emily2001

Hello, I had to leave my computer I dont believe however that the issue was resolved ill post info tomorrow

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.8.3 (04.05.2013:1) OS: Windows Vista Home Premium x86 Ran by Admin on Tue 04/16/2013 at 17:07:00.25 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Successfully deleted the following from C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\hiqmhv3n.default-1357687107256\prefs.js user_pref("extensions.5169aaf0e7752.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\hiqmhv3n.default-1357687107256\minidumps [1 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Tue 04/16/2013 at 17:15:28.89 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v2.200 - Logfile created 04/16/2013 at 15:49:14 # Updated 02/04/2013 by Xplode # Operating system : Windows Vista Home Premium Service Pack 1 (32 bits) # User : Admin - EMILY-PC # Boot Mode : Normal # Running from : C:\Users\Emily\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search Folder Deleted : C:\Program Files\AVG Secure Search Folder Deleted : C:\Program Files\BrowseToSave Folder Deleted : C:\Users\Emily\AppData\Local\Ilivid ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.19088 [OK] Registry is clean. -\\ Mozilla Firefox v18.0.2 (en-US) File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hiqmhv3n.default-1357687107256\prefs.js [OK] File is clean. File : C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\0a1f0vye.default\prefs.js Deleted : user_pref("aol_toolbar.default.homepage.check", false); Deleted : user_pref("aol_toolbar.default.search.check", false); Deleted : user_pref("browser.search.defaultenginename", "Search Results"); Deleted : user_pref("browser.search.order.1", "Search Results"); Deleted : user_pref("browser.search.selectedEngine", "Search Results"); Deleted : user_pref("browser.startup.homepage", "hxxp://www.searchnu.com/406"); Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0); Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); Deleted : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=295&systemid=406&apn[...] Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", ""); Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); Deleted : user_pref("sweetim.toolbar.searchguard.enable", ""); -\\ Google Chrome v [unable to get version] File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [13139 octets] - [16/04/2013 15:39:21] AdwCleaner[R2].txt - [2646 octets] - [16/04/2013 15:47:44] AdwCleaner[R3].txt - [2706 octets] - [16/04/2013 15:48:33] AdwCleaner[s1].txt - [12426 octets] - [16/04/2013 15:40:42] AdwCleaner[s2].txt - [2684 octets] - [16/04/2013 15:49:14] ########## EOF - \AdwCleaner[s2].txt - [2744 octets] ##########

# AdwCleaner v2.200 - Logfile created 04/16/2013 at 15:39:21 # Updated 02/04/2013 by Xplode # Operating system : Windows Vista Home Premium Service Pack 1 (32 bits) # User : Admin - EMILY-PC # Boot Mode : Normal # Running from : C:\Users\Emily\Downloads\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Users\Emily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk File Found : C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\0a1f0vye.default\searchplugins\Search_Results.xml File Found : C:\Users\Emily\Desktop\iLivid.lnk Folder Found : C:\Program Files\AVG Secure Search Folder Found : C:\Program Files\BrowseToSave Folder Found : C:\Program Files\Common Files\AVG Secure Search Folder Found : C:\Program Files\Conduit Folder Found : C:\Program Files\ConduitEngine Folder Found : C:\Program Files\EasyLife Folder Found : C:\ProgramData\AVG Secure Search Folder Found : C:\ProgramData\InstallMate Folder Found : C:\ProgramData\SoftSafe Folder Found : C:\Users\Admin\AppData\Local\AVG Secure Search Folder Found : C:\Users\Admin\AppData\LocalLow\AVG Secure Search Folder Found : C:\Users\Admin\AppData\LocalLow\BitTorrentBar Folder Found : C:\Users\Admin\AppData\LocalLow\Conduit Folder Found : C:\Users\Admin\AppData\LocalLow\ConduitEngine Folder Found : C:\Users\Emily\AppData\Local\AVG Secure Search Folder Found : C:\Users\Emily\AppData\Local\Ilivid Folder Found : C:\Users\Emily\AppData\LocalLow\AVG Secure Search Folder Found : C:\Users\Emily\AppData\LocalLow\Conduit Folder Found : C:\Users\Emily\AppData\LocalLow\ConduitEngine ***** [Registry] ***** Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\browse~1\sprote~1.dll Key Found : HKCU\Software\AppDataLow\Software\BitTorrentBar Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\SProtector Key Found : HKCU\Software\AVG Secure Search Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BitTorrentBar Toolbar Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\Software\AVG Secure Search Key Found : HKLM\Software\AVG Security Toolbar Key Found : HKLM\Software\BitTorrentBar Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Found : HKLM\SOFTWARE\Classes\S Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\conduitEngine Key Found : HKLM\Software\conduitEngine Key Found : HKLM\Software\Freeze.com Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2589DD9B-4518-485B-96D6-0D9D05B7AC26} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86015C97-7A51-4DD4-9D34-3B43CEC80ABE} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{46F4A8CA-61F2-493E-93E2-AA28AF30BF31} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Found : HKLM\Software\SP Global Key Found : HKLM\Software\SProtector Key Found : HKU\S-1-5-21-1787016173-3133917544-3074554611-1001\Software\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6} Key Found : HKU\S-1-5-21-1787016173-3133917544-3074554611-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKU\S-1-5-21-1787016173-3133917544-3074554611-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.19088 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.easylifeapp.com/?pid=34&src=ie1&r=2013/04/13&hid=437326623&lg=EN&cc=CA [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.easylifeapp.com/?pid=34&src=ie1&r=2013/04/13&hid=437326623&lg=EN&cc=CA -\\ Mozilla Firefox v18.0.2 (en-US) File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hiqmhv3n.default-1357687107256\prefs.js Found : user_pref("aol_toolbar.default.homepage.check", false); Found : user_pref("aol_toolbar.default.search.check", false); Found : user_pref("browser.search.defaulturl", "hxxp://search.easylifeapp.com/?pid=34&src=ff2&r=2013/04/13&h[...] Found : user_pref("browser.startup.homepage", "hxxp://search.easylifeapp.com/?pid=34&src=ff1&r=2013/04/13&hi[...] Found : user_pref("extensions.BabylonToolbar.prtkDS", 0); Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); Found : user_pref("keyword.URL", "hxxp://search.easylifeapp.com/?pid=34&src=ff2&r=2013/04/13&hid=437326623&l[...] Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "EasyLife"); Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "EasyLife"); Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.easylifeapp.com/?pid=3[...] Found : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.easylifeapp.com/?pid=34&src=ff2&r=2[...] Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); Found : user_pref("sweetim.toolbar.searchguard.enable", ""); File : C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\0a1f0vye.default\prefs.js Found : user_pref("aol_toolbar.default.homepage.check", false); Found : user_pref("aol_toolbar.default.search.check", false); Found : user_pref("browser.search.defaultenginename", "Search Results"); Found : user_pref("browser.search.order.1", "Search Results"); Found : user_pref("browser.search.selectedEngine", "Search Results"); Found : user_pref("browser.startup.homepage", "hxxp://www.searchnu.com/406"); Found : user_pref("extensions.BabylonToolbar.prtkDS", 0); Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); Found : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=295&systemid=406&apn[...] Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); Found : user_pref("sweetim.toolbar.searchguard.enable", ""); Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); Found : user_pref("sweetim.toolbar.previous.keyword.URL", ""); Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); -\\ Google Chrome v [unable to get version] File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [13010 octets] - [16/04/2013 15:39:21] ########## EOF - \AdwCleaner[R1].txt - [13071 octets] ##########

and attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume3 Install Date: 2/15/2009 3:56:29 AM System Uptime: 4/16/2013 3:50:15 PM (1 hours ago) . Motherboard: Dell Inc. | | 0UW744 Processor: AMD Athlon 64 X2 Dual-Core Processor TK-55 | Socket M2/S1G1 | 1800/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 102 GiB total, 59.076 GiB free. D: is FIXED (NTFS) - 10 GiB total, 6.184 GiB free. E: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0067 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #8 PNP Device ID: ROOT\*6TO4MP\0067 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0068 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #9 PNP Device ID: ROOT\*6TO4MP\0068 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0082 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #22 PNP Device ID: ROOT\*6TO4MP\0082 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0083 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #23 PNP Device ID: ROOT\*6TO4MP\0083 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0086 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #26 PNP Device ID: ROOT\*6TO4MP\0086 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0109 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #27 PNP Device ID: ROOT\*6TO4MP\0109 Service: tunnel . Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_01F51028&REV_01\4&B216F0A&0&09A4 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_01F51028&REV_01\4&B216F0A&0&09A4 Service: . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.3 Apple Application Support Apple Mobile Device Support Apple Software Update Auslogics Disk Defrag AVG 2013 Bonjour BrowseToSave 1.74 Canon G.726 WMP-Decoder Canon MovieEdit Task for ZoomBrowser EX Canon RAW Image Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities MyCamera Canon Utilities MyCamera DC Canon Utilities PhotoStitch Canon Utilities RemoteCapture DC Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CCleaner Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) ImgBurn iTunes Java 6 Update 17 Junk Mail filter update Malwarebytes Anti-Malware version 1.70.0.1100 Media Go Media Go Video Playback Engine 1.116.105.02020 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 18.0.2 (x86 en-US) Mozilla Maintenance Service MSVCRT OpenOffice.org 3.4.1 PlayStation®Store QuickTime Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Sony Ericsson Update Engine Sony PC Companion 2.10.136 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) VLC media player 1.1.7 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool WinRAR 4.20 (32-bit) . ==== End Of File ===========================

woops, here's dds DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.19088 Run by Admin at 16:18:34 on 2013-04-16 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1917.950 [GMT -4:00] . AV: AVG Anti-Virus 2013 *Disabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG Anti-Virus 2013 *Disabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\taskeng.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe C:\Windows\system32\taskeng.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com mStart Page = hxxp://www.google.com BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Broiwse2saVe: {852C1813-6A86-BEEA-ACEB-96840DC59204} - c:\programdata\broiwse2save\5169aaf0e7842.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll uRun: [sony PC Companion] "c:\program files\sony\sony pc companion\PCCompanion.exe" /Background uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_6_602_180_Plugin.exe -update plugin uRunOnce: [DeleteOnReboot] c:\windows\DeleteOnReboot.bat uRunOnce: [Report] \AdwCleaner[s2].txt mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mPolicies-System: EnableUIADesktopToggle = dword:0 DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 10.0.1.1 TCP: Interfaces\{298A1684-57D0-4F5C-881D-A4C8CC24D72E} : DHCPNameServer = 10.0.1.1 TCP: Interfaces\{74F48512-7594-449D-95AE-ADBA09DB22FB} : DHCPNameServer = 24.226.1.93 24.226.10.193 24.226.10.194 24.226.1.94 AppInit_DLLs= LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg . ================= FIREFOX =================== . FF - ProfilePath - c:\users\admin\appdata\roaming\mozilla\firefox\profiles\hiqmhv3n.default-1357687107256\ FF - prefs.js: browser.search.selectedEngine - EasyLife FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dll FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\sony\media go\npmediago.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll FF - ExtSQL: 2013-04-13 15:00; ie4s5e@rqrtbs.net; c:\users\admin\appdata\roaming\mozilla\firefox\profiles\hiqmhv3n.default-1357687107256\extensions\ie4s5e@rqrtbs.net . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-11-16 94048] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-2-8 64288] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-1-7 33112] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664] R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\14.2.0\ToolbarUpdater.exe [2013-2-18 968880] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-16 5814904] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?] S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2013-1-6 155824] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2013-04-16 19:40:56 376 ----a-w- c:\windows\DeleteOnReboot.bat 2013-04-13 18:59:55 -------- d-----w- c:\users\admin\appdata\roaming\SendSpace 2013-04-13 18:59:25 -------- d-----w- c:\programdata\Broiwse2saVe . ==================== Find3M ==================== . 2013-03-14 21:41:45 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-14 21:41:45 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-02-18 23:38:45 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-02-14 19:13:54 499712 ----a-w- c:\windows\system32\msvcp71.dll 2013-02-14 19:13:54 348160 ----a-w- c:\windows\system32\msvcr71.dll 2013-02-14 19:13:54 344064 ----a-w- c:\windows\system32\msvcr70.dll . ============= FINISH: 16:19:29.63 ===============

ilivid "downloader" was installed on my computer along with a bunch of useless toolbars etc. malware bytes doesn't detect it- Help please!