Jump to content

loransue

Members
  • Posts

    39
  • Joined

  • Last visited

Everything posted by loransue

  1. i tried to turn windows security on and found i can it wont start and avg was already back on?
  2. back sorry it took so long had to run twice as battery died dumb i know. any way this went smoothly seems to be starting up faster not sure
  3. ComboFix 13-03-11.01 - SWE 03/12/2013 11:32:07.2.2 - x86 Running from: c:\users\SWE\Downloads\ComboFix.exe . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\0.bak C:\install.exe . . ((((((((((((((((((((((((( Files Created from 2013-02-12 to 2013-03-12 ))))))))))))))))))))))))))))))) . . 2013-03-12 17:42 . 2013-03-12 17:42 -------- d-----w- c:\users\SWE\AppData\Local\temp 2013-03-12 17:42 . 2013-03-12 17:42 -------- d-----w- c:\users\Guest\AppData\Local\temp 2013-03-12 17:42 . 2013-03-12 17:42 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-03-12 17:42 . 2013-03-12 17:42 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2013-03-11 22:22 . 2013-03-11 22:22 115 ----a-w- c:\windows\DeleteOnReboot.bat 2013-03-10 21:51 . 2013-03-10 21:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-03-10 21:51 . 2012-12-14 22:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-07 22:07 . 2012-12-14 18:42 32720 ----a-w- c:\windows\system32\TURegOpt.exe 2013-03-07 22:07 . 2012-12-14 18:42 22480 ----a-w- c:\windows\system32\authuitu.dll 2013-03-03 19:19 . 2013-03-03 19:22 -------- d-----w- c:\programdata\AVG 2013-03-03 19:19 . 2013-03-03 19:19 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} 2013-02-28 04:06 . 2013-03-10 03:14 -------- d-----w- c:\users\SWE\AppData\Local\Supreme Savings 2013-02-17 12:35 . 2012-12-19 22:53 18096 ----a-w- c:\windows\system32\roboot.exe 2013-02-13 10:06 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll 2013-02-12 22:26 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys 2013-02-12 22:26 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll 2013-02-12 22:26 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-12 22:26 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-02-12 22:26 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-11 14:32 . 2013-02-11 14:32 -------- d-----w- c:\users\SWE\AppData\Local\Macromedia . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-12 04:13 . 2012-05-31 19:38 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-12 04:13 . 2011-07-05 11:07 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-12 00:13 . 2012-07-04 06:28 861088 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-03-12 00:13 . 2011-05-23 05:24 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-02-19 10:33 . 2013-01-17 06:36 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2012-12-19 02:22 . 2013-02-05 00:54 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-16 13:12 . 2012-12-22 10:00 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 10:50 . 2012-12-22 10:00 293376 ----a-w- c:\windows\system32\atmfd.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-30 4911104] "Skytel"="Skytel.exe" [2007-11-21 1826816] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "SearchProtect"=c:\users\SWE\AppData\Roaming\SearchProtect\bin\cltmng.exe "WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices "SearchProtectAll"=c:\program files\SearchProtect\bin\cltmng.exe "vProt"="c:\program files\AVG Secure Search\vprot.exe" . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-03-05 13:08 1630672 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-03-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-31 04:13] . 2013-03-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1778036297-829756748-2331958135-1000Core.job - c:\users\SWE\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-05 23:49] . 2013-03-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1778036297-829756748-2331958135-1000UA.job - c:\users\SWE\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-05 23:49] . 2013-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-03 04:55] . 2013-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-03 04:55] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.0.1 DPF: {7758D9E1-B6E9-451A-A1DE-621F81940FB9} - hxxps://thesourse.urscorp.com/domcfg.nsf/pspwctl.cab . - - - - ORPHANS REMOVED - - - - . Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) MSConfigStartUp-ccleaner - c:\program files\CCleaner\CCleaner.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-03-12 11:42 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2013-03-12 11:45:33 ComboFix-quarantined-files.txt 2013-03-12 17:45 . Pre-Run: 100,989,763,584 bytes free Post-Run: 100,918,439,936 bytes free . - - End Of File - - 458DDD8CF9835C13881653B48BA5BD86
  4. RogueKiller V8.5.2 [Mar 9 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : SWE [Admin rights] Mode : Scan -- Date : 03/11/2013 16:49:30 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [Microsoft][HJNAME] notepad.exe -- C:\Windows\System32\notepad.exe [7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 3 ¤¤¤ [TASK][sUSP PATH] RunAsStdUser Task : C:\Users\SWE\Pogo Games\PogoDGC.exe /trackArcadeUninstall_reason_0 [x] -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK2035GSS ATA Device +++++ --- User --- [MBR] a475af1323d13dd48fca49e85fa7d477 [bSP] 3d63e0def89b8aa4c24d4c594ead4f62 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 189280 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_03112013_02d1649.txt >> RKreport[1]_S_03112013_02d1649.txt
  5. aqvg didnt let me delete the popup came up then the rogue screen went white idid it again so if it worked let me knoe ty
  6. RogueKiller V8.5.2 [Mar 9 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : SWE [Admin rights] Mode : Scan -- Date : 03/11/2013 16:49:30 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [Microsoft][HJNAME] notepad.exe -- C:\Windows\System32\notepad.exe [7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 3 ¤¤¤ [TASK][sUSP PATH] RunAsStdUser Task : C:\Users\SWE\Pogo Games\PogoDGC.exe /trackArcadeUninstall_reason_0 [x] -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK2035GSS ATA Device +++++ --- User --- [MBR] a475af1323d13dd48fca49e85fa7d477 [bSP] 3d63e0def89b8aa4c24d4c594ead4f62 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 189280 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_03112013_02d1649.txt >> RKreport[1]_S_03112013_02d1649.txt
  7. the red defrag soon those are your instructions? defrag now? or wait?
  8. ok this is how it happened when i tried to run roguekiller avg came up will not let the scan finish so i ended up having to go to tasck bar to stop avg as it had a popup saying it would not let rogue kill the threat. and would not let me do anything else ..fyi i will try it again
  9. ty when i ran this avg kept poping up no numbers but didnt want me too run the adware said let avg deal and detecion object added to exception list. three seperate popups before i could run the adwcleaner .
  10. # AdwCleaner v2.114 - Logfile created 03/11/2013 at 16:21:57 # Updated 05/03/2013 by Xplode # Operating system : Windows Vista Home Premium Service Pack 2 (32 bits) # User : SWE - SWE-PC # Boot Mode : Normal # Running from : C:\Users\SWE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3KG8ZY7O\adwcleaner.exe # Option [Delete] ***** [services] ***** Stopped & Deleted : CltMngSvc Stopped & Deleted : IBUpdaterService ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search File Deleted : C:\END File Deleted : C:\Users\SWE\AppData\Roaming\Mozilla\Firefox\Profiles\4syi6w04.default\searchplugins\delta.xml File Deleted : C:\Users\SWE\AppData\Roaming\Mozilla\Firefox\Profiles\4syi6w04.default\searchplugins\my-web-search.xml Folder Deleted : C:\Program Files\AVG Secure Search Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\file scout Folder Deleted : C:\Program Files\FLV_Runner_B Folder Deleted : C:\Program Files\SearchProtect Folder Deleted : C:\Program Files\SocialSearchBar_App Folder Deleted : C:\Program Files\Yontoo Folder Deleted : C:\ProgramData\Ask Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\IBUpdaterService Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\Users\SWE\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\SWE\AppData\Local\Conduit Folder Deleted : C:\Users\SWE\AppData\Local\iWin Folder Deleted : C:\Users\SWE\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\SWE\AppData\LocalLow\AVG Security Toolbar Folder Deleted : C:\Users\SWE\AppData\LocalLow\Conduit Folder Deleted : C:\Users\SWE\AppData\LocalLow\Delta Folder Deleted : C:\Users\SWE\AppData\LocalLow\FLV_Runner_B Folder Deleted : C:\Users\SWE\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\SWE\AppData\LocalLow\SocialSearchBar_App Folder Deleted : C:\Users\SWE\AppData\Roaming\Babylon Folder Deleted : C:\Users\SWE\AppData\Roaming\file scout Folder Deleted : C:\Users\SWE\AppData\Roaming\Mozilla\Firefox\Profiles\4syi6w04.default\extensions\crossriderapp19962@crossrider.com Folder Deleted : C:\Users\SWE\AppData\Roaming\Mozilla\Firefox\Profiles\4syi6w04.default\extensions\gcffxtbr@WeatherBlink.com Folder Deleted : C:\Users\SWE\AppData\Roaming\Mozilla\Firefox\Profiles\4syi6w04.default\jetpack Folder Deleted : C:\Users\SWE\AppData\Roaming\PerformerSoft Folder Deleted : C:\Users\SWE\AppData\Roaming\SearchProtect ***** [Registry] ***** Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\FLV_Runner_B Key Deleted : HKCU\Software\AppDataLow\Software\Freecause Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Software\SocialSearchBar_App Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Cr_Installer Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SocialSearchBar_App Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1A93C934-025B-4C3A-B38E-9654A7003239} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2421D847-721C-404F-87B4-BBD2B95D1087} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EC5B552-6D23-4E05-A153-32AA26F7D9E8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2421D847-721C-404F-87B4-BBD2B95D1087} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6EC5B552-6D23-4E05-A153-32AA26F7D9E8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8807455B-2A3A-48F6-841D-59743F106777} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E35B874C-B20C-4C4F-A656-525AE9218388} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKCU\Software\SearchProtect Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2421D847-721C-404F-87B4-BBD2B95D1087} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EC5B552-6D23-4E05-A153-32AA26F7D9E8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8807455B-2A3A-48F6-841D-59743F106777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E35B874C-B20C-4C4F-A656-525AE9218388} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB} Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3239904 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282134 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282137 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282146 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\FLV_Runner_B Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A14648A-742D-4BE3-A60F-6EAFDBD2312F} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F894FD3-2D2F-46F2-940F-699DBBCE02F1} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCB187DA-622D-497F-AB0D-3944193F59E4} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDEF6131-6BA4-49E7-AFE6-641DD57A7C6A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2421D847-721C-404F-87B4-BBD2B95D1087} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EC5B552-6D23-4E05-A153-32AA26F7D9E8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8807455B-2A3A-48F6-841D-59743F106777} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E35B874C-B20C-4C4F-A656-525AE9218388} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner_B Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SocialSearchBar_App Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\Software\SocialSearchBar_App Key Deleted : HKLM\Software\Tarma Installer Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2421D847-721C-404F-87B4-BBD2B95D1087}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{6EC5B552-6D23-4E05-A153-32AA26F7D9E8}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{2421D847-721C-404F-87B4-BBD2B95D1087}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6EC5B552-6D23-4E05-A153-32AA26F7D9E8}] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2421D847-721C-404F-87B4-BBD2B95D1087}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6EC5B552-6D23-4E05-A153-32AA26F7D9E8}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{2421D847-721C-404F-87B4-BBD2B95D1087}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{6EC5B552-6D23-4E05-A153-32AA26F7D9E8}] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16464 [OK] Registry is clean. -\\ Mozilla Firefox v [unable to get version] File : C:\Users\SWE\AppData\Roaming\Mozilla\Firefox\Profiles\4syi6w04.default\prefs.js C:\Users\SWE\AppData\Roaming\Mozilla\Firefox\Profiles\4syi6w04.default\user.js ... Deleted ! Deleted : user_pref("browser.search.selectedEngine", "Web Search"); Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "AVG Secure Search"); Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "AVG Secure Search"); Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...] ************************* AdwCleaner[s1].txt - [14623 octets] - [11/03/2013 16:21:57] ########## EOF - C:\AdwCleaner[s1].txt - [14684 octets] ##########
  11. gringo thank you.. i am truely illiterate here computer wise well otherwise also , so it takes me a little time is this the first of what you asked for? ps i run avg it says alls well and hunky dory ..no problems supposedly it runs the defrag weekly or so i assumed assumed well hey it says it did???
  12. Results of screen317's Security Check version 0.99.61 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 AVG PC TuneUp AVG PC TuneUp Language Pack (en-US) Java 7 Update 9 Java version out of Date! Adobe Flash Player 11.6.602.171 Adobe Reader 10.1.5 Adobe Reader out of Date! Google Chrome 25.0.1364.152 Google Chrome 25.0.1364.97 ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log`````````````````````` Results of screen317's Security Check version 0.99.61 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 AVG PC TuneUp AVG PC TuneUp Language Pack (en-US) Java 7 Update 9 Java version out of Date! Adobe Flash Player 11.6.602.171 Adobe Reader 10.1.5 Adobe Reader out of Date! Google Chrome 25.0.1364.152 Google Chrome 25.0.1364.97 ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log`````````````````````` Results of screen317's Security Check version 0.99.61 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 AVG PC TuneUp AVG PC TuneUp Language Pack (en-US) Java 7 Update 9 Java version out of Date! Adobe Flash Player 11.6.602.171 Adobe Reader 10.1.5 Adobe Reader out of Date! Google Chrome 25.0.1364.152 Google Chrome 25.0.1364.97 ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
  13. i am here am working on it ty
  14. hope this is right attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.