dtracer

Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware Norton Internet Security WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 6 Update 26 Java version out of Date! Adobe Flash Player 11.5.502.135 Mozilla Firefox 14.0.1 Firefox out of Date! Google Chrome 21.0.1180.89 Google Chrome 22.0.1229.79 Google Chrome 22.0.1229.92 Google Chrome 22.0.1229.94 Google Chrome 23.0.1271.64 Google Chrome 23.0.1271.91 Google Chrome 23.0.1271.95 Google Chrome 23.0.1271.97 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````

# AdwCleaner v2.104 - Logfile created 12/31/2012 at 14:12:13 # Updated 29/12/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Rhonda - LOS-PC # Boot Mode : Normal # Running from : C:\Users\Rhonda\Desktop\adwcleaner\adwcleaner.exe # Option [Delete] ***** [services] ***** Stopped & Deleted : Web Assistant Updater ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk File Deleted : C:\user.js File Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\searchplugins\Conduit.xml File Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\searchplugins\search.xml Folder Deleted : C:\Program Files (x86)\AVG Secure Search Folder Deleted : C:\Program Files (x86)\BabylonToolbar Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\ConduitEngine Folder Deleted : C:\Program Files (x86)\DVDVideoSoftTB Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com Folder Deleted : C:\Program Files (x86)\GamesBar Folder Deleted : C:\Program Files (x86)\uTorrentControl2 Folder Deleted : C:\Program Files\Web Assistant Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\Users\Rhonda\AppData\Local\APN Folder Deleted : C:\Users\Rhonda\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Rhonda\AppData\Local\Conduit Folder Deleted : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Folder Deleted : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje Folder Deleted : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibgfbdggapddbjjbopabhlhianklajie Folder Deleted : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc Folder Deleted : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\phfmiknmhngmmlcppkpmbnopohlnfpbh Folder Deleted : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Folder Deleted : C:\Users\Rhonda\AppData\Local\OpenCandy Folder Deleted : C:\Users\Rhonda\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Rhonda\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Rhonda\AppData\LocalLow\bbrs_002.tb Folder Deleted : C:\Users\Rhonda\AppData\LocalLow\Billeo Folder Deleted : C:\Users\Rhonda\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Rhonda\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\Rhonda\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Rhonda\AppData\LocalLow\ShoppingReport2 Folder Deleted : C:\Users\Rhonda\AppData\LocalLow\Toolbar4 Folder Deleted : C:\Users\Rhonda\AppData\LocalLow\uTorrentControl2 Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Babylon Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\Conduit Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\ConduitCommon Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\CT2269050 Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\CT2786678 Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a} Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86} Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Folder Deleted : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\ffxtlbr@babylon.com Folder Deleted : C:\Users\Rhonda\AppData\Roaming\OpenCandy ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Key Deleted : HKCU\Software\AppDataLow\Software\Freecause Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\ShoppingReport2 Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2 Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\Ask.com.tmp Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\BabylonToolbar Key Deleted : HKCU\Software\Billeo Key Deleted : HKCU\Software\BrowserCompanion Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DealPly Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc Key Deleted : HKCU\Software\Google\Chrome\Extensions\phfmiknmhngmmlcppkpmbnopohlnfpbh Key Deleted : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE4E75D3-60AA-4F02-A0E4-C8A40576574C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3C490BF5-4244-4310-B4A7-3361F288DAC5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41069220-F72A-40EA-A8F3-BCD5E1FBC8F0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9437A5B5-6CB4-4CA7-86B9-6D46FA5E5184} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E42E5638-88E7-4200-AB2A-94DB6EC3C622} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3C490BF5-4244-4310-B4A7-3361F288DAC5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41069220-F72A-40EA-A8F3-BCD5E1FBC8F0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\ShopToWin Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\Somoto Toolbar Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Key Deleted : HKCU\Software\SMTTB2009 Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\BabylonToolbar Key Deleted : HKLM\Software\BrowserCompanion Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EB583FE1-9458-4EDA-AC68-24D24F17C70F} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511} Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShoppingBHO.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\b Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1 Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1 Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Key Deleted : HKLM\SOFTWARE\Classes\FCSB000062035.JSOptionsImpl Key Deleted : HKLM\SOFTWARE\Classes\FCSB000062035.JSOptionsImpl.1 Key Deleted : HKLM\SOFTWARE\Classes\FCSB000063945.JSOptionsImpl Key Deleted : HKLM\SOFTWARE\Classes\FCSB000063945.JSOptionsImpl.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64 Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1 Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3061355 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\updatebho.TimerBHO Key Deleted : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\conduitEngine Key Deleted : HKLM\Software\DealPly Key Deleted : HKLM\Software\DVDVideoSoftTB Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E99DEF6C-3AEA-4B26-BFDD-32EFE645CE6E} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\Software\uTorrentControl2 Key Deleted : HKLM\Software\Web Assistant Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C490BF5-4244-4310-B4A7-3361F288DAC5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{41069220-F72A-40EA-A8F3-BCD5E1FBC8F0} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9437A5B5-6CB4-4CA7-86B9-6D46FA5E5184} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E42E5638-88E7-4200-AB2A-94DB6EC3C622} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E99DEF6C-3AEA-4B26-BFDD-32EFE645CE6E} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ibgfbdggapddbjjbopabhlhianklajie Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\phfmiknmhngmmlcppkpmbnopohlnfpbh Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21016CDF-4754-45B5-A2F4-5B895E9E9C9F} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E24F0CA-C6E1-49CF-822A-1CAA6AC05B70} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84C748C1-012D-4D92-9040-E6E936533CDC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C490BF5-4244-4310-B4A7-3361F288DAC5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41069220-F72A-40EA-A8F3-BCD5E1FBC8F0} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facetheme Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 Key Deleted : HKLM\SOFTWARE\Web Assistant Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{3C490BF5-4244-4310-B4A7-3361F288DAC5}] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253 --> hxxp://www.google.com Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.bigseekpro.com/clipextractor/{3D6D1AE7-C97E-444B-AD40-F45238A1CCF7}?s_src=newtab --> hxxp://www.google.com -\\ Mozilla Firefox v14.0.1 (en-US) File : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\prefs.js C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\user.js ... Deleted ! Deleted : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2269050.CTID", "CT2269050"); Deleted : user_pref("CT2269050.CurrentServerDate", "14-2-2011"); Deleted : user_pref("CT2269050.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2269050.DownloadReferralCookieData", ""); Deleted : user_pref("CT2269050.EMailNotifierPollDate", "Mon Feb 14 2011 15:21:17 GMT-0500 (Eastern Standard Ti[...] Deleted : user_pref("CT2269050.FirstServerDate", "14-2-2011"); Deleted : user_pref("CT2269050.FirstTime", true); Deleted : user_pref("CT2269050.FirstTimeFF3", true); Deleted : user_pref("CT2269050.FirstTimeSettingsDone", true); Deleted : user_pref("CT2269050.FixPageNotFoundErrors", true); Deleted : user_pref("CT2269050.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2269050.Initialize", true); Deleted : user_pref("CT2269050.InitializeCommonPrefs", true); Deleted : user_pref("CT2269050.InstallationAndCookieDataSentCount", 1); Deleted : user_pref("CT2269050.InstallationType", "UnknownIntegration"); Deleted : user_pref("CT2269050.InstalledDate", "Mon Feb 14 2011 15:21:17 GMT-0500 (Eastern Standard Time)"); Deleted : user_pref("CT2269050.InvalidateCache", false); Deleted : user_pref("CT2269050.IsGrouping", false); Deleted : user_pref("CT2269050.IsMulticommunity", false); Deleted : user_pref("CT2269050.IsOpenThankYouPage", false); Deleted : user_pref("CT2269050.IsOpenUninstallPage", false); Deleted : user_pref("CT2269050.LanguagePackLastCheckTime", "Mon Feb 14 2011 15:21:19 GMT-0500 (Eastern Standar[...] Deleted : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2269050.LastLogin_2.7.2.0", "Mon Feb 14 2011 15:21:19 GMT-0500 (Eastern Standard Time)"[...] Deleted : user_pref("CT2269050.LatestVersion", "3.2.5.2"); Deleted : user_pref("CT2269050.Locale", "en"); Deleted : user_pref("CT2269050.LoginCache", 4); Deleted : user_pref("CT2269050.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2269050.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2269050.RadioIsPodcast", false); Deleted : user_pref("CT2269050.RadioLastCheckTime", "Mon Feb 14 2011 15:21:19 GMT-0500 (Eastern Standard Time)[...] Deleted : user_pref("CT2269050.RadioLastUpdateIPServer", "3"); Deleted : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000"); Deleted : user_pref("CT2269050.RadioMediaID", "12473383"); Deleted : user_pref("CT2269050.RadioMediaType", "Media Player"); Deleted : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383"); Deleted : user_pref("CT2269050.RadioStationName", "Hotmix%20108"); Deleted : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082"); Deleted : user_pref("CT2269050.SHRINK_TOOLBAR", 1); Deleted : user_pref("CT2269050.SavedHomepage", "hxxp://www.bigseekpro.com/clipextractor/{3D6D1AE7-C97E-444B-AD[...] Deleted : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Deleted : user_pref("CT2269050.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...] Deleted : user_pref("CT2269050.SearchInNewTabEnabled", true); Deleted : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Mon Feb 14 2011 15:21:19 GMT-0500 (Eastern Stand[...] Deleted : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Deleted : user_pref("CT2269050.SettingsCheckIntervalMin", 120); Deleted : user_pref("CT2269050.SettingsLastCheckTime", "Mon Feb 14 2011 15:21:15 GMT-0500 (Eastern Standard Ti[...] Deleted : user_pref("CT2269050.SettingsLastUpdate", "1297619009"); Deleted : user_pref("CT2269050.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Mon Feb 14 2011 15:21:15 GMT-0500 (Eastern Sta[...] Deleted : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578"); Deleted : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID"); Deleted : user_pref("CT2269050.UserID", "UN18119888187759803"); Deleted : user_pref("CT2269050.ValidationData_Toolbar", 1); Deleted : user_pref("CT2269050.WeatherNetwork", ""); Deleted : user_pref("CT2269050.WeatherPollDate", "Mon Feb 14 2011 15:21:19 GMT-0500 (Eastern Standard Time)"); Deleted : user_pref("CT2269050.WeatherUnit", "C"); Deleted : user_pref("CT2269050.alertChannelId", "666138"); Deleted : user_pref("CT2269050.clientLogIsEnabled", false); Deleted : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Deleted : user_pref("CT2269050.myStuffEnabled", true); Deleted : user_pref("CT2269050.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2269050.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Deleted : user_pref("CT2786678..clientLogIsEnabled", false); Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2786678.AppTrackingLastCheckTime", "Tue Sep 13 2011 14:32:55 GMT-0400 (Eastern Daylight[...] Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true); Deleted : user_pref("CT2786678.CTID", "CT2786678"); Deleted : user_pref("CT2786678.CurrentServerDate", "4-10-2011"); Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Tue Oct 04 2011 16:16:36 GMT-0400 (Eastern Daylig[...] Deleted : user_pref("CT2786678.DownloadReferralCookieData", ""); Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Tue Oct 04 2011 16:16:23 GMT-0400 (Eastern Daylight Ti[...] Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 229); Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Tue Oct 04 2011 16:16:26 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15); Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10); Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5); Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5); Deleted : user_pref("CT2786678.FirstServerDate", "13-9-2011"); Deleted : user_pref("CT2786678.FirstTime", true); Deleted : user_pref("CT2786678.FirstTimeFF3", true); Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false); Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2786678.HasUserGlobalKeys", true); Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false); Deleted : user_pref("CT2786678.HomepageBeforeUnload", "hxxp://www.msn.com/?pc=Z206&install_date=20111002"); Deleted : user_pref("CT2786678.Initialize", true); Deleted : user_pref("CT2786678.InitializeCommonPrefs", true); Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3); Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration"); Deleted : user_pref("CT2786678.InstalledDate", "Tue Sep 13 2011 14:32:40 GMT-0400 (Eastern Daylight Time)"); Deleted : user_pref("CT2786678.IsAlertDBUpdated", true); Deleted : user_pref("CT2786678.IsGrouping", false); Deleted : user_pref("CT2786678.IsMulticommunity", false); Deleted : user_pref("CT2786678.IsOpenThankYouPage", true); Deleted : user_pref("CT2786678.IsOpenUninstallPage", false); Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Tue Oct 04 2011 16:16:35 GMT-0400 (Eastern Dayligh[...] Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2786678.LastLogin_3.3.3.2", "Tue Sep 13 2011 14:32:41 GMT-0400 (Eastern Daylight Time)"[...] Deleted : user_pref("CT2786678.LastLogin_3.7.0.6", "Tue Oct 04 2011 16:16:33 GMT-0400 (Eastern Daylight Time)"[...] Deleted : user_pref("CT2786678.LatestVersion", "3.7.0.6"); Deleted : user_pref("CT2786678.Locale", "en"); Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2786678.MCDetectTooltipShow", false); Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true); Deleted : user_pref("CT2786678.SHRINK_TOOLBAR", 1); Deleted : user_pref("CT2786678.SavedHomepage", "hxxp://search.conduit.com/?ctid=&SearchSource=13"); Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "Yahoo-Mp3Rocket"); Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...] Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true); Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Tue Oct 04 2011 16:16:31 GMT-0400 (Eastern Dayli[...] Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...] Deleted : user_pref("CT2786678.SearchProtectorEnabled", false); Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false); Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Tue Oct 04 2011 16:16:23 GMT-0400 (Eastern Daylight [...] Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Tue Oct 04 2011 16:16:20 GMT-0400 (Eastern Daylight Ti[...] Deleted : user_pref("CT2786678.SettingsLastUpdate", "1314985690"); Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Tue Oct 04 2011 16:16:19 GMT-0400 (Eastern Day[...] Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586"); Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false); Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678"); Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Deleted : user_pref("CT2786678.UserID", "UN91172957082999187"); Deleted : user_pref("CT2786678.ValidationData_Toolbar", 0); Deleted : user_pref("CT2786678.WeatherNetwork", ""); Deleted : user_pref("CT2786678.WeatherPollDate", "Tue Oct 04 2011 16:16:26 GMT-0400 (Eastern Daylight Time)"); Deleted : user_pref("CT2786678.WeatherUnit", "C"); Deleted : user_pref("CT2786678.alertChannelId", "1178763"); Deleted : user_pref("CT2786678.approveUntrustedApps", false); Deleted : user_pref("CT2786678.backendstorage.cbfirsttime", "547565204F637420303420323031312031363A31363A35352[...] Deleted : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...] Deleted : user_pref("CT2786678.components.1000034", false); Deleted : user_pref("CT2786678.components.1000234", false); Deleted : user_pref("CT2786678.components.129309485163350924", false); Deleted : user_pref("CT2786678.components.129315411424256896", false); Deleted : user_pref("CT2786678.components.129579220236217502", false); Deleted : user_pref("CT2786678.components.5690698542593514850", false); Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Tue Oct 04 2011 16:16:35 GMT-0400 (Eastern [...] Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true); Deleted : user_pref("CT2786678.initDone", true); Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true); Deleted : user_pref("CT2786678.myStuffEnabled", true); Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804[...] Deleted : user_pref("CT2786678.revertSettingsEnabled", false); Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10); Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true); Deleted : user_pref("CT2786678.testingCtid", ""); Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Tue Oct 04 2011 16:16:36 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Tue Oct 04 2011 16:16:36 GMT-0400 (Eastern D[...] Deleted : user_pref("CT2786678.usagesFlag", 2); Deleted : user_pref("CT3072253.autoDisableScopes", -1); Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2786678&octid=[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...] Deleted : user_pref("CommunityToolbar.EngineOwner", ""); Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"); Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar"); Deleted : user_pref("CommunityToolbar.IsEngineShown", true); Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Rhonda\\AppData\\Roaming\\Mozilla\\[...] Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6"); Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678"); Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"); Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar"); Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.bigseekpro.com/search/toolbar[...] Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,CT2786678"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050,ConduitEngine,CT2786678"); Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Sep 13 2011 14:31:53 GMT-04[...] Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60); Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Sep 13 2011 14:32:41 GMT-0400 (Easte[...] Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.alert.locale", "en"); Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Sep 13 2011 14:31:42 GMT-0400 (Eastern D[...] Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611"); Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.alert.userId", "ab34d5a2-1485-435e-b1c7-d630e1e1ed72"); Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Oct 04 2011 16:16:34 GMT-0400 (Eas[...] Deleted : user_pref("CommunityToolbar.globalUserId", "a3a86c25-2149-47f4-a8a4-aeb02d1b7bf8"); Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678"); Deleted : user_pref("CommunityToolbar.killedEngine", true); Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Oct 04 2011 16:16:5[...] Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60); Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Oct 04 2011 16:17:03 GMT-040[...] Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.locale", "en"); Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Oct 04 2011 16:16:23 GMT-0400 (E[...] Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.notifications.userId", "02e3ad3e-5aed-4ed7-919a-056d335d964e"); Deleted : user_pref("CommunityToolbar.undefined", ""); Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search"); Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Deleted : user_pref("extensions.BabylonToolbar_i.babExt", ""); Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111971&tt=060612_5_"); Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "c469942a0000000000001c659d888d5f"); Deleted : user_pref("extensions.BabylonToolbar_i.id", "c469942a0000000000001c659d888d5f"); Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15508"); Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false); Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1711:16:20"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Deleted : user_pref("extensions.addonfox.addit.remoteInstallItems", "{ \"software\": {\"78\": {\"id\": \"78\",[...] Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true); Deleted : user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"35\": {\"id\": \"35\",\"tit[...] Deleted : user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/clipextractor/{3D6D1AE7-C97E-[...] Deleted : user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/clipextractor/{3D6D1AE7-C97E-444B-AD40-F4523[...] Deleted : user_pref("surfcanyon.added_to_searchbar", true); Deleted : user_pref("surfcanyon.daily_code", "scIsOnSearchEngineDomain = function() {\nreturn contains(scCurre[...] Deleted : user_pref("surfcanyon.daily_code_timestamp", "1315938780304"); Deleted : user_pref("surfcanyon.hourly_code", "scGetDocument = function() {\nreturn scIsFF ? content.document [...] Deleted : user_pref("surfcanyon.hourly_code2", "scEnableGoogle_hourly = function() {\nvar args = window.locati[...] Deleted : user_pref("surfcanyon.hourly_code_timestamp", "1315938779857"); Deleted : user_pref("surfcanyon.inst_id", "208189131412353854846145630765665"); Deleted : user_pref("surfcanyon.inst_timestamp", "1302385825513"); Deleted : user_pref("surfcanyon.last_seen_splash", "330"); Deleted : user_pref("surfcanyon.num_results_clicked", "7"); Deleted : user_pref("surfcanyon.num_results_clicked_when_recs_available", "6"); Deleted : user_pref("surfcanyon.num_searches", "2"); Deleted : user_pref("surfcanyon.partner_code", "AFA"); Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar"); Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.startpage", "wpl.startnow.com"); -\\ Google Chrome v23.0.1271.97 File : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.13] : homepage = "hxxp://isearch.avg.com/?cid={7A360524-66C7-4722-A6BB-86720213015C}&mid=0c84cfe4f6[...] Deleted [l.17] : urls_to_restore_on_startup = [ "hxxps://isearch.avg.com/?cid={7A360524-66C7-4722-A6BB-8672[...] Deleted [l.49] : icon_url = "hxxp://isearch.avg.com/favicon.ico", Deleted [l.52] : keyword = "isearch.avg.com", Deleted [l.55] : search_url = "hxxp://isearch.avg.com/search?cid={7A360524-66C7-4722-A6BB-86720213015C}&mid=0c[...] Deleted [l.2115] : homepage = "hxxp://isearch.avg.com/?cid={7A360524-66C7-4722-A6BB-86720213015C}&mid=0c84cfe4f6854[...] Deleted [l.2573] : urls_to_restore_on_startup = [ "hxxps://isearch.avg.com/?cid={7A360524-66C7-4722-A6BB-8672021[...] -\\ Opera v12.12.1707.0 File : C:\Users\Rhonda\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [64064 octets] - [31/12/2012 13:56:18] AdwCleaner[R2].txt - [64125 octets] - [31/12/2012 14:11:27] AdwCleaner[s1].txt - [63323 octets] - [31/12/2012 14:12:13] ########## EOF - C:\AdwCleaner[s1].txt - [63384 octets] ##########

Hope you don't mind me asking but it's ok for me to be pasting in all this info right? lol I've never been so nervous. # AdwCleaner v2.104 - Logfile created 12/31/2012 at 13:56:18 # Updated 29/12/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Rhonda - LOS-PC # Boot Mode : Normal # Running from : C:\Users\Rhonda\Desktop\adwcleaner\adwcleaner.exe # Option [search] ***** [services] ***** Found : Web Assistant Updater ***** [Files / Folders] ***** File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk File Found : C:\user.js File Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\searchplugins\Conduit.xml File Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\searchplugins\search.xml Folder Found : C:\Program Files (x86)\AVG Secure Search Folder Found : C:\Program Files (x86)\BabylonToolbar Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\Program Files (x86)\ConduitEngine Folder Found : C:\Program Files (x86)\DVDVideoSoftTB Folder Found : C:\Program Files (x86)\Free Offers from Freeze.com Folder Found : C:\Program Files (x86)\GamesBar Folder Found : C:\Program Files (x86)\uTorrentControl2 Folder Found : C:\Program Files\Web Assistant Folder Found : C:\ProgramData\AVG Secure Search Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar Folder Found : C:\ProgramData\Tarma Installer Folder Found : C:\Users\Rhonda\AppData\Local\APN Folder Found : C:\Users\Rhonda\AppData\Local\AVG Secure Search Folder Found : C:\Users\Rhonda\AppData\Local\Conduit Folder Found : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Folder Found : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje Folder Found : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibgfbdggapddbjjbopabhlhianklajie Folder Found : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc Folder Found : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\phfmiknmhngmmlcppkpmbnopohlnfpbh Folder Found : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Folder Found : C:\Users\Rhonda\AppData\Local\OpenCandy Folder Found : C:\Users\Rhonda\AppData\LocalLow\AVG Secure Search Folder Found : C:\Users\Rhonda\AppData\LocalLow\BabylonToolbar Folder Found : C:\Users\Rhonda\AppData\LocalLow\bbrs_002.tb Folder Found : C:\Users\Rhonda\AppData\LocalLow\Billeo Folder Found : C:\Users\Rhonda\AppData\LocalLow\Conduit Folder Found : C:\Users\Rhonda\AppData\LocalLow\ConduitEngine Folder Found : C:\Users\Rhonda\AppData\LocalLow\PriceGong Folder Found : C:\Users\Rhonda\AppData\LocalLow\ShoppingReport2 Folder Found : C:\Users\Rhonda\AppData\LocalLow\Toolbar4 Folder Found : C:\Users\Rhonda\AppData\LocalLow\uTorrentControl2 Folder Found : C:\Users\Rhonda\AppData\Roaming\Babylon Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\Conduit Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\ConduitCommon Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\CT2269050 Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\CT2786678 Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a} Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86} Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Folder Found : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\extensions\ffxtlbr@babylon.com Folder Found : C:\Users\Rhonda\AppData\Roaming\OpenCandy ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Key Found : HKCU\Software\AppDataLow\Software\Freecause Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\ShoppingReport2 Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl2 Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\Ask.com.tmp Key Found : HKCU\Software\AVG Secure Search Key Found : HKCU\Software\BabylonToolbar Key Found : HKCU\Software\Billeo Key Found : HKCU\Software\BrowserCompanion Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\DealPly Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Key Found : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc Key Found : HKCU\Software\Google\Chrome\Extensions\phfmiknmhngmmlcppkpmbnopohlnfpbh Key Found : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Key Found : HKCU\Software\IGearSettings Key Found : HKCU\Software\IM Key Found : HKCU\Software\ImInstaller Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE4E75D3-60AA-4F02-A0E4-C8A40576574C} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3C490BF5-4244-4310-B4A7-3361F288DAC5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41069220-F72A-40EA-A8F3-BCD5E1FBC8F0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9437A5B5-6CB4-4CA7-86B9-6D46FA5E5184} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E42E5638-88E7-4200-AB2A-94DB6EC3C622} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3C490BF5-4244-4310-B4A7-3361F288DAC5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41069220-F72A-40EA-A8F3-BCD5E1FBC8F0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKCU\Software\ShopToWin Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\Somoto Toolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Key Found : HKCU\Software\SMTTB2009 Key Found : HKLM\Software\AVG Secure Search Key Found : HKLM\Software\Babylon Key Found : HKLM\Software\BabylonToolbar Key Found : HKLM\Software\BrowserCompanion Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Found : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C} Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1} Key Found : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169} Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\AppID\{EB583FE1-9458-4EDA-AC68-24D24F17C70F} Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511} Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\ShoppingBHO.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Found : HKLM\SOFTWARE\Classes\b Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1 Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Classes\dnUpdate Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1 Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1 Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Key Found : HKLM\SOFTWARE\Classes\FCSB000062035.JSOptionsImpl Key Found : HKLM\SOFTWARE\Classes\FCSB000062035.JSOptionsImpl.1 Key Found : HKLM\SOFTWARE\Classes\FCSB000063945.JSOptionsImpl Key Found : HKLM\SOFTWARE\Classes\FCSB000063945.JSOptionsImpl.1 Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64 Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1 Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3061355 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253 Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009 Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\updatebho.TimerBHO Key Found : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1 Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1 Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\conduitEngine Key Found : HKLM\Software\conduitEngine Key Found : HKLM\Software\DealPly Key Found : HKLM\Software\DVDVideoSoftTB Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E99DEF6C-3AEA-4B26-BFDD-32EFE645CE6E} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Found : HKLM\Software\uTorrentControl2 Key Found : HKLM\Software\Web Assistant Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C490BF5-4244-4310-B4A7-3361F288DAC5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{41069220-F72A-40EA-A8F3-BCD5E1FBC8F0} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9437A5B5-6CB4-4CA7-86B9-6D46FA5E5184} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E42E5638-88E7-4200-AB2A-94DB6EC3C622} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E99DEF6C-3AEA-4B26-BFDD-32EFE645CE6E} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ibgfbdggapddbjjbopabhlhianklajie Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\phfmiknmhngmmlcppkpmbnopohlnfpbh Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21016CDF-4754-45B5-A2F4-5B895E9E9C9F} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E24F0CA-C6E1-49CF-822A-1CAA6AC05B70} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84C748C1-012D-4D92-9040-E6E936533CDC} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C490BF5-4244-4310-B4A7-3361F288DAC5} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41069220-F72A-40EA-A8F3-BCD5E1FBC8F0} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facetheme Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277} Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Found : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Found : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 Key Found : HKLM\SOFTWARE\Web Assistant Key Found : HKU\S-1-5-21-3288202479-1097162312-4138302597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKU\S-1-5-21-3288202479-1097162312-4138302597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Found : HKU\S-1-5-21-3288202479-1097162312-4138302597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key Found : HKU\S-1-5-21-3288202479-1097162312-4138302597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKU\S-1-5-21-3288202479-1097162312-4138302597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E} Key Found : HKU\S-1-5-21-3288202479-1097162312-4138302597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}] Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{3C490BF5-4244-4310-B4A7-3361F288DAC5}] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253 [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.bigseekpro.com/clipextractor/{3D6D1AE7-C97E-444B-AD40-F45238A1CCF7}?s_src=newtab -\\ Mozilla Firefox v14.0.1 (en-US) File : C:\Users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\prefs.js Found : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Found : user_pref("CT2269050.CTID", "CT2269050"); Found : user_pref("CT2269050.CurrentServerDate", "14-2-2011"); Found : user_pref("CT2269050.DialogsAlignMode", "LTR"); Found : user_pref("CT2269050.DownloadReferralCookieData", ""); Found : user_pref("CT2269050.EMailNotifierPollDate", "Mon Feb 14 2011 15:21:17 GMT-0500 (Eastern Standard Ti[...] Found : user_pref("CT2269050.FirstServerDate", "14-2-2011"); Found : user_pref("CT2269050.FirstTime", true); Found : user_pref("CT2269050.FirstTimeFF3", true); Found : user_pref("CT2269050.FirstTimeSettingsDone", true); Found : user_pref("CT2269050.FixPageNotFoundErrors", true); Found : user_pref("CT2269050.GroupingServerCheckInterval", 1440); Found : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Found : user_pref("CT2269050.Initialize", true); Found : user_pref("CT2269050.InitializeCommonPrefs", true); Found : user_pref("CT2269050.InstallationAndCookieDataSentCount", 1); Found : user_pref("CT2269050.InstallationType", "UnknownIntegration"); Found : user_pref("CT2269050.InstalledDate", "Mon Feb 14 2011 15:21:17 GMT-0500 (Eastern Standard Time)"); Found : user_pref("CT2269050.InvalidateCache", false); Found : user_pref("CT2269050.IsGrouping", false); Found : user_pref("CT2269050.IsMulticommunity", false); Found : user_pref("CT2269050.IsOpenThankYouPage", false); Found : user_pref("CT2269050.IsOpenUninstallPage", false); Found : user_pref("CT2269050.LanguagePackLastCheckTime", "Mon Feb 14 2011 15:21:19 GMT-0500 (Eastern Standar[...] Found : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440); Found : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Found : user_pref("CT2269050.LastLogin_2.7.2.0", "Mon Feb 14 2011 15:21:19 GMT-0500 (Eastern Standard Time)"[...] Found : user_pref("CT2269050.LatestVersion", "3.2.5.2"); Found : user_pref("CT2269050.Locale", "en"); Found : user_pref("CT2269050.LoginCache", 4); Found : user_pref("CT2269050.MCDetectTooltipHeight", "83"); Found : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Found : user_pref("CT2269050.MCDetectTooltipWidth", "295"); Found : user_pref("CT2269050.RadioIsPodcast", false); Found : user_pref("CT2269050.RadioLastCheckTime", "Mon Feb 14 2011 15:21:19 GMT-0500 (Eastern Standard Time)[...] Found : user_pref("CT2269050.RadioLastUpdateIPServer", "3"); Found : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000"); Found : user_pref("CT2269050.RadioMediaID", "12473383"); Found : user_pref("CT2269050.RadioMediaType", "Media Player"); Found : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383"); Found : user_pref("CT2269050.RadioStationName", "Hotmix%20108"); Found : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082"); Found : user_pref("CT2269050.SHRINK_TOOLBAR", 1); Found : user_pref("CT2269050.SavedHomepage", "hxxp://www.bigseekpro.com/clipextractor/{3D6D1AE7-C97E-444B-AD[...] Found : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Found : user_pref("CT2269050.SearchFromAddressBarIsInit", true); Found : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...] Found : user_pref("CT2269050.SearchInNewTabEnabled", true); Found : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440); Found : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Mon Feb 14 2011 15:21:19 GMT-0500 (Eastern Stand[...] Found : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Found : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Found : user_pref("CT2269050.SettingsCheckIntervalMin", 120); Found : user_pref("CT2269050.SettingsLastCheckTime", "Mon Feb 14 2011 15:21:15 GMT-0500 (Eastern Standard Ti[...] Found : user_pref("CT2269050.SettingsLastUpdate", "1297619009"); Found : user_pref("CT2269050.ThirdPartyComponentsInterval", 504); Found : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Mon Feb 14 2011 15:21:15 GMT-0500 (Eastern Sta[...] Found : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578"); Found : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID"); Found : user_pref("CT2269050.UserID", "UN18119888187759803"); Found : user_pref("CT2269050.ValidationData_Toolbar", 1); Found : user_pref("CT2269050.WeatherNetwork", ""); Found : user_pref("CT2269050.WeatherPollDate", "Mon Feb 14 2011 15:21:19 GMT-0500 (Eastern Standard Time)"); Found : user_pref("CT2269050.WeatherUnit", "C"); Found : user_pref("CT2269050.alertChannelId", "666138"); Found : user_pref("CT2269050.clientLogIsEnabled", false); Found : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Found : user_pref("CT2269050.myStuffEnabled", true); Found : user_pref("CT2269050.myStuffPublihserMinWidth", 400); Found : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Found : user_pref("CT2269050.myStuffServiceIntervalMM", 1440); Found : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Found : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Found : user_pref("CT2786678..clientLogIsEnabled", false); Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Found : user_pref("CT2786678.AppTrackingLastCheckTime", "Tue Sep 13 2011 14:32:55 GMT-0400 (Eastern Daylight[...] Found : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true); Found : user_pref("CT2786678.CTID", "CT2786678"); Found : user_pref("CT2786678.CurrentServerDate", "4-10-2011"); Found : user_pref("CT2786678.DialogsAlignMode", "LTR"); Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Tue Oct 04 2011 16:16:36 GMT-0400 (Eastern Daylig[...] Found : user_pref("CT2786678.DownloadReferralCookieData", ""); Found : user_pref("CT2786678.EMailNotifierPollDate", "Tue Oct 04 2011 16:16:23 GMT-0400 (Eastern Daylight Ti[...] Found : user_pref("CT2786678.FeedLastCount5690698542593514850", 229); Found : user_pref("CT2786678.FeedPollDate2429156812186649977", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedPollDate2429156813040823546", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedPollDate2429156813130095866", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedPollDate2429156813224203613", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedPollDate2429156813230837251", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedPollDate2429156813454291735", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedPollDate2429156813729834876", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedPollDate2429156813860870021", "Tue Oct 04 2011 16:16:26 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedPollDate2429156814264681793", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedPollDate2429156814863075366", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedPollDate2429156815257761081", "Tue Oct 04 2011 16:16:25 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.FeedTTL2429156813040823546", 15); Found : user_pref("CT2786678.FeedTTL2429156813130095866", 10); Found : user_pref("CT2786678.FeedTTL2429156813454291735", 5); Found : user_pref("CT2786678.FeedTTL2429156814264681793", 5); Found : user_pref("CT2786678.FirstServerDate", "13-9-2011"); Found : user_pref("CT2786678.FirstTime", true); Found : user_pref("CT2786678.FirstTimeFF3", true); Found : user_pref("CT2786678.FixPageNotFoundErrors", false); Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440); Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Found : user_pref("CT2786678.HasUserGlobalKeys", true); Found : user_pref("CT2786678.HomePageProtectorEnabled", false); Found : user_pref("CT2786678.HomepageBeforeUnload", "hxxp://www.msn.com/?pc=Z206&install_date=20111002"); Found : user_pref("CT2786678.Initialize", true); Found : user_pref("CT2786678.InitializeCommonPrefs", true); Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3); Found : user_pref("CT2786678.InstallationType", "UnknownIntegration"); Found : user_pref("CT2786678.InstalledDate", "Tue Sep 13 2011 14:32:40 GMT-0400 (Eastern Daylight Time)"); Found : user_pref("CT2786678.IsAlertDBUpdated", true); Found : user_pref("CT2786678.IsGrouping", false); Found : user_pref("CT2786678.IsMulticommunity", false); Found : user_pref("CT2786678.IsOpenThankYouPage", true); Found : user_pref("CT2786678.IsOpenUninstallPage", false); Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Tue Oct 04 2011 16:16:35 GMT-0400 (Eastern Dayligh[...] Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440); Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Found : user_pref("CT2786678.LastLogin_3.3.3.2", "Tue Sep 13 2011 14:32:41 GMT-0400 (Eastern Daylight Time)"[...] Found : user_pref("CT2786678.LastLogin_3.7.0.6", "Tue Oct 04 2011 16:16:33 GMT-0400 (Eastern Daylight Time)"[...] Found : user_pref("CT2786678.LatestVersion", "3.7.0.6"); Found : user_pref("CT2786678.Locale", "en"); Found : user_pref("CT2786678.MCDetectTooltipHeight", "83"); Found : user_pref("CT2786678.MCDetectTooltipShow", false); Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Found : user_pref("CT2786678.MCDetectTooltipWidth", "295"); Found : user_pref("CT2786678.MyStuffEnabledAtInstallation", true); Found : user_pref("CT2786678.SHRINK_TOOLBAR", 1); Found : user_pref("CT2786678.SavedHomepage", "hxxp://search.conduit.com/?ctid=&SearchSource=13"); Found : user_pref("CT2786678.SearchEngineBeforeUnload", "Yahoo-Mp3Rocket"); Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true); Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...] Found : user_pref("CT2786678.SearchInNewTabEnabled", true); Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440); Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Tue Oct 04 2011 16:16:31 GMT-0400 (Eastern Dayli[...] Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Found : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...] Found : user_pref("CT2786678.SearchProtectorEnabled", false); Found : user_pref("CT2786678.SearchProtectorToolbarDisabled", false); Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Tue Oct 04 2011 16:16:23 GMT-0400 (Eastern Daylight [...] Found : user_pref("CT2786678.SettingsLastCheckTime", "Tue Oct 04 2011 16:16:20 GMT-0400 (Eastern Daylight Ti[...] Found : user_pref("CT2786678.SettingsLastUpdate", "1314985690"); Found : user_pref("CT2786678.ThirdPartyComponentsInterval", 504); Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Tue Oct 04 2011 16:16:19 GMT-0400 (Eastern Day[...] Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586"); Found : user_pref("CT2786678.ToolbarShrinkedFromSetup", false); Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678"); Found : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Found : user_pref("CT2786678.UserID", "UN91172957082999187"); Found : user_pref("CT2786678.ValidationData_Toolbar", 0); Found : user_pref("CT2786678.WeatherNetwork", ""); Found : user_pref("CT2786678.WeatherPollDate", "Tue Oct 04 2011 16:16:26 GMT-0400 (Eastern Daylight Time)"); Found : user_pref("CT2786678.WeatherUnit", "C"); Found : user_pref("CT2786678.alertChannelId", "1178763"); Found : user_pref("CT2786678.approveUntrustedApps", false); Found : user_pref("CT2786678.backendstorage.cbfirsttime", "547565204F637420303420323031312031363A31363A35352[...] Found : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...] Found : user_pref("CT2786678.components.1000034", false); Found : user_pref("CT2786678.components.1000234", false); Found : user_pref("CT2786678.components.129309485163350924", false); Found : user_pref("CT2786678.components.129315411424256896", false); Found : user_pref("CT2786678.components.129579220236217502", false); Found : user_pref("CT2786678.components.5690698542593514850", false); Found : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Found : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Tue Oct 04 2011 16:16:35 GMT-0400 (Eastern [...] Found : user_pref("CT2786678.homepageProtectorEnableByLogin", true); Found : user_pref("CT2786678.initDone", true); Found : user_pref("CT2786678.isAppTrackingManagerOn", true); Found : user_pref("CT2786678.myStuffEnabled", true); Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400); Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440); Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Found : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804[...] Found : user_pref("CT2786678.revertSettingsEnabled", false); Found : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10); Found : user_pref("CT2786678.searchProtectorEnableByLogin", true); Found : user_pref("CT2786678.testingCtid", ""); Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Tue Oct 04 2011 16:16:36 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Tue Oct 04 2011 16:16:36 GMT-0400 (Eastern D[...] Found : user_pref("CT2786678.usagesFlag", 2); Found : user_pref("CT3072253.autoDisableScopes", -1); Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...] Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...] Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...] Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...] Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2786678&octid=[...] Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...] Found : user_pref("CommunityToolbar.EngineOwner", ""); Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"); Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar"); Found : user_pref("CommunityToolbar.IsEngineShown", true); Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Rhonda\\AppData\\Roaming\\Mozilla\\[...] Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6"); Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678"); Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"); Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar"); Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.bigseekpro.com/search/toolbar[...] Found : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,CT2786678"); Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050,ConduitEngine,CT2786678"); Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Sep 13 2011 14:31:53 GMT-04[...] Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60); Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Sep 13 2011 14:32:41 GMT-0400 (Easte[...] Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Found : user_pref("CommunityToolbar.alert.locale", "en"); Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Sep 13 2011 14:31:42 GMT-0400 (Eastern D[...] Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611"); Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Found : user_pref("CommunityToolbar.alert.showTrayIcon", false); Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Found : user_pref("CommunityToolbar.alert.userId", "ab34d5a2-1485-435e-b1c7-d630e1e1ed72"); Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Oct 04 2011 16:16:34 GMT-0400 (Eas[...] Found : user_pref("CommunityToolbar.globalUserId", "a3a86c25-2149-47f4-a8a4-aeb02d1b7bf8"); Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678"); Found : user_pref("CommunityToolbar.killedEngine", true); Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Oct 04 2011 16:16:5[...] Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60); Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Oct 04 2011 16:17:03 GMT-040[...] Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Found : user_pref("CommunityToolbar.notifications.locale", "en"); Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Oct 04 2011 16:16:23 GMT-0400 (E[...] Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Found : user_pref("CommunityToolbar.notifications.userId", "02e3ad3e-5aed-4ed7-919a-056d335d964e"); Found : user_pref("CommunityToolbar.undefined", ""); Found : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Found : user_pref("browser.search.selectedEngine", "AVG Secure Search"); Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar_i.babExt", ""); Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111971&tt=060612_5_"); Found : user_pref("extensions.BabylonToolbar_i.hardId", "c469942a0000000000001c659d888d5f"); Found : user_pref("extensions.BabylonToolbar_i.id", "c469942a0000000000001c659d888d5f"); Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15508"); Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar_i.newTab", false); Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1711:16:20"); Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Found : user_pref("extensions.addonfox.addit.remoteInstallItems", "{ \"software\": {\"78\": {\"id\": \"78\",[...] Found : user_pref("extensions.engine@conduit.com.install-event-fired", true); Found : user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"35\": {\"id\": \"35\",\"tit[...] Found : user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/clipextractor/{3D6D1AE7-C97E-[...] Found : user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/clipextractor/{3D6D1AE7-C97E-444B-AD40-F4523[...] Found : user_pref("surfcanyon.added_to_searchbar", true); Found : user_pref("surfcanyon.daily_code", "scIsOnSearchEngineDomain = function() {\nreturn contains(scCurre[...] Found : user_pref("surfcanyon.daily_code_timestamp", "1315938780304"); Found : user_pref("surfcanyon.hourly_code", "scGetDocument = function() {\nreturn scIsFF ? content.document [...] Found : user_pref("surfcanyon.hourly_code2", "scEnableGoogle_hourly = function() {\nvar args = window.locati[...] Found : user_pref("surfcanyon.hourly_code_timestamp", "1315938779857"); Found : user_pref("surfcanyon.inst_id", "208189131412353854846145630765665"); Found : user_pref("surfcanyon.inst_timestamp", "1302385825513"); Found : user_pref("surfcanyon.last_seen_splash", "330"); Found : user_pref("surfcanyon.num_results_clicked", "7"); Found : user_pref("surfcanyon.num_results_clicked_when_recs_available", "6"); Found : user_pref("surfcanyon.num_searches", "2"); Found : user_pref("surfcanyon.partner_code", "AFA"); Found : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar"); Found : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.startpage", "wpl.startnow.com"); -\\ Google Chrome v23.0.1271.97 File : C:\Users\Rhonda\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.13] : homepage = "hxxp://isearch.avg.com/?cid={7A360524-66C7-4722-A6BB-86720213015C}&mid=0c84cfe4f68547d0a550ed03d4a8fdc6-cdb0822bf90d6303a5b9057627f6ccfc0a89547c〈=en&ds=st011&pr=sa&d=2012-06-27%2013:38:58&v=11.1.0.12&sap=hp", Found [l.17] : urls_to_restore_on_startup = [ "hxxps://isearch.avg.com/?cid={7A360524-66C7-4722-A6BB-86720213015C}&mid=0c84cfe4f68547d0a550ed03d4a8fdc6-cdb0822bf90d6303a5b9057627f6ccfc0a89547c〈=en&ds=st011&pr=sa&d=2012-06-27 13:38:58&v=12.2.5.32&sap=hp" ] Found [l.49] : icon_url = "hxxp://isearch.avg.com/favicon.ico", Found [l.52] : keyword = "isearch.avg.com", Found [l.55] : search_url = "hxxp://isearch.avg.com/search?cid={7A360524-66C7-4722-A6BB-86720213015C}&mid=0c84cfe4f68547d0a550ed03d4a8fdc6-cdb0822bf90d6303a5b9057627f6ccfc0a89547c〈=en&ds=st011&pr=sa&d=2012-06-27 13:38:58&v=11.1.0.12&sap=dsp&q={searchTerms}", Found [l.2115] : homepage = "hxxp://isearch.avg.com/?cid={7A360524-66C7-4722-A6BB-86720213015C}&mid=0c84cfe4f68547d0a550ed03d4a8fdc6-cdb0822bf90d6303a5b9057627f6ccfc0a89547c〈=en&ds=st011&pr=sa&d=2012-06-27%2013:38:58&v=11.1.0.12&sap=hp", Found [l.2573] : urls_to_restore_on_startup = [ "hxxps://isearch.avg.com/?cid={7A360524-66C7-4722-A6BB-86720213015C}&mid=0c84cfe4f68547d0a550ed03d4a8fdc6-cdb0822bf90d6303a5b9057627f6ccfc0a89547c〈=en&ds=st011&pr=sa&d=2012-06-27 13:38:58&v=12.2.5.32&sap=hp" ] -\\ Opera v12.12.1707.0 File : C:\Users\Rhonda\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [64039 octets] - [31/12/2012 13:56:18] ########## EOF - C:\AdwCleaner[R1].txt - [64100 octets] ##########

I continue to get 2-adwcleaner couldn't be downloaded. so then I click retry and it says - the publisher of 2-adwcleaner couldn't be verified. Should I use a different Browser? I turned off my Mcafee before I did this.

ComboFix 12-12-31.01 - Rhonda 12/31/2012 12:41:28.2.1 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1979.912 [GMT -5:00] Running from: c:\users\Rhonda\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Resident AV is active . . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\BrowserCompanion c:\program files (x86)\BrowserCompanion\BCHelper.exe c:\program files (x86)\BrowserCompanion\blabbers-ch.crx c:\program files (x86)\BrowserCompanion\blabbers-ff-full.xpi c:\program files (x86)\BrowserCompanion\jsloader.dll c:\program files (x86)\BrowserCompanion\logo.ico c:\program files (x86)\BrowserCompanion\sqlite3.dll c:\program files (x86)\BrowserCompanion\tdataprotocol.dll c:\program files (x86)\BrowserCompanion\toolbar.dll c:\program files (x86)\BrowserCompanion\uninstall.exe c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll_1 c:\program files (x86)\BrowserCompanion\updater.ini c:\program files (x86)\BrowserCompanion\widgetserv.exe c:\program files (x86)\DealPly c:\program files (x86)\DealPly\DealPly.crx c:\program files (x86)\DealPly\DealPlyIE.dll c:\program files (x86)\DealPly\DealPlyUpdate.exe c:\program files (x86)\DealPly\DealPlyUpdate.log c:\program files (x86)\DealPly\DealPlyUpdateRun.exe c:\program files (x86)\DealPly\icon.ico c:\program files (x86)\DealPly\uninst.exe c:\program files\Web Assistant\ExTEnsion32.dll c:\programdata\17129675D9.sys c:\programdata\671621g0v745w477y613x4syf6g6 c:\users\Guest\AppData\Local\assembly\tmp c:\users\Guest\AppData\Local\assembly\tmp\ZNPB5T1Y\CoreInternetUtility.DLL c:\users\Public\AlexaNSISPlugin.5364.dll c:\users\Rhonda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Optimizer Pro.lnk c:\users\Rhonda\AppData\Roaming\Puampo c:\users\Rhonda\AppData\Roaming\Puampo\meoc.yty c:\windows\SysWow64\Cache c:\windows\SysWow64\Cache\272512937d9e61a4.fb c:\windows\SysWow64\Cache\287204568329e189.fb c:\windows\SysWow64\Cache\28bc8f716fd76a47.fb c:\windows\SysWow64\Cache\31a0997e9a5b5eb3.fb c:\windows\SysWow64\Cache\32c84fe32bb74d60.fb c:\windows\SysWow64\Cache\3917078cb68ec657.fb c:\windows\SysWow64\Cache\590ba23ce359fd0c.fb c:\windows\SysWow64\Cache\610289e025a3ee9a.fb c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1.fb c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0.fb c:\windows\SysWow64\Cache\6d03dad1035885d3.fb c:\windows\SysWow64\Cache\a8556537add6dfc5.fb c:\windows\SysWow64\Cache\ad10a52aff5e038d.fb c:\windows\SysWow64\Cache\c1fa887b03019701.fb c:\windows\SysWow64\Cache\c4d28dca2e7648be.fb c:\windows\SysWow64\Cache\d201ef9910cd39de.fb c:\windows\SysWow64\Cache\d2e94710a5708128.fb c:\windows\SysWow64\Cache\d73a2f7f130c2806.fb c:\windows\SysWow64\Cache\d79b9dfe81484ec4.fb c:\windows\SysWow64\Cache\f998975c9cc711ee.fb c:\windows\SysWow64\DEBUG.log c:\windows\SysWow64\ST~138E.tmp c:\windows\SysWow64\ST~822B.tmp c:\windows\SysWow64\ST~CDF9.tmp c:\windows\SysWow64\ST~D089.tmp c:\windows\SysWow64\ST~D4DE.tmp c:\windows\wininit.ini . . ((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-31 ))))))))))))))))))))))))))))))) . . 2012-12-31 18:00 . 2012-12-31 18:00 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-12-31 18:00 . 2012-12-31 18:00 -------- d-----w- c:\users\Guest\AppData\Local\temp 2012-12-31 18:00 . 2012-12-31 18:00 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-31 18:00 . 2012-12-31 18:00 -------- d-----w- c:\users\AppData\AppData\Local\temp 2012-12-31 18:00 . 2012-12-31 18:00 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2012-12-31 17:35 . 2012-12-31 17:35 -------- d-----w- c:\programdata\Uniblue 2012-12-31 17:31 . 2012-12-31 17:31 -------- dc----w- c:\program files (x86)\AWS 2012-12-31 17:29 . 2012-12-31 17:29 -------- dc----w- c:\program files (x86)\SpeedItup Free 2012-12-31 17:29 . 2012-12-31 17:29 -------- d-----w- c:\users\Rhonda\AppData\Roaming\Uniblue 2012-12-31 17:29 . 2012-12-31 17:29 -------- dc----w- c:\program files (x86)\7-Zip 2012-12-31 17:29 . 2012-12-31 17:29 -------- dc----w- c:\program files (x86)\Free Offers from Freeze.com 2012-12-31 17:28 . 2012-12-31 17:28 -------- dc----w- c:\program files\PC Optimizer Pro 2012-12-31 12:00 . 2012-12-31 12:00 -------- dc----w- C:\FRST 2012-12-31 09:40 . 2012-12-31 09:40 -------- d-----w- c:\programdata\Recovery 2012-12-20 22:37 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-20 22:37 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-20 22:37 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-20 22:37 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-12 18:21 . 2012-12-12 18:21 16363960 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-12-12 17:32 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-12-12 17:31 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-12 17:31 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-12 17:31 . 2012-10-04 17:45 215040 ----a-w- c:\windows\system32\winsrv.dll 2012-12-12 17:31 . 2012-10-04 17:41 424960 ----a-w- c:\windows\system32\KernelBase.dll 2012-12-12 17:31 . 2012-10-04 17:41 1161216 ----a-w- c:\windows\system32\kernel32.dll 2012-12-12 17:31 . 2012-10-04 16:47 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll 2012-12-12 17:31 . 2012-10-04 15:21 338432 ----a-w- c:\windows\system32\conhost.exe 2012-12-12 17:31 . 2012-10-04 17:46 362496 ----a-w- c:\windows\system32\wow64win.dll 2012-12-12 17:31 . 2012-10-04 17:46 243200 ----a-w- c:\windows\system32\wow64.dll 2012-12-12 17:31 . 2012-10-04 17:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2012-12-12 17:31 . 2012-10-04 14:46 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2012-12-12 17:29 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll 2012-12-12 17:29 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-31 05:10 . 2011-01-21 21:00 8456 --sha-w- c:\programdata\KGyGaAvL.sys 2012-12-12 21:11 . 2011-02-05 05:39 67413224 ----a-w- c:\windows\system32\MRT.exe 2012-12-12 18:21 . 2012-04-02 15:52 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-12 18:21 . 2011-07-04 22:32 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-09 11:40 . 2012-04-22 19:31 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys 2012-11-09 11:37 . 2012-04-22 19:31 339776 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2012-11-09 11:37 . 2012-04-22 18:36 177680 ----a-w- c:\windows\system32\mfevtps.exe 2012-11-09 11:36 . 2012-04-22 19:31 10288 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2012-11-09 11:36 . 2012-04-22 19:31 106112 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2012-11-09 11:35 . 2011-10-15 16:16 771096 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2012-11-09 11:34 . 2012-04-22 19:31 515528 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2012-11-09 11:34 . 2012-04-22 19:31 309400 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2012-11-09 11:33 . 2011-10-15 16:16 178840 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2012-11-08 14:56 . 2012-11-08 14:56 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2012-10-25 08:12 . 2012-10-25 08:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2012-10-25 08:12 . 2012-10-25 08:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts 2012-10-16 08:38 . 2012-11-27 20:31 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-27 20:31 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-27 20:31 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-09 18:17 . 2012-11-14 10:51 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-14 10:51 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-09 17:40 . 2012-11-14 10:51 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll 2012-10-09 17:40 . 2012-11-14 10:51 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2012-10-04 16:40 . 2012-12-12 17:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-10-03 17:56 . 2012-11-14 10:50 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-10-03 17:44 . 2012-11-14 10:50 303104 ----a-w- c:\windows\system32\nlasvc.dll 2012-10-03 17:44 . 2012-11-14 10:50 70656 ----a-w- c:\windows\system32\nlaapi.dll 2012-10-03 17:44 . 2012-11-14 10:50 246272 ----a-w- c:\windows\system32\netcorehc.dll 2012-10-03 17:44 . 2012-11-14 10:50 18944 ----a-w- c:\windows\system32\netevent.dll 2012-10-03 17:44 . 2012-11-14 10:50 216576 ----a-w- c:\windows\system32\ncsi.dll 2012-10-03 17:42 . 2012-11-14 10:50 569344 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-10-03 16:42 . 2012-11-14 10:50 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll 2012-10-03 16:42 . 2012-11-14 10:50 18944 ----a-w- c:\windows\SysWow64\netevent.dll 2012-10-03 16:42 . 2012-11-14 10:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll 2012-10-03 16:07 . 2012-11-14 10:50 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-12-09 17:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{3A90A078-4BB9-4568-9557-CDEEFCAE68A0}] 2010-12-29 18:20 14432 ----a-w- c:\program files (x86)\Shop to Win 22\Shop to Win 22.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{3c490bf5-4244-4310-b4a7-3361f288dac5}] 2011-03-09 21:56 86696 ----a-w- c:\program files (x86)\facesmoochtb\facesmoochDx.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{41069220-f72a-40ea-a8f3-bcd5e1fbc8f0}] 2011-03-09 21:57 262312 ----a-w- c:\program files (x86)\facesmoochtb\auxi\facesmoochAu.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}] 2011-05-09 08:49 176936 -c--a-w- c:\program files (x86)\uTorrentControl2\prxtbuTor.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{86ef8bd1-47f3-4322-923f-f29cdf477eb0}] 2010-07-01 14:31 462848 ----a-w- c:\program files (x86)\CAJ Media\Browser Enhancer\adxloader.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] 2010-04-27 15:08 2393184 ----a-w- c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-11-08 14:56 1796552 -c--a-w- c:\program files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184] "{3c490bf5-4244-4310-b4a7-3361f288dac5}"= "c:\program files (x86)\facesmoochtb\facesmoochDx.dll" [2011-03-09 86696] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776] "{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll" [2012-11-08 1796552] . [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] . [HKEY_CLASSES_ROOT\clsid\{3c490bf5-4244-4310-b4a7-3361f288dac5}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-01-19 2736128] "KGShareApp"="c:\program files (x86)\Kodak\KODAK Share Button App\KGShare_App.exe" [2011-09-22 394752] "Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-02-23 6591800] "Facebook Update"="c:\users\Rhonda\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096] "DriverScanner"="c:\progra~2\Uniblue\DRIVER~1\launcher.exe" [2012-04-23 338808] "Weather"="c:\program files (x86)\AWS\WeatherBug\Weather.exe" [2012-11-20 1653760] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-11-08 997320] "WTClient"="WTClient.exe" [2009-10-30 32768] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-11-29 151952] "SpeetItUpFree"="c:\program files (x86)\SpeedItup Free\speeditupfree.exe" [2012-02-24 7697496] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20110114.001\BHDrvx64.sys [2010-11-23 953904] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [2010-04-29 150064] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-06-06 185856] R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440] R3 JLTECH0227;Dual Mode Camera;c:\windows\system32\Drivers\jl2005c.sys [2009-06-02 80880] R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] R3 LVUVC64;Logitech Webcam C160(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-11-09 106112] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys [2009-06-18 17064] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-07 1255736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-11-09 339776] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [2009-08-30 433200] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [2011-08-22 221304] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-08 30568] S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [2011-08-04 593544] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20110131.001\IDSvia64.sys [2010-11-23 476792] S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [2011-08-22 451704] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216] S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480] S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2010-05-04 517632] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-11-09 218320] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-11-09 177680] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [2011-08-04 126400] S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-08 711112] S2 WINZIPSSDiskOptimizer;WINZIPSSDiskOptimizer;c:\program files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe [2011-11-10 628040] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-09 69672] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-09 515528] S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys [2009-06-18 27304] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-11-28 295424] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-01-20 1088544] . . --- Other Services/Drivers In Memory --- . *Deregistered* - mfeavfk01 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-01-19 20:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-12-31 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 18:21] . 2012-12-31 c:\windows\Tasks\DriverScanner.job - c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2012-12-31 19:07] . 2012-12-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3288202479-1097162312-4138302597-1000Core.job - c:\users\Rhonda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-16 21:35] . 2012-12-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3288202479-1097162312-4138302597-1000UA.job - c:\users\Rhonda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-16 21:35] . 2012-12-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3288202479-1097162312-4138302597-1000Core.job - c:\users\Rhonda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-07 16:41] . 2012-12-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3288202479-1097162312-4138302597-1000UA.job - c:\users\Rhonda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-07 16:41] . 2012-12-11 c:\windows\Tasks\HPCeeScheduleForRhonda.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 11:22] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86ef8bd1-47f3-4322-923f-f29cdf477eb0}] 2010-07-01 14:31 662016 ----a-w- c:\program files (x86)\CAJ Media\Browser Enhancer\adxloader64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-01-18 451072] "PC Optimizer Pro"="c:\program files\PC Optimizer Pro\StartApps.exe" [2012-11-02 435480] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{73526E5A-FD53-4BE7-B5E2-D3C89D7413DC}"= "c:\windows\W7FBC\dll.dll" [2010-12-31 211968] . ------- Supplementary Scan ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253 uLocal Page = c:\windows\system32\blank.htm mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8 mStart Page = hxxp://www.yahoo.com/?ilc=8 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: Free YouTube to MP3 Converter - c:\users\Rhonda\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.254 192.168.0.1 Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll FF - ProfilePath - c:\users\Rhonda\AppData\Roaming\Mozilla\Firefox\Profiles\payrjbj7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p= FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?ilc=8 FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mkg030&p= FF - prefs.js: network.proxy.type - 0 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false FF - user.js: extensions.BabylonToolbar_i.id - c469942a0000000000001c659d888d5f FF - user.js: extensions.BabylonToolbar_i.hardId - c469942a0000000000001c659d888d5f FF - user.js: extensions.BabylonToolbar_i.instlDay - 15508 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:16 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111971&tt=060612_5_ FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file) URLSearchHooks-{f897eb0e-a3a4-46c3-80eb-2729699d8892} - (no file) BHO-{00cbb66b-1d3b-46d3-9577-323a336acb50} - c:\program files (x86)\BrowserCompanion\jsloader.dll BHO-{336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\Web Assistant\Extension32.dll BHO-{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - c:\program files (x86)\DealPly\DealPlyIE.dll WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file) AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe AddRemove-Free Audio CD Burner_is1 - c:\program files (x86)\DVDVideoSoft\Free Audio CD Burner\unins000.exe AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet002\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus\1] @="131473" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-12-31 13:08:48 ComboFix-quarantined-files.txt 2012-12-31 18:08 ComboFix2.txt 2011-12-15 21:17 . Pre-Run: 96,144,949,248 bytes free Post-Run: 99,668,672,512 bytes free . - - End Of File - - 2B81C1472AE6405D8757189497B79A13

I might have started ComboFix without disabling my mcafee - I believe it's because I'm losing my mind over the last few hours. Combofix is completing stages.

Yes it started up - and no FBI moneypak is blocking my way. Thank you so much sir, I will see if I can donate for your help. =)

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2012 Ran by SYSTEM at 2012-12-31 11:58:29 Run:1 Running from H:\ ============================================== HKEY_LOCAL_MACHINE\software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Browser companion helper Value deleted successfully. HKEY_USERS\Guest\Software\Microsoft\Windows\CurrentVersion\Run\\uhhcskwy Value deleted successfully. HKEY_USERS\Rhonda\Software\Microsoft\Windows\CurrentVersion\Run\\Leefeqceko Value deleted successfully. HKEY_USERS\Rhonda\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge Value deleted successfully. HKEY_USERS\Rhonda\Software\Microsoft\Windows\CurrentVersion\Run\\uhhcskwy Value deleted successfully. HKEY_USERS\Rhonda\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr Value deleted successfully. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell Value was restored successfully . mfeavfk01 service deleted successfully. C:\Users\Guest\AppData\Roaming\_bd_uylzs.exe moved successfully. C:\Users\Rhonda\AppData\Roaming\_bd_uylzs.exe moved successfully. C:\Users\Rhonda\AppData\Local\_bd_uylzs.exe moved successfully. C:\Users\Guest\AppData\Local\_bd_uylzs.exe moved successfully. C:\Users\All Users\_bd_uylzs.exe moved successfully. C:\Users\Rhonda\AppData\Roaming\_bd_uylzs.exe not found. C:\Users\Rhonda\AppData\Local\_bd_uylzs.exe not found. C:\Users\Guest\AppData\Roaming\_bd_uylzs.exe not found. C:\Users\Guest\AppData\Local\_bd_uylzs.exe not found. C:\Users\All Users\_bd_uylzs.exe not found. C:\Users\Rhonda\AppData\Local\{a5dbb9fd-7ad8-32b0-0ccd-205659c2bd7e} moved successfully. C:\Users\Rhonda\AppData\Local\{a5dbb9fd-7ad8-32b0-0ccd-205659c2bd7e}\L not found. C:\Users\Rhonda\AppData\Local\{a5dbb9fd-7ad8-32b0-0ccd-205659c2bd7e}\U not found. ==== End of Fixlog ====

Farbar Recovery Scan Tool (x64) Version: 28-12-2012 Ran by SYSTEM at 2012-12-31 04:03:13 Running from H:\ ================== Search: "services.exe" =================== C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\system64\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\System32\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\ERDNT\cache64\services.exe [2011-12-15 12:46] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB ====== End Of Search ======

Thank you for helping me, are these the logs you mean? Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2012 Ran by SYSTEM at 31-12-2012 04:00:52 Running from H:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet002 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2046760 2010-02-05] (Synaptics Incorporated) HKLM\...\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard) HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47904 2010-12-14] (Apple Inc.) HKLM-x32\...\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=ibgfbdggapddbjjbopabhlhianklajie [182576 2011-12-05] (Blabbers Communications LTD) HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1535112 2012-09-12] (McAfee, Inc.) HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [997320 2012-11-08] () HKLM-x32\...\Run: [WTClient] WTClient.exe [x] HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [151952 2012-11-28] (Apple Inc.) HKU\Guest\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2736128 2011-01-19] (Hewlett-Packard Company) HKU\Guest\...\Run: [uhhcskwy] C:\Users\Guest\AppData\Roaming\_bd_uylzs [x] HKU\Rhonda\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2736128 2011-01-19] (Hewlett-Packard Company) HKU\Rhonda\...\Run: [KGShareApp] C:\Program Files (x86)\Kodak\KODAK Share Button App\KGShare_App.exe [394752 2011-09-22] (Eastman Kodak Company) HKU\Rhonda\...\Run: [Google Update] "C:\Users\Rhonda\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-11-07] (Google Inc.) HKU\Rhonda\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [3872080 2010-04-16] (Microsoft Corporation) HKU\Rhonda\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet [6591800 2012-02-22] (Yahoo! Inc.) HKU\Rhonda\...\Run: [Leefeqceko] C:\Users\Rhonda\AppData\Roaming\Uxosqa\ogot.exe [x] HKU\Rhonda\...\Run: [Facebook Update] "C:\Users\Rhonda\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-11] (Facebook Inc.) HKU\Rhonda\...\Run: [AdobeBridge] [x] HKU\Rhonda\...\Run: [uhhcskwy] C:\ProgramData\_bd_uylzs [x] HKU\Rhonda\...\Policies\system: [DisableTaskMgr] 1 HKLM\...\Winlogon: [shell] Explorer.exe, C:\Users\Rhonda\AppData\Roaming\_bd_uylzs [x ] () Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.0.1 ==================== Services (Whitelisted) =================== 2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () 2 McciCMService64; "C:\Program Files\Common Files\Motive\McciCMService.exe" [517632 2010-05-04] (Alcatel-Lucent) 2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 2 mcmscsvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 2 McNaiAnn; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 2 McNASvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [383608 2012-11-16] (McAfee, Inc.) 2 McProxy; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [241016 2012-11-09] (McAfee, Inc.) 2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218320 2012-11-09] (McAfee, Inc.) 2 mfevtp; "C:\Windows\system32\mfevtps.exe" [177680 2012-11-09] (McAfee, Inc.) 2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll" /prefetch:1 [135032 2010-04-29] (Symantec Corporation) 2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [247152 2009-07-06] () 2 vToolbarUpdater13.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [711112 2012-11-08] () 2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [185856 2012-06-06] () 2 WINZIPSSDiskOptimizer; C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe [628040 2011-11-10] (WinZip Computing, S.L. (WinZip Computing)) ==================== Drivers (Whitelisted) ===================== 1 avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies) 1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20110114.001\BHDrvx64.sys [953904 2010-11-23] (Symantec Corporation) 1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-03] (Symantec Corporation) 3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [69672 2012-11-09] (McAfee, Inc.) 1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2010-12-06] (Symantec Corporation) 3 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.) 1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20110131.001\IDSvia64.sys [476792 2010-11-22] (Symantec Corporation) 3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] () 3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] () 3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [178840 2012-11-09] (McAfee, Inc.) 3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [309400 2012-11-09] (McAfee, Inc.) 3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [515528 2012-11-09] (McAfee, Inc.) 0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [771096 2012-11-09] (McAfee, Inc.) 3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [106112 2012-11-09] (McAfee, Inc.) 0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [339776 2012-11-09] (McAfee, Inc.) 3 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-21] (Symantec Corporation) 1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-21] (Symantec Corporation) 0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-08-29] (Symantec Corporation) 0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-21] (Symantec Corporation) 3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2010-12-03] (Symantec Corporation) 1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-28] (Symantec Corporation) 1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-21] (Symantec Corporation) 3 catchme; \??\C:\ComboFix\catchme.sys [x] 3 mfeavfk01; [x] 3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x] 3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x] 3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x] 3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x] 3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110201.020\ENG64.SYS [x] 3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110201.020\EX64.SYS [x] 3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [x] 3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x] ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2012-12-31 01:40 - 2012-12-31 01:40 - 00000000 ____D C:\Users\All Users\Recovery 2012-12-31 00:29 - 2012-12-31 00:29 - 00113664 ____A (Usip) C:\Users\Guest\AppData\Roaming\_bd_uylzs.exe 2012-12-31 00:29 - 2012-12-31 00:29 - 00113664 ____A (Usip) C:\Users\Guest\AppData\Local\_bd_uylzs.exe 2012-12-31 00:25 - 2012-12-31 00:25 - 00000000 ____D C:\Users\Rhonda\Downloads\EmsisoftEmergencykit 2012-12-31 00:11 - 2012-12-31 00:22 - 255724009 ____A C:\Users\Rhonda\Downloads\EmsisoftEmergencykit.zip 2012-12-30 21:46 - 2012-12-31 00:40 - 00113664 ____A (Usip) C:\Users\Rhonda\AppData\Roaming\_bd_uylzs.exe 2012-12-30 21:44 - 2012-12-31 00:40 - 00113664 ____A (Usip) C:\Users\Rhonda\AppData\Local\_bd_uylzs.exe 2012-12-30 21:44 - 2012-12-31 00:26 - 00113664 ____A (Usip) C:\Users\All Users\_bd_uylzs.exe 2012-12-20 14:37 - 2012-12-16 09:11 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll 2012-12-20 14:37 - 2012-12-16 06:45 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll 2012-12-20 14:37 - 2012-12-16 06:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2012-12-20 14:37 - 2012-12-16 06:13 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2012-12-15 14:09 - 2012-12-15 14:09 - 00262144 ____A C:\Windows\System32\config\ELAM 2012-12-12 13:06 - 2012-11-13 23:06 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-12-12 13:06 - 2012-11-13 22:32 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-12-12 13:06 - 2012-11-13 22:11 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-12-12 13:06 - 2012-11-13 22:04 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-12-12 13:06 - 2012-11-13 22:04 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-12-12 13:06 - 2012-11-13 22:02 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-12-12 13:06 - 2012-11-13 22:02 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-12-12 13:06 - 2012-11-13 21:59 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-12-12 13:06 - 2012-11-13 21:58 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-12-12 13:06 - 2012-11-13 21:57 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2012-12-12 13:06 - 2012-11-13 21:57 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-12-12 13:06 - 2012-11-13 21:55 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-12-12 13:06 - 2012-11-13 21:55 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2012-12-12 13:06 - 2012-11-13 21:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-12-12 13:06 - 2012-11-13 21:52 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-12-12 13:06 - 2012-11-13 21:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-12-12 13:06 - 2012-11-13 18:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-12-12 13:06 - 2012-11-13 18:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-12-12 13:06 - 2012-11-13 18:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-12-12 13:06 - 2012-11-13 17:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-12-12 13:06 - 2012-11-13 17:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-12-12 13:06 - 2012-11-13 17:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-12-12 13:06 - 2012-11-13 17:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-12-12 13:06 - 2012-11-13 17:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-12-12 13:06 - 2012-11-13 17:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-12-12 13:06 - 2012-11-13 17:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-12-12 13:06 - 2012-11-13 17:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2012-12-12 13:06 - 2012-11-13 17:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2012-12-12 13:06 - 2012-11-13 17:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-12-12 13:06 - 2012-11-13 17:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-12-12 13:06 - 2012-11-13 17:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-12-12 13:06 - 2012-11-13 17:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-12-12 10:21 - 2012-12-12 10:21 - 16363960 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2012-12-12 09:32 - 2012-11-21 19:26 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-12-12 09:31 - 2012-11-08 21:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll 2012-12-12 09:31 - 2012-11-08 20:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2012-12-12 09:31 - 2012-10-04 09:46 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll 2012-12-12 09:31 - 2012-10-04 09:46 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll 2012-12-12 09:31 - 2012-10-04 09:45 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll 2012-12-12 09:31 - 2012-10-04 09:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll 2012-12-12 09:31 - 2012-10-04 09:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2012-12-12 09:31 - 2012-10-04 09:41 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2012-12-12 09:31 - 2012-10-04 08:47 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2012-12-12 09:31 - 2012-10-04 08:47 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2012-12-12 09:31 - 2012-10-04 07:21 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe 2012-12-12 09:31 - 2012-10-04 06:46 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2012-12-12 09:30 - 2012-10-04 09:46 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:47 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 06:46 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2012-12-12 09:30 - 2012-10-04 06:46 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2012-12-12 09:30 - 2012-10-04 06:46 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2012-12-12 09:30 - 2012-10-04 06:41 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 06:41 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 06:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2012-12-12 09:30 - 2012-10-04 06:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2012-12-12 09:29 - 2012-11-01 21:59 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll 2012-12-12 09:29 - 2012-11-01 21:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll 2012-12-02 17:37 - 2012-12-02 17:37 - 00277112 ____A C:\Windows\Minidump\120212-53976-01.dmp ==================== One Month Modified Files and Folders ======= 2012-12-31 01:40 - 2012-12-31 01:40 - 00000000 ____D C:\Users\All Users\Recovery 2012-12-31 00:54 - 2010-07-08 00:34 - 01308107 ____A C:\Windows\WindowsUpdate.log 2012-12-31 00:54 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-12-31 00:54 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-12-31 00:47 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-12-31 00:47 - 2009-07-13 20:51 - 00246239 ____A C:\Windows\setupact.log 2012-12-31 00:40 - 2012-12-30 21:46 - 00113664 ____A (Usip) C:\Users\Rhonda\AppData\Roaming\_bd_uylzs.exe 2012-12-31 00:40 - 2012-12-30 21:44 - 00113664 ____A (Usip) C:\Users\Rhonda\AppData\Local\_bd_uylzs.exe 2012-12-31 00:29 - 2012-12-31 00:29 - 00113664 ____A (Usip) C:\Users\Guest\AppData\Roaming\_bd_uylzs.exe 2012-12-31 00:29 - 2012-12-31 00:29 - 00113664 ____A (Usip) C:\Users\Guest\AppData\Local\_bd_uylzs.exe 2012-12-31 00:29 - 2010-12-22 13:03 - 00000000 ____D C:\Users\Guest\AppData\Local\CrashDumps 2012-12-31 00:26 - 2012-12-30 21:44 - 00113664 ____A (Usip) C:\Users\All Users\_bd_uylzs.exe 2012-12-31 00:25 - 2012-12-31 00:25 - 00000000 ____D C:\Users\Rhonda\Downloads\EmsisoftEmergencykit 2012-12-31 00:22 - 2012-12-31 00:11 - 255724009 ____A C:\Users\Rhonda\Downloads\EmsisoftEmergencykit.zip 2012-12-31 00:03 - 2011-02-04 17:19 - 00000000 ____D C:\Users\Rhonda\Tracing 2012-12-30 22:21 - 2012-04-02 07:52 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-12-30 22:10 - 2011-11-07 08:41 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3288202479-1097162312-4138302597-1000UA.job 2012-12-30 21:31 - 2010-12-23 13:23 - 00000000 ____D C:\Users\Rhonda\AppData\Roaming\mIRC 2012-12-30 21:10 - 2011-01-21 13:00 - 00008456 __ASH C:\Users\All Users\KGyGaAvL.sys 2012-12-30 17:41 - 2011-09-16 14:34 - 00000932 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3288202479-1097162312-4138302597-1000UA.job 2012-12-30 14:41 - 2011-09-16 14:34 - 00000910 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3288202479-1097162312-4138302597-1000Core.job 2012-12-29 12:44 - 2012-02-19 12:44 - 00000000 ___DC C:\Program Files (x86)\DealPly 2012-12-29 11:30 - 2011-02-04 10:56 - 00000000 ____D C:\Users\Rhonda\AppData\Local\Paint.NET 2012-12-29 01:10 - 2011-11-07 08:41 - 00000860 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3288202479-1097162312-4138302597-1000Core.job 2012-12-26 01:50 - 2010-12-03 21:16 - 00000000 ____D C:\users\Rhonda 2012-12-24 13:24 - 2011-01-20 22:53 - 00000000 ____D C:\Users\Rhonda\AppData\Local\Google 2012-12-21 20:13 - 2009-07-13 21:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2012-12-20 19:23 - 2011-10-31 14:50 - 00000000 ___DC C:\Program Files (x86)\Opera 2012-12-20 14:47 - 2009-07-13 20:45 - 04975376 ____A C:\Windows\System32\FNTCACHE.DAT 2012-12-19 17:13 - 2011-10-06 11:19 - 00000000 ____D C:\Users\Rhonda\Documents\Recovered 2012-12-18 21:45 - 2012-04-22 11:05 - 00000000 ___DC C:\Program Files (x86)\McAfee 2012-12-18 21:45 - 2010-12-03 13:01 - 00138890 ____A C:\Windows\PFRO.log 2012-12-16 09:11 - 2012-12-20 14:37 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll 2012-12-16 06:45 - 2012-12-20 14:37 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll 2012-12-16 06:13 - 2012-12-20 14:37 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2012-12-16 06:13 - 2012-12-20 14:37 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2012-12-15 15:32 - 2012-04-22 11:05 - 00000000 ___DC C:\Program Files\Common Files\McAfee 2012-12-15 14:09 - 2012-12-15 14:09 - 00262144 ____A C:\Windows\System32\config\ELAM 2012-12-13 11:13 - 2012-09-07 14:38 - 00002490 ____A C:\Users\Rhonda\Desktop\Google Chrome.lnk 2012-12-12 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache 2012-12-12 13:11 - 2011-02-04 21:39 - 67413224 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-12-12 13:06 - 2010-03-24 10:28 - 00000000 ____D C:\Users\All Users\Microsoft Help 2012-12-12 10:21 - 2012-12-12 10:21 - 16363960 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2012-12-12 10:21 - 2012-04-02 07:52 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-12-12 10:21 - 2011-07-04 14:32 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-12-11 08:41 - 2011-01-13 09:38 - 00000336 ____A C:\Windows\Tasks\HPCeeScheduleForRhonda.job 2012-12-05 19:41 - 2012-06-01 22:17 - 00000000 ____D C:\Users\Rhonda\Downloads\mIRCv7.22 2012-12-03 17:07 - 2010-12-26 15:48 - 00000000 ____D C:\Users\Rhonda\AppData\Local\CrashDumps 2012-12-02 17:37 - 2012-12-02 17:37 - 00277112 ____A C:\Windows\Minidump\120212-53976-01.dmp 2012-12-02 17:37 - 2012-03-06 17:21 - 338303447 ____A C:\Windows\MEMORY.DMP 2012-12-02 17:37 - 2011-11-29 14:38 - 00000000 ____D C:\Windows\Minidump ZeroAccess: C:\Users\Rhonda\AppData\Local\{a5dbb9fd-7ad8-32b0-0ccd-205659c2bd7e} C:\Users\Rhonda\AppData\Local\{a5dbb9fd-7ad8-32b0-0ccd-205659c2bd7e}\L C:\Users\Rhonda\AppData\Local\{a5dbb9fd-7ad8-32b0-0ccd-205659c2bd7e}\U ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 30% Total physical RAM: 1978.93 MB Available physical RAM: 1377.9 MB Total Pagefile: 1978.93 MB Available Pagefile: 1375.13 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================= 1 Drive c: () (Fixed) (Total:218.65 GB) (Free:90.13 GB) NTFS ==>[system with boot components (obtained from reading drive)] 2 Drive e: (RECOVERY) (Fixed) (Total:13.94 GB) (Free:2.3 GB) NTFS ==>[system with boot components (obtained from reading drive)] 3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 5 Drive h: () (Removable) (Total:7.45 GB) (Free:1.42 GB) FAT32 6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 232 GB 0 B Disk 1 Online 7633 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 199 MB 1024 KB Partition 2 Primary 218 GB 200 MB Partition 3 Primary 13 GB 218 GB Partition 4 Primary 103 MB 232 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 218 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 E RECOVERY NTFS Partition 13 GB Healthy ========================================================= Disk: 0 Partition 4 Type : 0C Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 F HP_TOOLS FAT32 Partition 103 MB Healthy ========================================================= Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 7633 MB 16 KB ================================================================================== Disk: 1 Partition 1 Type : 0B Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 H FAT32 Removable 7633 MB Healthy ========================================================= Last Boot: 2012-12-29 15:00 ==================== End Of Log =============================

A few hours ago I got the FBI money pack virus and I was trying to do what other people told me to do and it ended up taking over my safe mode, I was reading the steps here on what to do but I noticed that it was meant for someone else so I stopped at... Now press the Search button When the search is complete, search.txt will also be written to your USB Type exit and reboot the computer normally Please copy and paste both logs in your reply.(FRST.txt and Search.txt) I am using 64 bit =( Can anyone please help me. sorry for posting this in the wrong topic earlier. =(

A few hours ago I got the FBI money pack virus and I was trying to do what other people told me to do and it ended up taking over my safe mode, I was reading the steps here on what to do but I noticed that it was meant for someone else so I stopped at... Now press the Search button When the search is complete, search.txt will also be written to your USB Type exit and reboot the computer normally Please copy and paste both logs in your reply.(FRST.txt and Search.txt) I am using 64 bit =( Can anyone please help me.