Jump to content

please help remove babylon malware


widy

Recommended Posts

please help remove babylon malware - i've tried myself but to no avail

Here is the DDS log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7600.17153

Run by Widyantoko at 2:03:31 on 2012-12-20

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3767.1826 [GMT 7:00]

.

AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Program Files\HitmanPro\hmpsched.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Ant.com\IE add-on\AntUpdaterService.exe

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe

C:\Windows\SysWOW64\ChgService.exe

C:\Program Files\KlikBCA\VPN Client\cvpnd.exe

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\PROGRA~2\SPEEDB~2\VideoAcceleratorService.exe

C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe

C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Western Digital\WD SmartWare\WDFME.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe

C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe

C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

C:\Program Files\ESET\ESET Smart Security\egui.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe

C:\Program Files (x86)\Microsoft Encarta\Encarta Premium DVD 2009\EDICT.EXE

C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe

C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe

C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\DAP\DAP.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uDefault_Page_URL = hxxp://acer.msn.com

mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={903DB0F2-3634-11E2-BAAA-60EB69AD79E5}

mDefault_Page_URL = hxxp://acer.msn.com

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

BHO: Ant.com browser helper (video detector): {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll

BHO: SearchPredictObj Class: {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files (x86)\SearchPredict\SearchPredict.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: SBCONVERT Class: {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files (x86)\SPEEDbit Video Downloader\Toolbar\tbcore3.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: SpeedBit Link Verification Helper: {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll

BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

BHO: GrabberObj Class: {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\SPEEDbit Video Downloader\Toolbar\Grabber.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Ant.com Video Downloader toolbar: {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\anttoolbar.dll

TB: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SPEEDbit Video Downloader\Toolbar\tbcore3.dll

TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

TB: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SPEEDbit Video Downloader\Toolbar\tbcore3.dll

TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [E09AXLRD_9199971] "C:\Program Files (x86)\Microsoft Encarta\Encarta Premium DVD 2009\EDICT.EXE" -m

uRun: [boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"

mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe

mRun: [sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACERVC~1.LNK - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VPNGUI~1.LNK - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm

IE: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

LSP: C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll

TCP: NameServer = 61.247.0.4 202.73.99.4 61.247.0.2

TCP: Interfaces\{1779C239-2258-44B1-9798-BF47B16A50B6} : DHCPNameServer = 61.247.0.4 202.73.99.4 61.247.0.2

TCP: Interfaces\{1779C239-2258-44B1-9798-BF47B16A50B6}\A616B6372657875393 : DHCPNameServer = 202.146.128.3 202.146.128.6 8.8.8.8

TCP: Interfaces\{1779C239-2258-44B1-9798-BF47B16A50B6}\C696E6B6C6F67696374796B67777 : DHCPNameServer = 61.247.0.4 202.73.99.4 61.247.0.2

TCP: Interfaces\{1779C239-2258-44B1-9798-BF47B16A50B6}\D454741402B455E494E47414E4 : DHCPNameServer = 110.34.131.90 8.8.8.8

TCP: Interfaces\{C29A85B8-E25A-4719-8920-D8B9D12C357D} : DHCPNameServer = 192.168.12.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie.dll

Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie.dll

AppInit_DLLs= c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll

SSODL: WebCheck - <orphaned>

x64-mStart Page = hxxp://acer.msn.com

x64-mDefault_Page_URL = hxxp://acer.msn.com

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"

x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe

x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe

x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"

x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

x64-Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

x64-Run: [WD Quick View] C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe

x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD}

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie64.dll

x64-Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie64.dll

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.speedbit.com/searchresults.asp?src=default&q=

FF - prefs.js: browser.search.selectedEngine - SpeedBit Search

FF - prefs.js: browser.startup.homepage - hxxp://search.speedbit.com

FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Widyantoko\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

FF - ExtSQL: 2012-11-20 00:18; daplinkchecker@speedbit.com; C:\Program Files (x86)\DAP\daplinkchecker

FF - ExtSQL: 2012-11-20 00:21; searchpredict@speedbit.com; C:\Program Files (x86)\SearchPredict\PRFireFox

FF - ExtSQL: 2012-11-20 00:21; {0329E7D6-6F54-462D-93F6-F5C3118BADF2}; C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFox

FF - ExtSQL: 2012-11-24 19:55; {EEE6C361-6118-11DC-9C72-001320C79847}; C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

FF - ExtSQL: !HIDDEN! 2011-04-29 02:09; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=7ea62e5f00000000000002f46a68a3eb&q=

FF - user.js: extensions.BabylonToolbar.id - 7ea62e5f00000000000002f46a68a3eb

FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}

FF - user.js: extensions.BabylonToolbar.instlDay - 15668

FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8

FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.819:55:33

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

.

============= SERVICES / DRIVERS ===============

.

R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-3-14 62496]

R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-3-14 209768]

R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-3-14 38288]

R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]

R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]

R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-29 203264]

R2 AntUpdaterService;Ant Toolbar updater service;C:\Program Files (x86)\Ant.com\IE add-on\AntUpdaterService.exe [2011-6-29 520216]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-7-30 52896]

R2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe [2012-12-15 2403352]

R2 Change Modem Device Service;Change Modem Device Service;C:\Windows\SysWOW64\ChgService.exe [2011-10-16 135168]

R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-9-8 321104]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-3-7 913144]

R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-2-22 821792]

R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]

R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2012-12-3 108904]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-8 13336]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-3 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-3 676936]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-29 255744]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-4-17 144640]

R2 ODDPwrSvc;Acer ODD Power Service;C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-9-8 171040]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-8-9 38608]

R2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-9-8 260640]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-3 13784]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-2-22 2314240]

R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-9-8 243232]

R2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~2\SPEEDB~2\VideoAcceleratorService.exe -start -scm --> C:\PROGRA~2\SPEEDB~2\VideoAcceleratorService.exe -start -scm [?]

R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [2011-12-15 319384]

R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-6 248248]

R2 WDFMEService;WDFME;C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [2011-12-15 1977224]

R2 WDRulesService;WDRules;C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-12-15 1338264]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-7-30 28832]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-2-22 56344]

R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-9-14 158720]

R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-10-29 10331840]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-9-21 76912]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-3 25928]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-5-26 40448]

S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-7-30 36000]

S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;C:\Windows\System32\drivers\br3gmdm.sys [2008-3-14 114560]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-7-30 295072]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-7-30 201376]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-7-30 51872]

S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-7-30 154272]

S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-7-30 270496]

S3 cmusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2051;C:\Windows\System32\drivers\cmusbser.sys [2011-10-16 118144]

S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2009-6-17 74256]

S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2009-6-17 13328]

S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520]

S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-4-17 50432]

S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-3 126352]

S3 USB_BusEnum_W;EVDO Telecom USB Bus Enumerator w;C:\Windows\System32\drivers\USB_BusEnum_W.sys [2012-7-30 44544]

S3 USB_ETS_W;EVDO Rev A Service USB port w;C:\Windows\System32\drivers\USB_ETS_W.sys [2012-7-30 21760]

S3 USB_WinMux_W;EVDO Telecom USB MUX Serial Port w;C:\Windows\System32\drivers\USB_WinMux_W.sys [2012-7-30 37376]

S3 UsbModemDriver;EVDO Rev A USB Modem w;C:\Windows\System32\drivers\USB_MODEM_W.sys [2012-7-30 28160]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-28 1255736]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

.

=============== Created Last 30 ================

.

2012-12-19 18:25:45 -------- d-----w- C:\Program Files (x86)\RealNetworks

2012-12-19 18:25:41 -------- d-----w- C:\Users\Widyantoko\AppData\Roaming\RealNetworks

2012-12-19 18:24:41 -------- d-----w- C:\ProgramData\RealNetworks

2012-12-18 16:22:01 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FC55970B-88EC-478E-AE76-AA9E29996955}\mpengine.dll

2012-12-12 18:33:47 16363960 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-12-12 17:09:58 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-12-12 17:09:58 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-12-12 17:09:37 3147264 ----a-w- C:\Windows\System32\win32k.sys

2012-12-12 17:07:56 425984 ----a-w- C:\Windows\System32\KernelBase.dll

2012-12-09 04:58:24 -------- d-----r- C:\Program Files (x86)\Skype

2012-12-04 11:56:45 -------- d-----w- C:\Users\Widyantoko\AppData\Local\Apps

2012-12-04 11:56:43 -------- d-----w- C:\Users\Widyantoko\AppData\Local\Deployment

2012-12-02 20:11:12 -------- d-----w- C:\Program Files\HitmanPro

2012-12-02 20:09:47 -------- d-----w- C:\ProgramData\HitmanPro

2012-12-02 18:16:11 -------- d-----w- C:\Users\Widyantoko\AppData\Roaming\Malwarebytes

2012-12-02 18:15:20 -------- d-----w- C:\ProgramData\Malwarebytes

2012-12-02 18:15:17 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-12-02 18:15:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-12-02 09:31:35 -------- d-----w- C:\Users\Widyantoko\AppData\Roaming\EQATEC Analytics

2012-12-02 09:30:22 -------- d-----w- C:\Users\Widyantoko\AppData\Local\SpeedBIT

2012-11-24 12:55:44 -------- d-----w- C:\ProgramData\Browser Manager

2012-11-24 12:54:43 -------- d-----w- C:\ProgramData\Babylon

2012-11-24 12:44:20 -------- d-----w- C:\Users\Widyantoko\Tracing

2012-11-24 12:43:35 -------- d-----w- C:\ProgramData\SweetIM

2012-11-24 12:43:35 -------- d-----w- C:\Program Files (x86)\SweetIM

.

==================== Find3M ====================

.

2012-12-12 18:33:58 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-12-12 18:33:58 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-12-02 09:07:43 2560 ----a-w- C:\Windows\_MSRSTRT.EXE

2012-11-12 12:18:53 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-12 11:51:11 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-05 16:25:51 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-11-05 14:17:16 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-11-05 14:03:21 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-11-05 14:03:13 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-11-02 05:27:51 478208 ----a-w- C:\Windows\System32\dpnet.dll

2012-11-02 04:48:28 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

2012-10-27 05:36:37 1197568 ----a-w- C:\Windows\System32\wininet.dll

2012-10-27 05:36:08 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2012-10-27 05:00:40 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-27 04:59:41 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2012-10-27 04:23:06 482816 ----a-w- C:\Windows\System32\html.iec

2012-10-27 03:52:14 386048 ----a-w- C:\Windows\SysWow64\html.iec

2012-10-16 21:20:49 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 21:20:46 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 20:34:37 559104 ----a-w- C:\Windows\apppatch\AcLayers.dll

2012-10-04 17:38:56 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-10-04 17:38:56 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-10-04 17:38:56 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-10-04 17:38:24 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-10-04 17:35:22 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-10-04 16:54:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-10-04 16:54:17 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-10-04 15:19:57 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-10-04 14:49:27 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-10-04 14:49:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-10-04 14:49:22 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-10-04 14:49:22 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-10-04 14:44:29 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-10-04 14:44:29 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-10-04 14:44:29 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-10-04 14:44:29 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-09-25 22:39:14 95744 ----a-w- C:\Windows\System32\synceng.dll

2012-09-25 21:55:17 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

.

============= FINISH: 2:04:34.20 ===============

Here is my attach log:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume2

Install Date: 22-Feb-11 10:04:43 AM

System Uptime: 20-Dec-12 1:42:46 AM (1 hours ago)

.

Motherboard: Acer | | JM41_CP

Processor: Intel® Core i5 CPU M 480 @ 2.67GHz | CPU | 1840/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 582 GiB total, 445.56 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco Systems VPN Adapter for 64-bit Windows

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco Systems VPN Adapter for 64-bit Windows

PNP Device ID: ROOT\NET\0000

Service: CVirtA

.

==== System Restore Points ===================

.

RP317: 28-Nov-12 11:21:30 PM - Windows Update

RP318: 28-Nov-12 11:37:46 PM - Removed Babylon Chrome Toolbar

RP319: 29-Nov-12 1:31:02 AM - Windows Update

RP320: 04-Dec-12 3:20:32 PM - Windows Update

RP321: 08-Dec-12 12:04:40 AM - Windows Update

RP322: 11-Dec-12 11:22:31 PM - Windows Update

RP323: 13-Dec-12 1:48:03 AM - Windows Update

RP324: 18-Dec-12 11:15:44 PM - Windows Update

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

7-Zip 9.20 (x64 edition)

Acer Arcade Deluxe

Acer Arcade Movie

Acer Backup Manager

Acer Crystal Eye webcam

Acer eRecovery Management

Acer GameZone Console

Acer PowerSmart Manager

Acer Registration

Acer ScreenSaver

Acer Updater

Acer VCM

Acrobat.com

Adobe AIR

Adobe Community Help

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Media Player

Adobe Reader X (10.1.4)

Aimersoft Video Converter Pro(Build 4.0.3.0)

Airport Mania First Flight

Akamai NetSession Interface

Alcor Micro USB Card Reader

Amazonia

Ant.com IE add-on

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

ATI Catalyst Install Manager

Backup Manager Basic

BlackBerry Desktop Software 6.1

Bluetooth Win7 Suite (64)

Boxoft PDF to PowerPoint (freeware)

BufferChm

C4400

Cake Mania

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CDDRV_Installer

Copy

Coupon Printer for Windows

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Destinations

DeviceDiscovery

DJ_AIO_06_K209a-z_SW_Min

DNE Update

DocProc

Download Accelerator Plus (DAP)

Dream Day First Home

eBay Worldwide

Encarta Search Bar (64-bit)

ESET Smart Security

eSobi v2

Farm Frenzy 2

Free FLV Converter V 7.4.0

Galapago

Google Chrome

Google Earth

Google Talk Plugin

Google Update Helper

GPBaseService2

Heroes of Hellas

HitmanPro 3.6

HP Customer Participation Program 14.0

HP Deskjet Ink Advant K209a-z All-in-One Driver Software 14.0 Rel. 6

HP Imaging Device Functions 14.0

HP Photo Creations

HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3

HP Photosmart Essential 3.5

HP Smart Web Printing 4.60

HP Solution Center 14.0

HP Update

HPDiagnosticAlert

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

Identity Card

Intel® Control Center

Intel® Management Engine Components

Intel® Rapid Storage Technology

Intel® Turbo Boost Technology Driver

Intel® Turbo Boost Technology Monitor

Internet Explorer Toolbar 4.6 by SweetPacks

Junk Mail filter update

K-Lite Codec Pack 7.0.0 (Full)

K209a-z

KhalInstallWrapper

KlikBCA Bisnis

Launch Manager

Logitech SetPoint

Malwarebytes Anti-Malware version 1.65.1.1000

MarketResearch

MediaShow Espresso

Merriam Websters Spell Jam

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Encarta Premium 2009

Microsoft IntelliPoint 7.1

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Business 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

Mozilla Firefox 10.0.2 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyWinLocker

MyWinLocker Suite

Norton Online Backup

NTI Backup Now 5

NTI Backup Now Standard

NTI Media Maker 8

OCR Software by I.R.I.S. 13.0

Optical Drive Power Management

PandoraRecovery (Remove Only)

Pinnacle Video Driver

Poker Pop

PS_AIO_03_C4400_Software_Min

PT Agrodana Futures 4.00

PX Profile Update

QuickTime Alternative 3.2.2

RealDownloader

Realtek High Definition Audio Driver

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Shop for HP Supplies

Shredder

Skype™ 6.0

SmartWebPrinting

SolutionCenter

SpeedBit Video Accelerator

SpeedBit Video Downloader

Spin & Win

Status

Synaptics Pointing Device Driver

Toolbox

TrayApp

UnloadSupport

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update Manager for SweetPacks 1.1

WD Drive Utilities

WD Security

WD SmartWare

WebReg

Welcome Center

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinRAR 4.00 (64-bit)

.

==== Event Viewer Messages From Past Week ========

.

19-Dec-12 11:05:08 PM, Error: Service Control Manager [7024] - The HitmanPro 3.6 Crusader (Boot) service terminated with service-specific error The operation completed successfully..

18-Dec-12 11:18:43 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.141.2103.0).

14-Dec-12 11:55:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.141.1830.0).

14-Dec-12 11:47:18 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Ant Toolbar updater service service to connect.

14-Dec-12 11:47:18 PM, Error: Service Control Manager [7000] - The Ant Toolbar updater service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

13-Dec-12 11:03:02 PM, Error: RemoteAccess [20106] - Unable to add the interface {6622083D-D10B-4784-B0AE-A710D43EB154} with the Router Manager for the IPV6 protocol. The following error occurred: Cannot complete this function.

13-Dec-12 11:03:02 PM, Error: RemoteAccess [20106] - Unable to add the interface {6622083D-D10B-4784-B0AE-A710D43EB154} with the Router Manager for the IP protocol. The following error occurred: Cannot complete this function.

.

==== End Of File ===========================

Link to post
Share on other sites

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 48 hours, please send me a PM)

Link to post
Share on other sites

Thanks Mr Charlie, following is the report from the RoqueKiller, and awaiting further instructions:

RogueKiller V8.4.0 [Dec 20 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7600 ) 64 bits version

Started in : Normal mode

User : Widyantoko [Admin rights]

Mode : Scan -- Date : 12/21/2012 00:12:21

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] mngr.exe -- C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe -> KILLED [TermProc]

[RESIDUE] mngr.exe -- C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 5 ¤¤¤

[RUN][sUSP PATH] HKCU\[...]\Run : Boxoft Tools ("C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun) -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-786318648-3479563650-2353866451-1000[...]\Run : Boxoft Tools ("C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD6400BEVT-22A0RT0 +++++

--- User ---

[MBR] c1bda02436d8e29af8e118709bba1325

[bSP] 75230f6e4a4b1a89ffed74ef58b839ca : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14336 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29362176 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29566976 | Size: 596042 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_12212012_02d0012.txt >>

RKreport[1]_S_12212012_02d0012.txt

Link to post
Share on other sites

Please download AdwCleaner from here and save it on your Desktop.

  1. Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

MrC

Link to post
Share on other sites

Thanks, Mr. C. Following is the log-file AdwCleaner:

# AdwCleaner v2.101 - Logfile created 12/21/2012 at 01:14:02

# Updated 16/12/2012 by Xplode

# Operating system : Windows 7 Ultimate (64 bits)

# User : Widyantoko - WIDY-ACER

# Boot Mode : Normal

# Running from : C:\Users\Widyantoko_2\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

Found : Browser Manager

***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml

File Found : C:\Users\WIDYAN~1\AppData\Local\Temp\Searchqu.ini

File Found : C:\Users\WIDYAN~1\AppData\Local\Temp\searchqutoolbar-manifest.xml

File Found : C:\Users\WIDYAN~1\AppData\Local\Temp\SetupDataMngr_Searchqu.exe

File Found : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\bprotector_extensions.sqlite

File Found : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

File Found : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\searchplugins\mngr.xml

File Found : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\searchplugins\Search_Results.xml

File Found : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\searchplugins\SweetIm.xml

File Found : C:\Users\Widyantoko_2\AppData\Roaming\Mozilla\Firefox\Profiles\je2m6m1a.default\bprotector_extensions.sqlite

File Found : C:\Users\Widyantoko_2\AppData\Roaming\Mozilla\Firefox\Profiles\je2m6m1a.default\bprotector_prefs.js

Folder Found : C:\Program Files (x86)\SweetIM

Folder Found : C:\ProgramData\Babylon

Folder Found : C:\ProgramData\boost_interprocess

Folder Found : C:\ProgramData\Browser Manager

Folder Found : C:\ProgramData\SweetIM

Folder Found : C:\Users\WIDYAN~1\AppData\Local\Temp\Iminent

Folder Found : C:\Users\WIDYAN~1\AppData\Local\Temp\TempDir

Folder Found : C:\Users\Widyantoko\AppData\LocalLow\searchquband

Folder Found : C:\Users\Widyantoko\AppData\LocalLow\SweetIM

Folder Found : C:\Users\Widyantoko\AppData\LocalLow\Toolbar4

Folder Found : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\SweetPacksToolbarData

Folder Found : C:\Users\Widyantoko_2\AppData\LocalLow\searchquband

Folder Found : C:\Users\Widyantoko_2\AppData\LocalLow\Searchqutoolbar

Folder Found : C:\Users\Widyantoko_2\AppData\LocalLow\SweetIM

Folder Found : C:\Users\Widyantoko_2\AppData\LocalLow\Toolbar4

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll

Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Found : HKCU\Software\SweetIM

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE

Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler

Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1

Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar

Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1

Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook

Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1

Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils

Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper

Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook

Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\Iminent

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Key Found : HKLM\Software\SweetIM

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}

Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}

Key Found : HKU\S-1-5-21-786318648-3479563650-2353866451-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKU\S-1-5-21-786318648-3479563650-2353866451-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}

Key Found : HKU\S-1-5-21-786318648-3479563650-2353866451-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetpacks Communicator]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.7600.17153

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={903DB0F2-3634-11E2-BAAA-60EB69AD79E5}

-\\ Mozilla Firefox v10.0.2 (en-US)

Profile name : default

File : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\prefs.js

Found : user_pref("extensions.BabylonToolbar.admin", false);

Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Found : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");

Found : user_pref("extensions.BabylonToolbar.excTlbr", false);

Found : user_pref("extensions.BabylonToolbar.id", "7ea62e5f00000000000002f46a68a3eb");

Found : user_pref("extensions.BabylonToolbar.instlDay", "15668");

Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Found : user_pref("extensions.BabylonToolbar.tlbrId", "irhnew");

Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]

Found : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");

Found : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");

Found : user_pref("extensions.BabylonToolbar_i.newTab", true);

Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=117023&tt=4712_[...]

Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.819:55:33");

Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");

Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");

Found : user_pref("sweetim.toolbar.Visibility.enable", "true");

Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");

Found : user_pref("sweetim.toolbar.cargo", "3.1010000.10011");

Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");

Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");

Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");

Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");

Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]

Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");

Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");

Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");

Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]

Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");

Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");

Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]

Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");

Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");

Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");

Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]

Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");

Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true");

Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]

Found : user_pref("sweetim.toolbar.dialogs.2.height", "150");

Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");

Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");

Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");

Found : user_pref("sweetim.toolbar.dialogs.2.width", "530");

Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]

Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");

Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "true");

Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");

Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");

Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");

Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");

Found : user_pref("sweetim.toolbar.mode.debug", "false");

Found : user_pref("sweetim.toolbar.newtab.created", "true");

Found : user_pref("sweetim.toolbar.newtab.enable", "true");

Found : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://home.speedbit.com/search.asp[...]

Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "SpeedBit Search");

Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://home.speedbit.com/?s=CBJa205"[...]

Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...]

Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");

Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");

Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");

Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");

Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");

Found : user_pref("sweetim.toolbar.scripts.0.enable", "true");

Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");

Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");

Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");

Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");

Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");

Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");

Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");

Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");

Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");

Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");

Found : user_pref("sweetim.toolbar.scripts.2.callback", "");

Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]

Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");

Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");

Found : user_pref("sweetim.toolbar.scripts.2.enable", "false");

Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");

Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]

Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]

Found : user_pref("sweetim.toolbar.search.history.capacity", "10");

Found : user_pref("sweetim.toolbar.searchguard.enable", "false");

Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");

Found : user_pref("sweetim.toolbar.simapp_id", "{903DB0F2-3634-11E2-BAAA-60EB69AD79E5}");

Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={903D[...]

Found : user_pref("sweetim.toolbar.version", "1.7.0.3");

Profile name : default

File : C:\Users\Widyantoko_2\AppData\Roaming\Mozilla\Firefox\Profiles\je2m6m1a.default\prefs.js

Found : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");

Found : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=117023&tt=4712_2&babsrc=KW_ss&mntrId=7ea6[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Widyantoko\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.15] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=117023&tt=4712_2&babsrc=HP_ss&mntrId=7ea62e5f00000000000002f46a68a3eb" ]

Found [l.2039] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=117023&tt=4712_2&babsrc=HP_ss&mntrId=7ea62e5f00000000000002f46a68a3eb" ]

File : C:\Users\Widyantoko_2\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [23507 octets] - [21/12/2012 01:14:02]

########## EOF - \AdwCleaner[R1].txt - [23568 octets] ##########

Link to post
Share on other sites

Lots of adware found....lets clear it out.....

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK if asked.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

MrC

Link to post
Share on other sites

MrC. Here's the log file, seems all is clear out, isn't it? If it is, thanks a lot..

# AdwCleaner v2.101 - Logfile created 12/21/2012 at 02:09:55

# Updated 16/12/2012 by Xplode

# Operating system : Windows 7 Ultimate (64 bits)

# User : Widyantoko - WIDY-ACER

# Boot Mode : Normal

# Running from : C:\Users\Widyantoko_2\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

Stopped & Deleted : Browser Manager

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager

File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml

File Deleted : C:\Users\WIDYAN~1\AppData\Local\Temp\Searchqu.ini

File Deleted : C:\Users\WIDYAN~1\AppData\Local\Temp\searchqutoolbar-manifest.xml

File Deleted : C:\Users\WIDYAN~1\AppData\Local\Temp\SetupDataMngr_Searchqu.exe

File Deleted : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\bprotector_extensions.sqlite

File Deleted : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

File Deleted : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\searchplugins\mngr.xml

File Deleted : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\searchplugins\Search_Results.xml

File Deleted : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\searchplugins\SweetIm.xml

File Deleted : C:\Users\Widyantoko_2\AppData\Roaming\Mozilla\Firefox\Profiles\je2m6m1a.default\bprotector_extensions.sqlite

File Deleted : C:\Users\Widyantoko_2\AppData\Roaming\Mozilla\Firefox\Profiles\je2m6m1a.default\bprotector_prefs.js

Folder Deleted : C:\Program Files (x86)\SweetIM

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\boost_interprocess

Folder Deleted : C:\ProgramData\SweetIM

Folder Deleted : C:\Users\WIDYAN~1\AppData\Local\Temp\Iminent

Folder Deleted : C:\Users\WIDYAN~1\AppData\Local\Temp\TempDir

Folder Deleted : C:\Users\Widyantoko\AppData\LocalLow\searchquband

Folder Deleted : C:\Users\Widyantoko\AppData\LocalLow\SweetIM

Folder Deleted : C:\Users\Widyantoko\AppData\LocalLow\Toolbar4

Folder Deleted : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\SweetPacksToolbarData

Folder Deleted : C:\Users\Widyantoko_2\AppData\LocalLow\searchquband

Folder Deleted : C:\Users\Widyantoko_2\AppData\LocalLow\Searchqutoolbar

Folder Deleted : C:\Users\Widyantoko_2\AppData\LocalLow\SweetIM

Folder Deleted : C:\Users\Widyantoko_2\AppData\LocalLow\Toolbar4

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll

Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Deleted : HKCU\Software\SweetIM

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler

Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1

Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar

Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1

Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook

Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1

Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils

Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook

Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Iminent

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Key Deleted : HKLM\Software\SweetIM

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetpacks Communicator]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.7600.17153

Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={903DB0F2-3634-11E2-BAAA-60EB69AD79E5} --> hxxp://www.google.com

-\\ Mozilla Firefox v10.0.2 (en-US)

Profile name : default

File : C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\prefs.js

C:\Users\Widyantoko\AppData\Roaming\Mozilla\Firefox\Profiles\1gp7ew7e.default\user.js ... Deleted !

Deleted : user_pref("extensions.BabylonToolbar.admin", false);

Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");

Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);

Deleted : user_pref("extensions.BabylonToolbar.id", "7ea62e5f00000000000002f46a68a3eb");

Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15668");

Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "irhnew");

Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]

Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");

Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");

Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);

Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=117023&tt=4712_[...]

Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.819:55:33");

Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");

Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");

Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");

Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");

Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10011");

Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");

Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");

Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");

Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");

Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]

Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");

Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");

Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");

Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]

Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");

Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");

Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]

Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");

Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");

Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");

Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]

Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");

Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");

Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]

Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");

Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");

Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");

Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");

Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");

Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]

Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");

Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "true");

Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");

Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");

Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");

Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");

Deleted : user_pref("sweetim.toolbar.mode.debug", "false");

Deleted : user_pref("sweetim.toolbar.newtab.created", "true");

Deleted : user_pref("sweetim.toolbar.newtab.enable", "true");

Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://home.speedbit.com/search.asp[...]

Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "SpeedBit Search");

Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://home.speedbit.com/?s=CBJa205"[...]

Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...]

Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");

Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");

Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");

Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");

Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");

Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "true");

Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");

Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");

Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");

Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");

Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");

Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");

Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");

Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");

Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");

Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");

Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");

Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]

Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");

Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");

Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");

Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");

Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]

Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]

Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");

Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");

Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");

Deleted : user_pref("sweetim.toolbar.simapp_id", "{903DB0F2-3634-11E2-BAAA-60EB69AD79E5}");

Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={903D[...]

Deleted : user_pref("sweetim.toolbar.version", "1.7.0.3");

Profile name : default

File : C:\Users\Widyantoko_2\AppData\Roaming\Mozilla\Firefox\Profiles\je2m6m1a.default\prefs.js

Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");

Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=117023&tt=4712_2&babsrc=KW_ss&mntrId=7ea6[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Widyantoko\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.15] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID[...]

Deleted [l.2039] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=11[...]

File : C:\Users\Widyantoko_2\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [23582 octets] - [21/12/2012 01:14:02]

AdwCleaner[s1].txt - [23650 octets] - [21/12/2012 02:09:55]

########## EOF - C:\AdwCleaner[s1].txt - [23711 octets] ##########

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.