Jump to content

Conduit?

Blonde2345

By Blonde2345
in Resolved Malware Removal Logs

 Share

Recommended Posts

Blonde2345

Blonde2345

Posted
Posted

Hi, Malwarebytes

 

I think my computer has a conduit infection. I tried to fix it last year sometime but I wasn't able to because of living arrangements. I should be able to stay for the whole duration now.

 

Just looking in the control panel, I noticed GigaClicker, Mipony, and Linksicle. I think these are causing problems?

 

This computer was also a computer that experienced I think identity theft. I would appreciate some help! :)

 

Sincerely,

Blonde2345

 

DDS

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.17.2
Run by WilsHome at 16:06:27 on 2013-12-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7935.4925 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Windows\SysWOW64\Rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dldtcoms.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\Explorer.EXE
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe
C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\PROGRA~2\READIN~2\bar\1.bin\6xbarsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\ATT-SST\pcTrayApp.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Users\WilsHome\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Users\WilsHome\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\aol\1259386940\ee\aolsoftware.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskeng.exe
C:\Users\WilsHome\AppData\Local\GCC\Controller.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\program files (x86)\aol toolbar\aoltbServer.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uURLSearchHooks: <No Name>: {421fb3de-4b9f-48e5-abf1-f96f8aaca70a} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xSrcAs.dll
uURLSearchHooks: ytbclick B6 Toolbar: {22c11b72-54db-4a18-897f-8deccaf9e26d} - C:\Program Files (x86)\ytbclick_B6\prxtbytbc.dll
mURLSearchHooks: ytbclick B6 Toolbar: {22c11b72-54db-4a18-897f-8deccaf9e26d} - C:\Program Files (x86)\ytbclick_B6\prxtbytbc.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: ytbclick B6 Toolbar: {22c11b72-54db-4a18-897f-8deccaf9e26d} - C:\Program Files (x86)\ytbclick_B6\prxtbytbc.dll
BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: AOL OnePoint: {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.326.1\NativeBHO.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: ReadingFanatic: {B36151D1-7770-4480-87E4-F89FB54E173D} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll
TB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
TB: ytbclick B6 Toolbar: {22C11B72-54DB-4A18-897F-8DECCAF9E26D} - C:\Program Files (x86)\ytbclick_B6\prxtbytbc.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: ReadingFanatic: {b36151d1-7770-4480-87e4-f89fb54e173d} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll
TB: ytbclick B6 Toolbar: {22c11b72-54db-4a18-897f-8deccaf9e26d} - C:\Program Files (x86)\ytbclick_B6\prxtbytbc.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [smileboxTray] "C:\Users\WilsHome\AppData\Roaming\Smilebox\SmileboxTray.exe"
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [AdobeBridge] <no file>
uRunOnce: [Application Restart #2] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --enable-experimental-extension-apis --flag-switches-end --restore-last-session http://static.australianbrewingcompany.com/g/?z=1&ilmernzkvtaztus=90E6BA5806C24CD8&pu=&s=D-chrome&nm=ilmernzkvtaztus&t=
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1259386940\ee\AOLSoftware.exe
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [shopAtHomeWatcher] C:\Users\WilsHome\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
StartupFolder: C:\Users\WilsHome\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\WilsHome\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AOLONE~1.LNK - C:\Program Files (x86)\AOL OnePoint\IDVault.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: $talisma_url$
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{AA2D74CE-0772-4D5F-AE05-137AAAB18D6A} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ElectroLyrics-16: {11111111-1111-1111-1111-110411411152} - 
x64-BHO: Linksicle: {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - C:\Program Files\Linksicle\IE\LinksicleClientIE.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup
x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\pcTrayApp.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\
FF - prefs.js: browser.search.selectedEngine - AOL Search
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\NP6xStub.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-10-28 00:00; tvwyeqlpbtusahnd@rhjqfbbmdtxgdqqi.com; C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\extensions\tvwyeqlpbtusahnd@rhjqfbbmdtxgdqqi.com
FF - ExtSQL: 2013-10-28 11:20; {22c11b72-54db-4a18-897f-8deccaf9e26d}; C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\extensions\{22c11b72-54db-4a18-897f-8deccaf9e26d}
FF - ExtSQL: 2013-10-28 11:23; ext@flash-Enhancer.com; C:\Program Files (x86)\AmiExt\flashEnhancer\ff
FF - ExtSQL: 1969-12-31 19:00; {7affbfae-c4e2-4915-8c0f-00fa3ec610a1}; C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
FF - ExtSQL: !HIDDEN! 2013-10-28 11:21; tvwyeqlpbtusahnd@rhjqfbbmdtxgdqqi.com; C:\Program Files (x86)\Mozilla Firefox\extensions\tvwyeqlpbtusahnd@rhjqfbbmdtxgdqqi.com
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 46368]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 dldt_device;dldt_device;C:\Windows\System32\dldtcoms.exe -service --> C:\Windows\System32\dldtcoms.exe -service [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2013-12-20 121616]
R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2012-8-27 361472]
R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2012-8-27 441344]
R2 pcServiceHost;pcServiceHost;C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe [2012-8-27 342016]
R2 ReadingFanatic_6xService;ReadingFanaticService;C:\PROGRA~2\READIN~2\bar\1.bin\6xbarsvc.exe [2012-12-26 42504]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-2-18 968880]
R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-5 1771544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 IDVaultSvc;AOL OnePoint Service;C:\Program Files (x86)\AOL OnePoint\IDVaultSvc.exe [2013-7-8 47896]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-5-12 1025352]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-10-12 16152]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-23 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-13 1255736]
.
=============== Created Last 30 ================
.
2013-12-18 14:50:48 -------- d-----w- C:\temp
2013-12-18 14:42:02 -------- d-----w- C:\Program Files\Linksicle
2013-12-18 14:41:42 -------- d-----w- C:\Users\WilsHome\AppData\Local\cache
2013-12-18 14:41:41 -------- d-----w- C:\Users\WilsHome\AppData\Local\Mobogenie
2013-12-18 14:41:06 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2013-12-18 14:40:58 -------- d-----w- C:\Program Files (x86)\Mobogenie
2013-12-18 14:40:46 -------- d-----w- C:\Program Files (x86)\McAfee
2013-12-11 08:07:06 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-11 08:07:06 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-11 08:07:05 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-11 08:07:04 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-11 03:59:56 202752 ----a-w- C:\Windows\System32\scrrun.dll
.
==================== Find3M  ====================
.
2013-12-22 18:20:37 16152 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
2013-12-11 01:03:23 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 01:03:23 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-10 21:10:12 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-11-06 02:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2013-11-05 02:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-01 04:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-11-01 03:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-10-25 03:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 02:16:30 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-04 01:36:04 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-10-02 21:14:52 58192 ----a-w- C:\Windows\System32\drivers\lsnfd.sys
2013-10-01 05:52:08 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
.
============= FINISH: 16:09:33.02 ===============
 
Attach
 
 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 11/27/2009 7:52:45 PM
System Uptime: 12/22/2013 1:19:46 PM (3 hours ago)
.
Motherboard: PEGATRON CORPORATION |  | VIOLET
Processor: AMD Athlon II X4 620 Processor | CPU 1 | 2600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 584 GiB total, 483.65 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 2.217 GiB free.
E: is CDROM (CDFS)
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP415: 12/20/2013 11:56:52 AM - Removed WeatherBug
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer
6500_E709_eDocs
6500_E709_Help
6500_E709a
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Manager
Adobe InDesign CS6
Adobe Reader 9.5.5
Adobe® Content Viewer
Amazon Kindle
AOL OnePoint
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AT&T Troubleshoot & Resolve Tool
att.net Internet Mail
Avery Wizard 4.0
AVG 2014
AVG PC Tuneup 2011
AVG Security Toolbar
Bing Bar
Bing Rewards Client Installer
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite Deluxe
Destinations
DeviceDiscovery
DirectX for Managed Code Update (Summer 2004)
DocMgr
DocProc
Download Updater (AOL Inc.)
DriverUpdate
Dropbox
EPSON Printer Software
Fax
Flash Player Pro V5.4
FlashPlayer
GigaClicks Crawler
Google Chrome
Google Update Helper
GoToMeeting 5.4.0.1082
GPBaseService2
GRE POWERPREP
Hardware Diagnostic Tools
Hewlett-Packard ACLM.NET v1.2.1.1
HP Advisor
HP Customer Experience Enhancements
HP Customer Participation Program 13.0
HP Document Manager 2.0
HP Games
HP Imaging Device Functions 13.0
HP MediaSmart Demo
HP MediaSmart DVD
HP MediaSmart Movie Themes
HP MediaSmart Music/Photo/Video
HP MediaSmart SmartMenu
HP Odometer
HP Officejet 6500 E709 Series
HP Product Detection
HP Remote Solution
HP Setup
HP Solution Center 13.0
HP Support Assistant
HP Support Information
HP Update
HPProductAssistant
HPSSupply
iCloud
iTunes
Java 7 Update 17
Java Auto Updater
Java 6 Update 30
JavaFX 2.1.1
LabelPrint
League of Legends
LightScribe System Software
Lightspark 0.5.3-git
Linksicle
LSI PCI-SV92EX Soft Modem
Macromedia Shockwave Player
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
McAfee Security Scan Plus
McAfee SiteAdvisor
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Default Manager
Microsoft Live Search Toolbar
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 60 day trial
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Web Publishing Wizard 1.52
Microsoft Works
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mipony Download Manager Packages
MobileMe Control Panel
Mozilla Firefox 19.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network64
NVIDIA Drivers
OCR Software by I.R.I.S. 13.0
OverDrive Media Console
PDF Settings CS6
PictureMover
Power2Go
PowerDirector
PowerRecover
PRIVATE WiFi
ProductContext
QuickTime
ReadingFanatic Toolbar
Realtek High Definition Audio Driver
Safari
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition 
Shop for HP Supplies
Smilebox
SolutionCenter
Status
Strongvault Online Backup
The Print Shop 21
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Viewpoint Media Player
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VisualBee for Microsoft PowerPoint
WebReg
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
12/22/2013 3:05:51 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {ABC01078-F197-4B0B-ADBC-CFE684B39C82}  and APPID  Unavailable  to the user WilsHome-PC\WilsHome SID (S-1-5-21-1142207997-2693153613-130597048-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/22/2013 1:23:03 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {3EEF301F-B596-4C0B-BD92-013BEAFCE793}  and APPID  {3EEF301F-B596-4C0B-BD92-013BEAFCE793}  to the user WilsHome-PC\WilsHome SID (S-1-5-21-1142207997-2693153613-130597048-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/22/2013 1:20:58 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFS
12/22/2013 1:20:57 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the AOL OnePoint Service service to connect.
12/22/2013 1:20:57 PM, Error: Service Control Manager [7000]  - The AOL OnePoint Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced logs...

 

Kevin

Link to post
Share on other sites
Blonde2345

Blonde2345

Posted
  • Author
Posted

Hi, Kevinf80

Sorry for the late reply, been busy with the holiday season. I hope you have had a happy holidays so far. Thank you for taking the time to help me with my problem.

 

I have run the AdwCleaner.exe. I still had an old one from a few months ago. Xplode's site is in French? The BleepingComputer Link had a lot of the in-Text links that constantly redirected when I downloaded the file. I think I downloaded the right one.

 

I am posting a list of everything that it found (from the Report Button). I am just worried on a few things like C:/End and and the Background Containers (in Files and in the Registry section). I assume AdwCleaner removes all unnecessary things for my computer so it would be safe to just blanket remove everything?

 

Thanks again.

 

# AdwCleaner v3.016 - Report created 24/12/2013 at 13:05:51
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : WilsHome - WILSHOME-PC
# Running from : C:\Users\WilsHome\Downloads\AdwCleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : vToolbarUpdater14.2.0
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
File Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage
File Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage-journal
File Found : C:\Users\WilsHome\AppData\Roaming\BabMaint.exe
File Found : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\searchplugins\Conduit.xml
File Found : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\user.js
File Found : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Found : C:\Windows\System32\Tasks\DSite
File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\jddlccindkmjbgjockcahgoaenfpmhhl
Folder Found : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\Extensions\{22c11b72-54db-4a18-897f-8deccaf9e26d}
Folder Found : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Found C:\Program Files (x86)\AOL Toolbar
Folder Found C:\Program Files (x86)\AVG Secure Search
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\Program Files (x86)\Common Files\Software Update Utility
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\Searchprotect
Folder Found C:\Program Files (x86)\tuguu sl
Folder Found C:\Program Files (x86)\Viewpoint
Folder Found C:\Program Files (x86)\ytbclick_B6
Folder Found C:\Program Files\Linksicle
Folder Found C:\ProgramData\AOL Toolbar
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\AVG Secure Search
Folder Found C:\ProgramData\Conduit
Folder Found C:\ProgramData\Viewpoint
Folder Found C:\Users\WilsHome\AppData\Local\AOL Toolbar
Folder Found C:\Users\WilsHome\AppData\Local\AVG Secure Search
Folder Found C:\Users\WilsHome\AppData\Local\Conduit
Folder Found C:\Users\WilsHome\AppData\Local\Mobogenie
Folder Found C:\Users\WilsHome\AppData\Local\PackageAware
Folder Found C:\Users\WilsHome\AppData\Local\SwvUpdater
Folder Found C:\Users\WilsHome\AppData\Local\Temp\AirInstaller
Folder Found C:\Users\WilsHome\AppData\LocalLow\AVG Secure Search
Folder Found C:\Users\WilsHome\AppData\LocalLow\Conduit
Folder Found C:\Users\WilsHome\AppData\LocalLow\PriceGong
Folder Found C:\Users\WilsHome\AppData\LocalLow\ytbclick_B6
Folder Found C:\Users\WilsHome\AppData\Roaming\DSite
Folder Found C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\CT3298937
Folder Found C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\Smartbar
Folder Found C:\Users\WilsHome\AppData\Roaming\Searchprotect
Folder Found C:\Users\WilsHome\Documents\Mobogenie
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\Shopping Sidekick Plugin
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\ytbclick_B6
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Google\Chrome\Extensions\jddlccindkmjbgjockcahgoaenfpmhhl
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\InstalledThirdPartyPrograms
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E40DD9EB-217C-4110-AEA5-904A06461FF0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E40DD9EB-217C-4110-AEA5-904A06461FF0}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\tuguu sl
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\InstalledThirdPartyPrograms
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\PIP
Key Found : [x64] HKCU\Software\tuguu sl
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182202}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E40DD9EB-217C-4110-AEA5-904A06461FF0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186602}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416652}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3298937
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\firstsearch
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jddlccindkmjbgjockcahgoaenfpmhhl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\Software\InfoAtoms
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97629203-3299-4622-AB27-BF6161EBA472}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF2A20F1-F178-4C05-B010-AC5066F558DB}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E40DD9EB-217C-4110-AEA5-904A06461FF0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\Viewpoint
Key Found : HKLM\Software\ytbclick_B6
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412252}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186602}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416652}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}
Key Found : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [backgroundContainer]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v19.0 (en-US)
 
[ File : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\prefs.js ]
 
Line Found : user_pref("CT3298937.FirstTime", "true");
Line Found : user_pref("CT3298937.FirstTimeFF3", "true");
Line Found : user_pref("CT3298937.UserID", "UN26178511482112819");
Line Found : user_pref("CT3298937.defaultSearch", "true");
Line Found : user_pref("CT3298937.enableAlerts", "true");
Line Found : user_pref("CT3298937.enableSearchFromAddressBar", "true");
Line Found : user_pref("CT3298937.fixPageNotFoundError", "true");
Line Found : user_pref("CT3298937.fullUserID", "UN26178511482112819.IN.20131028112036");
Line Found : user_pref("CT3298937.installId", "cidamie1");
Line Found : user_pref("CT3298937.installType", "conduitnsisintegration");
Line Found : user_pref("CT3298937.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3298937.lastVersion", "10.21.1.7");
Line Found : user_pref("CT3298937.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Found : user_pref("CT3298937.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3298937%26octid%3DCT3298937%26SearchSource%3D61%26CUI%3DUN26178511482112819%26UM%3D[...]
Line Found : user_pref("CT3298937.openThankYouPage", "false");
Line Found : user_pref("CT3298937.openUninstallPage", "true");
Line Found : user_pref("CT3298937.revertSettingsEnabled", "true");
Line Found : user_pref("CT3298937.settingsINI", true);
Line Found : user_pref("CT3298937.shouldFirstTimeDialog", "false");
Line Found : user_pref("CT3298937.smartbar.CTID", "CT3298937");
Line Found : user_pref("CT3298937.smartbar.Uninstall", "0");
Line Found : user_pref("CT3298937.smartbar.toolbarName", "ytbclick B6 ");
Line Found : user_pref("CT3298937.startPage", "true");
Line Found : user_pref("CT3298937_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386081569112,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("aol_toolbar.aolmail.address", "");
Line Found : user_pref("aol_toolbar.aolmail.count", "0");
Line Found : user_pref("aol_toolbar.aolmail.id", "value");
Line Found : user_pref("aol_toolbar.aolmail.imagelist.layout", "empty");
Line Found : user_pref("aol_toolbar.aolmail.popup.autoclose", "true");
Line Found : user_pref("aol_toolbar.aolmail.user", "");
Line Found : user_pref("aol_toolbar.buttons.layout", "mapquest_40872;ebay_46278;netflix_46519;techcrunch_47552;radio_46530;");
Line Found : user_pref("aol_toolbar.calendar.date", "{system.date.timestamp}");
Line Found : user_pref("aol_toolbar.calendar.displaydate", "{system.date.locale}");
Line Found : user_pref("aol_toolbar.calendar.timestamp", "1386081570575");
Line Found : user_pref("aol_toolbar.curtain.congrats", "curtain");
Line Found : user_pref("aol_toolbar.firsttime.showwindow", false);
Line Found : user_pref("aol_toolbar.guid", "{7196771D-D7D7-13B5-9971-17738B3A3276}");
Line Found : user_pref("aol_toolbar.install.distroid", "aol");
Line Found : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.9660");
Line Found : user_pref("aol_toolbar.install.lid", "hyplognew00000010");
Line Found : user_pref("aol_toolbar.install.mtmhp", "txtlnkusaolp00000051");
Line Found : user_pref("aol_toolbar.install.ncid", "");
Line Found : user_pref("aol_toolbar.install.sethomepage", "0");
Line Found : user_pref("aol_toolbar.install.setsearch", "0");
Line Found : user_pref("aol_toolbar.install.type", "new");
Line Found : user_pref("aol_toolbar.metrics.activestampdate", "3");
Line Found : user_pref("aol_toolbar.metrics.activestampmonth", "11");
Line Found : user_pref("aol_toolbar.metrics.activestampyear", "2013");
Line Found : user_pref("aol_toolbar.metrics.log", false);
Line Found : user_pref("aol_toolbar.metrics.originalDate", "31");
Line Found : user_pref("aol_toolbar.metrics.originalHours", "4");
Line Found : user_pref("aol_toolbar.metrics.originalMinutes", "0");
Line Found : user_pref("aol_toolbar.metrics.originalMonth", "10");
Line Found : user_pref("aol_toolbar.metrics.originalSeconds", "0");
Line Found : user_pref("aol_toolbar.metrics.originalYear", "2013");
Line Found : user_pref("aol_toolbar.search.button", false);
Line Found : user_pref("aol_toolbar.search.cid", "31-10-2013");
Line Found : user_pref("aol_toolbar.search.instd", "F7B3EB33550743ABAB4D303703C3E3D8");
Line Found : user_pref("aol_toolbar.search.oid", "31-10-2013");
Line Found : user_pref("aol_toolbar.search.placement", "right");
Line Found : user_pref("aol_toolbar.search.savehistory", false);
Line Found : user_pref("aol_toolbar.search.searchtype", "web");
Line Found : user_pref("aol_toolbar.search.source", "TB50CL-ff");
Line Found : user_pref("aol_toolbar.skin.custom", false);
Line Found : user_pref("aol_toolbar.upgrade.showwindow", false);
Line Found : user_pref("aol_toolbar.weather.condition", "30");
Line Found : user_pref("aol_toolbar.weather.degc", "5");
Line Found : user_pref("aol_toolbar.weather.degf", "41");
Line Found : user_pref("aol_toolbar.weather.degrees", "F");
Line Found : user_pref("aol_toolbar.weather.lastupdate", "");
Line Found : user_pref("aol_toolbar.weather.locationid", "USNY0996");
Line Found : user_pref("aol_toolbar.weather.zipcode", "10006");
Line Found : user_pref("aol_toolbar.widgets.layout", "aolmail,calendar,weather");
Line Found : user_pref("aol_toolbar.widgets.log", false);
Line Found : user_pref("aol_toolbar.widgets.version", "5.74.1.9660");
Line Found : user_pref("extensions.crossrider.bic", "1420fc1b8b40fe569b4418a118c9ab4b");
Line Found : user_pref("plugin.state.npconduitfirefoxplugin", 2);
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : search_url
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
 
*************************
 
AdwCleaner[R0].txt - [24338 octets] - [24/12/2013 13:05:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24399 octets] ##########
Link to post
Share on other sites
Blonde2345

Blonde2345

Posted
  • Author
Posted

So, while I was taking a shower, another person in the house clicked clean on the AdwCleaner.exe. *sigh* I guess it doesn't matter about C:/End or the Background Container.

 

I am currently running the MalwareBytes Full Scan.

When I went into Google Chrome to get back to this site after AdwCleaner rebooted the computer, I noticed that using the search bar in Google Chrome redirects through search.conduit.com and then goes into Bing. I also noticed the Linksicle and this PriceChecker thing were still extensions for GoogleChrome so I removed them from the Toolbars.

 

AdwCleaner S0

 

# AdwCleaner v3.016 - Report created 24/12/2013 at 13:40:08
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : WilsHome - WILSHOME-PC
# Running from : C:\Users\WilsHome\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : vToolbarUpdater14.2.0
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AOL Toolbar
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Program Files (x86)\AOL Toolbar
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\tuguu sl
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\Program Files (x86)\ytbclick_B6
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Linksicle
Folder Deleted : C:\Users\WilsHome\AppData\Local\AOL Toolbar
Folder Deleted : C:\Users\WilsHome\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\WilsHome\AppData\Local\Conduit
Folder Deleted : C:\Users\WilsHome\AppData\Local\Mobogenie
Folder Deleted : C:\Users\WilsHome\AppData\Local\PackageAware
Folder Deleted : C:\Users\WilsHome\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\WilsHome\AppData\Local\Temp\AirInstaller
Folder Deleted : C:\Users\WilsHome\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\WilsHome\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\WilsHome\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\WilsHome\AppData\LocalLow\ytbclick_B6
Folder Deleted : C:\Users\WilsHome\AppData\Roaming\DSite
Folder Deleted : C:\Users\WilsHome\AppData\Roaming\Searchprotect
Folder Deleted : C:\Users\WilsHome\Documents\Mobogenie
Folder Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\Smartbar
Folder Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\CT3298937
Folder Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\Extensions\{22c11b72-54db-4a18-897f-8deccaf9e26d}
Folder Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\jddlccindkmjbgjockcahgoaenfpmhhl
File Deleted : C:\END
File Deleted : C:\Users\WilsHome\AppData\Roaming\BabMaint.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
File Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\searchplugins\Conduit.xml
File Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\user.js
File Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage
File Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\Windows\System32\Tasks\DSite
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Google\Chrome\Extensions\jddlccindkmjbgjockcahgoaenfpmhhl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jddlccindkmjbgjockcahgoaenfpmhhl
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [backgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298937
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E40DD9EB-217C-4110-AEA5-904A06461FF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182202}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412252}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186602}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416652}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E40DD9EB-217C-4110-AEA5-904A06461FF0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E40DD9EB-217C-4110-AEA5-904A06461FF0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E40DD9EB-217C-4110-AEA5-904A06461FF0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF2A20F1-F178-4C05-B010-AC5066F558DB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97629203-3299-4622-AB27-BF6161EBA472}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412252}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186602}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416652}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\tuguu sl
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Shopping Sidekick Plugin
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\ytbclick_B6
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\firstsearch
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\Software\ytbclick_B6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v19.0 (en-US)
 
[ File : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\prefs.js ]
 
Line Deleted : user_pref("CT3298937.FirstTime", "true");
Line Deleted : user_pref("CT3298937.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3298937.UserID", "UN26178511482112819");
Line Deleted : user_pref("CT3298937.defaultSearch", "true");
Line Deleted : user_pref("CT3298937.enableAlerts", "true");
Line Deleted : user_pref("CT3298937.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3298937.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3298937.fullUserID", "UN26178511482112819.IN.20131028112036");
Line Deleted : user_pref("CT3298937.installId", "cidamie1");
Line Deleted : user_pref("CT3298937.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT3298937.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3298937.lastVersion", "10.21.1.7");
Line Deleted : user_pref("CT3298937.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3298937.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3298937%26octid%3DCT3298937%26SearchSource%3D61%26CUI%3DUN26178511482112819%26UM%3D[...]
Line Deleted : user_pref("CT3298937.openThankYouPage", "false");
Line Deleted : user_pref("CT3298937.openUninstallPage", "true");
Line Deleted : user_pref("CT3298937.revertSettingsEnabled", "true");
Line Deleted : user_pref("CT3298937.settingsINI", true);
Line Deleted : user_pref("CT3298937.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3298937.smartbar.CTID", "CT3298937");
Line Deleted : user_pref("CT3298937.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3298937.smartbar.toolbarName", "ytbclick B6 ");
Line Deleted : user_pref("CT3298937.startPage", "true");
Line Deleted : user_pref("CT3298937_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386081569112,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("aol_toolbar.aolmail.address", "");
Line Deleted : user_pref("aol_toolbar.aolmail.count", "0");
Line Deleted : user_pref("aol_toolbar.aolmail.id", "value");
Line Deleted : user_pref("aol_toolbar.aolmail.imagelist.layout", "empty");
Line Deleted : user_pref("aol_toolbar.aolmail.popup.autoclose", "true");
Line Deleted : user_pref("aol_toolbar.aolmail.user", "");
Line Deleted : user_pref("aol_toolbar.buttons.layout", "mapquest_40872;ebay_46278;netflix_46519;techcrunch_47552;radio_46530;");
Line Deleted : user_pref("aol_toolbar.calendar.date", "{system.date.timestamp}");
Line Deleted : user_pref("aol_toolbar.calendar.displaydate", "{system.date.locale}");
Line Deleted : user_pref("aol_toolbar.calendar.timestamp", "1386081570575");
Line Deleted : user_pref("aol_toolbar.curtain.congrats", "curtain");
Line Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
Line Deleted : user_pref("aol_toolbar.guid", "{7196771D-D7D7-13B5-9971-17738B3A3276}");
Line Deleted : user_pref("aol_toolbar.install.distroid", "aol");
Line Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.9660");
Line Deleted : user_pref("aol_toolbar.install.lid", "hyplognew00000010");
Line Deleted : user_pref("aol_toolbar.install.mtmhp", "txtlnkusaolp00000051");
Line Deleted : user_pref("aol_toolbar.install.ncid", "");
Line Deleted : user_pref("aol_toolbar.install.sethomepage", "0");
Line Deleted : user_pref("aol_toolbar.install.setsearch", "0");
Line Deleted : user_pref("aol_toolbar.install.type", "new");
Line Deleted : user_pref("aol_toolbar.metrics.activestampdate", "3");
Line Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "11");
Line Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2013");
Line Deleted : user_pref("aol_toolbar.metrics.log", false);
Line Deleted : user_pref("aol_toolbar.metrics.originalDate", "31");
Line Deleted : user_pref("aol_toolbar.metrics.originalHours", "4");
Line Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "0");
Line Deleted : user_pref("aol_toolbar.metrics.originalMonth", "10");
Line Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "0");
Line Deleted : user_pref("aol_toolbar.metrics.originalYear", "2013");
Line Deleted : user_pref("aol_toolbar.search.button", false);
Line Deleted : user_pref("aol_toolbar.search.cid", "31-10-2013");
Line Deleted : user_pref("aol_toolbar.search.instd", "F7B3EB33550743ABAB4D303703C3E3D8");
Line Deleted : user_pref("aol_toolbar.search.oid", "31-10-2013");
Line Deleted : user_pref("aol_toolbar.search.placement", "right");
Line Deleted : user_pref("aol_toolbar.search.savehistory", false);
Line Deleted : user_pref("aol_toolbar.search.searchtype", "web");
Line Deleted : user_pref("aol_toolbar.search.source", "TB50CL-ff");
Line Deleted : user_pref("aol_toolbar.skin.custom", false);
Line Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
Line Deleted : user_pref("aol_toolbar.weather.condition", "30");
Line Deleted : user_pref("aol_toolbar.weather.degc", "5");
Line Deleted : user_pref("aol_toolbar.weather.degf", "41");
Line Deleted : user_pref("aol_toolbar.weather.degrees", "F");
Line Deleted : user_pref("aol_toolbar.weather.lastupdate", "");
Line Deleted : user_pref("aol_toolbar.weather.locationid", "USNY0996");
Line Deleted : user_pref("aol_toolbar.weather.zipcode", "10006");
Line Deleted : user_pref("aol_toolbar.widgets.layout", "aolmail,calendar,weather");
Line Deleted : user_pref("aol_toolbar.widgets.log", false);
Line Deleted : user_pref("aol_toolbar.widgets.version", "5.74.1.9660");
Line Deleted : user_pref("extensions.crossrider.bic", "1420fc1b8b40fe569b4418a118c9ab4b");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword
 
*************************
 
AdwCleaner[R0].txt - [24588 octets] - [24/12/2013 13:05:51]
AdwCleaner[s0].txt - [24470 octets] - [24/12/2013 13:40:08]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [24531 octets] ##########
Link to post
Share on other sites
Blonde2345

Blonde2345

Posted
  • Author
Posted
Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.12.24.05

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16476

WilsHome :: WILSHOME-PC [administrator]

 

12/24/2013 1:51:04 PM

mbam-log-2013-12-24 (13-51-04).txt

 

Scan type: Full scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 815993

Time elapsed: 3 hour(s), 18 minute(s), 9 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

 

That is the MalwareBytes log. 

 

Google Chrome is still doing stuff through search.conduit.com and I can see programs like Linksicle, GigaclicksCrawler in the control panel. That stuff is safe I am assuming?

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Download Zoek.zip from here http://www.hijackthis.nl/smeenk/220813/zoek.zip and save that zip file to your Desktop.

 

Double click zip file and extract to your  Desktop:

 

 

Zoekd.jpg

 

 

you will now have 3 versions of the tool on the Desktop:

 

 

Zoeke.jpg

 

Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html[/url

 

Double click on each in turn until one version of Zoek will run (accept UAC) The following window will open:

 

 

Zoekb.jpg

 

 

Copy and paste the following script from the code box and paste into the field.

 

 

standardsearch;autoruns;autoclean;emptyclsid;emptyalltemp;installedprogs;CHRdefaults; 

 

 

Select the "Run Script" tab. The following window will open:

 

 

 

Zoekc.jpg

 

 

 

Please be patient and do not use the PC when the scan is in progress.

 

When complete you maybe asked to re-boot your PC, if so please do

 

Zoekf.jpg

 

Post the produced log in your next reply, also tell me if any improvement..

 

Kevin

Link to post
Share on other sites
Blonde2345

Blonde2345

Posted
  • Author
Posted

Hi, Kevin

Sorry for the late response.

 

When I go to download Zoek, it automatically places it into the Downloads folder on the computer. It also opens up a new window from an ad on that website. When I move that folder to the desktop and extract all the files, it creates a new folder on my desktop. When I open that folder it has the three files. I have double clicked and accepted the UAC but none of them work. The DOS one and the Screensaver one briefly open what appears to be a DOS box but neither of those two open the Zoek control panel.

 

Also, I don't understand the Security permissions you linked. When I click on the link the page says it cannot be located.

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Try the following link for information to turn off security:

 

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 

To save to the desktop using Firefox. Run Firefox, select > tools > options > general tab. In the Download section set the Desktop as d/l preference.... When you have Zoek in place turn off security and make sure browsers are all closed....

 

 

 

 

post-3601-0-58805000-1388171316_thumb.jp

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.