Jump to content

HelixVexium

Members
  • Posts

    19
  • Joined

  • Last visited

Reputation

0 Neutral

Profile Information

  • Location
    California
  1. I also found out that the "rubyw.exe" belongs to Private Internet Access (VPN)
  2. No I'm all good. I decided to reinstall windows.
  3. Still getting the same error with Steam and I still get a 1722 error when trying to install Malwarebytes secure backup. Do we have many more options or should I just give up and reinstall windows, oh which by the way I was finally able to activate after it randomly said that it was a fake copy a few months ago.
  4. I got two files but neither had the name that you wanted, here they are. RKreport0_D_07012013_115005.txt RKreport0_S_07012013_114948.txt
  5. Here is TDSSKiler report and none of them were abled to be cured. TDSSKiller.txt
  6. Still unable to install Steam and computer seems to have not changed.
  7. I have a problem installing Steam since my second hard drive died with Steam on it and with some games, I have look in the file registry keys where you are told to delete ones for steam and the ones they had listed weren't there. Whenever I try to install it I get a "Error 1327. Invalid Drive Z:/". "Z" being the drive that died. ComboFix 13-06-30.01 - Shane 06/30/2013 22:34:38.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8178.5923 [GMT -7:00] Running from: c:\users\Shane\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\program files\PrivacySafeGuard\PrIVacysafeguard.dll c:\users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\etilqs_6001bdDiOOrr8bg c:\users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\etilqs_fKfoNysxbidEOm0 c:\users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\etilqs_IikO6e3Iv5OXerd c:\users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\etilqs_jzeqM4r8CZVskM8 c:\users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\etilqs_K5hMjHx2Zjx2NRS c:\users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\etilqs_lr7NjdsAbt6DGcV c:\users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\toolbar_log.txt c:\windows\SysWow64\frapsvid.dll . . ((((((((((((((((((((((((( Files Created from 2013-06-01 to 2013-07-01 ))))))))))))))))))))))))))))))) . . 2013-07-01 05:45 . 2013-07-01 05:45 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-07-01 05:45 . 2013-07-01 05:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-07-01 05:45 . 2013-07-01 05:45 -------- d-----w- c:\users\CSS Server\AppData\Local\temp 2013-07-01 03:46 . 2013-07-01 03:46 -------- d-----w- c:\windows\ERUNT 2013-07-01 03:45 . 2013-07-01 03:45 -------- d-----w- C:\JRT 2013-06-29 00:38 . 2013-07-01 03:29 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-06-16 05:06 . 2013-06-16 08:26 -------- d-----w- c:\users\Shane\AppData\Roaming\dvdcss 2013-06-16 05:00 . 2013-06-16 05:00 -------- d-----w- c:\users\Shane\AppData\Roaming\Digiarty 2013-06-16 04:58 . 2013-06-16 04:58 -------- d-----w- c:\program files (x86)\Digiarty 2013-06-02 04:14 . 2013-06-02 06:46 -------- d-----w- c:\program files (x86)\Euro Truck Simulator 2 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-29 00:07 . 2013-03-15 04:43 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-06-29 00:07 . 2012-07-06 04:28 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-06-29 00:07 . 2012-07-06 04:28 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-05-21 03:47 . 2013-05-21 03:47 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-05-21 03:47 . 2013-05-21 03:47 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2013-05-21 03:47 . 2013-05-21 03:47 85504 ----a-w- c:\windows\system32\jsproxy.dll 2013-05-21 03:47 . 2013-05-21 03:47 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-05-21 03:47 . 2013-05-21 03:47 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2013-05-21 03:47 . 2013-05-21 03:47 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2013-05-21 03:47 . 2013-05-21 03:47 65024 ----a-w- c:\windows\system32\pngfilt.dll 2013-05-21 03:47 . 2013-05-21 03:47 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-05-21 03:47 . 2013-05-21 03:47 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-05-21 03:47 . 2013-05-21 03:47 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-05-21 03:47 . 2013-05-21 03:47 367104 ----a-w- c:\windows\SysWow64\html.iec 2013-05-21 03:47 . 2013-05-21 03:47 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-05-21 03:47 . 2013-05-21 03:47 267776 ----a-w- c:\windows\system32\ieaksie.dll 2013-05-21 03:47 . 2013-05-21 03:47 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2013-05-21 03:47 . 2013-05-21 03:47 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-05-21 03:47 . 2013-05-21 03:47 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-05-21 03:47 . 2013-05-21 03:47 222208 ----a-w- c:\windows\system32\msls31.dll 2013-05-21 03:47 . 2013-05-21 03:47 2147840 ----a-w- c:\windows\system32\iertutil.dll 2013-05-21 03:47 . 2013-05-21 03:47 197120 ----a-w- c:\windows\system32\msrating.dll 2013-05-21 03:47 . 2013-05-21 03:47 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll 2013-05-21 03:47 . 2013-05-21 03:47 17818624 ----a-w- c:\windows\system32\mshtml.dll 2013-05-21 03:47 . 2013-05-21 03:47 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2013-05-21 03:47 . 2013-05-21 03:47 163840 ----a-w- c:\windows\system32\ieakui.dll 2013-05-21 03:47 . 2013-05-21 03:47 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2013-05-21 03:47 . 2013-05-21 03:47 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2013-05-21 03:47 . 2013-05-21 03:47 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-05-21 03:47 . 2013-05-21 03:47 149504 ----a-w- c:\windows\system32\occache.dll 2013-05-21 03:47 . 2013-05-21 03:47 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-05-21 03:47 . 2013-05-21 03:47 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-05-21 03:47 . 2013-05-21 03:47 1392128 ----a-w- c:\windows\system32\wininet.dll 2013-05-21 03:47 . 2013-05-21 03:47 1346560 ----a-w- c:\windows\system32\urlmon.dll 2013-05-21 03:47 . 2013-05-21 03:47 12288 ----a-w- c:\windows\system32\mshta.exe 2013-05-21 03:47 . 2013-05-21 03:47 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2013-05-21 03:47 . 2013-05-21 03:47 114176 ----a-w- c:\windows\system32\admparse.dll 2013-05-21 03:47 . 2013-05-21 03:47 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2013-05-21 03:47 . 2013-05-21 03:47 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-05-21 03:47 . 2013-05-21 03:47 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2013-05-21 03:47 . 2013-05-21 03:47 2312704 ----a-w- c:\windows\system32\jscript9.dll 2013-05-21 03:47 . 2013-05-21 03:47 96768 ----a-w- c:\windows\system32\mshtmled.dll 2013-05-21 03:47 . 2013-05-21 03:47 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-05-21 03:47 . 2013-05-21 03:47 89088 ----a-w- c:\windows\system32\ie4uinit.exe 2013-05-21 03:47 . 2013-05-21 03:47 85504 ----a-w- c:\windows\system32\iesetup.dll 2013-05-21 03:47 . 2013-05-21 03:47 82432 ----a-w- c:\windows\system32\icardie.dll 2013-05-21 03:47 . 2013-05-21 03:47 816640 ----a-w- c:\windows\system32\jscript.dll 2013-05-21 03:47 . 2013-05-21 03:47 76800 ----a-w- c:\windows\system32\tdc.ocx 2013-05-21 03:47 . 2013-05-21 03:47 729088 ----a-w- c:\windows\system32\msfeeds.dll 2013-05-21 03:47 . 2013-05-21 03:47 599040 ----a-w- c:\windows\system32\vbscript.dll 2013-05-21 03:47 . 2013-05-21 03:47 55296 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-05-21 03:47 . 2013-05-21 03:47 534528 ----a-w- c:\windows\system32\ieapfltr.dll 2013-05-21 03:47 . 2013-05-21 03:47 49664 ----a-w- c:\windows\system32\imgutil.dll 2013-05-21 03:47 . 2013-05-21 03:47 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-05-21 03:47 . 2013-05-21 03:47 452608 ----a-w- c:\windows\system32\dxtmsft.dll 2013-05-21 03:47 . 2013-05-21 03:47 448512 ----a-w- c:\windows\system32\html.iec 2013-05-21 03:47 . 2013-05-21 03:47 403248 ----a-w- c:\windows\system32\iedkcs32.dll 2013-05-21 03:47 . 2013-05-21 03:47 39936 ----a-w- c:\windows\system32\iernonce.dll 2013-05-21 03:47 . 2013-05-21 03:47 3695416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-05-21 03:47 . 2013-05-21 03:47 30720 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-21 03:47 . 2013-05-21 03:47 282112 ----a-w- c:\windows\system32\dxtrans.dll 2013-05-21 03:47 . 2013-05-21 03:47 249344 ----a-w- c:\windows\system32\webcheck.dll 2013-05-21 03:47 . 2013-05-21 03:47 248320 ----a-w- c:\windows\system32\ieui.dll 2013-05-21 03:47 . 2013-05-21 03:47 237056 ----a-w- c:\windows\system32\url.dll 2013-05-21 03:47 . 2013-05-21 03:47 165888 ----a-w- c:\windows\system32\iexpress.exe 2013-05-21 03:47 . 2013-05-21 03:47 160256 ----a-w- c:\windows\system32\wextract.exe 2013-05-21 03:47 . 2013-05-21 03:47 160256 ----a-w- c:\windows\system32\ieakeng.dll 2013-05-21 03:47 . 2013-05-21 03:47 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2013-05-21 03:47 . 2013-05-21 03:47 145920 ----a-w- c:\windows\system32\iepeers.dll 2013-05-21 03:47 . 2013-05-21 03:47 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-05-21 03:47 . 2013-05-21 03:47 111616 ----a-w- c:\windows\system32\iesysprep.dll 2013-05-21 03:47 . 2013-05-21 03:47 10926080 ----a-w- c:\windows\system32\ieframe.dll 2013-05-21 03:47 . 2013-05-21 03:47 10752 ----a-w- c:\windows\system32\msfeedssync.exe 2013-05-21 03:47 . 2013-05-21 03:47 103936 ----a-w- c:\windows\system32\inseng.dll 2013-05-19 07:05 . 2012-06-17 18:27 290776 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2013-05-19 07:05 . 2012-06-16 03:12 290776 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-05-14 08:48 . 2013-05-21 03:26 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{24497653-AB0E-400A-8D3A-71C00E023FAF}\mpengine.dll 2013-05-14 01:58 . 2013-05-14 01:59 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-05-14 01:58 . 2012-06-16 00:06 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-05-14 01:58 . 2012-06-16 00:06 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-05-09 08:59 . 2013-03-15 04:43 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-05-09 08:59 . 2012-07-06 04:28 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-05-09 08:59 . 2012-07-06 04:28 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-05-09 08:59 . 2012-07-06 04:28 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-05-09 08:59 . 2012-07-06 04:27 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-05-09 08:58 . 2012-07-06 04:26 41664 ----a-w- c:\windows\avastSS.scr 2013-05-09 08:58 . 2012-07-06 04:27 287840 ----a-w- c:\windows\system32\aswBoot.exe 2013-05-03 23:15 . 2013-05-21 03:27 75016696 ----a-w- c:\windows\system32\MRT.exe 2013-05-03 03:03 . 2012-11-12 19:15 74456 ----a-w- c:\windows\system32\drivers\rzfilter.sys 2013-05-03 03:03 . 2012-11-12 19:15 128856 ----a-w- c:\windows\system32\drivers\rzdxgk.sys 2013-05-02 09:06 . 2012-06-15 21:58 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-04-28 04:56 . 2012-06-16 03:12 281288 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2013-04-19 02:00 . 2013-04-19 02:00 25600 ----a-w- c:\windows\system32\drivers\rzdaendpt.sys 2013-04-19 02:00 . 2013-04-19 02:00 23040 ----a-w- c:\windows\system32\drivers\rzvkeyboard.sys 2013-04-19 02:00 . 2013-04-19 02:00 119808 ----a-w- c:\windows\system32\drivers\rzudd.sys 2013-04-19 01:56 . 2013-04-19 01:56 56832 ----a-w- c:\windows\SysWow64\rzdevinfo.dll 2013-04-19 01:56 . 2013-04-19 01:56 148480 ----a-w- c:\windows\SysWow64\rztouchdll.dll 2013-04-19 01:56 . 2013-04-19 01:56 724480 ----a-w- c:\windows\SysWow64\rzdevicedll.dll 2013-04-19 01:56 . 2013-04-19 01:56 288256 ----a-w- c:\windows\SysWow64\rzaudiodll.dll 2013-04-12 14:36 . 2013-05-21 02:29 1653096 ----a-w- c:\windows\system32\drivers\ntfs.sys . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [-] 2012-06-15 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll . [-] 2012-06-15 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll [7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="c:\users\Shane\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-05-30 1104384] "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-06-07 19676256] "MusicManager"="c:\users\Shane\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2013-04-23 7331840] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-05-14 802136] "EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-06-04 3456080] "EvolveClient"="c:\program files\Echobit\Evolve\EvolveClient.exe" [2013-05-30 3157464] "Razer Comms"="c:\program files (x86)\Razer\Core\RazerCore.exe" [2013-05-03 1073368] "RemotelessHelper"="c:\program files (x86)\RemotelessHelper\RemotelessHelper.exe" [2013-02-10 1541632] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376] "Spotify"="c:\users\Shane\AppData\Roaming\Spotify\spotify.exe" [2013-05-30 4657152] "Hideman"="c:\program files (x86)\Hideman\bin\Hideman.exe" [2013-03-06 1386096] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-29 336384] "Super-Charger"="c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe" [2011-07-07 303104] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-08-24 336992] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] "Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-04-23 608104] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184] . c:\users\Shane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ GameStop Now.lnk - c:\program files (x86)\GameStop App\Now\GameStopNow.exe [2012-11-5 2039568] OpenOffice.org 3.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x] R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 OpenVPNAccessClient;OpenVPN Access Client;c:\program files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe;c:\program files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [x] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe;c:\program files\CyberGhost VPN\CGVPNCliService.exe [x] R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [x] R3 EvoSvc;Evolve Service;c:\program files\Echobit\Evolve\EvoSvc.exe;c:\program files\Echobit\Evolve\EvoSvc.exe [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x] R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x] R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x] R3 PulseUsb;Livescribe Smartpen USB Driver;c:\windows\system32\DRIVERS\PulseUsb.sys;c:\windows\SYSNATIVE\DRIVERS\PulseUsb.sys [x] R3 Remote Solver for Flow Simulation 2011;Remote Solver for Flow Simulation 2011;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [x] R3 rzdaendpt;Razer DeathAdder end point;c:\windows\system32\DRIVERS\rzdaendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzdaendpt.sys [x] R3 RzDxgk;Razer overlay support subsystem;c:\windows\system32\DRIVERS\rzdxgk.sys;c:\windows\SYSNATIVE\DRIVERS\rzdxgk.sys [x] R3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x] R3 rzvkeyboard;Razer Virtual Keyboard Driver;c:\windows\system32\DRIVERS\rzvkeyboard.sys;c:\windows\SYSNATIVE\DRIVERS\rzvkeyboard.sys [x] R3 SMIGrabber3C;SMI Grabber Device Tuner Filter 3C;c:\windows\system32\Drivers\SmiUsbGrabber3C.sys;c:\windows\SYSNATIVE\Drivers\SmiUsbGrabber3C.sys [x] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S0 RzFilter;Razer Input Filter;c:\windows\system32\DRIVERS\rzfilter.sys;c:\windows\SYSNATIVE\DRIVERS\rzfilter.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x] S2 PenCommService;Livescribe Pulse Smartpen Service;c:\program files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe;c:\program files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe [x] S2 RzOvlMon;Razer Overlay Subsystem Emergency Service;c:\program files (x86)\Razer\Core\64bit\rzovlmon.exe;c:\program files (x86)\Razer\Core\64bit\rzovlmon.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x] S3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys;c:\windows\SYSNATIVE\DRIVERS\tapoas.sys [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2013-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-20 05:20] . 2013-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-20 05:20] . 2013-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2664243170-500528323-2817631383-1000Core.job - c:\users\Shane\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15 21:55] . 2013-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2664243170-500528323-2817631383-1000UA.job - c:\users\Shane\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15 21:55] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1036AD63-AEAC-460B-9060-C96005D4DC86}] 2012-08-08 06:08 105472 ----a-w- c:\program files\PrivacySafeGuard\PrivacySafeGuard-x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2013-06-07 06:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-06-07 06:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-06-07 06:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2013-06-07 06:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2013-06-07 06:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2013-06-07 06:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-05-21 6868280] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] "Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: Interfaces\{31754AAE-E911-4563-890B-7BF208C85C2A}: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{7F925FCC-EBCA-4EBA-9241-C41EA9105118}\55E6275637472796364756460294E6475627E656471202: NameServer = 192.168.1.1 FF - ProfilePath - c:\users\Shane\AppData\Roaming\Mozilla\Firefox\Profiles\lgor8nbo.default\ . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKCU-Run-AdobeBridge - (no file) Wow6432Node-HKCU-Run-BTLive - c:\users\Shane\AppData\Roaming\BTLive\BTLive.exe Wow6432Node-HKCU-Run-Steam - z:\steam\Steam.exe Wow6432Node-HKLM-Run-AVG_TRAY - c:\program files (x86)\AVG\AVG2012\avgtray.exe Wow6432Node-HKLM-Run-<NO NAME> - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) AddRemove-PunkBusterSvc - c:\program files (x86)\STEAM\STEAMAPPS\COMMON\APB RELOADED\Binaries\pbsvc_apb.exe AddRemove-Steam App 10 - z:\steam\steam.exe AddRemove-Steam App 12210 - z:\steam\steam.exe AddRemove-Steam App 12220 - z:\steam\steam.exe AddRemove-Steam App 212680 - z:\steam\steam.exe AddRemove-Steam App 220 - z:\steam\steam.exe AddRemove-Steam App 240 - z:\steam\steam.exe AddRemove-Steam App 4000 - z:\steam\steam.exe AddRemove-Steam App 440 - z:\steam\steam.exe AddRemove-Steam App 70 - z:\steam\steam.exe AddRemove-Steam App 95300 - z:\steam\steam.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2664243170-500528323-2817631383-1000\Software\SecuROM\License information*] "datasecu"=hex:58,b3,ab,18,d1,d2,a9,07,a3,d4,49,08,f9,2d,56,09,bc,16,1a,4d,d1, a8,fd,c5,64,04,5c,1d,7f,15,d9,a8,2d,60,0f,5c,47,a8,56,bd,de,97,0c,cb,6e,04,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-06-30 23:01:04 ComboFix-quarantined-files.txt 2013-07-01 06:01 . Pre-Run: 254,593,462,272 bytes free Post-Run: 269,509,976,064 bytes free . - - End Of File - - 2028F9AB6C2CD419D73D9515B394B526 A36C5E4F47E84449FF07ED3517B43A31
  8. How long should it take for the program to make a log? It's been around 5 min so far.
  9. I am still unable to install Steam so I believe that my computer is still infected. I would also like some help with fixing the register error for installing Steam if possible.
  10. Did JRT here is log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 4.9.4 (05.06.2013:1)OS: Windows 7 Home Premium x64Ran by Shane on Sun 06/30/2013 at 20:46:11.97~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\smessagingSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1495BE9A-CC0F-22C0-FE8E-21FC8B8083C1}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1036AD63-AEAC-460B-9060-C96005D4DC86}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} ~~~ Files Successfully deleted: [File] C:\eula.1028.txtSuccessfully deleted: [File] C:\eula.1031.txtSuccessfully deleted: [File] C:\eula.1033.txtSuccessfully deleted: [File] C:\eula.1036.txtSuccessfully deleted: [File] C:\eula.1040.txtSuccessfully deleted: [File] C:\eula.1041.txtSuccessfully deleted: [File] C:\eula.1042.txtSuccessfully deleted: [File] C:\eula.2052.txtSuccessfully deleted: [File] C:\install.res.1028.dllSuccessfully deleted: [File] C:\install.res.1031.dllSuccessfully deleted: [File] C:\install.res.1033.dllSuccessfully deleted: [File] C:\install.res.1036.dllSuccessfully deleted: [File] C:\install.res.1040.dllSuccessfully deleted: [File] C:\install.res.1041.dllSuccessfully deleted: [File] C:\install.res.1042.dllSuccessfully deleted: [File] C:\install.res.2052.dllSuccessfully deleted: [File] C:\install.res.3082.dll ~~~ Folders Successfully deleted: [Folder] "C:\Users\Shane\AppData\Roaming\strongvault"Successfully deleted: [Folder] "C:\Users\Shane\appdata\local\stronghold_llc"Successfully deleted: [Folder] "C:\Users\Shane\appdata\local\strongvault online backup"Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\privacy safeguard"Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin" ~~~ FireFox Emptied folder: C:\Users\Shane\AppData\Roaming\mozilla\firefox\profiles\lgor8nbo.default\minidumps [2 files] ~~~ Chrome Successfully deleted: [Folder] C:\Users\Shane\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmddaSuccessfully deleted: [Folder] C:\Users\Shane\appdata\local\Google\Chrome\User Data\Default\Extensions\geggofhlfbcmanadhknllmlajiafopohSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmddaSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmddaSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\geggofhlfbcmanadhknllmlajiafopoh ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sun 06/30/2013 at 20:50:11.21End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  11. Did the AdwCleaner and here's the log: # AdwCleaner v2.303 - Logfile created 06/30/2013 at 20:29:13# Updated 08/06/2013 by Xplode# Operating system : Windows 7 Home Premium (64 bits)# User : Shane - HELIX-PC# Boot Mode : Normal# Running from : C:\Users\Shane\Downloads\AdwCleaner.exe# Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\ENDFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xmlFile Deleted : C:\Users\Shane\AppData\Local\funmoods-speeddial.crxFile Deleted : C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorageFile Deleted : C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journalFile Deleted : C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorageFile Deleted : C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journalFile Deleted : C:\Users\Shane\AppData\Local\Temp\Uninstall.exeFile Deleted : C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Profiles\lgor8nbo.default\searchplugins\Web Search.xmlFolder Deleted : C:\Program Files (x86)\ConduitFolder Deleted : C:\Program Files (x86)\Optimizer ProFolder Deleted : C:\Program Files (x86)\Red SkyFolder Deleted : C:\Program Files (x86)\uTorrentControl_v2Folder Deleted : C:\ProgramData\BabylonFolder Deleted : C:\ProgramData\boost_interprocessFolder Deleted : C:\ProgramData\InstallMateFolder Deleted : C:\ProgramData\PremiumFolder Deleted : C:\ProgramData\Tarma InstallerFolder Deleted : C:\Users\CSS Server\AppData\LocalLow\AVG Secure SearchFolder Deleted : C:\Users\Shane\AppData\Local\ConduitFolder Deleted : C:\Users\Shane\AppData\Local\DownTangoFolder Deleted : C:\Users\Shane\AppData\Local\PackageAwareFolder Deleted : C:\Users\Shane\AppData\Local\Temp\avg@toolbarFolder Deleted : C:\Users\Shane\AppData\Local\Temp\CT3220468Folder Deleted : C:\Users\Shane\AppData\LocalLow\BabylonToolbarFolder Deleted : C:\Users\Shane\AppData\LocalLow\ConduitFolder Deleted : C:\Users\Shane\AppData\LocalLow\uTorrentControl_v2Folder Deleted : C:\Users\Shane\AppData\Roaming\BabylonFolder Deleted : C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Profiles\lgor8nbo.default\CT3220468Folder Deleted : C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Profiles\lgor8nbo.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}Folder Deleted : C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Profiles\lgor8nbo.default\SmartbarFolder Deleted : C:\Users\Shane\AppData\Roaming\OpenCandyFolder Deleted : C:\Users\Shane\AppData\Roaming\yourfiledownloader ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\SmartBarKey Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2Key Deleted : HKCU\Software\AppDataLow\ToolbarKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmakiKey Deleted : HKCU\Software\IGearSettingsKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}Key Deleted : HKCU\Software\SmartBarKey Deleted : HKCU\Software\StartSearchKey Deleted : HKCU\Software\YourFileDownloaderKey Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}Key Deleted : HKLM\Software\BabylonKey Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Key Deleted : HKLM\SOFTWARE\Classes\Prod.capKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\FunmoodsKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}Key Deleted : HKLM\Software\uTorrentControl_v2Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahlaKey Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4E94D6A-14FD-41DF-9ECE-E28E69ED2EBC}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0F6B4BA-251B-4DFF-BA74-EA159BC56A91}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 ToolbarKey Deleted : HKLM\Software\YourFileDownloaderKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehojKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmakiKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1Key Deleted : HKLM\SOFTWARE\Tarma InstallerValue Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16483 Deleted : [HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page] -\\ Mozilla Firefox v21.0 (en-US) File : C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Profiles\lgor8nbo.default\prefs.js C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Profiles\lgor8nbo.default\user.js ... Deleted ! Deleted : user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM3MjY0ODU4NSwidXVpZCI6MjY0MDU0NTg5MzA4NzI0LCJ[...]Deleted : user_pref("CT3220468.CBOpenMAMSettings", "0");Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]Deleted : user_pref("CT3220468.FirstTime", "true");Deleted : user_pref("CT3220468.FirstTimeFF3", "true");Deleted : user_pref("CT3220468.LAST_CLIENT_STATS_SUBMIT_2.enc", "MTM3MjY0ODYwNw==");Deleted : user_pref("CT3220468.LOCAL_COOKIE_STATS_LAST_SUBMIT_6.enc", "MTM3MjY0ODYxNg==");Deleted : user_pref("CT3220468.LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "MQ==");Deleted : user_pref("CT3220468.LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED.enc", "MQ==");Deleted : user_pref("CT3220468.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.[...]Deleted : user_pref("CT3220468.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED.e[...]Deleted : user_pref("CT3220468.PG_ENABLE", "dHJ1ZQ==");Deleted : user_pref("CT3220468.PG_ENABLE.enc", "ZEhKMVpRPT0=");Deleted : user_pref("CT3220468.SF_JUST_INSTALLED.enc", "RkFMU0U=");Deleted : user_pref("CT3220468.SF_STATUS.enc", "RU5BQkxFRA==");Deleted : user_pref("CT3220468.SF_USER_ID.enc", "Y2lkXzE5NDIwMTMyMjQ1NTE5MjE1OTU=");Deleted : user_pref("CT3220468.UserID", "UN55342159394996099");Deleted : user_pref("CT3220468.acp_personal.appstate.enc", "ZW5hYmxl");Deleted : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");Deleted : user_pref("CT3220468.autoDisableScopes", -1);Deleted : user_pref("CT3220468.cb_experience_000.enc", "MQ==");Deleted : user_pref("CT3220468.cb_firstuse0100.enc", "MQ==");Deleted : user_pref("CT3220468.cb_user_id_000.enc", "Q0I1MjMxMzI4MzMyMzFfMTM2NjQzNjc0MTQxOF9GaXJlZm94");Deleted : user_pref("CT3220468.cbcountry_001", "US");Deleted : user_pref("CT3220468.cbfirsttime.enc", "VHVlIE9jdCAxNiAyMDEyIDE5OjEzOjU4IEdNVC0wNzAwIChQYWNpZmljIERh[...]Deleted : user_pref("CT3220468.defaultSearch", "FALSE");Deleted : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...]Deleted : user_pref("CT3220468.enableAlerts", "always");Deleted : user_pref("CT3220468.enableFix404ByUser", "FALSE");Deleted : user_pref("CT3220468.enableSearchFromAddressBar", "FALSE");Deleted : user_pref("CT3220468.firstTimeDialogOpened", "true");Deleted : user_pref("CT3220468.fixPageNotFoundError", "true");Deleted : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");Deleted : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");Deleted : user_pref("CT3220468.fixUrls", true);Deleted : user_pref("CT3220468.installId", "fft4EEF.tmp.exe");Deleted : user_pref("CT3220468.installType", "XPE");Deleted : user_pref("CT3220468.isCheckedStartAsHidden", true);Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");Deleted : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");Deleted : user_pref("CT3220468.isNewTabEnabled", true);Deleted : user_pref("CT3220468.isPerformedSmartBarTransition", "true");Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");Deleted : user_pref("CT3220468.lastVersion", "10.16.2.509");Deleted : user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM3MjY0ODU5MDI1NA==");Deleted : user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24=");Deleted : user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24=");Deleted : user_pref("CT3220468.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]Deleted : user_pref("CT3220468.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");Deleted : user_pref("CT3220468.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJ[...]Deleted : user_pref("CT3220468.mam_gk_currentBadgeValue.enc", "MQ==");Deleted : user_pref("CT3220468.mam_gk_currentVersion.enc", "MS44LjAuNA==");Deleted : user_pref("CT3220468.mam_gk_first_time.enc", "MQ==");Deleted : user_pref("CT3220468.mam_gk_lastLoginTime.enc", "MTM3MjY0ODU4ODUzMw==");Deleted : user_pref("CT3220468.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]Deleted : user_pref("CT3220468.mam_gk_newApps.enc", "W3siaWQiOiJBQ3BsdXMiLCJuYW1lIjoiQXV0b0NvbXBsZXRlKyIsImRlc[...]Deleted : user_pref("CT3220468.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");Deleted : user_pref("CT3220468.mam_gk_settings1.4.3.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]Deleted : user_pref("CT3220468.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]Deleted : user_pref("CT3220468.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]Deleted : user_pref("CT3220468.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]Deleted : user_pref("CT3220468.mam_gk_showCloseButton.enc", "dHJ1ZQ==");Deleted : user_pref("CT3220468.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");Deleted : user_pref("CT3220468.mam_gk_userId.enc", "NGJhODRiMzAtMTlkMy00ZWYyLTg5MjYtYWYwZDE2MDlmZmM0");Deleted : user_pref("CT3220468.mam_gk_user_apps_selection.enc", "");Deleted : user_pref("CT3220468.migrateAppsAndComponents", true);Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]Deleted : user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");Deleted : user_pref("CT3220468.openThankYouPage", "true");Deleted : user_pref("CT3220468.openUninstallPage", "FALSE");Deleted : user_pref("CT3220468.price-gong.isManagedApp", "true");Deleted : user_pref("CT3220468.search.searchAppId", "129813684258939747");Deleted : user_pref("CT3220468.search.searchCount", "0");Deleted : user_pref("CT3220468.searchInNewTabEnabledByUser", "true");Deleted : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]Deleted : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1372465976245");Deleted : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1372648952822");Deleted : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1372465976316");Deleted : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1372648952892");Deleted : user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1362885906574");Deleted : user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364514180417");Deleted : user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363788103510");Deleted : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369274980418");Deleted : user_pref("CT3220468.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372648952650");Deleted : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1372465976375");Deleted : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1372648952939");Deleted : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1372648952356");Deleted : user_pref("CT3220468.serviceLayer_services_setupAPI_lastUpdate", "1363744779989");Deleted : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1372465976347");Deleted : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1372648952559");Deleted : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1372465977695");Deleted : user_pref("CT3220468.settingsINI", true);Deleted : user_pref("CT3220468.shouldFirstTimeDialog", "false");Deleted : user_pref("CT3220468.showToolbarPermission", "false");Deleted : user_pref("CT3220468.smartbar.CTID", "CT3220468");Deleted : user_pref("CT3220468.smartbar.Uninstall", "0");Deleted : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");Deleted : user_pref("CT3220468.toolbarBornServerTime", "17-10-2012");Deleted : user_pref("CT3220468.toolbarCurrentServerTime", "1-7-2013");Deleted : user_pref("CT3220468.toolbarLoginClientTime", "Thu Mar 21 2013 18:29:18 GMT-0700 (Pacific Daylight T[...]Deleted : user_pref("CT3220468.upgradeFromClearSBVersion", true);Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]Deleted : user_pref("browser.search.selectedEngine", "Web Search");Deleted : user_pref("extensions.BabylonToolbar.admin", false);Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);Deleted : user_pref("extensions.BabylonToolbar.id", "6a2f073300000000000000ffe3b64118");Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15630");Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.819:13:32");Deleted : user_pref("smartBar.searchInNewTabOwner", "CT3220468");Deleted : user_pref("smartbar.machineId", "EVQKW8K09IDSJFDS4PRWPY21JJVNR8PASHRC7HY0ZY29WEGDVBLAPLXAKGIIEFNNLRX[...] -\\ Google Chrome v27.0.1453.116 File : C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default\Preferences ************************* AdwCleaner[s1].txt - [26635 octets] - [30/06/2013 20:29:13] ########## EOF - C:\AdwCleaner[s1].txt - [26696 octets] ##########
  12. Hello! I was told to post here not too long ago and never had the time till now. For more of the info on what's been happening with my situation http://forums.malwarebytes.org/index.php?showtopic=127262&hl= Files attached to here. I have Malwarebytes Pro and I have done a scan with Malwarebytes Anti Root Kit a few days ago and didn't pick up anything. If you need anymore info just ask! Thanks! Attach.txt CheckResults.txt DDS.txt
  13. I have AVG uninstalled and I have also had trouble reinstalling Steam after my old hard drive died with it on it. For Steam I can't find the registry keys to fix the problem, is this related? Also MBAM keeps blocking rubyw.exe from connecting to the internet, yet it doesn't pick it up on scans and I can't find that file anywhere. Thanks for all your help!
  14. Here they are! DDS.txt CheckResults.txt Attach.txt Sorry for the trouble
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.