threadly
-
Posts
11 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by threadly
-
Hi, I am checking in from my house now. I can't get back to my father's until tomorrow. The browser Delta does not appear to be causing any problem that I can identify, but it is still listed as a browser option on his computer. If it won't cause a problem, I don't care if it stays.
-
While waiting, I was attempting to set up my dad's home page to the way it was. Delta Search still appears as an option. I hate to say that I have to leave for the day. Please let me know if there are any additional steps to take, and I will address them tomorrow.
-
C:\Documents and Settings\John\Application Data\Zip Opener Packages\uninstaller.exe a variant of Win32/InstallCore.AZ application cleaned by deleting - quarantined C:\Documents and Settings\John\Desktop\Deleted programs\Bad download\ZipOpenerSetup.exe Win32/InstallCore.BN application cleaned by deleting - quarantined C:\RECYCLER\S-1-5-21-3612996564-50062554-1233501239-1006\Dc1.exe Win32/InstallCore.BN application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038751.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038752.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038753.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038757.dll a variant of Win32/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038763.dll probably a variant of Win32/Toolbar.MyWebSearch.F application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038764.dll probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038767.dll probably a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038772.dll probably a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038778.dll a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038825.dll a variant of Win32/bProtector.A application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038826.exe a variant of Win32/bProtector.A application cleaned by deleting - quarantined C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP285\A0038827.exe a variant of Win32/bProtector.A application cleaned by deleting - quarantined
-
Nope, it did not appear. Chrome came up fine.
-
Got this message trying to get on line: Your preferences file is corrupt or invalid. Google Chrome is unable to recover your settings. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.0.9 (07.12.2013:2)OS: Microsoft Windows XP x86Ran by John on Mon 07/15/2013 at 12:43:53.85~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettingsSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} ~~~ Files ~~~ Folders ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Mon 07/15/2013 at 12:49:34.90End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v2.305 - Logfile created 07/15/2013 at 12:51:06# Updated 11/07/2013 by Xplode# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)# User : John - D6YLXJ91# Boot Mode : Normal# Running from : C:\Documents and Settings\John\Desktop\ADW\AdwCleaner.exe# Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. -\\ Google Chrome v28.0.1500.72 File : C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Deleted [l.30] : keyword = "delta-search.com", ************************* AdwCleaner[s1].txt - [4930 octets] - [15/07/2013 11:15:10]AdwCleaner[s2].txt - [1321 octets] - [15/07/2013 12:51:06] ########## EOF - C:\AdwCleaner[s2].txt - [1381 octets] ##########
-
https://www.virustotal.com/en/file/bec4ebbf483a59dff94f0d1f9b556dc578c42d8a90010e635f98b08916acb3c9/analysis/1373905931/
-
Took quite some time, here you go. ComboFix 13-07-15.01 - John 07/15/2013 11:58:55.1.1 - x86Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.319 [GMT -4:00]Running from: c:\documents and settings\John\Desktop\Combo Fix\ComboFix.exeAV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\documents and settings\All Users\Application Data\TEMPc:\documents and settings\John\My Documents\~WRL0001.tmpc:\documents and settings\John\My Documents\~WRL0002.tmpc:\documents and settings\John\My Documents\~WRL0003.tmpc:\documents and settings\John\My Documents\~WRL0004.tmpc:\documents and settings\John\My Documents\~WRL1368.tmpc:\documents and settings\John\My Documents\~WRL1537.tmpc:\documents and settings\John\My Documents\~WRL3965.tmpc:\documents and settings\John\My Documents\~WRL4003.tmpc:\documents and settings\John\WINDOWSC:\install.exec:\program files\Common Files\System\Uninstallc:\program files\TotalRecipeSearch_14c:\program files\TotalRecipeSearch_14\bar\1.bin\14brmon.exec:\program files\TotalRecipeSearch_14\bar\1.bin\14brstub.dllc:\program files\TotalRecipeSearch_14\bar\1.bin\T8RES.DLL..((((((((((((((((((((((((( Files Created from 2013-06-15 to 2013-07-15 )))))))))))))))))))))))))))))))..2013-07-15 15:06 . 2013-07-15 15:06 -------- d-----w- c:\documents and settings\John\Application Data\Zip Opener Packages2013-07-15 15:06 . 2013-07-15 15:06 -------- d-----w- c:\windows\system32\Extensions2013-07-15 15:06 . 2013-07-15 15:06 -------- d-----w- c:\windows\system32\searchplugins2013-07-15 14:54 . 2013-07-15 14:54 -------- d-----w- c:\windows\ERUNT2013-07-11 17:45 . 2013-07-11 17:49 -------- d-----w- c:\program files\GUM8B.tmp2013-07-11 16:42 . 2013-07-11 16:42 -------- d-----w- c:\documents and settings\John\Application Data\AVG20132013-07-11 16:40 . 2013-07-11 16:40 -------- d-----w- c:\documents and settings\John\Application Data\TuneUp Software2013-07-11 16:38 . 2013-07-11 16:41 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG20132013-07-11 16:38 . 2013-07-11 16:38 -------- d-----w- C:\$AVG2013-07-11 16:37 . 2013-07-11 16:51 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Avg20132013-07-11 16:37 . 2013-07-11 16:37 -------- d-----w- c:\program files\AVG2013-07-11 16:31 . 2013-07-11 16:51 -------- d-----w- c:\documents and settings\John\Local Settings\Application Data\Avg20132013-07-11 16:31 . 2013-07-11 16:31 -------- d-----w- c:\documents and settings\John\Local Settings\Application Data\MFAData2013-07-11 16:28 . 2013-07-11 16:28 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files2013-07-11 16:28 . 2013-07-15 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData2013-07-11 16:28 . 2013-07-11 16:28 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\MFAData2013-07-11 16:28 . 2013-07-11 16:28 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Avg20132013-07-10 17:29 . 2013-07-10 17:29 -------- d-----w- C:\160606050a1b0580f6448f982ec53e2013-07-10 16:56 . 2013-07-10 16:56 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee2013-06-26 15:20 . 2013-06-26 15:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-07-10 16:56 . 2012-04-05 18:51 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-07-10 16:56 . 2011-05-16 21:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-06-14 14:09 . 2013-05-15 21:09 8610696 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe2013-06-08 03:55 . 2004-08-10 18:51 385024 ----a-w- c:\windows\system32\html.iec2013-06-07 21:56 . 2004-08-10 18:51 920064 ----a-w- c:\windows\system32\wininet.dll2013-06-07 21:56 . 2004-08-10 18:51 43520 ----a-w- c:\windows\system32\licmgr10.dll2013-06-07 21:56 . 2004-08-10 18:51 1469440 ------w- c:\windows\system32\inetcpl.cpl2013-06-04 07:23 . 2004-08-10 18:51 562688 ----a-w- c:\windows\system32\qedit.dll2013-06-04 01:40 . 2004-08-10 18:51 1876736 ----a-w- c:\windows\system32\win32k.sys2013-05-09 04:28 . 2006-10-19 01:47 1543680 ------w- c:\windows\system32\wmvdecod.dll2013-05-03 01:26 . 2004-08-10 18:51 2193536 ----a-w- c:\windows\system32\ntoskrnl.exe2013-05-03 00:38 . 2004-08-04 04:59 2070144 ----a-w- c:\windows\system32\ntkrnlpa.exe2008-06-07 22:06 . 2008-06-07 22:06 27024112 ----a-w- c:\program files\PowerPointViewer.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"EPSON Stylus CX7800 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE" [2005-04-07 98304].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-06 94208]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881]"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-02-23 26112]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-02-23 98304]"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]"EPSON Stylus CX7800 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE" [2005-04-07 98304]"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-01-07 1468296]"EPSON Stylus CX7800 Series (Copy 1)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE" [2005-04-07 98304]"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-29 4408368].c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe -check [2006-2-23 156784]initmou.exe [2003-11-18 36864]Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE -b -l [1999-2-17 65588].[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Documents and Settings\\John\\Local Settings\\Application Data\\CrossLoop\\vncviewer.exe"="c:\\Program Files\\NetMeeting\\conf.exe"="c:\\Program Files\\America Online 9.0\\waol.exe"="c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"="c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"="c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"="c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"=.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"5910:TCP"= 5910:TCP:vnc5910.R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2/8/2013 4:37 AM 60216]R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2/8/2013 4:37 AM 245048]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2/8/2013 4:37 AM 39224]R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [3/29/2013 2:53 AM 208184]R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [3/1/2013 10:32 AM 22328]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2/8/2013 4:37 AM 170808]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [3/21/2013 3:08 AM 182072]R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [5/14/2013 12:54 AM 4937264]R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [4/18/2013 4:34 AM 283136].[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-07-14 15:06 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 16:56].2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-19 00:03].2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-19 00:03].2010-07-15 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job- c:\program files\Microsoft IntelliPoint\ipoint.exe [2009-01-07 19:46]..------- Supplementary Scan -------.TCP: DhcpNameServer = 64.233.217.2 64.233.217.3.- - - - ORPHANS REMOVED - - - -.HKCU-Run-Desktop Software - c:\program files\ComcastUI\Universal Installer\uinstaller.exeHKLM-Run-NetscapeClient - (no file)HKLM-Run-TotalRecipeSearch Search Scope Monitor - c:\progra~1\TOTALR~2\bar\1.bin\14srchmn.exeHKLM-Run-TotalRecipeSearch_14 Browser Plugin Loader - c:\progra~1\TOTALR~2\bar\1.bin\14brmon.exeAddRemove-DSite - c:\documents and settings\John\Application Data\DSite\UpdateProc\UpdateTask.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2013-07-15 12:10Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ... .scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".Completion time: 2013-07-15 12:15:25ComboFix-quarantined-files.txt 2013-07-15 16:15.Pre-Run: 59,100,991,488 bytes freePost-Run: 61,517,570,048 bytes free.WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsUnsupportedDebug="do not select this" /debugmulti(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect.- - End Of File - - 42686A5F6BBD0B3F5C229EFC4A9B290B91722E6BC3A2B40FF00222DCA4A3DB3E
-
Something went strange. I have the reports for Junkware removal and AdwCleaner, but when I went back on line to download ComboFix, my dad's home page went from Wide Open West to something called Delta search. The first reports are listed below. I'll wait before I proceed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.0.9 (07.12.2013:2)OS: Microsoft Windows XP x86Ran by John on Mon 07/15/2013 at 10:54:52.65~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] totalrecipesearch_14service Successfully deleted: [service] totalrecipesearch_14service ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{03f3147c-cea6-4aae-b0ae-8d8abe7a8080}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{13119113-0854-469d-807a-171568457991}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{2502086b-5a46-4d05-8d5b-a1e77ab8bb32}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{33119133-0854-469d-807a-171568457991}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{396a4e14-83e7-4941-b0d9-b598e1b97197}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{76f3207c-3a0a-461b-b958-5653c5718243}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{895f3dbd-2484-4a14-a0ea-c3252ebb0ff7}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{8c4b563e-52a1-4a10-b700-f8bf1cd7b726}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{96b8a0ef-0d9d-4a92-b548-376db4bbb58b}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{9e5c950c-93f2-46b4-a47e-8450fff4d841}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{a0154e07-2b48-475c-a82a-80efd84ea33e}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{a4503ec3-1111-4b62-8f46-0d88508f8a7b}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{a9c524bf-4044-402a-aa00-8c3b3da86125}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{ab56dfde-0c14-45b3-9df6-7b0eba617870}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{b38fbaed-ded1-4ba6-ba2e-f2515fd49442}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{b5ede79d-b004-47dd-93f9-152b0d145914}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{d0690e53-168c-4632-99b2-5700228f760f}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{23119123-0854-469d-807a-171568457991}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{03119103-0854-469d-807a-171568457991}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstallerSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminstallerSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\internet explorer\menuext\&searchSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{fd79f359-e577-46db-aa74-d6e6b8b45ba8}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondarySuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engineSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2724386Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF22384F-CF68-4D19-969F-10423715528B} ~~~ Files Successfully deleted: [File] C:\eula.1028.txtSuccessfully deleted: [File] C:\eula.1031.txtSuccessfully deleted: [File] C:\eula.1033.txtSuccessfully deleted: [File] C:\eula.1036.txtSuccessfully deleted: [File] C:\eula.1040.txtSuccessfully deleted: [File] C:\eula.1041.txtSuccessfully deleted: [File] C:\eula.1042.txtSuccessfully deleted: [File] C:\eula.2052.txtSuccessfully deleted: [File] C:\install.res.1028.dllSuccessfully deleted: [File] C:\install.res.1031.dllSuccessfully deleted: [File] C:\install.res.1033.dllSuccessfully deleted: [File] C:\install.res.1036.dllSuccessfully deleted: [File] C:\install.res.1040.dllSuccessfully deleted: [File] C:\install.res.1041.dllSuccessfully deleted: [File] C:\install.res.1042.dllSuccessfully deleted: [File] C:\install.res.2052.dllSuccessfully deleted: [File] C:\install.res.3082.dll ~~~ Folders Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"Successfully deleted: [Folder] "C:\Program Files\recipehub_2jei"Failed to delete: [Folder] "C:\Program Files\totalrecipesearch_14"Successfully deleted: [Folder] "C:\Program Files\viewpoint" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Mon 07/15/2013 at 11:00:20.28End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v2.305 - Logfile created 07/15/2013 at 11:15:10# Updated 11/07/2013 by Xplode# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)# User : John - D6YLXJ91# Boot Mode : Normal# Running from : C:\Documents and Settings\John\Desktop\ADWCleaner\AdwCleaner.exe# Option [Delete] ***** [services] ***** Stopped & Deleted : BrowserDefendert ***** [Files / Folders] ***** Deleted on reboot : C:\Documents and Settings\All Users\Application Data\BrowserDefenderDeleted on reboot : C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmdeFile Deleted : C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtector Web DataFile Deleted : C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferencesFolder Deleted : C:\Documents and Settings\All Users\Application Data\BabylonFolder Deleted : C:\Documents and Settings\John\Application Data\BabSolutionFolder Deleted : C:\Documents and Settings\John\Application Data\BabylonFolder Deleted : C:\Documents and Settings\John\Application Data\DSiteFolder Deleted : C:\Documents and Settings\John\Start Menu\Programs\BrowserDefender ***** [Registry] ***** Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\docume~1\alluse~1\applic~1\browse~1\261339~1.144\{c16c1~1\browse~1.dllKey Deleted : HKCU\Software\5c2ddd1e238b845Key Deleted : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_2Key Deleted : HKCU\Software\BabSolutionKey Deleted : HKCU\Software\DataMngrKey Deleted : HKCU\Software\DataMngr_ToolbarKey Deleted : HKCU\Software\InstallCoreKey Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettingsKey Deleted : HKLM\SOFTWARE\5c2ddd1e238b845Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}Key Deleted : HKLM\SOFTWARE\Classes\Prod.capKey Deleted : HKLM\Software\DataMngrKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmdeKey Deleted : HKLM\Software\MetaStreamKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngineKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DeltaKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome ToolbarKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayerKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome ToolbarKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayerKey Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMPKey Deleted : HKLM\Software\ViewpointKey Deleted : HKU\S-1-5-21-3612996564-50062554-1233501239-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Google Chrome v28.0.1500.72 File : C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [4801 octets] - [15/07/2013 11:15:10] ########## EOF - C:\AdwCleaner[s1].txt - [4861 octets] ##########
-
These do not show up in the add/remove program TotalRecipeSearch Toolbar Viewpoint Media Player
-
Thank you for your time Borislav. The requested files are below: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702Run by John at 10:27:02 on 2013-07-15Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.329 [GMT -4:00].AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ================.C:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Java\j2re1.4.2_03\bin\jusched.exeC:\Program Files\Intel\Modem Event Monitor\IntelMEM.exeC:\Program Files\CyberLink\PowerDVD\DVDLauncher.exeC:\Program Files\Real\RealPlayer\RealPlay.exeC:\Program Files\Dell\Media Experience\DMXLauncher.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\PROGRA~1\TOTALR~2\bar\1.bin\14brmon.exeC:\Program Files\AVG\AVG2013\avgui.exeC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\AVG\AVG2013\avgwdsvc.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k imgsvc.============== Pseudo HJT Report ===============.uURLSearchHooks: <No Name>: {8a7d2060-824d-4b17-b00a-759b1b5f30d9} - c:\program files\totalrecipesearch_14\bar\1.bin\14SrcAs.dllBHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dllBHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar.dllBHO: Toolbar BHO: {ab56dfde-0c14-45b3-9df6-7b0eba617870} - c:\program files\totalrecipesearch_14\bar\1.bin\14bar.dllBHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dllBHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dllBHO: Search Assistant BHO: {df22384f-cf68-4d19-969f-10423715528b} - c:\program files\totalrecipesearch_14\bar\1.bin\14SrcAs.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dllTB: TotalRecipeSearch: {a0154e07-2b48-475c-a82a-80efd84ea33e} - c:\program files\totalrecipesearch_14\bar\1.bin\14bar.dllEB: Real.com: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\shdocvw.dlluRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /backgrounduRun: [EPSON Stylus CX7800 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIAFA.EXE /P26 "EPSON Stylus CX7800 Series" /M "Stylus CX7800" /EF "HKCU"uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [Desktop Software] "c:\program files\comcastui\universal installer\uinstaller.exe" /ini "uinstaller.ini" /fromrun /starthiddenmRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exemRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [sunJavaUpdateSched] c:\program files\java\j2re1.4.2_03\bin\jusched.exemRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exemRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYERmRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exemRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startupmRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -startmRun: [NetscapeClient] <no file>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\americ~1.lnk - c:\program files\america online 9.0\aoltray.exeStartupFolder: c:\documents and settings\all users\start menu\programs\startup\initmou.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXEuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: &Search - http://tbedits.totalrecipesearch.com/one-toolbaredits/menusearch.jhtml?s=100000459&p=YKxdm002YYus&si=CMCR8KnhmbACFUFo4AodxjhRZA&a=1F579D74-37B5-4384-9B7C-748946EBC73D&n=2012052416IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - LocalServer32 - <no file>IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeTCP: NameServer = 64.233.217.2 64.233.217.3TCP: Interfaces\{1199D2D5-FC13-4150-BD44-799933FD9962} : DHCPNameServer = 64.233.217.2 64.233.217.3Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dllNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.72\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome.============= SERVICES / DRIVERS ===============.R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-3-29 208184]R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]S2 TotalRecipeSearch_14Service;TotalRecipeSearchService;c:\progra~1\totalr~2\bar\1.bin\14barsvc.exe [2012-5-24 42504].=============== Created Last 30 ================.2013-07-11 17:45:51 -------- d-----w- c:\program files\GUM8B.tmp2013-07-11 16:42:03 -------- d-----w- c:\documents and settings\john\application data\AVG20132013-07-11 16:40:14 -------- d-----w- c:\documents and settings\john\application data\TuneUp Software2013-07-11 16:38:55 -------- d--h--w- C:\$AVG2013-07-11 16:38:55 -------- d-----w- c:\documents and settings\all users\application data\AVG20132013-07-11 16:37:32 -------- d-----w- c:\program files\AVG2013-07-11 16:31:12 -------- d-----w- c:\documents and settings\john\local settings\application data\MFAData2013-07-11 16:31:12 -------- d-----w- c:\documents and settings\john\local settings\application data\Avg20132013-07-11 16:28:41 -------- d--h--w- c:\documents and settings\all users\application data\Common Files2013-07-11 16:28:40 -------- d-----w- c:\documents and settings\all users\application data\MFAData2013-07-10 17:29:39 -------- d-----w- C:\160606050a1b0580f6448f982ec53e.==================== Find3M ====================.2013-07-10 16:56:09 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-07-10 16:56:07 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-06-14 14:09:51 8610696 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe2013-06-08 03:55:44 385024 ----a-w- c:\windows\system32\html.iec2013-06-07 21:56:06 920064 ----a-w- c:\windows\system32\wininet.dll2013-06-07 21:56:06 43520 ----a-w- c:\windows\system32\licmgr10.dll2013-06-07 21:56:05 1469440 ------w- c:\windows\system32\inetcpl.cpl2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys2013-05-09 04:28:02 1543680 ------w- c:\windows\system32\wmvdecod.dll2013-05-03 01:26:26 2193536 ----a-w- c:\windows\system32\ntoskrnl.exe2013-05-03 00:38:18 2070144 ----a-w- c:\windows\system32\ntkrnlpa.exe2008-06-07 22:06:36 27024112 ----a-w- c:\program files\PowerPointViewer.exe.============= FINISH: 10:28:02.39 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP Home EditionBoot Device: \Device\HarddiskVolume2Install Date: 1/15/2008 7:33:29 PMSystem Uptime: 7/15/2013 10:07:31 AM (0 hours ago).Motherboard: Dell Computer Corp. | | 0WF887Processor: Intel® Celeron® CPU 2.53GHz | Microprocessor | 2527/533mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 71 GiB total, 55.264 GiB free.D: is CDROM ()G: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP269: 4/19/2013 1:05:28 PM - System CheckpointRP270: 4/20/2013 3:33:15 PM - System CheckpointRP271: 4/21/2013 3:56:41 PM - System CheckpointRP272: 4/22/2013 4:17:51 PM - System CheckpointRP273: 4/23/2013 8:22:44 PM - System CheckpointRP274: 4/25/2013 10:39:45 AM - System CheckpointRP275: 5/10/2013 9:58:35 AM - System CheckpointRP276: 5/15/2013 5:08:22 PM - Software Distribution Service 3.0RP277: 5/24/2013 8:40:51 AM - System CheckpointRP278: 6/12/2013 8:54:25 AM - Software Distribution Service 3.0RP279: 6/23/2013 10:24:25 AM - System CheckpointRP280: 6/26/2013 1:43:11 PM - System CheckpointRP281: 7/10/2013 1:28:23 PM - Software Distribution Service 3.0RP282: 7/10/2013 6:43:01 PM - Software Distribution Service 3.0RP283: 7/11/2013 12:37:30 PM - Installed AVG 2013RP284: 7/11/2013 12:38:18 PM - Installed AVG 2013RP285: 7/14/2013 1:52:27 PM - System Checkpoint.==== Installed Programs ======================.Adobe Flash Player 11 ActiveXAdobe Reader 7.0.5 Language SupportAdobe Reader 7.0.9America Online (Choose which version to remove)AOL Coach Version 1.0(Build:20040229.1 en)AOL Connectivity ServicesAOLIconArcSoft PhotoImpression 5AVG 2013AVS DVDMenu Editor 1.2.1.19AVS Video Tools 5.6Critical Update for Windows Media Player 11 (KB959772)CrossLoop 2.70Dell Digital Jukebox DriverDell Driver Reset ToolDell Media ExperienceDell Support 3.1Dell System RestoreDigital Content PortalEducateUELIconEPSON CX 7800 GuideEPSON Printer SoftwareEPSON Scanffdshow [rev 2527] [2008-12-19]GoogleGoogle ChromeGoogle EarthGoogle Toolbar for Internet ExplorerGoogle Update HelperHaali Media SplitterHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB2633952)Hotfix for Windows XP (KB2756822)Hotfix for Windows XP (KB2779562)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)Hotfix for Windows XP (KB981793)Intel® 537EP V9x DF PCI ModemIntel® Extreme Graphics 2 DriverIntel® PRO Network Adapters and DriversIntel® PROSet for Wired ConnectionsJava 2 Runtime Environment, SE v1.4.2_03Learn2 Player (Uninstall Only)Malwarebytes Anti-Malware version 1.75.0.1300MCUMicrosoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2698023)Microsoft .NET Framework 1.1 Security Update (KB2833941)Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Application Error ReportingMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft IntelliPoint 6.3Microsoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office 2000 ProfessionalMicrosoft Office PowerPoint Viewer 2007 (English)Microsoft Plus! Digital Media Edition InstallerMicrosoft Plus! Photo Story 2 LEMicrosoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Modem Event MonitorModem On HoldMSNPhoto ClickPhoto Notifier and Animation CreatorPowerDVD 5.5QuickTimeRealPlayer BasicSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft Windows (KB2564958)Security Update for Step By Step Interactive Training (KB923723)Security Update for Windows Internet Explorer 7 (KB938127-v2)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 8 (KB2183461)Security Update for Windows Internet Explorer 8 (KB2360131)Security Update for Windows Internet Explorer 8 (KB2416400)Security Update for Windows Internet Explorer 8 (KB2482017)Security Update for Windows Internet Explorer 8 (KB2497640)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2530548)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2559049)Security Update for Windows Internet Explorer 8 (KB2586448)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB2647516)Security Update for Windows Internet Explorer 8 (KB2675157)Security Update for Windows Internet Explorer 8 (KB2699988)Security Update for Windows Internet Explorer 8 (KB2722913)Security Update for Windows Internet Explorer 8 (KB2744842)Security Update for Windows Internet Explorer 8 (KB2761465)Security Update for Windows Internet Explorer 8 (KB2792100)Security Update for Windows Internet Explorer 8 (KB2797052)Security Update for Windows Internet Explorer 8 (KB2799329)Security Update for Windows Internet Explorer 8 (KB2809289)Security Update for Windows Internet Explorer 8 (KB2817183)Security Update for Windows Internet Explorer 8 (KB2829530)Security Update for Windows Internet Explorer 8 (KB2838727)Security Update for Windows Internet Explorer 8 (KB2846071)Security Update for Windows Internet Explorer 8 (KB2847204)Security Update for Windows Internet Explorer 8 (KB969897)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB972260)Security Update for Windows Internet Explorer 8 (KB974455)Security Update for Windows Internet Explorer 8 (KB976325)Security Update for Windows Internet Explorer 8 (KB978207)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Internet Explorer 8 (KB982381)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB2834904)Security Update for Windows Media Player (KB911564)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 10 (KB936782)Security Update for Windows Media Player 11 (KB936782)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2160329)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2491683)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2503665)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2536276)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2544893)Security Update for Windows XP (KB2555917)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2619339)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2621440)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2633171)Security Update for Windows XP (KB2639417)Security Update for Windows XP (KB2641653)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB2647518)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2655992)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2660465)Security Update for Windows XP (KB2661637)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2685939)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2691442)Security Update for Windows XP (KB2695962)Security Update for Windows XP (KB2698365)Security Update for Windows XP (KB2705219)Security Update for Windows XP (KB2707511)Security Update for Windows XP (KB2709162)Security Update for Windows XP (KB2712808)Security Update for Windows XP (KB2718523)Security Update for Windows XP (KB2719985)Security Update for Windows XP (KB2723135)Security Update for Windows XP (KB2724197)Security Update for Windows XP (KB2727528)Security Update for Windows XP (KB2731847)Security Update for Windows XP (KB2753842-v2)Security Update for Windows XP (KB2753842)Security Update for Windows XP (KB2757638)Security Update for Windows XP (KB2758857)Security Update for Windows XP (KB2761226)Security Update for Windows XP (KB2770660)Security Update for Windows XP (KB2778344)Security Update for Windows XP (KB2779030)Security Update for Windows XP (KB2780091)Security Update for Windows XP (KB2799494)Security Update for Windows XP (KB2802968)Security Update for Windows XP (KB2807986)Security Update for Windows XP (KB2808735)Security Update for Windows XP (KB2813170)Security Update for Windows XP (KB2813345)Security Update for Windows XP (KB2820197)Security Update for Windows XP (KB2820917)Security Update for Windows XP (KB2829361)Security Update for Windows XP (KB2834886)Security Update for Windows XP (KB2839229)Security Update for Windows XP (KB2845187)Security Update for Windows XP (KB2850851)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB938464-v2)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950759)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953838)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956390)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958215)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960714)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)Security Update for Windows XP (KB982802)SmoothingSetupSpybot - Search & DestroyTotalRecipeSearch ToolbarTuner Internet Update ApplicationUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 8 (KB971930)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Internet Explorer 8 (KB976749)Update for Windows Internet Explorer 8 (KB980182)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB2541763)Update for Windows XP (KB2607712)Update for Windows XP (KB2616676-v2)Update for Windows XP (KB2641690)Update for Windows XP (KB2661254-v2)Update for Windows XP (KB2718704)Update for Windows XP (KB2736233)Update for Windows XP (KB2749655)Update for Windows XP (KB951072-v2)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)Viewpoint Media PlayerVivitar Experience Image ManagerWebFldrs XPWindows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)Windows Genuine Advantage Validation Tool (KB892130)Windows Installer 3.1 (KB893803)Windows Internet Explorer 7Windows Internet Explorer 8Windows Media Format 11 runtimeWindows Media Player 10Windows Media Player 11Windows XP Service Pack 3.==== Event Viewer Messages From Past Week ========.7/14/2013 10:55:07 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.7/11/2013 11:56:06 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm7/11/2013 11:54:51 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}7/11/2013 11:47:52 AM, error: Service Control Manager [7034] - The McAfee Security Scan Component Host Service service terminated unexpectedly. It has done this 1 time(s).7/10/2013 6:34:35 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde7/10/2013 6:34:31 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.7/10/2013 3:34:27 PM, error: Service Control Manager [7034] - The PC Tools AntiVirus Engine service terminated unexpectedly. It has done this 1 time(s)..==== End Of File ===========================
-
Dell, Windows XP Home Edition/SP 3 My father has managed to get compromised by the Trojan.Ransom.FMS, the Trojan.BHO and Rogue.A360Antivirus. Also something called 47 Search Engines created two additional tabs when he opens his browser to the home page. Malwarebytes managed to locate and quarantine the Trojans and rogue issues, but not completely eliminate them. On starting the computer, while his shortcut icons are populating the desktop, I can see what looks like a DOS screen flash briefly on and off. The same appears at shutdown. Additional symptoms: Slow to open programs Takes longer to shut down Pop out menus slow to open, or don’t get populated I will be going to his house to apply your recommendations, so there may be a delay in an immediate response. Thank you for your help. Malwarebytes Log: www.malwarebytes.org Database version: v2013.07.14.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 John :: D6YLXJ91 [administrator] 7/14/2013 11:59:42 AM mbam-log-2013-07-14 (11-59-42).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 270971 Time elapsed: 1 hour(s), 12 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) HijackThis Log: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 11:40:43 AM, on 7/14/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\PROGRA~1\TOTALR~2\bar\1.bin\14brmon.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG2013\avgnsx.exe C:\Program Files\AVG\AVG2013\avgemcx.exe c:\program files\common files\installshield\updateservice\isuspm.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\John\My Documents\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portal.wowway.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: (no name) - {8a7d2060-824d-4b17-b00a-759b1b5f30d9} - C:\Program Files\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Toolbar BHO - {ab56dfde-0c14-45b3-9df6-7b0eba617870} - C:\PROGRA~1\TOTALR~2\bar\1.bin\14bar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Search Assistant BHO - {df22384f-cf68-4d19-969f-10423715528b} - C:\Program Files\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files\TotalRecipeSearch_14\bar\1.bin\14bar.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [EPSON Stylus CX7800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE /P26 "EPSON Stylus CX7800 Series" /O6 "USB001" /M "Stylus CX7800" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [TotalRecipeSearch Search Scope Monitor] "C:\PROGRA~1\TOTALR~2\bar\1.bin\14srchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [TotalRecipeSearch_14 Browser Plugin Loader] C:\PROGRA~1\TOTALR~2\bar\1.bin\14brmon.exe O4 - HKLM\..\Run: [EPSON Stylus CX7800 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE /P35 "EPSON Stylus CX7800 Series (Copy 1)" /O5 "LPT1:" /M "Stylus CX7800" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [EPSON Stylus CX7800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE /P26 "EPSON Stylus CX7800 Series" /M "Stylus CX7800" /EF "HKCU" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Desktop Software] "C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe" /ini "uinstaller.ini" /fromrun /starthidden O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe O4 - Global Startup: initmou.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Search - http://tbedits.totalrecipesearch.com/one-toolbaredits/menusearch.jhtml?s=100000459&p=YKxdm002YYus&si=CMCR8KnhmbACFUFo4AodxjhRZA&a=1F579D74-37B5-4384-9B7C-748946EBC73D&n=2012052416 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1366405281671 O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: TotalRecipeSearchService (TotalRecipeSearch_14Service) - COMPANYVERS_NAME - C:\PROGRA~1\TOTALR~2\bar\1.bin\14barsvc.exe -- End of file - 9419 bytes