Jump to content

Dosearches removal after running malwarebytes


Recommended Posts

Downloaded a "Free" version of a typing program. Got "Dosearches" as well. AVG antivirus didn't catch it. Spybot didn't remove it. I bought the proversion of MWBytes yesterday, and Dosearches is still infecting my computer I am NOT computer savvy and I may have done something wrong and not sent you the right info. I did my best to follow the directions.

Thank you for your help!

Em

 

..
.
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Enterprise
Boot Device: \Device\HarddiskVolume1
Install Date: 3/7/2010 10:53:51 PM
System Uptime: 10/24/2013 5:40:29 AM (2 hours ago)
.
Motherboard: alienware |  | Aurora m9700
Processor: AMD Turion 64 Mobile Technology ML-40 | CPU 1 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 596 GiB total, 482.501 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_2052161F&REV_0A\4&31AECDFC&0&3348
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_2052161F&REV_0A\4&31AECDFC&0&3348
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_2052161F&REV_01\4&31AECDFC&0&3248
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_2052161F&REV_01\4&31AECDFC&0&3248
Service:
.
Class GUID:
Description: PCI Modem
Device ID: PCI\VEN_10DE&DEV_0058&SUBSYS_2052161F&REV_A2\3&267A616A&0&21
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_10DE&DEV_0058&SUBSYS_2052161F&REV_A2\3&267A616A&0&21
Service:
.
Class GUID:
Description: USB2.0 Camera
Device ID: USB\VID_0402&PID_5602\5&35E206CF&0&9
Manufacturer:
Name: USB2.0 Camera
PNP Device ID: USB\VID_0402&PID_5602\5&35E206CF&0&9
Service:
.
==== System Restore Points ===================
.
RP82: 10/19/2013 7:05:25 AM - Windows Modules Installer
RP83: 10/21/2013 9:07:40 AM - Installed Mavis Beacon Teaches Typing Deluxe 17
RP84: 10/21/2013 9:28:45 AM - Removed Mavis Beacon Teaches Typing Deluxe 17
RP85: 10/21/2013 9:36:32 AM - Windows Update
RP86: 10/22/2013 6:20:16 PM - Windows Update
RP87: 10/22/2013 10:27:12 PM - Windows Update
RP88: 10/23/2013 2:22:18 PM - Removed Garmin City Navigator North America NT 2010.40
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX
Adobe Reader 9.5.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 9.0
Bonjour
Brother HL-2170W
Cisco Connect
Crysis WARHEAD®
Duke Nukem 3D
EA Download Manager
EA Download Manager UI
Garmin City Navigator North America NT 2010.40
Garmin Communicator Plugin
Garmin USB Drivers
GOM Player
Google Chrome
Google Earth
Google Update Helper
iTunes
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 24.0.1 (x86 en-US)
NVIDIA Audio Driver
NVIDIA Drivers
NVIDIA PhysX
QuickTime
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
SoundMAX
Spybot - Search & Destroy
System Requirements Lab
Typing Quick & Easy
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual C++ 8.0 Runtime Setup Package (x64)
weDownload Manager Pro
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
.
==== Event Viewer Messages From Past Week ========
.
10/23/2013 11:31:26 AM, Error: Service Control Manager [7034]  - The Wsys Service service terminated unexpectedly.  It has done this 1 time(s).
10/23/2013 10:40:27 AM, Error: Service Control Manager [7022]  - The Wsys Service service hung on starting.
10/23/2013 10:36:14 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CryptSvc service.
10/21/2013 9:06:29 AM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: {9C0BA3C1-2B67-45EB-BF69-BED9658D28D2} as /. The error: "740" Happened while starting this command: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe -Embedding
10/21/2013 8:10:13 AM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10/19/2013 3:55:00 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2756920).
10/19/2013 3:55:00 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2742598).
10/19/2013 3:54:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB976422).
10/19/2013 3:54:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2748349).
10/19/2013 3:54:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2789644).
10/19/2013 3:54:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2736418).
10/19/2013 3:54:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2729451).
10/19/2013 3:54:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2656410).
10/19/2013 3:54:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2604114).
10/19/2013 3:43:45 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avg9wd service.
10/19/2013 3:22:40 AM, Error: Service Control Manager [7043]  - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
10/17/2013 7:22:00 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
10/17/2013 12:05:16 PM, Error: Server [2505]  - The server could not bind to the transport \Device\NetBT_Tcpip_{CD8B5762-6D60-431E-B2E4-71A04701056F} because another computer on the network has the same name.  The server could not start.
.
==== End Of File ===========================

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720
Run by Jeff at 7:18:50 on 2013-10-24
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.1.1033.18.2047.456 [GMT -4:00]
.
AV: AVG Anti-Virus *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Windows\system32\lsm.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
C:\Windows\system32\BtwRSupportService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\AVG\AVG9\avgam.exe
C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SMAgent.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\AVG\AVG9\avgemc.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.


uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll
BHO: AVG Security Toolbar: {A057A204-BACC-4D26-9990-79A187E2698E} -
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {A057A204-BACC-4D26-9990-79A187E2698E} -
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll
uRun: [Google Update] "C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\SoundMAX\SMax4PNP.exe
mRun: [soundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\Smax4.exe /tray
mRun: [brStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Jeff\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.






TCP: NameServer = 216.12.78.10 216.12.78.20
TCP: Interfaces\{CD8B5762-6D60-431E-B2E4-71A04701056F} : DHCPNameServer = 216.12.78.10 216.12.78.20
TCP: Interfaces\{CD8B5762-6D60-431E-B2E4-71A04701056F}\4456374727573647F6273777962756C6563737 : DHCPNameServer = 209.18.47.61 209.18.47.62
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: weDownload Manager Pro: {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll
x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup
x64-Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\System32\NvMcTray.dll,NvTaskbarInit
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\4lfndwty.default-1382552887673\
FF - prefs.js: browser.search.selectedEngine - DuckDuckGo
FF - prefs.js: browser.startup.homepage - www.duckduckgo.com
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - ExtSQL: 2013-10-10 19:56; avg@toolbar; C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12
FF - ExtSQL: 2013-10-23 14:32; jid1-ZAdIEUB7XOzOJw@jetpack; C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\4lfndwty.default-1382552887673\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi
FF - ExtSQL: 2013-10-23 14:32; {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}; C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\4lfndwty.default-1382552887673\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - ExtSQL: 2013-10-23 14:40; personas@christopher.beard; C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\4lfndwty.default-1382552887673\extensions\personas@christopher.beard.xpi
FF - ExtSQL: 2013-10-23 15:56; {D69E8544-C2B3-4a2f-BBB0-CB83B86A6F02}; C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\4lfndwty.default-1382552887673\extensions\{D69E8544-C2B3-4a2f-BBB0-CB83B86A6F02}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 AvgRkx64;avgrkx64.sys;C:\Windows\System32\drivers\avgrkx64.sys [2010-3-8 56008]
R1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\System32\drivers\avgldx64.sys [2010-3-8 282976]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows\System32\drivers\avgmfx64.sys [2010-3-8 35664]
R1 AvgTdiA;AVG Network Redirector x64;C:\Windows\System32\drivers\avgtdia.sys [2010-3-8 317520]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-10-10 46368]
R2 avg9emc;AVG E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-6-22 921952]
R2 avg9wd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-6-22 308136]
R2 BcmBtRSupport;Bluetooth Driver Management Service;C:\Windows\System32\BtwRSupportService.exe [2013-10-2 2253016]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-23 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-23 701512]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-14 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-10-14 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-10-14 171928]
R2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [2013-10-10 1734680]
R3 bcbtums;Bluetooth USB LD Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-10-2 170712]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-23 25928]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-11-1 167264]
S3 btwampfl;btwampfl;C:\Windows\System32\drivers\btwampfl.sys [2013-10-2 166104]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-10-18 20992]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-2-21 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-12 1255736]
.
=============== Created Last 30 ================
.
2013-10-23 21:33:25    --------    d-----w-    C:\Users\Jeff\AppData\Roaming\Individual Software
2013-10-23 21:25:29    --------    d-----w-    C:\Windows\msagent
2013-10-23 21:23:48    --------    d-----w-    C:\ProgramData\Individual Software
2013-10-23 21:21:35    132880    ----a-w-    C:\Windows\SysWow64\MSINET.OCX
2013-10-23 21:21:34    1645320    ----a-w-    C:\Windows\SysWow64\gdiplus.dll
2013-10-23 21:21:31    1388544    ----a-w-    C:\Windows\SysWow64\temp.000
2013-10-23 21:21:31    --------    d-----w-    C:\Program Files (x86)\Typing Quick & Easy
2013-10-23 20:33:53    --------    d-----w-    C:\Users\Jeff\AppData\Roaming\Malwarebytes
2013-10-23 20:33:26    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-10-23 20:33:24    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-10-23 20:33:24    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-23 20:15:25    --------    d-----w-    C:\Typing Quick & Easy
2013-10-22 22:16:31    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2013-10-22 22:16:30    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2013-10-21 14:46:04    1054720    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2013-10-21 14:46:03    226304    ----a-w-    C:\Windows\System32\elshyph.dll
2013-10-21 14:46:03    185344    ----a-w-    C:\Windows\SysWow64\elshyph.dll
2013-10-21 14:46:02    770648    ----a-w-    C:\Program Files (x86)\Internet Explorer\iexplore.exe
2013-10-21 14:46:02    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-10-21 14:46:01    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-10-21 14:46:01    158720    ----a-w-    C:\Windows\SysWow64\msls31.dll
2013-10-21 14:46:00    217600    ----a-w-    C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-10-21 14:41:07    9728    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-21 14:40:59    1175552    ----a-w-    C:\Windows\System32\FntCache.dll
2013-10-21 14:22:11    --------    d-sh--w-    C:\Windows\System32\%APPDATA%
2013-10-21 13:39:47    --------    d-sh--w-    C:\Windows\SysWow64\%APPDATA%
2013-10-21 13:30:03    155584    ----a-w-    C:\Windows\System32\drivers\ataport.sys
2013-10-21 13:29:25    1472512    ----a-w-    C:\Windows\System32\crypt32.dll
2013-10-21 13:29:24    224256    ----a-w-    C:\Windows\System32\wintrust.dll
2013-10-21 13:29:24    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-10-21 13:29:24    175104    ----a-w-    C:\Windows\SysWow64\wintrust.dll
2013-10-21 13:29:24    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-10-21 13:29:24    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-10-21 13:29:24    1166848    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-10-21 13:29:24    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-10-21 13:28:17    1930752    ----a-w-    C:\Windows\System32\authui.dll
2013-10-21 13:28:16    70144    ----a-w-    C:\Windows\System32\appinfo.dll
2013-10-21 13:28:16    1796096    ----a-w-    C:\Windows\SysWow64\authui.dll
2013-10-21 13:28:16    111448    ----a-w-    C:\Windows\System32\consent.exe
2013-10-21 13:28:07    30720    ----a-w-    C:\Windows\System32\cryptdlg.dll
2013-10-21 13:28:07    24576    ----a-w-    C:\Windows\SysWow64\cryptdlg.dll
2013-10-21 13:26:47    1887232    ----a-w-    C:\Windows\System32\d3d11.dll
2013-10-21 13:25:49    327168    ----a-w-    C:\Windows\System32\mswsock.dll
2013-10-21 13:25:49    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-10-21 13:25:48    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
2013-10-21 13:25:48    231424    ----a-w-    C:\Windows\SysWow64\mswsock.dll
2013-10-21 13:25:47    785624    ----a-w-    C:\Windows\System32\drivers\Wdf01000.sys
2013-10-21 13:25:03    751104    ----a-w-    C:\Windows\System32\win32spl.dll
2013-10-21 13:25:03    492544    ----a-w-    C:\Windows\SysWow64\win32spl.dll
2013-10-21 13:24:30    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-10-21 13:24:30    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-10-21 13:24:22    1217024    ----a-w-    C:\Windows\System32\rpcrt4.dll
2013-10-21 13:24:21    663552    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2013-10-21 13:22:49    3155968    ----a-w-    C:\Windows\System32\win32k.sys
2013-10-21 13:22:08    1011712    ----a-w-    C:\Program Files\Windows Defender\MpSvc.dll
2013-10-21 13:22:07    9216    ----a-w-    C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-10-21 13:22:07    571904    ----a-w-    C:\Program Files\Windows Defender\MpClient.dll
2013-10-21 13:22:07    54784    ----a-w-    C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-10-21 13:22:07    392704    ----a-w-    C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-10-21 13:22:07    314880    ----a-w-    C:\Program Files\Windows Defender\MpCommu.dll
2013-10-21 13:22:06    4608    ----a-w-    C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-10-21 13:19:25    1888768    ----a-w-    C:\Windows\System32\WMVDECOD.DLL
2013-10-21 13:19:25    1620992    ----a-w-    C:\Windows\SysWow64\WMVDECOD.DLL
2013-10-21 13:18:00    --------    d-----w-    C:\ProgramData\Protexis
2013-10-21 13:17:33    68608    ----a-w-    C:\Windows\System32\taskhost.exe
2013-10-21 13:17:02    18944    ----a-w-    C:\Windows\SysWow64\netevent.dll
2013-10-21 13:17:01    175104    ----a-w-    C:\Windows\SysWow64\netcorehc.dll
2013-10-21 13:17:00    52224    ----a-w-    C:\Windows\SysWow64\nlaapi.dll
2013-10-21 13:17:00    156672    ----a-w-    C:\Windows\SysWow64\ncsi.dll
2013-10-21 13:16:54    70656    ----a-w-    C:\Windows\System32\nlaapi.dll
2013-10-21 13:16:54    303104    ----a-w-    C:\Windows\System32\nlasvc.dll
2013-10-21 13:16:54    216576    ----a-w-    C:\Windows\System32\ncsi.dll
2013-10-21 13:16:52    246272    ----a-w-    C:\Windows\System32\netcorehc.dll
2013-10-21 13:16:52    18944    ----a-w-    C:\Windows\System32\netevent.dll
2013-10-21 13:16:51    45568    ----a-w-    C:\Windows\System32\drivers\tcpipreg.sys
2013-10-21 13:16:50    569344    ----a-w-    C:\Windows\System32\iphlpsvc.dll
2013-10-21 13:15:59    245760    ----a-w-    C:\Windows\System32\OxpsConverter.exe
2013-10-21 13:15:32    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-10-21 13:15:32    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2013-10-21 13:15:31    52224    ----a-w-    C:\Windows\System32\certenc.dll
2013-10-21 13:15:31    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2013-10-21 12:53:25    124112    ----a-w-    C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-10-21 12:53:25    102608    ----a-w-    C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-21 12:49:08    461312    ----a-w-    C:\Windows\System32\scavengeui.dll
2013-10-21 12:47:55    983488    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-10-21 12:47:55    265064    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2013-10-21 12:47:55    144384    ----a-w-    C:\Windows\System32\cdd.dll
2013-10-21 00:24:13    --------    d-----w-    C:\Program Files (x86)\weDownload Manager Pro
2013-10-19 04:21:19    9728    ----a-w-    C:\Windows\System32\Wdfres.dll
2013-10-19 04:21:19    54376    ----a-w-    C:\Windows\System32\drivers\WdfLdr.sys
2013-10-19 04:21:19    2560    ----a-w-    C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-10-19 03:32:02    --------    d-----w-    C:\Windows\System32\SPReview
2013-10-19 03:30:19    --------    d-----w-    C:\Windows\System32\EventProviders
2013-10-19 03:25:22    87040    ----a-w-    C:\Windows\System32\drivers\WUDFPf.sys
2013-10-19 03:25:22    84992    ----a-w-    C:\Windows\System32\WUDFSvc.dll
2013-10-19 03:25:22    744448    ----a-w-    C:\Windows\System32\WUDFx.dll
2013-10-19 03:25:22    45056    ----a-w-    C:\Windows\System32\WUDFCoinstaller.dll
2013-10-19 03:25:22    229888    ----a-w-    C:\Windows\System32\WUDFHost.exe
2013-10-19 03:25:22    198656    ----a-w-    C:\Windows\System32\drivers\WUDFRd.sys
2013-10-19 03:25:22    194048    ----a-w-    C:\Windows\System32\WUDFPlatform.dll
2013-10-19 03:11:23    --------    d-----w-    C:\Windows\System32\MRT
2013-10-19 03:09:42    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-10-19 03:09:42    23408    ----a-w-    C:\Windows\System32\drivers\fs_rec.sys
2013-10-19 03:09:42    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2013-10-19 03:09:41    5120    ----a-w-    C:\Windows\SysWow64\wmi.dll
2013-10-19 03:09:41    5120    ----a-w-    C:\Windows\System32\wmi.dll
2013-10-19 02:33:53    362496    ----a-w-    C:\Windows\System32\wow64win.dll
2013-10-19 02:33:52    16384    ----a-w-    C:\Windows\System32\ntvdm64.dll
2013-10-19 02:33:52    13312    ----a-w-    C:\Windows\System32\wow64cpu.dll
2013-10-19 02:32:43    19968    ----a-w-    C:\Windows\System32\drivers\usb8023.sys
2013-10-19 02:32:28    3717632    ----a-w-    C:\Windows\System32\mstscax.dll
2013-10-19 02:32:27    3217408    ----a-w-    C:\Windows\SysWow64\mstscax.dll
2013-10-19 02:32:24    44032    ----a-w-    C:\Windows\System32\tsgqec.dll
2013-10-19 02:32:24    36864    ----a-w-    C:\Windows\SysWow64\tsgqec.dll
2013-10-19 02:32:24    158720    ----a-w-    C:\Windows\System32\aaclient.dll
2013-10-19 02:32:24    131584    ----a-w-    C:\Windows\SysWow64\aaclient.dll
2013-10-19 02:32:06    210944    ----a-w-    C:\Windows\System32\drivers\rdpwd.sys
2013-10-19 02:32:06    20992    ----a-w-    C:\Windows\System32\drivers\rdpvideominiport.sys
2013-10-19 02:32:06    162816    ----a-w-    C:\Windows\System32\rdpudd.dll
2013-10-19 02:31:09    3216384    ----a-w-    C:\Windows\System32\msi.dll
2013-10-19 02:31:09    2342400    ----a-w-    C:\Windows\SysWow64\msi.dll
2013-10-19 02:29:58    956928    ----a-w-    C:\Windows\System32\localspl.dll
2013-10-19 02:29:58    39424    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\winprint.dll
2013-10-19 02:29:44    9216    ----a-w-    C:\Windows\System32\rdrmemptylst.exe
2013-10-19 02:29:44    149504    ----a-w-    C:\Windows\System32\rdpcorekmts.dll
2013-10-19 02:29:43    77312    ----a-w-    C:\Windows\System32\rdpwsx.dll
2013-10-19 02:28:55    223752    ----a-w-    C:\Windows\System32\drivers\fvevol.sys
2013-10-19 02:28:54    2164224    ----a-w-    C:\Program Files\Windows Journal\Journal.exe
2013-10-19 02:27:11    458704    ----a-w-    C:\Windows\System32\drivers\cng.sys
2013-10-19 02:27:11    340992    ----a-w-    C:\Windows\System32\schannel.dll
2013-10-19 02:27:11    151920    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2013-10-19 02:27:10    95600    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2013-10-19 02:27:10    225280    ----a-w-    C:\Windows\SysWow64\schannel.dll
2013-10-19 02:27:08    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2013-10-19 02:27:08    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2013-10-19 02:18:07    1031680    ----a-w-    C:\Windows\System32\rdpcore.dll
2013-10-19 02:18:04    826880    ----a-w-    C:\Windows\SysWow64\rdpcore.dll
2013-10-19 02:18:03    23552    ----a-w-    C:\Windows\System32\drivers\tdtcp.sys
2013-10-19 01:48:59    2622464    ----a-w-    C:\Windows\System32\wucltux.dll
2013-10-19 01:48:45    99840    ----a-w-    C:\Windows\System32\wudriver.dll
2013-10-19 01:48:34    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2013-10-19 01:48:34    186752    ----a-w-    C:\Windows\System32\wuwebv.dll
2013-10-14 12:49:30    --------    d-----w-    C:\ProgramData\Spybot - Search & Destroy
2013-10-14 12:48:57    17272    ----a-w-    C:\Windows\System32\sdnclean64.exe
2013-10-14 12:48:50    --------    d-----w-    C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-14 12:47:52    --------    d-----w-    C:\Users\Jeff\AppData\Local\Programs
2013-10-10 23:55:39    46368    ----a-w-    C:\Windows\System32\drivers\avgtpx64.sys
2013-10-09 12:17:18    --------    d-----w-    C:\Users\Jeff\AppData\Local\Thunderbird
2013-10-07 19:42:55    --------    d-----w-    C:\Users\Jeff\AppData\Local\Macromedia
2013-10-07 19:29:33    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-07 19:29:33    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-05 21:22:44    --------    d-----w-    C:\Windows\System32\appmgmt
2013-10-02 22:02:16    66264    ----a-w-    C:\Windows\System32\btwdi.dll
2013-10-02 22:02:16    2253016    ----a-w-    C:\Windows\System32\BtwRSupportService.exe
2013-10-02 22:02:16    2232024    ----a-w-    C:\Windows\System32\BcmBtRSupport.dll
2013-10-02 22:02:16    166104    ----a-w-    C:\Windows\System32\drivers\btwampfl.sys
2013-10-02 22:02:14    170712    ----a-w-    C:\Windows\System32\drivers\bcbtums.sys
.
==================== Find3M  ====================
.
2013-10-21 14:41:07    4096    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-21 14:40:59    1080832    ----a-w-    C:\Windows\SysWow64\d3d10.dll
2013-10-19 07:35:15    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2013-10-19 07:35:14    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2013-10-06 00:00:31    282976    ----a-w-    C:\Windows\System32\drivers\avgldx64.sys
2013-08-29 02:17:48    5549504    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35    1732032    ----a-w-    C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28    243712    ----a-w-    C:\Windows\System32\wow64.dll
2013-08-29 02:16:14    859648    ----a-w-    C:\Windows\System32\tdh.dll
2013-08-29 02:13:28    878080    ----a-w-    C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45    3969472    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45    3914176    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30    1292192    ----a-w-    C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16    619520    ----a-w-    C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17    640512    ----a-w-    C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15    44032    ----a-w-    C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49    2048    ----a-w-    C:\Windows\SysWow64\user.exe
2013-08-02 02:14:57    215040    ----a-w-    C:\Windows\System32\winsrv.dll
2013-08-02 02:13:34    424448    ----a-w-    C:\Windows\System32\KernelBase.dll
2013-08-02 01:50:42    274944    ----a-w-    C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17    338432    ----a-w-    C:\Windows\System32\conhost.exe
2013-08-02 00:59:09    112640    ----a-w-    C:\Windows\System32\smss.exe
2013-08-02 00:43:05    6144    ---ha-w-    C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05    4608    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05    3584    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH:  7:19:15.99 ===============


 

Link to post
Share on other sites

Welcome to the forum, this should work:

Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

I ran the program you suggested. THANK YOU So much! I am posting the log from it, because I am not sure what to delete and what not to. I only use Firefox, but IE and Google Chrome are alsO on here. Is th# AdwCleaner v3.010 - Report created 25/10/2013 at 12:50:07
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Enterprise Service Pack 1 (64 bits)
# Username : Jeff - ALIEN
# Running from : C:\Users\Jeff\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater17.0.12

***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\weDownload Manager Pro-chromeinstaller
File Found : C:\Windows\System32\Tasks\weDownload Manager Pro-codedownloader
File Found : C:\Windows\System32\Tasks\weDownload Manager Pro-enabler
File Found : C:\Windows\System32\Tasks\weDownload Manager Pro-firefoxinstaller
File Found : C:\Windows\System32\Tasks\weDownload Manager Pro-updater
File Found : C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job
File Found : C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job
File Found : C:\Windows\Tasks\weDownload Manager Pro-enabler.job
File Found : C:\Windows\Tasks\weDownload Manager Pro-firefoxinstaller.job
File Found : C:\Windows\Tasks\weDownload Manager Pro-updater.job
Folder Found : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb
Folder Found : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\4lfndwty.default-1382552887673\Extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com
Folder Found C:\Program Files (x86)\AVG Secure Search
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\Program Files (x86)\weDownload Manager Pro
Folder Found C:\ProgramData\AVG Secure Search
Folder Found C:\ProgramData\AVG Security Toolbar
Folder Found C:\Users\Jeff\AppData\Local\AVG Secure Search
Folder Found C:\Users\Jeff\AppData\Local\Temp\eIntaller
Folder Found C:\Users\Jeff\AppData\LocalLow\AVG Secure Search
Folder Found C:\Users\Jeff\AppData\LocalLow\AVG Security Toolbar

***** [ Shortcuts ] *****








***** [ Registry ] *****



Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\weDownload Manager Pro
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\AVG Security Toolbar
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\AVG Security Toolbar
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\weDownload Manager Pro
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\weDownload Manager Pro
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\4lfndwty.default-1382552887673\prefs.js ]

Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.InstallationThankYouPage", true);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.InstallationTime", 1382574364);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.active", true);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.addressbar", "NA");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.addressbarenhanced", "");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.asyncdb_dbWasSet", true);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.asyncinternaldb_dbWasSet", true);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.backgroundver", 1);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.certdomaininstaller", "");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.changeprevious", false);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.Affiliate_settings.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)"[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.Affiliate_settings.value", "%22%7B%5C%22initUrl%5C%22%3A%5C%22hxxp%3A//api.jollywallet.com/[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylig[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app43628%22%3A%22app43[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_css.expiration", "Fri Oct 25 2013 20:29:41 GMT-0400 (Eastern Standard Ti[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_css.value", "%22.%25CSSClass%25%20%7B%5Cn%5Ctdisplay%3Anone%3B%5Cn%7D%5C[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_geolocation.expiration", "Wed Oct 30 2013 20:26:54 GMT-0400 (Eastern Sta[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_geolocation.value", "%22US%22");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_metadata.expiration", "Fri Oct 25 2013 20:27:06 GMT-0400 (Eastern Standa[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A43628%2C%22appName%22%3A%22weDownload[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.InstallationTime.value", "1382574364");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.geo.expiration", "Wed Oct 30 2013 20:26:53 GMT-0400 (Eastern Standard Time)");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.geo.value", "%22US%22");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.jw_token.value", "%22278ffc27-376d-6e0b-7b1a-791eb45b4006%22");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.key_list_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.key_list_id.value", "%2220120802-000%22");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.description", "Enhance your search results with direct download links and information for apps and[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.domain", "");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.enablesearch", false);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.homepage", "");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.iframe", false);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight [...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22C942AF5ECEC8423C993E0A63DCA18[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_appVer.value", "16");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_lastVersion.value", "2");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)"[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_meta.value", "%7B%22extension.css%22%3A%7B%22id%22%3A311159%2C%22ver%22%3A2%2[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_nextCheck.expiration", "Fri Oct 25 2013 12:59:14 GMT-0400 (Eastern Standard T[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_nextCheck.value", "true");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_queue.value", "%7B%7D");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_resource_311159.expiration", "Thu Jan 23 2014 11:29:49 GMT-0500 (Eastern Dayl[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_resource_311159.value", "%22.crossrider-nofity-34345-body-theme-white-black%2[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)"[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb._country_code_.value", "%22US%22");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22C942AF5E[...]
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.lastDailyReport", "1382698744885");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.lastUpdate", "1382698742306");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.manifesturl", "");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.name", "weDownload Manager Pro");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.newtab", "");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.opensearch", "");

Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.pluginsversion", 12);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.publisher", "weDownload");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.searchstatus", 0);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.setnewtab", false);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.thankyou", "");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.updateinterval", 360);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.ver", 16);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.apps", "43628");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.bic", "141e78296125943e544b863085e911ff");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.cid", 43628);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.firstrun", false);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.hadappinstalled", true);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.installationdate", 1382574364);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.modetype", "production");
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.reportInstall", true);
Line Found : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.statsDailyCounter", 4);
Line Found : user_pref("extensions.crossrider.bic", "141e78296125943e544b863085e911ff");

-\\ Google Chrome v

[ File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : search_url
Found : keyword
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [24708 octets] - [25/10/2013 12:50:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24769 octets] ##########

ere anything I need to close down while attempting to remove Dosearcher from my laptop?

Link to post
Share on other sites

No you don't have to close down anything.

Go ahead and click on "Clean".

Also when done..check these settings:

Right-click your browser’s shortcut. Choose Properties. Go to Shortcut tab and navigate to Target line. There should be only your browser’s directory in the Targetline:

Internet Explorer – C:Program Files Internet Explorer iexplore.exe

Mozilla Firefox –C:Program FilesMozilla Firefoxfirefox.exe

Google Chrome – C:Program FilesGoogleChromeApplicationchrome.exe

MrC

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.