run VMware hqtray VMware, Inc. "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
Yes HKLM:Run WD Button Manager WDBtnMgr.exe
Yes HKLM:Run WDCBG Cypress Semiconductor C:\Windows\WDCBG.EXE
This one is Windows Tab I believe click Once on the listing I show in Red. One you have done that then the Enable, Disable, Delete buttons will be able to be used. For that one hit the Delete Button. You will be asked if you want to Delete it, click yes or ok, whatever the choice is.
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.3, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #127  
Old 03-22-2013, 11:16 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,817
Quote:
Originally Posted by Mountain Man View Post
No Extension IvoSoft C:\Program Files\Classic Shell\ClassicExplorer32.dll
No Extension IvoSoft C:\Program Files\Classic Shell\ClassicExplorer64.dll
Yes Extension ieSpell res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
Yes Extension ieSpell Options res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
No Helper Adobe PDF Link Helper Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
No Helper ExplorerBHO Class IvoSoft C:\Program Files\Classic Shell\ClassicExplorer32.dll
No Helper ExplorerBHO Class IvoSoft C:\Program Files\Classic Shell\ClassicExplorer64.dll
No Helper Java(tm) Plug-In 2 SSV Helper C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
No Helper SnagIt Toolbar Loader TechSmith Corporation C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll
No Helper SnagIt Toolbar Loader TechSmith Corporation C:\Program Files (x86)\TechSmith\SnagIt 8\DLLx64\SnagItBHO64.dll
No Helper Windows Live ID Sign-in Helper Microsoft Corporation C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
No Helper Windows Live ID Sign-in Helper Microsoft Corporation C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
No Helper Zonealarm Helper Object Montera Technologeis LTD C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.3.16\bh\zonealarm.dll
No Toolbar Classic Explorer Bar IvoSoft C:\Program Files\Classic Shell\ClassicExplorer32.dll
No Toolbar Classic Explorer Bar IvoSoft C:\Program Files\Classic Shell\ClassicExplorer64.dll
No Toolbar SnagIt TechSmith Corporation C:\PROGRA~2\TECHSM~1\SNAGIT~2\SNAGIT~4.DLL
No Toolbar ZoneAlarm Security Toolbar Montera Technologeis LTD C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.3.16\zonealarmTlbr.dll


Had to update my CC to the latest one
Believe this one is Internet Explorer. You also want to highlight the two entries in Red and then hit the Delete button.

After that Reboot.

Once you have rebooted do one more DDS scan and just post the DDS.txt log and hopefully we will be finished, but need to look at a new DDS.txt log to be absolutely sure.
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.3, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #128  
Old 03-22-2013, 11:24 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
Will do that but I'm give out again. Will do scan tommorow, if that is OK
Reply With Quote
  #129  
Old 03-22-2013, 11:28 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,817
Quote:
Originally Posted by Mountain Man View Post
Will do that but I'm give out again. Will do scan tommorow, if that is OK
Absolutely no problem at all!
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.3, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #130  
Old 03-23-2013, 07:35 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
Sorry I'm so slow getting back here. I'm just real tired. This is the 4th Cancer I have in 13 years. The treatment is taking much more out of me this time.
I think we have finally got all this fixed, I hope.

When I stated up the RUNDLL is gone. I did the scans and I think they are good. Here they are and I hope we can finish all this. I have learned a lot doing all of this.

I want to thank all that helped me. It is very much appreciated. Well here goes

Last edited by Mountain Man; 03-23-2013 at 08:01 PM.
Reply With Quote
  #131  
Old 03-23-2013, 07:36 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: SD/MMC
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#20060413092100000&2#
Manufacturer: Generic-
Name: I:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#20060413092100000&2#
Service: WUDFRd
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: SM/xD-Picture
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.00#20060413092100000&1#
Manufacturer: Generic-
Name: H:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.00#20060413092100000&1#
Service: WUDFRd
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Compact Flash
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00#20060413092100000& 0#
Manufacturer: Generic-
Name: G:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00#20060413092100000& 0#
Service: WUDFRd
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: MS/MS-Pro
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.00#20060413092100000&3#
Manufacturer: Generic-
Name: J:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_ USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.00#20060413092100000&3#
Service: WUDFRd
.
==== System Restore Points ===================
.
RP344: 11/6/2012 5:16:42 PM - Windows Backup
RP345: 11/11/2012 7:01:51 PM - Windows Backup
RP346: 11/12/2012 8:56:47 PM - Installed Norton PartitionMagic
RP347: 11/12/2012 9:03:08 PM - Configured Norton PartitionMagic
RP348: 11/13/2012 8:48:26 PM - Windows Update
RP349: 11/18/2012 7:56:27 PM - Windows Backup
RP350: 11/23/2012 8:40:45 PM - Installed Paragon Partition Managerô 12 Free.
RP351: 11/25/2012 9:01:44 PM - Windows Backup
RP352: 11/26/2012 7:59:41 PM - Windows Backup
RP353: 11/27/2012 7:22:38 PM - Windows Update
RP354: 12/2/2012 7:43:25 PM - Windows Backup
RP355: 12/9/2012 8:01:30 PM - Scheduled Checkpoint
RP356: 12/11/2012 9:05:26 PM - Windows Update
RP357: 12/20/2012 8:34:41 PM - Windows Update
RP358: 1/8/2013 8:06:46 PM - Windows Update
RP359: 1/13/2013 3:50:36 PM - Removed Java(TM) 6 Update 31
RP360: 1/29/2013 3:45:01 PM - Restore Operation
RP361: 2/6/2013 1:20:50 PM - Scheduled Checkpoint
RP362: 2/6/2013 9:36:25 PM - Restore Operation
RP363: 2/10/2013 2:54:48 PM - Installed Laplink PCmover Professional.
RP364: 2/10/2013 3:32:47 PM - Removed Laplink PCmover Professional.
RP365: 2/10/2013 3:52:32 PM - Revo Uninstaller's restore point - Dropbox
RP366: 2/13/2013 6:58:40 PM - Windows Update
RP367: 2/13/2013 7:59:39 PM - Windows Update
RP368: 2/27/2013 3:40:03 PM - Windows Update
RP369: 2/27/2013 4:45:31 PM - Restore Operation
RP370: 2/27/2013 5:11:54 PM - DCInstallRestorePoint
RP371: 3/4/2013 3:30:06 PM - Garmin Express
RP372: 3/4/2013 3:31:07 PM - Garmin Express
RP373: 3/4/2013 3:35:53 PM - Garmin Express
RP374: 3/5/2013 8:24:55 PM - Garmin Express
RP375: 3/5/2013 8:26:15 PM - Garmin Express
RP376: 3/5/2013 8:26:53 PM - Garmin Express
RP377: 3/12/2013 8:58:52 PM - Windows Update
RP378: 3/17/2013 4:40:22 PM - Garmin Express
RP379: 3/17/2013 8:26:11 PM - Installed LightScribe Template Labeler.
RP380: 3/22/2013 7:56:24 PM - Application removal with Soft Organizer
RP381: 3/22/2013 11:08:37 PM - Removed ZoneAlarm Antivirus
.
Reply With Quote
  #132  
Old 03-23-2013, 07:37 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.6)
Apple Application Support
Apple Mobile Device Support
Avira Free Antivirus
Belarc Advisor 8.1
Bing Maps 3D
Bonjour
CCleaner
Classic Shell
Do Not Track Plus Add-on 1.0.5403.0218
ESET Online Scanner v3
FavOrg
Garmin Communicator Plugin
Garmin Express
Garmin USB Drivers
Garmin WebUpdater
Google Chrome
Google Earth
Google Update Helper
iCloud
Image Resizer Powertoy Clone for Windows (64 bit)
Inpaint 3.0
Intel(R) Graphics Media Accelerator Driver
Internet Explorer (Enable DEP)
iTunes
LightScribe Template Labeler
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Silverlight
Microsoft Virtual PC 2007 SP1
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Reply With Quote
  #133  
Old 03-23-2013, 07:38 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
SIW version 2010.03.10
Soft Organizer version 3.02
SpywareBlaster 5.0
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
USB Safely Remove 5.2
Verizon Wireless Download Manager 2.2.8-SNAPSHOT-r11227
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
Windows Live ID Sign-in Assistant
.
==== Event Viewer Messages From Past Week ========
.
3/23/2013 3:56:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AntiVirSchedulerService service.
3/23/2013 3:55:04 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/22/2013 8:29:52 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DeleteFlag with the following error: Access is denied.
3/22/2013 8:23:31 PM, Error: Service Control Manager [7000] - The ZoneAlarm LTD Toolbar ISWKL service failed to start due to the following error: The system cannot find the path specified.
3/22/2013 7:01:39 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Peer Networking Identity Manager service to connect.
3/22/2013 7:01:39 AM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Networking Identity Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
3/22/2013 7:01:39 AM, Error: Service Control Manager [7001] - The Peer Name Resolution Protocol service depends on the Peer Networking Identity Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
3/22/2013 7:01:39 AM, Error: Service Control Manager [7000] - The Peer Networking Identity Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/22/2013 3:46:40 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Peer Networking Identity Manager service, but this action failed with the following error: An instance of the service is already running.
3/22/2013 3:41:40 PM, Error: Service Control Manager [7031] - The Peer Networking Identity Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/22/2013 3:41:40 PM, Error: Service Control Manager [7031] - The Peer Networking Grouping service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/22/2013 3:41:40 PM, Error: Service Control Manager [7031] - The Peer Name Resolution Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/22/2013 12:16:47 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.
3/22/2013 12:15:47 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/22/2013 12:15:31 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/22/2013 10:46:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
3/22/2013 10:46:47 PM, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/22/2013 10:45:32 PM, Error: BTHUSB [5] - The Bluetooth driver expected an HCI event with a certain size but did not receive it.
3/21/2013 4:22:15 PM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
.
==== End Of File ===========================
Reply With Quote
  #134  
Old 03-23-2013, 07:40 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16470
Run by Strodder at 16:31:40 on 2013-03-23
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4061.2801 [GMT -5:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PSIService.exe
C:\PROGRA~2\Dantz\RETROS~1\wdsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\wdcbg.exe
C:\Windows\SysWOW64\WDBtnMgr.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_ 6_602_180_ActiveX.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
Reply With Quote
  #135  
Old 03-23-2013, 07:41 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
=========== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=f19d36cc0f38456abe 3823001600cbc7&tu=10GX0006H2B000c&sku=&tstsId=&ver =&
uSearch Bar = Preserve
uURLSearchHooks: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - <orphaned>
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
TB: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
mRun: [WDCBG] C:\Windows\WDCBG.EXE
mRun: [WD Button Manager] WDBtnMgr.exe
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &ieSpell Options - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: Lookup on Merriam Webster - C:\Program Files (x86)\ieSpell\Merriam Webster.HTM
IE: Lookup on Wikipedia - C:\Program Files (x86)\ieSpell\wikipedia.HTM
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
LSP: C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} - hxxp://www.pcpitstop.com/internet/pcpConnCheck.cab
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1359492422504
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://www.pcpitstop.com/mhLbl.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
TCP: Interfaces\{4DF385B1-6CA9-4D48-95F9-8D79B78F39C5} : DHCPNameServer = 68.171.80.15 68.171.80.14
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Inst aller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 8\DLLx64\SnagItBHO64.dll
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [DownloadManagerService] "C:\Program Files\Verizon Wireless\dist\servicerunner.exe" /action:startService
x64-Run: [ISW] <no file>
x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.s ys [2013-3-20 27800]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-3-20 86752]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-3-20 110816]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgn tflt.sys [2013-3-20 99912]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-4-22 1153368]
R2 USBSafelyRemoveService;USB Safely Remove Assistant;C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [2013-3-17 1521464]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-1-22 563760]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2010-8-2 35840]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2012-11-15 16776]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2012-11-15 9096]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominipor t.sys [2012-11-13 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUs bFlt.sys [2012-11-13 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-21 1255736]
.
=============== Created Last 30 ================
.
2013-03-23 00:54:53 -------- d-----w- C:\Program Files (x86)\Soft Organizer
2013-03-23 00:54:45 -------- d-----w- C:\Users\Strodder\AppData\Local\ChemTable Software
2013-03-22 17:17:28 -------- d-----w- C:\Program Files\iPod
2013-03-22 17:17:27 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-03-22 17:17:27 -------- d-----w- C:\Program Files\iTunes
2013-03-22 17:17:27 -------- d-----w- C:\Program Files (x86)\iTunes
2013-03-21 21:41:44 -------- d-----w- C:\Program Files (x86)\ESET
2013-03-21 21:21:41 -------- d-----w- C:\Program Files\ESET
2013-03-20 21:19:06 -------- d-----w- C:\Users\Strodder\AppData\Roaming\Avira
2013-03-20 21:13:19 99912 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2013-03-20 21:13:19 27800 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2013-03-20 21:13:18 -------- d-----w- C:\Program Files (x86)\Avira
2013-03-19 03:02:44 -------- d-----w- C:\Program Files (x86)\DoNoTrackPlus
2013-03-18 23:59:55 -------- d-----w- C:\ProgramData\Licenses
2013-03-18 01:33:22 -------- d-----w- C:\Users\Strodder\AppData\Roaming\USBSafelyRemove
2013-03-18 01:33:19 -------- d-----w- C:\ProgramData\USBSRService
2013-03-18 01:33:15 -------- d-----w- C:\Program Files (x86)\USB Safely Remove
2013-03-18 01:29:22 -------- d-----w- C:\Users\Strodder\AppData\Local\CRE
2013-03-18 01:28:54 -------- d-----w- C:\Program Files (x86)\SIW
2013-03-18 01:27:09 -------- d-----w- C:\Program Files (x86)\LightScribe Template Labeler
2013-03-17 21:41:14 -------- d-----w- C:\ProgramData\Package Cache
2013-03-13 01:57:57 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-04 21:38:21 -------- d-----w- C:\Users\Strodder\AppData\Local\Garmin
2013-02-27 23:12:38 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
2013-02-27 22:35:46 -------- d-----w- C:\Windows\IswTmp
2013-02-27 21:40:58 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
.
Reply With Quote
  #136  
Old 03-23-2013, 07:42 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
==================== Find3M ====================
.
2013-03-17 03:26:40 848 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys
2013-03-13 02:22:29 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 02:22:29 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-06 10:38:36 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-03-06 10:38:36 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-30 00:15:06 862664 ----a-w- C:\Windows\SysWow64\msvcr110.dll
2013-01-30 00:15:06 828872 ----a-w- C:\Windows\System32\msvcr110.dll
2013-01-30 00:15:06 661448 ----a-w- C:\Windows\System32\msvcp110.dll
2013-01-30 00:15:06 534480 ----a-w- C:\Windows\SysWow64\msvcp110.dll
2013-01-30 00:15:06 354264 ----a-w- C:\Windows\System32\vccorlib110.dll
2013-01-30 00:15:06 251864 ----a-w- C:\Windows\SysWow64\vccorlib110.dll
2013-01-30 00:15:04 50800 ----a-w- C:\Windows\System32\drivers\point64.sys
2013-01-21 17:12:12 2177664 ----a-w- C:\Windows\System32\coin93.dll
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
.
============= FINISH: 16:31:51.96 ===============
Reply With Quote
  #137  
Old 03-23-2013, 08:28 PM
jholland1964's Avatar
jholland1964 jholland1964 is offline
Almost Really Old Member
 
Join Date: Feb 2004
Location: The Middle
Posts: 30,817
Looks good to me, main thing I would strongly suggest is that you add Web Of Trust (WOT) to all of your browsers that you use. You will have to visit this page using each browser because it is set up specifically for each browser.
WOT is a safe browsing tool that "sits" on your browser and tells you whether the web site you are visiting is safe of not, even shows on google search result pages so that you no in advance whether the links shown are safe to visit.
Here is the link for it and its web site explains all of it very well.

http://www.mywot.com/

I would also strongly suggest that you reduce the size of your System Restore. You have restore points going back 4 months...WAY TOO many. Not one of those that old should you ever consider using. Two days is what might be considered safe but that's it. Here is how to reduce the size:

Start> and right click on Computer and select Properties. This will open the System Window. On the left, toward the top, select System Protection which will open the System Properties window.
Once that opens then click the Configure button there in the middle. This will take you to the next screen where you can adjust the size. I would suggest that you move it down to about 2%, more than enough restore points for a very large drive. Then hit the Apply Button.
You can just delete DDS, you don't need it anymore.
Any questions?
__________________

1. Dell Inspiron N5040;
Windows 7 64bit SP1
Firefox v.32.0.3, IE11;WLM2012; Avira Free, Windows Firewall, MBAM, SpywareBlaster, SUPERAntispyware

2.Dell Inspiron N7010; Windows 7 64bit SP1
*same programs as computer 1 above*


Help Us To Help You

System Restore

Stick with the Clean up
Reply With Quote
  #138  
Old 03-23-2013, 08:48 PM
MikeN.
Guest
 
Posts: n/a
I ask again, when you installed Avira, did you do Express Install or Custom Install? Is Avira set up properly?
Reply With Quote
  #139  
Old 03-23-2013, 09:12 PM
Mountain Man's Avatar
Mountain Man Mountain Man is offline
On the Road
 
Join Date: May 2004
Location: On top of a mountain in Arkansas
Posts: 8,551
Express Install
Reply With Quote
  #140  
Old 03-23-2013, 09:18 PM
MikeN.
Guest
 
Posts: n/a
Quote:
Originally Posted by Mountain Man View Post
Express Install
Then you also installed the Avira Search free toolbar and it was made your default search engine and your home page was most likely changed to Avira Search Free
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 07:25 AM.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 2000-2011 WorldStart, Inc