Jump to content

I'm new here and need help disinfecting my pc


DPorter

Recommended Posts

The last time that I tried to remove Sweetpacks, I used RKill and ended up having to do a system restore. This time I around, I am asking for some step by step assistance from people way more knowledgeable than myself. 

I have set my DNS to go through a proxy, (Open DNS). I caught one of my sons on a porn site. I am thinking that one of the boys probably picked up something up from either one of those kind of sites or from a game-hack site. etc... I've been slack on my computer security maintenance and now it shows. Apparently when they get a pop-up to update my security programs, they just click close. (GRRRR!!) Sorry, you probably do not need all of that extra info. 

 

Here is my DDS file. 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16502  BrowserJavaVersion: 10.25.2
Run by DPorter at 15:11:48 on 2013-09-09
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Bandoo\Bandoo.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\alg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Users\DPorter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DPorter\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Users\DPorter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DPorter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DPorter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DPorter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DPorter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DPorter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer provided by Dell
uSearch Bar = Preserve
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Unit: {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - 
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: BrowserHelper Class: {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - 
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.5.0.2\AVG Secure Search_toolbar.dll
BHO: Updater By SweetPacks: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - c:\program files\updater by sweetpacks\Extension32.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: BandooIEPlugin Class: {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - c:\program files\bandoo\plugins\ie\ieplugin.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - 
BHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - 
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - 
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - 
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.5.0.2\AVG Secure Search_toolbar.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - 
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [Google Update] "c:\users\dporter\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [CD0C45E7C4A4C598B9CD08DCE8C9A0E1418B91B5._service_run] "c:\users\dporter\appdata\local\google\chrome\application\chrome.exe" --type=service
uRun: [spotify Web Helper] "c:\users\dporter\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
uRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
mRun: [searchProtection] c:\programdata\search protection\_run.bat
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OE1FSC1STVhMVy1ITjQ0QS1CQUJQQS1TR1hKQy1QRU1CUg"&"inst=NzYtMTI5OTAzNjkzMi1CQSsxLUtWMys3LVQ1LUZQOSs2LUJBUjlHKzEtVEI5KzItRkwrOS1GOU0rMS1TVDEwT0krMS1ERFQrMC1EMzgxTCs2LUkxMCsxLVNUMTBBUFArMS1DSUQrMS1JSVNBKzE"&"prod=94"&"ver=10.0.1427
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - 
TCP: NameServer = 8.8.8.8 216.252.23.242 209.55.27.13
TCP: Interfaces\{1F7930A1-A3C4-4798-A8BF-F7A7BF9B5391} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{5FB1B4B8-77E1-4565-A0E1-914E4DEC4CD4} : DHCPNameServer = 163.244.194.254 163.244.212.254 163.244.194.42 163.244.199.61
TCP: Interfaces\{7127BCCA-C85C-44D7-9822-01CE4B99C8B8} : NameServer = 208.67.222.123,208.67.220.123
TCP: Interfaces\{7127BCCA-C85C-44D7-9822-01CE4B99C8B8} : DHCPNameServer = 8.8.8.8 216.252.23.242 209.55.27.13
TCP: Interfaces\{BED34B9C-A205-412B-9994-8A7C466A4628} : DHCPNameServer = 192.168.42.129
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.5.0\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\bandoo\bndhook.dll 
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dporter\appdata\roaming\mozilla\firefox\profiles\skdpbssn.default-1378738614842\
FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\15.5.0\npsitesafety.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\dporter\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\users\dporter\appdata\local\pokki\download helper\npPokkiDownloadHelper.1.2.0.78.dll
FF - plugin: c:\users\dporter\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\dporter\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-07-16 01:26; {8E9E3331-D360-4f87-8803-52DE43566502}; c:\program files\updater by sweetpacks\Firefox
FF - ExtSQL: 2013-08-15 00:23; avg@toolbar; c:\programdata\avg secure search\firefoxext\15.5.0.2
FF - ExtSQL: !HIDDEN! 2010-03-17 16:23; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? dgderdrv;dgderdrv
R? EagleXNt;EagleXNt
R? HTCAND32;HTC Device Driver
R? htcnprot;HTC NDIS Protocol Driver
R? Lbd;Lbd
R? mbamchameleon;mbamchameleon
R? MSSQLServerADHelper100;SQL Active Directory Helper Service
R? RsFx0103;RsFx0103 Driver
R? SBAMSvc;Ad-Aware
R? SkypeUpdate;Skype Updater
R? SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS)
R? WDC_SAM;WD SCSI Pass Thru driver
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? Ad-Aware Service;Ad-Aware Service
S? AERTFilters;Andrea RT Filters Service
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgtp;avgtp
S? avgwd;AVG WatchDog
S? DockLoginService;Dock Login Service
S? FontCache;Windows Font Cache Service
S? gfibto;gfibto
S? MBAMScheduler;MBAMScheduler
S? NAUpdate;Nero Update
S? PassThru Service;Internet Pass-Through Service
S? vToolbarUpdater15.5.0;vToolbarUpdater15.5.0
.
=============== Created Last 30 ================
.
2013-09-04 12:38:45 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-09-02 20:51:15 -------- d-----w- c:\program files\iPod
2013-09-02 20:51:14 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-02 20:30:11 -------- d-----w- c:\windows\LastGood.Tmp
2013-08-28 04:30:05 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-25 13:29:36 -------- d-----w- c:\users\dporter\appdata\roaming\RadicalLinux Developments
2013-08-17 17:19:36 92056 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
2013-08-14 08:06:18 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-14 08:06:18 15872 ----a-w- c:\windows\system32\icaapi.dll
2013-08-14 08:06:17 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 08:06:05 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-14 08:06:02 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 08:06:00 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-14 08:06:00 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-14 08:06:00 1205168 ----a-w- c:\windows\system32\ntdll.dll
2013-08-14 08:05:21 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-08-14 08:05:20 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-14 08:05:20 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-08-14 08:05:20 133120 ----a-w- c:\windows\system32\cryptsvc.dll
.
==================== Find3M  ====================
.
2013-09-04 12:37:01 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-09-04 12:37:00 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-21 14:14:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-21 14:14:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-15 05:22:25 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-07-25 02:32:35 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-07-25 02:26:10 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-07-25 02:25:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-25 02:23:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-25 02:23:58 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-07-25 02:22:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-20 06:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-20 06:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-20 06:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 06:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-07-10 06:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
============= FINISH: 15:18:37.99 ===============
 
Link to post
Share on other sites

.

==== Installed Programs ======================

.

 Update for Microsoft Office 2007 (KB2508958)

32 Bit HP CIO Components Installer

Acrobat.com

Ad-Aware Antivirus

Ad-Aware Security Add-on

Adobe AIR

Adobe Community Help

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop CS5

Adobe Reader X (10.1.7)

Amazon MP3 Downloader 1.0.3

AnyDVD

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArtRage Studio Pro Demo

AudioConverter Studio 6.2

AVG 2013

AVG PC TuneUp Language Pack (en-US)

AVG Security Toolbar

Bandoo

BlackBerry Desktop Software 4.5

Blender

Bonjour

BufferChm

calibre

Choice Guard

Compatibility Pack for the 2007 Office system

Conexant D850 PCI V.92 Modem

Copy

Corel Painter Essentials 4

CreataCard Gold 3

CutePDF Writer 2.7

Dell Best of Web

Dell Dock

Dell Edoc Viewer

Dell Support Center

Destination Component

DeviceDiscovery

DeviceManagementQFolder

Digital Voice Recorder

DJ_AIO_03_F4200_ProductContext

DJ_AIO_03_F4200_Software

DJ_AIO_03_F4200_Software_Min

DocProc

DocProcQFolder

DVD Shrink 3.2

DVDFab 8.2.2.8 (26/02/2013) Qt

e-Sword

F4200

F4200_Help

Facebook Plug-In

faceBot Extreme

FLV Player 1.3.3

Google Calendar Sync

Google Chrome

Google Drive

Google Earth Plug-in

Google SketchUp 7

Google Update Helper

Hebraic Roots Bible version 0

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB945282)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946040)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946308)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946344)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947540)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947789)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB948127)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB951708)

HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3

HP Imaging Device Functions 10.0

HP Photosmart Essential 2.5

HP Smart Web Printing 4.60

HP Update

HPDiagnosticAlert

HTC BMP USB Driver

HTC Driver Installer

HTC Sync

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections 12.1.11.0

iTunes

Jasc Animation Shop 3

Jasc Paint Shop Pro 9

Java 7 Update 25

Java Auto Updater

JavaFX 2.1.1

Junk Mail filter update

Malwarebytes Anti-Malware version 1.70.0.1100

Media Player Codec Pack 4.2.3

MemoLink for Chrome

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access Developer Extensions (English) 2007

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Live Add-in 1.5

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2008

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 Management Objects

Microsoft SQL Server 2008 Native Client

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files 

Microsoft SQL Server Compact 3.5 SP1 Design Tools English

Microsoft SQL Server Compact 3.5 SP1 English

Microsoft SQL Server VSS Writer

Microsoft Visual Basic 2008 Express Edition with SP1 - ENU

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu

Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32

Microsoft Works

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_CRT_x86

Modem Diagnostic Tool

Moon Phase Calculator 2.01

Mozilla Firefox 23.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

MyFreeCodec

Nero 12

Nero 12 Content Pack

Nero Abstract Themes

Nero Audio Pack 1

Nero BackItUp

Nero BackItUp Help (CHM)

Nero Blu-ray Player

Nero Blu-ray Player Help (CHM)

Nero Burning ROM

Nero Burning ROM Help (CHM)

Nero Cliparts

Nero ControlCenter

Nero ControlCenter Help (CHM)

Nero Core Components

Nero Disc Menus 1

Nero Disc Menus 2

Nero Disc Menus 3

Nero Disc Menus Basic

Nero Effects Basic

Nero Express

Nero Express Help (CHM)

Nero Family and Events Themes

Nero Football (Soccer) Themes

Nero Holiday and Sports Themes

Nero Image Samples

Nero Kwik Media

Nero Kwik Media Help (CHM)

Nero Kwik Themes Basic

Nero PiP Effects 1

Nero PiP Effects Basic

Nero Platinum Effects 12

Nero Recode

Nero Recode Help (CHM)

Nero RescueAgent

Nero RescueAgent Help (CHM)

Nero Retro Film Themes

Nero SharedVideoCodecs

Nero Update

Nero Video

Nero Video Help (CHM)

Nero Video Samples

Nero Video Transitions 1

neroxml

NETGEAR WPN311 Wireless Adapter

NetWaiting

OCR Software by I.R.I.S. 10.0

OGA Notifier 2.0.0048.0

Pokki Download Helper

Poster It!

Prerequisite installer

PSSWCORE

QuickTime

Realtek High Definition Audio Driver

Robot Arena

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Express Labeler 3

Roxio Media Manager

Roxio Update Manager

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

SAPI 5.1 Speech Recognition Engine Redistribution by CoolSoft

Scan

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 

Security Update for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB2251487)

Service Pack 1 for SQL Server 2008 (KB968369)

Skype™ 6.6

SmartWebPrinting

SpeakToText v2

Spotify

Sql Server Customer Experience Improvement Program

SQL Server System CLR Types

Status

TeamSpeak 3 Client

Toolbox

TrayApp

Unit Layers

Unity Web Player

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VideoToolkit01

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VLC media player 2.0.6

VoiceOver Kit

WebReg

Welcome App (Start-up experience)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

WinRAR 4.00 (32-bit)

.

==== End Of File ===========================
Link to post
Share on other sites

Please uninstall Bandoo from your add/remove programs if possible.

Then.........

Lets clean out any adware : (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

# AdwCleaner v3.003 - Report created 10/09/2013 at 09:25:29

# Updated 07/09/2013 by Xplode

# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)

# Username : DPorter - DPORTER-PC

# Running from : C:\Users\DPorter\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

[/!\] Not Deleted ( Junction ) : C:\ProgramData\AVG Secure Search

Folder Deleted : C:\Users\Tasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Folder Deleted : C:\Users\Kerry\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Folder Deleted : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Folder Deleted : C:\Users\Tasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp

Folder Deleted : C:\Users\Kerry\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp

Folder Deleted : C:\Users\DPorter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Folder Deleted : C:\Users\Tasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Folder Deleted : C:\Users\Kerry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Folder Deleted : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63B8634B-5CC4-4CB0-900A-B9595F91E5C9}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63B8634B-5CC4-4CB0-900A-B9595F91E5C9}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll

Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore

Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1

Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr

Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1

Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr

Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1

Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr

Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1

Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler

Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject

Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\S

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard

Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1

Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar

Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1

Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook

Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1

Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils

Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1

Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook

Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtection]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar

Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1

Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898

Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2260173

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA2E16F2-387A-415F-BA95-B89BAF3AF109}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\BI

Key Deleted : HKCU\Software\DataMngr

Key Deleted : HKCU\Software\Delta

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products

Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts

Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch

Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar

Key Deleted : HKLM\Software\adawaretb

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\Bandoo

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\Software\PIP

Key Deleted : HKLM\Software\systweak

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16502

 

 

-\\ Mozilla Firefox v23.0.1 (en-US)

 

[ File : C:\Users\DPorter\AppData\Roaming\Mozilla\Firefox\Profiles\skdpbssn.default-1378738614842\prefs.js ]

 

 

[ File : C:\Users\Tasha\AppData\Roaming\Mozilla\Firefox\Profiles\ga7txrj9.default\prefs.js ]

 

 

[ File : C:\Users\Kerry\AppData\Roaming\Mozilla\Firefox\Profiles\xjbvb46w.default\prefs.js ]

 

 

[ File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\f6ncozio.default\prefs.js ]

 

Line Deleted : user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]

Line Deleted : user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...]

Line Deleted : user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_product_name", "Updater By SweetPacks");

Line Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]

Line Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...]

Line Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_product_name", "Updater By SweetPacks");

 

[ File : C:\Users\temp\AppData\Roaming\Mozilla\Firefox\Profiles\ksicm6mr.default\prefs.js ]

 

 

-\\ Google Chrome v

 

[ File : C:\Users\DPorter\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\Tasha\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\Kerry\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [34677 octets] - [10/09/2013 08:30:48]

AdwCleaner[R1].txt - [23190 octets] - [10/09/2013 09:17:37]

AdwCleaner[s0].txt - [6570 octets] - [10/09/2013 08:39:22]

AdwCleaner[s1].txt - [23606 octets] - [10/09/2013 09:25:29]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [23667 octets] ##########
Link to post
Share on other sites

Here is the MBAM Report

I noticed a trojan at the bottom. Do I just let MalwareBytes remove it or is there something else that I need to do? 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.10.07
 
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
DPorter :: DPORTER-PC [administrator]
 
9/10/2013 9:58:58 AM
MBAM-log-2013-09-10 (10-32-18).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 371659
Time elapsed: 24 minute(s), 54 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 2
HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data:  -> No action taken.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data: C:\Program Files\Updater By SweetPacks\Firefox -> No action taken.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 18
C:\Users\Chris\AppData\Local\Temp\XI_8w2ry.exe.part (PUP.Downware) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\a4knZkjF.exe.part (PUP.Downware) -> No action taken.
C:\Users\DPorter\AppData\Local\Temp\Tsu3284CDB1.dll (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\DPorter\AppData\Local\Temp\TsuD417A17B.dll (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\DPorter\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Users\DPorter\AppData\Local\Temp\1370218570_207583557_480_4.tmp (PUP.Optional.SweetIM) -> No action taken.
C:\Users\DPorter\AppData\Local\Temp\1370218609_207622198_684_6.tmp (PUP.Optional.SweetIM) -> No action taken.
C:\Users\DPorter\AppData\Local\Temp\FastFreeConverter_Somoto2.exe (PUP.Optional.FastFreeConverter.A) -> No action taken.
C:\Users\DPorter\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1107093255-3748083425-3829835031-1000\$R0OFL1Z.exe (PUP.Optional.SweetIM) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1107093255-3748083425-3829835031-1000\$RWJVJKK.exe (PUP.Optional.Installex) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1107093255-3748083425-3829835031-1008\$RBKZ0M1.exe (PUP.Optional.Ibryte) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1107093255-3748083425-3829835031-1008\$RJ001HS.exe (PUP.Optional.Somoto) -> No action taken.
C:\Users\DPorter\AppData\Local\Temp\{E5FED564-D0E4-4E18-ACF3-98C63E1DF792}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\DPorter\AppData\Local\Temp\{F1672FCE-F0B1-49AB-AB40-B8932A840D38}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\DPorter\Downloads\ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Users\Kerry\Local Settings\Temporary Internet Files\Content.IE5\POLJ3F6K\iLividSetupV1.exe (PUP.Optional.Bandoo) -> No action taken.
C:\Windows\Temp\.exe (Trojan.Agent) -> No action taken.
 
(end)
Link to post
Share on other sites

MBAM is removing everything at the moment. I noticed one significant difference when I rebooted. We had a blank CMD exe open at startup before. I had forgot to mention that. (Sorry!!) It is not gone. That is what made me pioneer through my original solo attempt at cleaning up my machine. I have issues with my attention span, so I was reluctant to start a conversation until now. 

 

MBAM finished as I was typing this reply. I will reboot and come back to report any changes good or bad. :) 

Link to post
Share on other sites

Good.....

 

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC
Link to post
Share on other sites

Here is my security check log

 

 Results of screen317's Security Check version 0.99.73  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Ad-Aware 
 Malwarebytes Anti-Malware version 1.70.0.1100  
 Out of date Malwarebytes Anti-Malware installed! 
 AVG PC TuneUp Language Pack (en-US) 
 JavaFX 2.1.1    
 Java 7 Update 25  
 Adobe Flash Player 11.8.800.168  
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Mozilla Firefox (23.0.1) 
 Google Chrome 29.0.1547.62  
 Google Chrome 29.0.1547.66  
 Google Chrome Extensions...  
 Google Chrome plugins...  
````````Process Check: objlist.exe by Laurent````````  
 Ad-Aware AAWService.exe is disabled! 
 Ad-Aware AAWTray.exe is disabled! 
 AVG avgwdsvc.exe 
 AVG avgrsx.exe 
 AVG avgnsx.exe 
 AVG avgemc.exe 
 Ad-Aware Antivirus AdAwareService.exe   
 Ad-Aware Antivirus SBAMSvc.exe   
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0 % 
````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

The new version of Adaware seems to be OK.

-------------------------------

Out dated programs on the system are vulnerable to malware.
Please update or uninstall them:


~~~~~~~~~~~~~~~~~~~~~~~~

Out of date Malwarebytes Anti-Malware installed!

Malwarebytes Anti-Malware version 1.70.0.1100 <----please update, should be version: 1.75.0.1300

------------------

Java 7 Update 25 <----please update, should be Update 40

Go to control panel > Java > Update Tab > Update Now
Uncheck the box to install the Ask toolbar!!! and any other free "stuff".

If there's no update tab in Java, uninstall it and Download and install the latest version from Here
Uncheck the box to install the Ask toolbar!!! and any other free "stuff".

------------------------


Adobe Reader 10.1.8 Adobe Reader out of Date! <---please check for an update if available or uninstall and download and install Foxit Reader which is less vulnerable to malware and much better than Adobe. Don't install any toolbars that may come with it (ASK Toolbar).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)

---------------------------------

If you used FRST:
Download the fixlist.txt to the same folder as FRST.
Run FRST and click Fix only once and wait
That will delete the quarantine folder created by FRST.

-----------------------------

Please download OTC to your desktop.
http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")
Click on the CleanUp! button and follow the prompts.
(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)
You will be asked to reboot the machine to finish the Cleanup process, choose Yes.
After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete.
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.