Jump to content

User13

Honorary Members
  • Posts

    28
  • Joined

  • Last visited

Everything posted by User13

  1. Hey Maniac, I have been testing and using my laptop as I would normally, and everything appears as if system is running as well as it was prior to being infected with the virus. The computer seems like it has been rid of all unwanted malware and infections; which I appreciate all your help in assisting me solve this problem. Thank you for doing so and all your time you put into helping me solve this. I am going to purchase the pro edition of the Malwarebytes Anti-Malware after using and trying in hopes of preventing any future infections. I will proceed with uninstalling the programs if you instruct me to do so. But as far as the laptop is concerned the system is functioning well now.
  2. Ok thats good to know then I'll monitor the system today and inform you of any findings if needed. Thank you really for all your help its greatly appreciated.
  3. Ok I'll go ahead and do so and update you if anything occurs. And of the programs installed, is it best to keep them in my system?
  4. The system seems like it is running fine; however, I have not been using as normally would only to not hinder the repair process. But as far as I can see the system seems to be clean of the infections.
  5. Ok I have run JavaRa and now have updated Java and verified that I now have Java 7 (update 21) installed. What's the following step in the process?
  6. C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined C:\Users\Omar Ibanez\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\28def80-75fb4352 multiple threats cleaned by deleting - quarantined C:\Users\Omar Ibanez\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\358b2cd9-2654073a a variant of Java/Exploit.Agent.OFX trojan cleaned by deleting - quarantined C:\Users\Omar Ibanez\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\54bc729d-48c274d4 multiple threats cleaned by deleting - quarantined C:\Users\Omar Ibanez\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3d941aef-589aaeca a variant of Java/Exploit.Agent.OFX trojan cleaned by deleting - quarantined C:\Users\Omar Ibanez\Downloads\FreeVideoToMP3Converter.exe multiple threats cleaned by deleting - quarantined C:\Users\Omar Ibanez\Downloads\Setup_FreeFlvConverter.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined C:\Users\Omar Ibanez\Downloads\winamp563_full_emusic-7plus_en-us.exe Win32/OpenCandy application cleaned by deleting - quarantined C:\Users\Omar Ibanez\Downloads\YTD-DLSetup3.9.4.exe a variant of Win32/Bundled.Toolbar.Ask.C application cleaned by deleting - quarantined C:\Users\Omar Ibanez\Downloads\GAME APP ]]]]]]]]]\Donkey Kong Country [GameFabrique].exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined C:\Users\Omar Ibanez\Downloads\GAME APP ]]]]]]]]]\Mortal Kombat 2 - 32X [GameFabrique].exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined C:\Users\Omar Ibanez\Downloads\GAME APP ]]]]]]]]]\Mortal Kombat [GameFabrique].exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined C:\Windows\Installer\16320b.msi a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined C:\Windows\Installer\MSI46AF.tmp probably a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined C:\Windows\Installer\MSIC55.tmp probably a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
  7. # AdwCleaner v2.301 - Logfile created 01/02/2008 at 21:45:27 # Updated 16/05/2013 by Xplode # Operating system : Windows Vista Home Premium Service Pack 2 (64 bits) # User : Omar Ibanez - TRON # Boot Mode : Normal # Running from : C:\Users\Omar Ibanez\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB Deleted on reboot : C:\Program Files (x86)\Common Files\Tencent Deleted on reboot : C:\Users\Omar Ibanez\AppData\Local\PackageAware Deleted on reboot : C:\Users\Omar Ibanez\AppData\LocalLow\AVG Security Toolbar Deleted on reboot : C:\Users\Omar Ibanez\AppData\Roaming\Mozilla\Firefox\Profiles\n6t92exh.default\CT2776682 Deleted on reboot : C:\Users\Omar Ibanez\AppData\Roaming\Mozilla\Firefox\Profiles\n6t92exh.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13} Deleted on reboot : C:\Users\Omar Ibanez\AppData\Roaming\Mozilla\Firefox\Profiles\n6t92exh.default\extensions\wtxpcom@mybrowserbar.com ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlaySushi Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\wecarereminder Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Key Deleted : HKLM\SOFTWARE\Software Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [support@predictad.com] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16476 [OK] Registry is clean. -\\ Mozilla Firefox v12.0 (en-US) File : C:\Users\Omar Ibanez\AppData\Roaming\Mozilla\Firefox\Profiles\n6t92exh.default\prefs.js Deleted : user_pref("CT2776682.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Deleted : user_pref("CT3220468.BT_Stats", "{\"last_log\":1354732799,\"uuid\":99798635643136,\"seq_id\":1,\"ssb[...] Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Deleted : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...] Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...] Deleted : user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...] Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2776682/CT2776682[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1168776/1164461/US", "\"0\"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2776682",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"305[...] Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Omar Ibanez\\AppData\\Roaming\\Mozi[...] -\\ Google Chrome v26.0.1410.64 File : C:\Users\Omar Ibanez\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [7777 octets] - [02/01/2008 20:56:53] AdwCleaner[s1].txt - [7117 octets] - [02/01/2008 21:45:27] ########## EOF - C:\AdwCleaner[s1].txt - [7177 octets] ##########
  8. # AdwCleaner v2.301 - Logfile created 01/02/2008 at 20:56:53 # Updated 16/05/2013 by Xplode # Operating system : Windows Vista Home Premium Service Pack 2 (64 bits) # User : Omar Ibanez - TRON # Boot Mode : Normal # Running from : C:\Users\Omar Ibanez\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB Folder Found : C:\Program Files (x86)\Common Files\Tencent Folder Found : C:\Users\Omar Ibanez\AppData\Local\PackageAware Folder Found : C:\Users\Omar Ibanez\AppData\LocalLow\AVG Security Toolbar Folder Found : C:\Users\Omar Ibanez\AppData\Roaming\Mozilla\Firefox\Profiles\n6t92exh.default\CT2776682 Folder Found : C:\Users\Omar Ibanez\AppData\Roaming\Mozilla\Firefox\Profiles\n6t92exh.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13} Folder Found : C:\Users\Omar Ibanez\AppData\Roaming\Mozilla\Firefox\Profiles\n6t92exh.default\extensions\wtxpcom@mybrowserbar.com ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlaySushi Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Found : HKCU\Software\Search Settings Key Found : HKCU\Software\wecarereminder Key Found : HKCU\Software\YahooPartnerToolbar Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Found : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3} Key Found : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\Software\Search Settings Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Found : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Key Found : HKLM\SOFTWARE\Software Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [support@predictad.com] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16476 [OK] Registry is clean. -\\ Mozilla Firefox v12.0 (en-US) File : C:\Users\Omar Ibanez\AppData\Roaming\Mozilla\Firefox\Profiles\n6t92exh.default\prefs.js Found : user_pref("CT2776682.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Found : user_pref("CT3220468.BT_Stats", "{\"last_log\":1354732799,\"uuid\":99798635643136,\"seq_id\":1,\"ssb[...] Found : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Found : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...] Found : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Found : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Found : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...] Found : user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Found : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Found : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...] Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2776682/CT2776682[...] Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1168776/1164461/US", "\"0\"[...] Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", [...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...] Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2776682",[...] Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"305[...] Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Omar Ibanez\\AppData\\Roaming\\Mozi[...] -\\ Google Chrome v26.0.1410.64 File : C:\Users\Omar Ibanez\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [7658 octets] - [02/01/2008 20:56:53] ########## EOF - C:\AdwCleaner[R1].txt - [7718 octets] ##########
  9. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows Vista Home Premium x64 Ran by Omar Ibanez on Wed 01/02/2008 at 20:41:32.96 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] application updater Successfully deleted: [service] application updater ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\babylonhelper.exe Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\babyloniepi.dll Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\application updater Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\fun web products Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\funwebproducts Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\mywebsearch Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegong Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\search settings Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\toolbar Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\oneclick Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\oneclickmg Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess" Successfully deleted: [Folder] "C:\ProgramData\tarma installer" Successfully deleted: [Folder] "C:\ProgramData\tencent" Successfully deleted: [Folder] "C:\ProgramData\wecarereminder" Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\AppData\Roaming\opencandy" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\AppData\Roaming\tencent" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\appdata\local\vghd" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\appdata\locallow\conduit" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\appdata\locallow\datamngr" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\appdata\locallow\funwebproducts" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\appdata\locallow\mywebsearch" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\appdata\locallow\search settings" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\appdata\locallow\searchquband" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\appdata\locallow\toolbar4" Successfully deleted: [Folder] "C:\Users\Omar Ibanez\appdata\locallow\utorrentcontrol_v2" Successfully deleted: [Folder] "C:\Program Files (x86)\application updater" Successfully deleted: [Folder] "C:\Program Files (x86)\ytd toolbar" Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot" Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader" Successfully deleted: [Empty Folder] C:\Users\Omar Ibanez\appdata\local\{0001CF63-167A-4046-BC5D-38063D3B01A8} Successfully deleted: [Empty Folder] C:\Users\Omar Ibanez\appdata\local\{06B8E35A-30C7-4517-9DB4-1E4442E94C74} Successfully deleted: [Empty Folder] C:\Users\Omar Ibanez\appdata\local\{73491689-E3CF-46E6-84A9-423B5292E912} Successfully deleted: [Empty Folder] C:\Users\Omar Ibanez\appdata\local\{D77C677C-AFCA-4F10-9508-10030A77BE9D} Successfully deleted: [Folder] "C:\ProgramData\ask" ~~~ FireFox Successfully deleted: [File] C:\user.js Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml" Successfully deleted: [File] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\user.js Successfully deleted: [File] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\searchplugins\askcom.xml Successfully deleted: [File] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\searchplugins\conduit.xml Successfully deleted: [File] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\searchplugins\search_results.xml Successfully deleted: [Folder] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\conduitcommon Successfully deleted: [Folder] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\jetpack Successfully deleted: [Folder] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\smartbar Successfully deleted: [Folder] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack Successfully deleted: [Folder] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\extensions\oneclickdownload@oneclickdownload.com Successfully deleted: [Folder] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\extensions\wecarereminder@bryan Failed to delete: [Folder] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\extensions\wtxpcom@mybrowserbar.com Failed to delete: [Folder] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\extensions\ytd@mybrowserbar.com Successfully deleted: [Folder] C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\extensions\{7473B6BD-4691-4744-A82B-7854EB3D70B6} Successfully deleted the following from C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\prefs.js user_pref("CT2776682..clientLogIsEnabled", false); user_pref("CT2776682..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); user_pref("CT2776682..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); user_pref("CT2776682.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); user_pref("CT2776682.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); user_pref("CT2776682.AppTrackingLastCheckTime", "Sun Jun 03 2012 10:25:29 GMT-0500 (Central Daylight Time)"); user_pref("CT2776682.BrowserCompStateIsOpen_129678129407612905", true); user_pref("CT2776682.BrowserCompStateIsOpen_129681725882385585", true); user_pref("CT2776682.BrowserCompStateIsOpen_129736214107504978", true); user_pref("CT2776682.BrowserCompStateIsOpen_129762727427121022", true); user_pref("CT2776682.BrowserCompStateIsOpen_129908764909615116", true); user_pref("CT2776682.CTID", "CT2776682"); user_pref("CT2776682.CurrentServerDate", "5-12-2012"); user_pref("CT2776682.DSChangedManually", false); user_pref("CT2776682.DSInstall", true); user_pref("CT2776682.DSProtectChoice", true); user_pref("CT2776682.DSProtectCount", 1); user_pref("CT2776682.DialogsAlignMode", "LTR"); user_pref("CT2776682.DialogsGetterLastCheckTime", "Wed Dec 05 2012 12:39:22 GMT-0600 (Central Standard Time)"); user_pref("CT2776682.DownloadReferralCookieData", ""); user_pref("CT2776682.EnableSearchHistory", false); user_pref("CT2776682.EnableSearchSuggest", false); user_pref("CT2776682.FirstServerDate", "6-2-2012"); user_pref("CT2776682.FirstTime", true); user_pref("CT2776682.FirstTimeFF3", true); user_pref("CT2776682.FixPageNotFoundErrors", true); user_pref("CT2776682.GroupingServerCheckInterval", 1440); user_pref("CT2776682.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); user_pref("CT2776682.HPInstall", true); user_pref("CT2776682.HasUserGlobalKeys", true); user_pref("CT2776682.HomePageProtectorEnabled", true); user_pref("CT2776682.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2776682&SearchSource=13"); user_pref("CT2776682.Initialize", true); user_pref("CT2776682.InitializeCommonPrefs", true); user_pref("CT2776682.InstallationAndCookieDataSentCount", 3); user_pref("CT2776682.InstallationId", "ct2776682_brothersoft_extreme.exe"); user_pref("CT2776682.InstallationType", "ConduitXPEIntegration"); user_pref("CT2776682.InstalledDate", "Sun Feb 05 2012 19:21:57 GMT-0600 (Central Standard Time)"); user_pref("CT2776682.InvalidateCache", false); user_pref("CT2776682.IsAlertDBUpdated", true); user_pref("CT2776682.IsGrouping", false); user_pref("CT2776682.IsInitSetupIni", true); user_pref("CT2776682.IsMulticommunity", false); user_pref("CT2776682.IsOpenThankYouPage", false); user_pref("CT2776682.IsOpenUninstallPage", true); user_pref("CT2776682.IsProtectorsInit", true); user_pref("CT2776682.LanguagePackLastCheckTime", "Wed Dec 05 2012 12:39:22 GMT-0600 (Central Standard Time)"); user_pref("CT2776682.LanguagePackReloadIntervalMM", 1440); user_pref("CT2776682.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx"); user_pref("CT2776682.LastLogin_3.13.0.6", "Sun Jul 15 2012 20:07:43 GMT-0500 (Central Daylight Time)"); user_pref("CT2776682.LastLogin_3.14.1.0", "Wed Dec 05 2012 12:39:22 GMT-0600 (Central Standard Time)"); user_pref("CT2776682.LastLogin_3.8.1.200", "Sun Jun 17 2012 04:36:34 GMT-0500 (Central Daylight Time)"); user_pref("CT2776682.LatestVersion", "3.16.0.3"); user_pref("CT2776682.Locale", "en"); user_pref("CT2776682.MCDetectTooltipHeight", "83"); user_pref("CT2776682.MCDetectTooltipShow", false); user_pref("CT2776682.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); user_pref("CT2776682.MCDetectTooltipWidth", "295"); user_pref("CT2776682.MyStuffEnabledAtInstallation", true); user_pref("CT2776682.OriginalFirstVersion", "3.8.1.200"); user_pref("CT2776682.RadioIsPodcast", false); user_pref("CT2776682.RadioLastCheckTime", "Mon May 07 2012 22:04:39 GMT-0500 (Central Daylight Time)"); user_pref("CT2776682.RadioLastUpdateIPServer", "3"); user_pref("CT2776682.RadioLastUpdateServer", "3"); user_pref("CT2776682.RadioMediaID", "9962"); user_pref("CT2776682.RadioMediaType", "Media Player"); user_pref("CT2776682.RadioMenuSelectedID", "EBRadioMenu_CT27766829962"); user_pref("CT2776682.RadioShrinked", "shrinked"); user_pref("CT2776682.RadioShrinkedFromSetup", true); user_pref("CT2776682.RadioStationName", "California%20Rock"); user_pref("CT2776682.RadioStationURL", "hxxp://feedlive.net/california.asx"); user_pref("CT2776682.SHRINK_TOOLBAR", 0); user_pref("CT2776682.SavedHomepage", "hxxp://www.searchqu.com/413"); user_pref("CT2776682.SearchBoxWidth", 310); user_pref("CT2776682.SearchCaption", "BrotherSoft Extreme Customized Web Search"); user_pref("CT2776682.SearchEngineBeforeUnload", "BrotherSoft Extreme Customized Web Search"); user_pref("CT2776682.SearchFromAddressBarIsInit", true); user_pref("CT2776682.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q="); user_pref("CT2776682.SearchInNewTabEnabled", true); user_pref("CT2776682.SearchInNewTabIntervalMM", 1440); user_pref("CT2776682.SearchInNewTabLastCheckTime", "Wed Dec 05 2012 12:39:18 GMT-0600 (Central Standard Time)"); user_pref("CT2776682.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); user_pref("CT2776682.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID"); user_pref("CT2776682.SearchProtectorEnabled", false); user_pref("CT2776682.SearchProtectorToolbarDisabled", false); user_pref("CT2776682.SendProtectorDataViaLogin", true); user_pref("CT2776682.ServiceMapLastCheckTime", "Wed Dec 05 2012 12:39:19 GMT-0600 (Central Standard Time)"); user_pref("CT2776682.SettingsLastCheckTime", "Wed Dec 05 2012 12:39:17 GMT-0600 (Central Standard Time)"); user_pref("CT2776682.SettingsLastUpdate", "1354705172"); user_pref("CT2776682.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2776682&SearchSource=13"); user_pref("CT2776682.ThirdPartyComponentsInterval", 504); user_pref("CT2776682.ThirdPartyComponentsLastCheck", "Sun Jun 03 2012 10:25:00 GMT-0500 (Central Daylight Time)"); user_pref("CT2776682.ThirdPartyComponentsLastUpdate", "1331805997"); user_pref("CT2776682.ToolbarShrinkedFromSetup", true); user_pref("CT2776682.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2776682"); user_pref("CT2776682.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com user_pref("CT2776682.UserID", "UN53502199820521450"); user_pref("CT2776682.ValidationData_Toolbar", 2); user_pref("CT2776682.alertChannelId", "1168776"); user_pref("CT2776682.approveUntrustedApps", false); user_pref("CT2776682.autoDisableScopes", -1); user_pref("CT2776682.backendstorage.autocompletepro_enable", "31"); user_pref("CT2776682.backendstorage.autocompletepro_enable_auto", "31"); user_pref("CT2776682.backendstorage.cb_firstuse0100", "31"); user_pref("CT2776682.backendstorage.cb_user_id_000", "434233353932323331343939305F46697265666F78"); user_pref("CT2776682.backendstorage.cbcountry_000", "5553"); user_pref("CT2776682.backendstorage.cbfirsttime", "53756E2046656220303520323031322031393A32323A303820474D542D30363030202843656E7472616C205374616E646172642054696D6529"); user_pref("CT2776682.backendstorage.ct2776682ads1", "25374225323261647325323225334125354225374225323261696425323225334125323233333334302532322532432532327469746C65253232253341 user_pref("CT2776682.backendstorage.ct2776682current_term", ""); user_pref("CT2776682.backendstorage.ct2776682isadsdisabled", "66616C7365"); user_pref("CT2776682.backendstorage.ct2776682sdate", "3133"); user_pref("CT2776682.backendstorage.printitgreenstatus", "74727565"); user_pref("CT2776682.backendstorage.shoppingapp.gk.exipres", "536174204D617920313220323031322032323A30343A343420474D542D30353030202843656E7472616C204461796C696768742054696D652 user_pref("CT2776682.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573"); user_pref("CT2776682.backendstorage.url_history0001", "687474703A2F2F7777772E6D696E6563726166742E6E65742F636C61737369632F6C6973743A3A3A636C69636B68616E646C65723A3A3A3133333339 user_pref("CT2776682.components.1000082", false); user_pref("CT2776682.components.129288498426163451", false); user_pref("CT2776682.components.129317966246600942", false); user_pref("CT2776682.components.129348059348463281", false); user_pref("CT2776682.components.129378290255256948", false); user_pref("CT2776682.components.129625171796543175", false); user_pref("CT2776682.components.129678129407612905", false); user_pref("CT2776682.components.129681725882385585", false); user_pref("CT2776682.components.129736214107504978", false); user_pref("CT2776682.components.129762727427121022", false); user_pref("CT2776682.components.129800572219330339", false); user_pref("CT2776682.components.129800591012013441", false); user_pref("CT2776682.components.129810931099638233", false); user_pref("CT2776682.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP user_pref("CT2776682.globalFirstTimeInfoLastCheckTime", "Sun Jun 17 2012 04:36:34 GMT-0500 (Central Daylight Time)"); user_pref("CT2776682.homepageProtectorEnableByLogin", true); user_pref("CT2776682.initDone", true); user_pref("CT2776682.isAppTrackingManagerOn", true); user_pref("CT2776682.isFirstRadioInstallation", false); user_pref("CT2776682.myStuffEnabled", true); user_pref("CT2776682.myStuffPublihserMinWidth", 400); user_pref("CT2776682.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"); user_pref("CT2776682.myStuffServiceIntervalMM", 1440); user_pref("CT2776682.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT"); user_pref("CT2776682.oldAppsList", "129288498392881552,129288498393350308,111,129800572219330339,129810931099638233,129625171796543175,129348059348463281,129317966246600942,12 user_pref("CT2776682.revertSettingsEnabled", true); user_pref("CT2776682.searchProtectorDialogDelayInSec", 10); user_pref("CT2776682.searchProtectorEnableByLogin", true); user_pref("CT2776682.testingCtid", ""); user_pref("CT2776682.toolbarAppMetaDataLastCheckTime", "Wed Dec 05 2012 12:39:22 GMT-0600 (Central Standard Time)"); user_pref("CT2776682.toolbarContextMenuLastCheckTime", "Sun Jun 03 2012 10:25:10 GMT-0500 (Central Daylight Time)"); user_pref("CT2776682.usagesFlag", 2); user_pref("CT3220468.BT_Stats", "{\"last_log\":1354732799,\"uuid\":99798635643136,\"seq_id\":1,\"ssb\":1354732799}"); user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3220468.FirstTime", "true"); user_pref("CT3220468.FirstTimeFF3", "true"); user_pref("CT3220468.UserID", "UN66828625068097564"); user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true"); user_pref("CT3220468.autoDisableScopes", -1); user_pref("CT3220468.cbfirsttime", "Wed Dec 05 2012 12:39:53 GMT-0600 (Central Standard Time)"); user_pref("CT3220468.defaultSearch", "FALSE"); user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get user_pref("CT3220468.enableAlerts", "always"); user_pref("CT3220468.enableSearchFromAddressBar", "FALSE"); user_pref("CT3220468.firstTimeDialogOpened", "true"); user_pref("CT3220468.fixPageNotFoundError", "true"); user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true"); user_pref("CT3220468.fixUrls", true); user_pref("CT3220468.installId", "fft520E.tmp.exe"); user_pref("CT3220468.installType", "XPE"); user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3220468.isNewTabEnabled", true); user_pref("CT3220468.isPerformedSmartBarTransition", "true"); user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.utorrent.com%2Futorrent-control-complete%2Fdigital-lifeboat\",\ user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT3220468.openThankYouPage", "true"); user_pref("CT3220468.openUninstallPage", "FALSE"); user_pref("CT3220468.search.searchAppId", "129813684258939747"); user_pref("CT3220468.search.searchCount", "0"); user_pref("CT3220468.searchInNewTabEnabledInHidden", "true"); user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}"); user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}"); user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}"); user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1354732889772"); user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1354732889600"); user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1354732889709"); user_pref("CT3220468.serviceLayer_services_login_10.10.20.14_lastUpdate", "1354732775880"); user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1354732889778"); user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1354732889849"); user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1354732888928"); user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1354732889612"); user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1354732889682"); user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1354732889452"); user_pref("CT3220468.settingsINI", true); user_pref("CT3220468.shouldFirstTimeDialog", "false"); user_pref("CT3220468.smartbar.CTID", "CT3220468"); user_pref("CT3220468.smartbar.Uninstall", "0"); user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 "); user_pref("CT3220468.toolbarBornServerTime", "5-12-2012"); user_pref("CT3220468.toolbarCurrentServerTime", "5-12-2012"); user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2776682&SearchSource=13"); user_pref("CommunityToolbar.ConduitSearchList", "BrotherSoft Extreme Customized Web Search"); user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2776682/CT2776682", "\"e877c0acaf56cf582cd9f045e2fd64283\""); user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1168776/1164461/US", "\"0\""); user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", "\"1331799143\""); user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "G9mW7heT/8xIX1frcduu0A==); user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "mfQ70fvlD2zuBxSBj8rQqA=="); user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA=="); user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "FqddrIU7eyJgaaLyHDeVMQ=="); user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\""); user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\""); user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0343677cfb1cd1:0\""); user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.200", "\"4ead38b3e6bcd1:0\""); user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2776682", "\"f1c77625c0e9bd1c80a2fd6901845fa9\""); user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"3051cf92920b3e79f4c0c03792b5f413\""); user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Omar Ibanez\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\n6t92exh.default\\conduitCommon\\modules\\3.8.1.200 user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.200"); user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="); user_pref("CommunityToolbar.ToolbarsList", "CT2776682"); user_pref("CommunityToolbar.ToolbarsList2", "CT2776682"); user_pref("CommunityToolbar.ToolbarsList4", "CT2776682"); user_pref("CommunityToolbar.globalUserId", "4b324c3f-b4b5-4ca5-80c0-97083b336fda"); user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2776682"); user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jun 17 2012 04:36:35 GMT-0500 (Central Daylight Time)"); user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Jun 17 2012 04:36:42 GMT-0500 (Central Daylight Time)"); user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); user_pref("CommunityToolbar.notifications.locale", "en"); user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jun 17 2012 04:36:31 GMT-0500 (Central Daylight Time)"); user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); user_pref("CommunityToolbar.notifications.showTrayIcon", false); user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); user_pref("CommunityToolbar.notifications.userId", "f4de5312-9394-4921-949d-e51d892d5d54"); user_pref("CommunityToolbar.originalHomepage", "hxxp://www.searchqu.com/413"); user_pref("CommunityToolbar.originalSearchEngine", "Yahoo"); user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=109221&tt=3412_7&babsrc=NT_ss&mntrId=743acec5000000000000002163517024"); user_pref("browser.search.defaultthis.engineName", "BrotherSoft Extreme Customized Web Search"); user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}"); user_pref("browser.search.order.1", "Ask.com"); user_pref("extensions.BabylonToolbar.admin", false); user_pref("extensions.BabylonToolbar.aflt", "babsst"); user_pref("extensions.BabylonToolbar.dfltLng", "en"); user_pref("extensions.BabylonToolbar.excTlbr", false); user_pref("extensions.BabylonToolbar.id", "743acec5000000000000002163517024"); user_pref("extensions.BabylonToolbar.instlDay", "15573"); user_pref("extensions.BabylonToolbar.instlRef", "sst"); user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar.tlbrId", "base"); user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q="); user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6"); user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109221&tt=3412_7"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.61:30:48"); user_pref("browser.search.defaultengine", "Ask.com"); Emptied folder: C:\Users\Omar Ibanez\AppData\Roaming\mozilla\firefox\profiles\n6t92exh.default\minidumps [3 files] ~~~ Chrome Successfully deleted: [Folder] C:\Users\Omar Ibanez\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 01/02/2008 at 20:50:37.23 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  10. ok here are the logs.Add-Remove Programs.txtmbam-log-2008-01-02 (20-17-28).txt
  11. Ok running scan now will provide the logs when done.
  12. mbam-log-2008-01-02 (04-13-28).txtComboFix.txtOk I ran both programs and did both scans here are the logs. Also when was running the mbam AVG moved a trojan virus to virus vault and was deleted as well just in case needing to know.
  13. Yes now i can log on thank you. So now back to your original steps?
  14. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2013 Ran by SYSTEM at 2008-01-02 03:49:40 Run:6 Running from F:\ Boot Mode: Recovery ============================================== HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SearchSettings => Value deleted successfully. HKEY_USERS\Omar Ibanez\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully. C:\Users\Omar Ibanez\AppData\Roaming\Babylon => Moved successfully. C:\ProgramData\Babylon => Moved successfully. C:\Users\Omar Ibanez\AppData\Local\CRE => Moved successfully. C:\Users\Omar Ibanez\AppData\Local\_ => Moved successfully. C:\Users\Omar Ibanez\AppData\Local\Conduit => Moved successfully. C:\Users\Omar Ibanez\AppData\Roaming\WhiteSmokeTranslator => Moved successfully. C:\Program Files (x86)\Conduit => Moved successfully. ==== End of Fixlog ====
  15. Ok here is the new FRST log too long to post so had to as an attachment.FRST.txt
  16. When I access the safe mode with networking it allows me to do so; however, the same command prompt pops up.
  17. Hey Maniac, I tried doing the steps you instructed, but its not loading normally the laptop I mean. I only am getting the command prompt message, and when I close it the screen stays black and blank with nothing running or the system doing anything. I can not get the programs installed. How do I bypass this command prompt and get the operating system to boot normally? Or is there anyway to do so now from this step? I would appreciate your help.
  18. Ok I now rebooted normally and a command prompt has appeared. Saying that "C:\Users\Omar Ibanez\Documents\60556136.exe is not recognized as an internal operable program or batch file." and now im at the line C:\Windows\system32>
  19. Yes I guess that was an issue when I copied paste I guess they weren't not all on a single entry for some of the lines of the code were indented in the notepad file and I didnt realize that sorry.
  20. Ok I did again and now here is new fixlog.txt. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2013 Ran by SYSTEM at 2008-01-01 22:43:13 Run:5 Running from F:\ Boot Mode: Recovery ============================================== C:\Users\Omar Ibanez\AppData\Local\2433f433 => File/Directory not found. C:\Users\Omar Ibanez\AppData\Roaming\2433f433 => Moved successfully. C:\ProgramData\2433f433 => Moved successfully. C:\Users\Omar Ibanez\Documents\60556136.exe => Moved successfully. ==== End of Fixlog ====
  21. So do I need to run another fix again? Cuz not sure if I'm doing something wrong; if I am please let me know cuz I may be doing so. And if I am i apologize.
  22. oh ok well thats the results I get and i just copy/paste on here. Am i doing wrong?
  23. Ok ran again and here is the fix log results. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2013 Ran by SYSTEM at 2008-01-01 22:07:34 Run:3 Running from F:\ Boot Mode: Recovery ============================================== C:\Users\Omar Ibanez\AppData\Local\2433f433 => Moved successfully. ==== End of Fixlog ====
  24. Ok I have done as you said and here is the fixlog.txt log created after done. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2013 Ran by SYSTEM at 2008-01-01 21:44:20 Run:2 Running from F:\ Boot Mode: Recovery ============================================== HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. ==== End of Fixlog ====
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.