Lucygurrll

Hi, I did run Malwarebytes. This is the latest log from it Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.11.26.03 Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking) Internet Explorer 9.0.8112.16421 Toshiba :: TOSHIBA-PC [administrator] 27/11/2012 1:52:52 PM mbam-log-2012-11-27 (13-52-52).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 206774 Time elapsed: 4 minute(s), 40 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0

Also, I can't afford much, but I would love to send 10 bucks at least

# AdwCleaner v1.604 - Logfile created 11/26/2012 at 20:57:25 # Updated 23/04/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (32 bits) # User : Toshiba - TOSHIBA-PC # Running from : C:\Users\Toshiba\AppData\Local\Temp\installer.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Toshiba\AppData\Local\Conduit Folder Deleted : C:\Users\Toshiba\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Toshiba\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Toshiba\AppData\Roaming\Babylon Folder Deleted : C:\Users\Toshiba\AppData\Roaming\OpenCandy Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\SweetIM Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\SweetIM File Deleted : C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\lvsm3vng.default\searchplugins\MyStart Search.xml File Deleted : C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\lvsm3vng.default\searchplugins\SweetIm.xml File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml ***** [Registry] ***** Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\SweetIm Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\Software Key Deleted : HKLM\SOFTWARE\SweetIM Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\sim-packages Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetIM] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetpacks Communicator] ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-GB) Profile name : default File : C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\lvsm3vng.default\prefs.js C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\lvsm3vng.default\user.js ... Deleted ! Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=113480&tt=010712_2&babsrc=NT_ss&mn[...] Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)"); Deleted : user_pref("extensions.4faaf2a291247.scode", "\n(function(){var bdomains={\"premiumreports.info\":1,\[...] Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true); Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=113480&tt=01071[...] Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationThankYouPage", true); Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1341567030); Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.searchUserConifrmation", false[...] Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setHomepage", false); Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setNewTab", false); Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setSearch", false); Deleted : user_pref("extensions.crossriderapp4479.4479.active", true); Deleted : user_pref("extensions.crossriderapp4479.4479.addressbar", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.affid", "0"); Deleted : user_pref("extensions.crossriderapp4479.4479.backgroundjs", "\n\n/**********************************[...] Deleted : user_pref("extensions.crossriderapp4479.4479.backgroundver", 2); Deleted : user_pref("extensions.crossriderapp4479.4479.can_run_bg_code", true); Deleted : user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.changeprevious", false); Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...] Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1341567030"); Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...] Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...] Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1341567030"); Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...] Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22"); Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...] Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%2[...] Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...] Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2241449%22"); Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...] Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221242%22"); Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...] Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%2253466%22"); Deleted : user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons dis[...] Deleted : user_pref("extensions.crossriderapp4479.4479.domain", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.emailsig", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.enablesearch", false); Deleted : user_pref("extensions.crossriderapp4479.4479.exposesites", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.fbremoteurl", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.group", 0); Deleted : user_pref("extensions.crossriderapp4479.4479.homepage", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.iframe", false); Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...] Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.value", "%7B%22installe[...] Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...] Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "15"); Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb [...] Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0"); Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...] Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D"); Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Sun Jul 22[...] Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true"); Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...] Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D"); Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.expiration", "Fri[...] Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.value", "%7B%22re[...] Deleted : user_pref("extensions.crossriderapp4479.4479.js", "\nvar _GPL_PID=1171,_GPL_baseCDN=\"giantsavings-a[...] Deleted : user_pref("extensions.crossriderapp4479.4479.manifesturl", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings"); Deleted : user_pref("extensions.crossriderapp4479.4479.newtab", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.opensearch", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...] Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.name", "base"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.ver", 2); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.code", "(function(a){a.selectedText=f[...] Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.name", "CrossriderAppUtils"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.ver", 1); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...] Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.name", "CrossriderUtils"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.ver", 1); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.code", "(function(f){var u={};var e=M[...] Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.name", "FacebookFFIE"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.ver", 1); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.code", "(function(f,b){if(typeof(b)==[...] Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.name", "FFAppAPIWrapper"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.ver", 3); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.code", "if(typeof window!==\"undefine[...] Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.name", "jQuery"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.ver", 1); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...] Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.name", "debug"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.ver", 1); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...] Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.name", "resources"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.ver", 1); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.code", "var CrossriderInitializerPlug[...] Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.name", "initializer"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.ver", 1); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...] Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.name", "jquery_1_7_1"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.ver", 2); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_0", "17,14,16"); Deleted : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,28"[...] Deleted : user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...] Deleted : user_pref("extensions.crossriderapp4479.4479.pluginsversion", 4); Deleted : user_pref("extensions.crossriderapp4479.4479.premium", true); Deleted : user_pref("extensions.crossriderapp4479.4479.publisher", "215 Apps"); Deleted : user_pref("extensions.crossriderapp4479.4479.searchstatus", 0); Deleted : user_pref("extensions.crossriderapp4479.4479.setnewtab", false); Deleted : user_pref("extensions.crossriderapp4479.4479.settingsurl", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.thankyou", ""); Deleted : user_pref("extensions.crossriderapp4479.4479.updateinterval", 360); Deleted : user_pref("extensions.crossriderapp4479.4479.ver", 15); Deleted : user_pref("extensions.crossriderapp4479.apps", "4479"); Deleted : user_pref("extensions.crossriderapp4479.bic", "1385ef57f50e5c0a95dc8aff2469e1f2"); Deleted : user_pref("extensions.crossriderapp4479.cid", 4479); Deleted : user_pref("extensions.crossriderapp4479.firstrun", false); Deleted : user_pref("extensions.crossriderapp4479.hadappinstalled", true); Deleted : user_pref("extensions.crossriderapp4479.installationdate", 1341622944); Deleted : user_pref("extensions.crossriderapp4479.lastcheck", 22381950); Deleted : user_pref("extensions.crossriderapp4479.lastcheckitem", 22382151); Deleted : user_pref("extensions.crossriderapp4479.misc.lastBgWorkerTimer", "1341628465125"); Deleted : user_pref("extensions.crossriderapp4479.misc.lastDomWorkerTimer", "1341628465118"); Deleted : user_pref("extensions.crossriderapp4479.modetype", "production"); Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true); Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...] Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://search.babyl[...] -\\ Google Chrome v23.0.1271.64 File : C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean.

Hi! Please find the attached log. AdwCleanerS1.txt

Hi!! I am infected! This is a computer used by myself and my father and I have university work due soon, so any help you can offer would be much appreciated. I will be ever so grateful Attach.rar DDS.txt