Jump to content

bob200000

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. RogueKiller V8.6.1 [Jun 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Stuart [Admin rights] Mode : Scan -- Date : 06/28/2013 21:42:30 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Scheduled tasks : 1 ¤¤¤ [V2][sUSP PATH] TopArcadeHits : C:\Users\Stuart\AppData\Local\TopArcadeHits\updater.exe [x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS545050B9A300 ATA Device +++++ --- User --- [MBR] b98b1a5bc44530c34829c6ac4c443ea2 [bSP] 2c02042aef6ef4af51bb391381bbf1a9 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 464784 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 954951680 | Size: 10655 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_06282013_214230.txt >> RKreport[0]_D_06282013_152313.txt;RKreport[0]_S_06282013_151302.txt
  2. Thanks for all your help. Is it ok to run adwcleaner on my other pcs to clean out the junk?
  3. # AdwCleaner v2.303 - Logfile created 06/28/2013 at 18:43:37 # Updated 08/06/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Stuart - SPC # Boot Mode : Normal # Running from : C:\Users\Stuart\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** Stopped & Deleted : CltMngSvc ***** [Files / Folders] ***** Deleted on reboot : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi File Deleted : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage File Deleted : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal File Deleted : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\SearchProtect Folder Deleted : C:\ProgramData\boost_interprocess Folder Deleted : C:\ProgramData\PC Optimizer Pro Folder Deleted : C:\ProgramData\WeCareReminder Folder Deleted : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Folder Deleted : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Folder Deleted : C:\Users\Stuart\AppData\Local\SwvUpdater Folder Deleted : C:\Users\Stuart\AppData\Local\Temp\CT3289847 Folder Deleted : C:\Users\Stuart\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Stuart\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\CT3289847 Folder Deleted : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a} Folder Deleted : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\wecarereminder@bryan Folder Deleted : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\Smartbar Folder Deleted : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\SweetPacksToolbarData Folder Deleted : C:\Users\Stuart\AppData\Roaming\SearchProtect ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Key Deleted : HKCU\Software\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKCU\Software\SearchProtect Key Deleted : HKCU\Software\wecarereminder Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36} Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16611 [OK] Registry is clean. -\\ Mozilla Firefox v21.0 (en-US) File : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\prefs.js C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\user.js ... Deleted ! Deleted : user_pref("CT3289847.1000082.isPlayDisplay", "true"); Deleted : user_pref("CT3289847.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM (Cou...\",\"description[...] Deleted : user_pref("CT3289847.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3289847.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Deleted : user_pref("CT3289847.FF19Solved", "true"); Deleted : user_pref("CT3289847.FirstTime", "true"); Deleted : user_pref("CT3289847.FirstTimeFF3", "true"); Deleted : user_pref("CT3289847.LAST_CLIENT_STATS_SUBMIT_2.enc", "MTM2OTc4NTY3NA=="); Deleted : user_pref("CT3289847.LOCAL_COOKIE_STATS_LAST_SUBMIT_6.enc", "MTM2OTk2NTEzMA=="); Deleted : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "MQ=="); Deleted : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_SITE_NEW.enc", "MA=="); Deleted : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_SITE_NOT_SUPPORTED.enc", "MA=="); Deleted : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED.enc", "MQ=="); Deleted : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_USE_HISTORY.enc", "MA=="); Deleted : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_USE_POP.enc", "MA=="); Deleted : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_USE_RELATED.enc", "MA=="); Deleted : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_USE_TYPED.enc", "MA=="); Deleted : user_pref("CT3289847.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.[...] Deleted : user_pref("CT3289847.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED.e[...] Deleted : user_pref("CT3289847.LOCAL_COOKIE_THROTTLE_BASEadd_stats|LOCAL_COOKIE_STATS_STATS_USE_TYPED.enc", "M[...] Deleted : user_pref("CT3289847.PG_ENABLE", "dHJ1ZQ=="); Deleted : user_pref("CT3289847.PG_ENABLE.enc", "dHJ1ZQ=="); Deleted : user_pref("CT3289847.SEARCH_BOX_CNT.enc", "Mg=="); Deleted : user_pref("CT3289847.SF_JUST_INSTALLED.enc", "RkFMU0U="); Deleted : user_pref("CT3289847.SF_STATUS.enc", "RU5BQkxFRA=="); Deleted : user_pref("CT3289847.SF_USER_ID.enc", "Y2lkXzI4NTIwMTMxNjExNDU4OTQxNDI="); Deleted : user_pref("CT3289847.UserID", "UN82118379012588136"); Deleted : user_pref("CT3289847.acp_personal.appstate.enc", "ZW5hYmxl"); Deleted : user_pref("CT3289847.addressBarTakeOverEnabledInHidden", "true"); Deleted : user_pref("CT3289847.browser.search.defaultthis.engineName", "true"); Deleted : user_pref("CT3289847.cb_experience_000.enc", "MQ=="); Deleted : user_pref("CT3289847.cb_firstuse0100.enc", "MQ=="); Deleted : user_pref("CT3289847.cb_user_id_000.enc", "Q0IzNTcwODc3MzM2MzFfMTM2OTcwMzUyNDk1MV9GaXJlZm94"); Deleted : user_pref("CT3289847.cbfirsttime.enc", "U2F0IE1heSAyNSAyMDEzIDEyOjQwOjAwIEdNVC0wODAwIChBbGFza2FuIFN0[...] Deleted : user_pref("CT3289847.countryCode", "US"); Deleted : user_pref("CT3289847.defaultSearch", "true"); Deleted : user_pref("CT3289847.enableAlerts", "true"); Deleted : user_pref("CT3289847.enableFix404ByUser", "TRUE"); Deleted : user_pref("CT3289847.enableSearchFromAddressBar", "true"); Deleted : user_pref("CT3289847.firstTimeDialogOpened", "true"); Deleted : user_pref("CT3289847.first_time_search.enc", "MQ=="); Deleted : user_pref("CT3289847.fixPageNotFoundError", "true"); Deleted : user_pref("CT3289847.fixPageNotFoundErrorByUser", "true"); Deleted : user_pref("CT3289847.fixPageNotFoundErrorInHidden", "true"); Deleted : user_pref("CT3289847.fixUrls", true); Deleted : user_pref("CT3289847.fullUserID", "UN82118379012588136.UP.20130628154612"); Deleted : user_pref("CT3289847.homepageuserchanged", true); Deleted : user_pref("CT3289847.hxxp___api28_starwebnet_com.pid2.enc", "YTA2MDBiZWUtNmM1OS0xZjM3LWJlNWYtMzI5MmE[...] Deleted : user_pref("CT3289847.hxxp___api29_starwebnet_com.pid2.enc", "NjE5YTVlZDUtZjA0MS02MWE2LTBhZjAtYWJiNzl[...] Deleted : user_pref("CT3289847.hxxp___api30_starwebnet_com.pid2.enc", "MjYxMjcxN2UtYjM2OC1jNzM5LWZhMDgtM2JiMDA[...] Deleted : user_pref("CT3289847.hxxp___api31_starwebnet_com.pid2.enc", "ZWI2MmEzMmQtY2RmNi0xNDgzLWE5YjgtZTAzZGN[...] Deleted : user_pref("CT3289847.hxxp___api32_starwebnet_com.pid2.enc", "MjFiNDZmZWEtODdiZS1hODFiLWJmZmUtMTQxNWY[...] Deleted : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_defaultGui.enc", "eyJndWkiOltdLC[...] Deleted : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_settings.enc", "eyJpbml0VXJsIjoi[...] Deleted : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.jw_token.enc", "ZmZmNTVkZmMtM2NiOC1hMWFhLT[...] Deleted : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.key_list_id.enc", "MjAxMjA4MDItMDAw"); Deleted : user_pref("CT3289847.installDate", "25/5/2013 12:38:05"); Deleted : user_pref("CT3289847.installId", "9818"); Deleted : user_pref("CT3289847.installSessionId", "-1"); Deleted : user_pref("CT3289847.installSp", "TRUE"); Deleted : user_pref("CT3289847.installType", "conduitnsisintegration"); Deleted : user_pref("CT3289847.installUsage", "2013-05-25T23:39:34.6118796+03:00"); Deleted : user_pref("CT3289847.installUsageEarly", "2013-05-25T23:39:33.5649845+03:00"); Deleted : user_pref("CT3289847.installerVersion", "1.4.2.3"); Deleted : user_pref("CT3289847.isCheckedStartAsHidden", true); Deleted : user_pref("CT3289847.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3289847.isFirstTimeToolbarLoading", "false"); Deleted : user_pref("CT3289847.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Deleted : user_pref("CT3289847.keyword", "true"); Deleted : user_pref("CT3289847.lastVersion", "10.16.4.519"); Deleted : user_pref("CT3289847.mam_gk_appStateReportTime.enc", "MTM2OTk3NDU0OTM5Mg=="); Deleted : user_pref("CT3289847.mam_gk_appState_CouponBuddy.enc", "b24="); Deleted : user_pref("CT3289847.mam_gk_appState_Find-a-Pro.enc", "b24="); Deleted : user_pref("CT3289847.mam_gk_appState_PriceGong.enc", "b24="); Deleted : user_pref("CT3289847.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...] Deleted : user_pref("CT3289847.mam_gk_appsDefaultEnabled.enc", "bnVsbA=="); Deleted : user_pref("CT3289847.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkFDcGx1cyIsImNyaXR[...] Deleted : user_pref("CT3289847.mam_gk_currentVersion.enc", "MS42LjAuMQ=="); Deleted : user_pref("CT3289847.mam_gk_eventsCache.enc", "eyJhMDU0ZWNiMS1jMTk3LTQ2NzUtOTY1MC00YzNkYzNmNzZmYTUiO[...] Deleted : user_pref("CT3289847.mam_gk_first_time.enc", "MQ=="); Deleted : user_pref("CT3289847.mam_gk_gadgetOpen.enc", "d2VsY29tZQ=="); Deleted : user_pref("CT3289847.mam_gk_installer_preapproved.enc", "ZmFsc2U="); Deleted : user_pref("CT3289847.mam_gk_lastLoginTime.enc", "MTM2OTk3NDU0NTg5Mw=="); Deleted : user_pref("CT3289847.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...] Deleted : user_pref("CT3289847.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ=="); Deleted : user_pref("CT3289847.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...] Deleted : user_pref("CT3289847.mam_gk_showCloseButton.enc", "dHJ1ZQ=="); Deleted : user_pref("CT3289847.mam_gk_showWelcomeGadget.enc", "ZmFsc2U="); Deleted : user_pref("CT3289847.mam_gk_userId.enc", "ZDRhZDg1NzMtNjU0OS00MzdjLWIyYjEtZDNmMWU2YWZkMGI1"); Deleted : user_pref("CT3289847.migrateAppsAndComponents", true); Deleted : user_pref("CT3289847.missingMachineIdSent", "true"); Deleted : user_pref("CT3289847.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...] Deleted : user_pref("CT3289847.openThankYouPage", "false"); Deleted : user_pref("CT3289847.openUninstallPage", "true"); Deleted : user_pref("CT3289847.originalHomepage", "about:home"); Deleted : user_pref("CT3289847.originalSearchAddressUrl", ""); Deleted : user_pref("CT3289847.originalSearchEngine", ""); Deleted : user_pref("CT3289847.revertSettingsEnabled", "true"); Deleted : user_pref("CT3289847.sac-country-code.enc", "IlVTIg=="); Deleted : user_pref("CT3289847.sac-experiments-animation.enc", "eyJuYW1lIjoiMC43NSIsInZlcnNpb24iOjN9"); Deleted : user_pref("CT3289847.sac-experiments-hover_effect.enc", "eyJuYW1lIjoic2hvcnQiLCJ2ZXJzaW9uIjoyfQ=="); Deleted : user_pref("CT3289847.sac-experiments-image_analysis.enc", "eyJuYW1lIjoid2l0aG91dFN1YnRpdGxlIiwidmVyc[...] Deleted : user_pref("CT3289847.sac-experiments-peoplebar_call_to_action.enc", "eyJuYW1lIjoiMyIsInZlcnNpb24iOjR[...] Deleted : user_pref("CT3289847.sac-experiments-placement.enc", "eyJuYW1lIjoid3JlY2std2lkZSIsInZlcnNpb24iOjEyfQ[...] Deleted : user_pref("CT3289847.sac-experiments-play_icon.enc", "eyJuYW1lIjoibm8iLCJ2ZXJzaW9uIjoyfQ=="); Deleted : user_pref("CT3289847.sac-experiments-taboola_config.enc", "eyJuYW1lIjoiYWxsVHlwZXMiLCJ2ZXJzaW9uIjozf[...] Deleted : user_pref("CT3289847.sac-periodic-reports.enc", "eyJ5dHRfcGluZ18wIjpbMTM2OTk3MTQ4MDYzMCwxNDQwMDAwMF1[...] Deleted : user_pref("CT3289847.sac-user-id.enc", "ImUyNjg3YjYyLTM0ZGMtNGIzMy04M2I1LTUyNzI2N2U1OTEyNyI="); Deleted : user_pref("CT3289847.sac-yt-first-ping.enc", "MTM2OTc4NTU4ODE3Nw=="); Deleted : user_pref("CT3289847.search.searchAppId", "130068661007799818"); Deleted : user_pref("CT3289847.search.searchCount", "0"); Deleted : user_pref("CT3289847.searchFromAddressBarEnabledByUser", "true"); Deleted : user_pref("CT3289847.searchInNewTabEnabledByUser", "true"); Deleted : user_pref("CT3289847.searchInNewTabEnabledInHidden", "true"); Deleted : user_pref("CT3289847.searchRevert", "true"); Deleted : user_pref("CT3289847.searchSuggestEnabledByUser", "true"); Deleted : user_pref("CT3289847.searchUserMode", "2"); Deleted : user_pref("CT3289847.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3289847.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Deleted : user_pref("CT3289847.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Deleted : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Deleted : user_pref("CT3289847.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...] Deleted : user_pref("CT3289847.serviceLayer_services_Configuration_lastUpdate", "1372464588150"); Deleted : user_pref("CT3289847.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1369514381810"); Deleted : user_pref("CT3289847.serviceLayer_services_appsMetadata_lastUpdate", "1369974542400"); Deleted : user_pref("CT3289847.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1369514381707"); Deleted : user_pref("CT3289847.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1369514381[...] Deleted : user_pref("CT3289847.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1369514382802")[...] Deleted : user_pref("CT3289847.serviceLayer_services_location_lastUpdate", "1372378187954"); Deleted : user_pref("CT3289847.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372132958861"); Deleted : user_pref("CT3289847.serviceLayer_services_login_10.16.2.9_lastUpdate", "1369514382810"); Deleted : user_pref("CT3289847.serviceLayer_services_login_10.16.4.519_lastUpdate", "1372463294732"); Deleted : user_pref("CT3289847.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1369514381665"); Deleted : user_pref("CT3289847.serviceLayer_services_searchAPI_lastUpdate", "1372464587970"); Deleted : user_pref("CT3289847.serviceLayer_services_serviceMap_lastUpdate", "1372464587828"); Deleted : user_pref("CT3289847.serviceLayer_services_toolbarContextMenu_lastUpdate", "1369514381618"); Deleted : user_pref("CT3289847.serviceLayer_services_toolbarSettings_lastUpdate", "1372463294232"); Deleted : user_pref("CT3289847.serviceLayer_services_translation_lastUpdate", "1372070598254"); Deleted : user_pref("CT3289847.settingsINI", true); Deleted : user_pref("CT3289847.shouldFirstTimeDialog", "false"); Deleted : user_pref("CT3289847.showToolbarPermission", "false"); Deleted : user_pref("CT3289847.smartbar.CTID", "CT3289847"); Deleted : user_pref("CT3289847.smartbar.Uninstall", "0"); Deleted : user_pref("CT3289847.smartbar.homepage", "true"); Deleted : user_pref("CT3289847.smartbar.isHidden", true); Deleted : user_pref("CT3289847.smartbar.toolbarName", "WhiteSmoke New "); Deleted : user_pref("CT3289847.startPage", "true"); Deleted : user_pref("CT3289847.toolbarBornServerTime", "25-5-2013"); Deleted : user_pref("CT3289847.toolbarCurrentServerTime", "29-6-2013"); Deleted : user_pref("CT3289847.toolbarLoginClientTime", "Sat May 25 2013 12:39:42 GMT-0800 (Alaskan Standard T[...] Deleted : user_pref("CT3289847.url_history0001.enc", "aHR0cDovL3d3dy5rYmIuY29tL3RveW90YS80cnVubmVyLzIwMDEtdG95[...] Deleted : user_pref("CT3289847.versionFromInstaller", "10.16.2.9"); Deleted : user_pref("CT3289847.whitelist.enc", "W3sibmFtZSI6IlRpbWUiLCJkb21haW5fcmVneCI6IiguKlxcLik/dGltZS5jb2[...] Deleted : user_pref("CT3289847.whitelist_ts.enc", "MTM2OTk1NjI4Mjc4Ng=="); Deleted : user_pref("CT3289847.wreck-country-code.enc", "IlVTIg=="); Deleted : user_pref("CT3289847.wreck-experiments-design.enc", "eyJuYW1lIjoiYWN0dWFsbHlMaWdodCIsInZlcnNpb24iOjN[...] Deleted : user_pref("CT3289847.wreck-experiments-feed.enc", "eyJuYW1lIjoid3JlY2tBbmRUYWJvb2xhIiwidmVyc2lvbiI6M[...] Deleted : user_pref("CT3289847.wreck-experiments-hover_effect.enc", "eyJuYW1lIjoiaGFsZiIsInZlcnNpb24iOjF9"); Deleted : user_pref("CT3289847.wreck-experiments-trigger.enc", "eyJuYW1lIjoieDAuNSIsInZlcnNpb24iOjF9"); Deleted : user_pref("CT3289847.wreck-periodic-reports.enc", "eyJ3cmVja19waW5nXzAiOlsxMzY5OTcxNDgwNTQ2LDE0NDAwM[...] Deleted : user_pref("CT3289847.wreck-user-id.enc", "ImYwZmFiZjRjLWVlMTUtNGU3MC1iY2IxLWQ3MTkwZTA4NmY4NSI="); Deleted : user_pref("CT3289847_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Deleted : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke New Customized Web Search"); Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", ""); Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3289847"); Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search"); Deleted : user_pref("browser.search.selectedEngine", "WhiteSmoke New Customized Web Search"); Deleted : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sa[...] Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3289847"); Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289847"); Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3289847"); Deleted : user_pref("smartbar.machineId", "QLTCF8W/ZUT6PZSKJVODY+VPOR3O/SFUB3NV/+QGG3GJVXDT2ZPQ8XGOUWKPJO7RE1D[...] Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false"); Deleted : user_pref("sweetim.toolbar.SearchBoxLogo", "bing.png"); Deleted : user_pref("sweetim.toolbar.SearchBoxText", "Search with Bing"); Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true"); Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); Deleted : user_pref("sweetim.toolbar.cargo", "3.5000006.10045"); Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "false"); Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "false"); Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "false"); Deleted : user_pref("sweetim.toolbar.defaultProvider", "bng"); Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335"); Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761"); Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300"); Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500"); Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150"); Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove"); Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530"); Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...] Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false"); Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); Deleted : user_pref("sweetim.toolbar.mode.debug", "false"); Deleted : user_pref("sweetim.toolbar.newtab.created", "false"); Deleted : user_pref("sweetim.toolbar.newtab.enable", "false"); Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WhiteSmoke New Customized Web S[...] Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", ""); Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false"); Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false"); Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS"); Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false"); Deleted : user_pref("sweetim.toolbar.scripts.2.callback", ""); Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...] Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", ""); Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script"); Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false"); Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad"); Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...] Deleted : user_pref("sweetim.toolbar.search.history", "censored,kelly%20blue%20book"); Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10"); Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false"); Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); Deleted : user_pref("sweetim.toolbar.simapp_id", "{17DF9A5C-C674-11E2-8DC6-00266C6D8FB1}"); Deleted : user_pref("sweetim.toolbar.version", "1.13.0.1"); Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...] Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...] Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_product_name", "Updater By SweetPacks")[...] -\\ Google Chrome v27.0.1453.116 File : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.25] : keyword = "start.sweetim.com", ************************* AdwCleaner[R1].txt - [30093 octets] - [28/06/2013 18:00:32] AdwCleaner[s1].txt - [30601 octets] - [28/06/2013 18:43:37] ########## EOF - C:\AdwCleaner[s1].txt - [30662 octets] ##########
  4. # AdwCleaner v2.303 - Logfile created 06/28/2013 at 18:00:32 # Updated 08/06/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Stuart - SPC # Boot Mode : Normal # Running from : C:\Users\Stuart\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** Found : CltMngSvc ***** [Files / Folders] ***** File Found : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage File Found : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal File Found : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\Program Files (x86)\SearchProtect Folder Found : C:\ProgramData\boost_interprocess Folder Found : C:\ProgramData\PC Optimizer Pro Folder Found : C:\ProgramData\WeCareReminder Folder Found : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Folder Found : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Folder Found : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Folder Found : C:\Users\Stuart\AppData\Local\SwvUpdater Folder Found : C:\Users\Stuart\AppData\Local\Temp\CT3289847 Folder Found : C:\Users\Stuart\AppData\LocalLow\Conduit Folder Found : C:\Users\Stuart\AppData\LocalLow\PriceGong Folder Found : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\CT3289847 Folder Found : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a} Folder Found : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\wecarereminder@bryan Folder Found : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\Smartbar Folder Found : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\SweetPacksToolbarData Folder Found : C:\Users\Stuart\AppData\Roaming\SearchProtect ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Key Found : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Key Found : HKCU\Software\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Key Found : HKCU\Software\IM Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Found : HKCU\Software\SearchProtect Key Found : HKCU\Software\wecarereminder Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36} Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289847 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} Key Found : HKLM\Software\Conduit Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Found : HKLM\Software\SearchProtect Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16611 [OK] Registry is clean. -\\ Mozilla Firefox v21.0 (en-US) File : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\prefs.js Found : user_pref("CT3289847.1000082.isPlayDisplay", "true"); Found : user_pref("CT3289847.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM (Cou...\",\"description[...] Found : user_pref("CT3289847.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3289847.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Found : user_pref("CT3289847.FF19Solved", "true"); Found : user_pref("CT3289847.FirstTime", "true"); Found : user_pref("CT3289847.FirstTimeFF3", "true"); Found : user_pref("CT3289847.LAST_CLIENT_STATS_SUBMIT_2.enc", "MTM2OTc4NTY3NA=="); Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_LAST_SUBMIT_6.enc", "MTM2OTk2NTEzMA=="); Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "MQ=="); Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_SITE_NEW.enc", "MA=="); Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_SITE_NOT_SUPPORTED.enc", "MA=="); Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED.enc", "MQ=="); Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_USE_HISTORY.enc", "MA=="); Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_USE_POP.enc", "MA=="); Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_USE_RELATED.enc", "MA=="); Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_USE_TYPED.enc", "MA=="); Found : user_pref("CT3289847.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.[...] Found : user_pref("CT3289847.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED.e[...] Found : user_pref("CT3289847.LOCAL_COOKIE_THROTTLE_BASEadd_stats|LOCAL_COOKIE_STATS_STATS_USE_TYPED.enc", "M[...] Found : user_pref("CT3289847.PG_ENABLE", "dHJ1ZQ=="); Found : user_pref("CT3289847.PG_ENABLE.enc", "dHJ1ZQ=="); Found : user_pref("CT3289847.SEARCH_BOX_CNT.enc", "Mg=="); Found : user_pref("CT3289847.SF_JUST_INSTALLED.enc", "RkFMU0U="); Found : user_pref("CT3289847.SF_STATUS.enc", "RU5BQkxFRA=="); Found : user_pref("CT3289847.SF_USER_ID.enc", "Y2lkXzI4NTIwMTMxNjExNDU4OTQxNDI="); Found : user_pref("CT3289847.UserID", "UN82118379012588136"); Found : user_pref("CT3289847.acp_personal.appstate.enc", "ZW5hYmxl"); Found : user_pref("CT3289847.addressBarTakeOverEnabledInHidden", "true"); Found : user_pref("CT3289847.browser.search.defaultthis.engineName", "true"); Found : user_pref("CT3289847.cb_experience_000.enc", "MQ=="); Found : user_pref("CT3289847.cb_firstuse0100.enc", "MQ=="); Found : user_pref("CT3289847.cb_user_id_000.enc", "Q0IzNTcwODc3MzM2MzFfMTM2OTcwMzUyNDk1MV9GaXJlZm94"); Found : user_pref("CT3289847.cbfirsttime.enc", "U2F0IE1heSAyNSAyMDEzIDEyOjQwOjAwIEdNVC0wODAwIChBbGFza2FuIFN0[...] Found : user_pref("CT3289847.countryCode", "US"); Found : user_pref("CT3289847.defaultSearch", "true"); Found : user_pref("CT3289847.enableAlerts", "true"); Found : user_pref("CT3289847.enableFix404ByUser", "TRUE"); Found : user_pref("CT3289847.enableSearchFromAddressBar", "true"); Found : user_pref("CT3289847.firstTimeDialogOpened", "true"); Found : user_pref("CT3289847.first_time_search.enc", "MQ=="); Found : user_pref("CT3289847.fixPageNotFoundError", "true"); Found : user_pref("CT3289847.fixPageNotFoundErrorByUser", "true"); Found : user_pref("CT3289847.fixPageNotFoundErrorInHidden", "true"); Found : user_pref("CT3289847.fixUrls", true); Found : user_pref("CT3289847.fullUserID", "UN82118379012588136.UP.20130628154612"); Found : user_pref("CT3289847.homepageuserchanged", true); Found : user_pref("CT3289847.hxxp___api28_starwebnet_com.pid2.enc", "YTA2MDBiZWUtNmM1OS0xZjM3LWJlNWYtMzI5MmE[...] Found : user_pref("CT3289847.hxxp___api29_starwebnet_com.pid2.enc", "NjE5YTVlZDUtZjA0MS02MWE2LTBhZjAtYWJiNzl[...] Found : user_pref("CT3289847.hxxp___api30_starwebnet_com.pid2.enc", "MjYxMjcxN2UtYjM2OC1jNzM5LWZhMDgtM2JiMDA[...] Found : user_pref("CT3289847.hxxp___api31_starwebnet_com.pid2.enc", "ZWI2MmEzMmQtY2RmNi0xNDgzLWE5YjgtZTAzZGN[...] Found : user_pref("CT3289847.hxxp___api32_starwebnet_com.pid2.enc", "MjFiNDZmZWEtODdiZS1hODFiLWJmZmUtMTQxNWY[...] Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_defaultGui.enc", "eyJndWkiOltdLC[...] Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_settings.enc", "eyJpbml0VXJsIjoi[...] Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.jw_token.enc", "ZmZmNTVkZmMtM2NiOC1hMWFhLT[...] Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.key_list_id.enc", "MjAxMjA4MDItMDAw"); Found : user_pref("CT3289847.installDate", "25/5/2013 12:38:05"); Found : user_pref("CT3289847.installId", "9818"); Found : user_pref("CT3289847.installSessionId", "-1"); Found : user_pref("CT3289847.installSp", "TRUE"); Found : user_pref("CT3289847.installType", "conduitnsisintegration"); Found : user_pref("CT3289847.installUsage", "2013-05-25T23:39:34.6118796+03:00"); Found : user_pref("CT3289847.installUsageEarly", "2013-05-25T23:39:33.5649845+03:00"); Found : user_pref("CT3289847.installerVersion", "1.4.2.3"); Found : user_pref("CT3289847.isCheckedStartAsHidden", true); Found : user_pref("CT3289847.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3289847.isFirstTimeToolbarLoading", "false"); Found : user_pref("CT3289847.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Found : user_pref("CT3289847.keyword", "true"); Found : user_pref("CT3289847.lastVersion", "10.16.4.519"); Found : user_pref("CT3289847.mam_gk_appStateReportTime.enc", "MTM2OTk3NDU0OTM5Mg=="); Found : user_pref("CT3289847.mam_gk_appState_CouponBuddy.enc", "b24="); Found : user_pref("CT3289847.mam_gk_appState_Find-a-Pro.enc", "b24="); Found : user_pref("CT3289847.mam_gk_appState_PriceGong.enc", "b24="); Found : user_pref("CT3289847.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...] Found : user_pref("CT3289847.mam_gk_appsDefaultEnabled.enc", "bnVsbA=="); Found : user_pref("CT3289847.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkFDcGx1cyIsImNyaXR[...] Found : user_pref("CT3289847.mam_gk_currentVersion.enc", "MS42LjAuMQ=="); Found : user_pref("CT3289847.mam_gk_eventsCache.enc", "eyJhMDU0ZWNiMS1jMTk3LTQ2NzUtOTY1MC00YzNkYzNmNzZmYTUiO[...] Found : user_pref("CT3289847.mam_gk_first_time.enc", "MQ=="); Found : user_pref("CT3289847.mam_gk_gadgetOpen.enc", "d2VsY29tZQ=="); Found : user_pref("CT3289847.mam_gk_installer_preapproved.enc", "ZmFsc2U="); Found : user_pref("CT3289847.mam_gk_lastLoginTime.enc", "MTM2OTk3NDU0NTg5Mw=="); Found : user_pref("CT3289847.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...] Found : user_pref("CT3289847.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ=="); Found : user_pref("CT3289847.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...] Found : user_pref("CT3289847.mam_gk_showCloseButton.enc", "dHJ1ZQ=="); Found : user_pref("CT3289847.mam_gk_showWelcomeGadget.enc", "ZmFsc2U="); Found : user_pref("CT3289847.mam_gk_userId.enc", "ZDRhZDg1NzMtNjU0OS00MzdjLWIyYjEtZDNmMWU2YWZkMGI1"); Found : user_pref("CT3289847.migrateAppsAndComponents", true); Found : user_pref("CT3289847.missingMachineIdSent", "true"); Found : user_pref("CT3289847.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...] Found : user_pref("CT3289847.openThankYouPage", "false"); Found : user_pref("CT3289847.openUninstallPage", "true"); Found : user_pref("CT3289847.originalHomepage", "about:home"); Found : user_pref("CT3289847.originalSearchAddressUrl", ""); Found : user_pref("CT3289847.originalSearchEngine", ""); Found : user_pref("CT3289847.revertSettingsEnabled", "true"); Found : user_pref("CT3289847.sac-country-code.enc", "IlVTIg=="); Found : user_pref("CT3289847.sac-experiments-animation.enc", "eyJuYW1lIjoiMC43NSIsInZlcnNpb24iOjN9"); Found : user_pref("CT3289847.sac-experiments-hover_effect.enc", "eyJuYW1lIjoic2hvcnQiLCJ2ZXJzaW9uIjoyfQ=="); Found : user_pref("CT3289847.sac-experiments-image_analysis.enc", "eyJuYW1lIjoid2l0aG91dFN1YnRpdGxlIiwidmVyc[...] Found : user_pref("CT3289847.sac-experiments-peoplebar_call_to_action.enc", "eyJuYW1lIjoiMyIsInZlcnNpb24iOjR[...] Found : user_pref("CT3289847.sac-experiments-placement.enc", "eyJuYW1lIjoid3JlY2std2lkZSIsInZlcnNpb24iOjEyfQ[...] Found : user_pref("CT3289847.sac-experiments-play_icon.enc", "eyJuYW1lIjoibm8iLCJ2ZXJzaW9uIjoyfQ=="); Found : user_pref("CT3289847.sac-experiments-taboola_config.enc", "eyJuYW1lIjoiYWxsVHlwZXMiLCJ2ZXJzaW9uIjozf[...] Found : user_pref("CT3289847.sac-periodic-reports.enc", "eyJ5dHRfcGluZ18wIjpbMTM2OTk3MTQ4MDYzMCwxNDQwMDAwMF1[...] Found : user_pref("CT3289847.sac-user-id.enc", "ImUyNjg3YjYyLTM0ZGMtNGIzMy04M2I1LTUyNzI2N2U1OTEyNyI="); Found : user_pref("CT3289847.sac-yt-first-ping.enc", "MTM2OTc4NTU4ODE3Nw=="); Found : user_pref("CT3289847.search.searchAppId", "130068661007799818"); Found : user_pref("CT3289847.search.searchCount", "0"); Found : user_pref("CT3289847.searchFromAddressBarEnabledByUser", "true"); Found : user_pref("CT3289847.searchInNewTabEnabledByUser", "true"); Found : user_pref("CT3289847.searchInNewTabEnabledInHidden", "true"); Found : user_pref("CT3289847.searchRevert", "true"); Found : user_pref("CT3289847.searchSuggestEnabledByUser", "true"); Found : user_pref("CT3289847.searchUserMode", "2"); Found : user_pref("CT3289847.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3289847.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Found : user_pref("CT3289847.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Found : user_pref("CT3289847.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...] Found : user_pref("CT3289847.serviceLayer_services_Configuration_lastUpdate", "1372464588150"); Found : user_pref("CT3289847.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1369514381810"); Found : user_pref("CT3289847.serviceLayer_services_appsMetadata_lastUpdate", "1369974542400"); Found : user_pref("CT3289847.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1369514381707"); Found : user_pref("CT3289847.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1369514381[...] Found : user_pref("CT3289847.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1369514382802")[...] Found : user_pref("CT3289847.serviceLayer_services_location_lastUpdate", "1372378187954"); Found : user_pref("CT3289847.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372132958861"); Found : user_pref("CT3289847.serviceLayer_services_login_10.16.2.9_lastUpdate", "1369514382810"); Found : user_pref("CT3289847.serviceLayer_services_login_10.16.4.519_lastUpdate", "1372463294732"); Found : user_pref("CT3289847.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1369514381665"); Found : user_pref("CT3289847.serviceLayer_services_searchAPI_lastUpdate", "1372464587970"); Found : user_pref("CT3289847.serviceLayer_services_serviceMap_lastUpdate", "1372464587828"); Found : user_pref("CT3289847.serviceLayer_services_toolbarContextMenu_lastUpdate", "1369514381618"); Found : user_pref("CT3289847.serviceLayer_services_toolbarSettings_lastUpdate", "1372463294232"); Found : user_pref("CT3289847.serviceLayer_services_translation_lastUpdate", "1372070598254"); Found : user_pref("CT3289847.settingsINI", true); Found : user_pref("CT3289847.shouldFirstTimeDialog", "false"); Found : user_pref("CT3289847.showToolbarPermission", "false"); Found : user_pref("CT3289847.smartbar.CTID", "CT3289847"); Found : user_pref("CT3289847.smartbar.Uninstall", "0"); Found : user_pref("CT3289847.smartbar.homepage", "true"); Found : user_pref("CT3289847.smartbar.isHidden", true); Found : user_pref("CT3289847.smartbar.toolbarName", "WhiteSmoke New "); Found : user_pref("CT3289847.startPage", "true"); Found : user_pref("CT3289847.toolbarBornServerTime", "25-5-2013"); Found : user_pref("CT3289847.toolbarCurrentServerTime", "29-6-2013"); Found : user_pref("CT3289847.toolbarLoginClientTime", "Sat May 25 2013 12:39:42 GMT-0800 (Alaskan Standard T[...] Found : user_pref("CT3289847.url_history0001.enc", "aHR0cDovL3d3dy5rYmIuY29tL3RveW90YS80cnVubmVyLzIwMDEtdG95[...] Found : user_pref("CT3289847.versionFromInstaller", "10.16.2.9"); Found : user_pref("CT3289847.whitelist.enc", "W3sibmFtZSI6IlRpbWUiLCJkb21haW5fcmVneCI6IiguKlxcLik/dGltZS5jb2[...] Found : user_pref("CT3289847.whitelist_ts.enc", "MTM2OTk1NjI4Mjc4Ng=="); Found : user_pref("CT3289847.wreck-country-code.enc", "IlVTIg=="); Found : user_pref("CT3289847.wreck-experiments-design.enc", "eyJuYW1lIjoiYWN0dWFsbHlMaWdodCIsInZlcnNpb24iOjN[...] Found : user_pref("CT3289847.wreck-experiments-feed.enc", "eyJuYW1lIjoid3JlY2tBbmRUYWJvb2xhIiwidmVyc2lvbiI6M[...] Found : user_pref("CT3289847.wreck-experiments-hover_effect.enc", "eyJuYW1lIjoiaGFsZiIsInZlcnNpb24iOjF9"); Found : user_pref("CT3289847.wreck-experiments-trigger.enc", "eyJuYW1lIjoieDAuNSIsInZlcnNpb24iOjF9"); Found : user_pref("CT3289847.wreck-periodic-reports.enc", "eyJ3cmVja19waW5nXzAiOlsxMzY5OTcxNDgwNTQ2LDE0NDAwM[...] Found : user_pref("CT3289847.wreck-user-id.enc", "ImYwZmFiZjRjLWVlMTUtNGU3MC1iY2IxLWQ3MTkwZTA4NmY4NSI="); Found : user_pref("CT3289847_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Found : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke New Customized Web Search"); Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", ""); Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3289847"); Found : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search"); Found : user_pref("browser.search.selectedEngine", "WhiteSmoke New Customized Web Search"); Found : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sa[...] Found : user_pref("smartbar.addressBarOwnerCTID", "CT3289847"); Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289847"); Found : user_pref("smartbar.homePageOwnerCTID", "CT3289847"); Found : user_pref("smartbar.machineId", "QLTCF8W/ZUT6PZSKJVODY+VPOR3O/SFUB3NV/+QGG3GJVXDT2ZPQ8XGOUWKPJO7RE1D[...] Found : user_pref("sweetim.toolbar.RevertDialog.enable", "false"); Found : user_pref("sweetim.toolbar.SearchBoxLogo", "bing.png"); Found : user_pref("sweetim.toolbar.SearchBoxText", "Search with Bing"); Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); Found : user_pref("sweetim.toolbar.Visibility.enable", "true"); Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); Found : user_pref("sweetim.toolbar.cargo", "3.5000006.10045"); Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "false"); Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "false"); Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "false"); Found : user_pref("sweetim.toolbar.defaultProvider", "bng"); Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.0.height", "335"); Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); Found : user_pref("sweetim.toolbar.dialogs.0.width", "761"); Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.1.height", "300"); Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); Found : user_pref("sweetim.toolbar.dialogs.1.width", "500"); Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.2.height", "150"); Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove"); Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog"); Found : user_pref("sweetim.toolbar.dialogs.2.width", "530"); Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...] Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false"); Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); Found : user_pref("sweetim.toolbar.mode.debug", "false"); Found : user_pref("sweetim.toolbar.newtab.created", "false"); Found : user_pref("sweetim.toolbar.newtab.enable", "false"); Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WhiteSmoke New Customized Web S[...] Found : user_pref("sweetim.toolbar.previous.keyword.URL", ""); Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); Found : user_pref("sweetim.toolbar.scripts.0.enable", "false"); Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); Found : user_pref("sweetim.toolbar.scripts.1.enable", "false"); Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS"); Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false"); Found : user_pref("sweetim.toolbar.scripts.2.callback", ""); Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...] Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", ""); Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script"); Found : user_pref("sweetim.toolbar.scripts.2.enable", "false"); Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad"); Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...] Found : user_pref("sweetim.toolbar.search.history", "censored,kelly%20blue%20book"); Found : user_pref("sweetim.toolbar.search.history.capacity", "10"); Found : user_pref("sweetim.toolbar.searchguard.enable", "false"); Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); Found : user_pref("sweetim.toolbar.simapp_id", "{17DF9A5C-C674-11E2-8DC6-00266C6D8FB1}"); Found : user_pref("sweetim.toolbar.version", "1.13.0.1"); Found : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...] Found : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...] Found : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_product_name", "Updater By SweetPacks")[...] -\\ Google Chrome v27.0.1453.116 File : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.25] : keyword = "start.sweetim.com", ************************* AdwCleaner[R1].txt - [29964 octets] - [28/06/2013 18:00:32] ########## EOF - C:\AdwCleaner[R1].txt - [30025 octets] ##########
  5. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 4/22/2012 5:26:02 PM System Uptime: 6/28/2013 3:23:53 PM (1 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel® Core i7 CPU Q 720 @ 1.60GHz | CPU | 1056/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 454 GiB total, 183.055 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Device ID: ACPI\TOS1901\2&DABA3FF&1 Manufacturer: Name: PNP Device ID: ACPI\TOS1901\2&DABA3FF&1 Service: . ==== System Restore Points =================== . RP100: 6/9/2013 11:43:23 AM - Installed Samsung Kies RP101: 6/11/2013 4:08:19 PM - Windows Update RP103: 6/12/2013 2:57:46 PM - Windows Modules Installer RP105: 6/15/2013 8:13:40 AM - Windows Modules Installer RP106: 6/18/2013 3:05:42 PM - Windows Update RP107: 6/21/2013 3:23:19 PM - Windows Update RP108: 6/25/2013 7:01:06 AM - Windows Update RP109: 6/28/2013 2:25:36 PM - Windows Update . ==== Installed Programs ====================== . 7-Zip 9.22beta Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop CS5 Adobe Premiere Pro CS5.5 Adobe Reader 9.5.0 Adobe Story Akamai NetSession Interface Apple Application Support Apple Mobile Device Support Apple Software Update ASPCA Reminder by We-Care.com v4.1.22.1 AutoCAD 2014 - English AutoCAD 2014 Language Pack - English Autodesk 360 Autodesk App Manager Autodesk AutoCAD 2014 - English Autodesk Content Service Autodesk Content Service Language Pack Autodesk Featured Apps Autodesk Material Library 2014 Autodesk Material Library Base Resolution Image Library 2014 Autodesk ReCap Autodesk ReCap Language Pack-English BitTorrent Bonjour DMUninstaller DownloadTerms Driver Detective Dropbox FARO LS 1.1.501.0 (64bit) Google Chrome Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) iTunes Magic ISO Maker v5.5 (build 0281) Malwarebytes Anti-Malware version 1.75.0.1300 McAfee Security Scan Plus Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Mozilla Firefox 21.0 (x86 en-US) Mozilla Maintenance Service MyFreeCodec NVIDIA Drivers NVIDIA PhysX PDF Settings CS5 PxMergeModule QuickTime RICOH R5U230 Media Driver ver.2.06.03.02 Samsung Kies SAMSUNG USB Driver for Mobile Phones Search Protect by conduit Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) SketchUp Import for AutoCAD 2014 Spybot - Search & Destroy SUPERAntiSpyware TopArcadeHits TOSHIBA Media Controller TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA Web Camera Application Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) VLC media player 2.0.6 WinRAR 4.20 (64-bit) WinZip 17.0 . ==== Event Viewer Messages From Past Week ======== . 6/28/2013 3:25:20 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 6/28/2013 3:24:43 PM, Error: Service Control Manager [7000] - The Search Protect by Conduit Updater service failed to start due to the following error: The system cannot find the file specified. 6/28/2013 3:13:23 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 6/28/2013 3:11:43 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 6/28/2013 3:11:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 6/28/2013 3:11:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 6/28/2013 3:11:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 6/28/2013 3:11:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 6/28/2013 3:11:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 6/28/2013 3:11:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 6/28/2013 3:11:23 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf 6/28/2013 3:11:23 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/28/2013 3:11:23 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 6/28/2013 3:11:23 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 6/28/2013 3:11:23 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 6/28/2013 3:11:23 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 6/28/2013 3:11:23 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 6/28/2013 3:11:23 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/28/2013 3:11:23 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/28/2013 3:11:23 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 6/28/2013 3:11:23 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 6/26/2013 2:47:16 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16611 Run by Stuart at 16:57:53 on 2013-06-28 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4031.2056 [GMT -8:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Users\Stuart\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Users\Stuart\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Users\Stuart\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uURLSearchHooks: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - <orphaned> mWinlogon: Userinit = userinit.exe, BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DownloadTerms: {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Stuart\AppData\Local\DownloadTerms\temp.dat BHO: TopArcadeHits Games: {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - C:\Users\Stuart\AppData\Local\TopArcadeHits\Toparcadehits.dll BHO: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll uRun: [Google Update] "C:\Users\Stuart\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Akamai NetSession Interface] "C:\Users\Stuart\AppData\Local\Akamai\netsession_win.exe" uRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe dRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 StartupFolder: C:\Users\Stuart\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Stuart\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 TCP: NameServer = 209.165.131.12 209.165.131.13 TCP: Interfaces\{8B331894-A250-4F59-94CB-245B32BCDEA0} : DHCPNameServer = 209.165.131.12 209.165.131.13 TCP: Interfaces\{D2031D99-F319-4260-AF7A-2CA58D92CED3} : DHCPNameServer = 209.165.131.12 209.165.131.13 SSODL: WebCheck - <orphaned> x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup x64-Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - WhiteSmoke New Customized Web Search FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll FF - plugin: C:\Users\Stuart\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\plugins\np-mswmp.dll FF - plugin: C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\plugins\npConduitFirefoxPlugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - ExtSQL: 2013-05-24 20:00; eoppnrqmocgit@fmwplidnapyokntwh.net; C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\eoppnrqmocgit@fmwplidnapyokntwh.net FF - ExtSQL: 2013-05-25 12:38; {739df940-c5ee-4bab-9d7e-270894ae687a}; C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a} FF - ExtSQL: 2013-05-26 18:22; {EEE6C361-6118-11DC-9C72-001320C79847}; C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi FF - ExtSQL: 2013-05-26 20:36; wecarereminder@bryan; C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\kuutxp80.default\extensions\wecarereminder@bryan . ---- FIREFOX POLICIES ---- FF - user.js: extensions.autoDisableScopes - 0 FF - user.js: extensions.shownSelectionUI - true . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-12-25 55280] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\Windows\System32\drivers\Thpevm.sys [2009-6-29 14784] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-6 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-6 701512] R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2013-6-8 60416] R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2013-6-8 81408] R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2013-6-8 55808] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-30 25928] R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2012-4-22 35008] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-4-26 1103904] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-4-22 54136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe --> C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [?] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-6-4 103448] S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-3-30 1471352] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-6-4 203672] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-4-23 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-23 1255736] . =============== File Associations =============== . FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1" . =============== Created Last 30 ================ . 2013-06-28 22:26:05 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{11144733-9C25-4D70-93F2-8AE03577D562}\mpengine.dll 2013-06-12 22:59:26 701952 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll 2013-06-12 00:14:25 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-06-09 19:44:12 821824 ----a-w- C:\Windows\SysWow64\dgderapi.dll 2013-06-09 16:52:29 9728 ----a-w- C:\Windows\SysWow64\TCMSVR.dll 2013-06-09 16:52:29 1081616 ----a-w- C:\Windows\SysWow64\mscomctl.ocx 2013-06-09 16:51:40 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll 2013-06-09 16:51:40 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll 2013-06-09 16:51:40 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe 2013-06-09 16:51:40 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll 2013-06-09 16:51:40 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll 2013-06-09 16:51:40 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll 2013-06-09 16:51:40 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll 2013-06-09 16:51:39 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll 2013-06-09 04:27:17 90112 ----a-w- C:\Windows\System32\snymsico.dll 2013-06-09 04:27:17 81408 ----a-w- C:\Windows\System32\drivers\risdpe64.sys 2013-06-09 04:27:17 60416 ----a-w- C:\Windows\System32\drivers\rimspe64.sys 2013-06-09 04:27:17 55808 ----a-w- C:\Windows\System32\drivers\rixdpe64.sys 2013-06-09 04:27:17 196608 ----a-w- C:\Windows\System32\RiSDIcon.dll 2013-06-09 04:27:17 188416 ----a-w- C:\Windows\System32\RiMMCIcon.dll 2013-06-09 04:27:17 172032 ----a-w- C:\Windows\System32\rixdicon.dll 2013-06-09 04:27:17 -------- d-----w- C:\Windows\SysWow64\sda 2013-06-09 04:07:31 -------- d-----w- C:\Users\Stuart\AppData\Local\Samsung 2013-06-09 04:07:29 -------- d-----w- C:\Users\Stuart\AppData\Roaming\Samsung 2013-06-09 04:04:59 -------- d-----w- C:\Program Files (x86)\MyFree Codec 2013-06-09 04:01:57 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll 2013-06-09 04:01:17 -------- d-----w- C:\ProgramData\Samsung 2013-06-09 04:01:17 -------- d-----w- C:\Program Files (x86)\Samsung 2013-06-09 03:51:42 -------- d-----w- C:\Users\Stuart\AppData\Local\Downloaded Installations 2013-06-06 23:08:13 -------- d-----w- C:\Windows\System32\drivers\etc 2013-06-06 03:42:27 -------- d-----w- C:\Users\Stuart\AppData\Roaming\SearchProtect 2013-06-06 02:43:49 -------- d-----w- C:\Users\Stuart\AppData\Roaming\SUPERAntiSpyware.com 2013-06-06 02:43:41 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2013-06-06 02:43:41 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2013-06-06 01:54:23 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-06-06 01:54:23 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2013-06-04 17:15:04 708168 ----a-w- C:\Windows\System32\WinUSBCoInstaller.dll 2013-06-04 17:15:02 103448 ----a-w- C:\Windows\System32\drivers\ssudbus.sys 2013-06-04 17:15:00 203672 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys 2013-06-04 17:15:00 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll 2013-06-03 02:16:38 -------- d-----w- C:\Program Files (x86)\VideoLAN 2013-05-31 01:33:57 -------- d-----w- C:\Users\Stuart\AppData\Roaming\Malwarebytes 2013-05-31 01:33:48 -------- d-----w- C:\ProgramData\Malwarebytes 2013-05-31 01:33:47 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-05-31 01:33:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware . ==================== Find3M ==================== . 2013-06-13 23:59:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-13 23:59:13 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-29 21:19:29 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-27 02:23:29 33958 ----a-w- C:\ProgramData\uninstaller.exe 2013-05-22 15:21:06 4325376 ----a-w- C:\ProgramData\ReadOnlyInstaller.msi 2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-05-08 06:10:12 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll 2013-05-08 06:10:12 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll 2013-05-02 10:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-04-19 03:07:00 90112 ----a-w- C:\Windows\MAMCityDownload.ocx 2013-04-19 03:07:00 330240 ----a-w- C:\Windows\MASetupCaller.dll 2013-04-19 03:07:00 30568 ----a-w- C:\Windows\MusiccityDownload.exe 2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-03-31 22:52:16 1887232 ----a-w- C:\Windows\System32\d3d11.dll . ============= FINISH: 16:58:25.46 ===============
  6. HI I am having the same problem below during the last month these annoying square-ads keep popping up in the bottom left or right corner of my browser (doesn't matter if I use Chrome or Firefox, it's basicaly the same). I did full scans with my anti-virus program as well as yours but still no luck thanks bob
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.