Blonde2345 Posted December 22, 2013 ID:767890 Share Posted December 22, 2013 Hi, Malwarebytes I think my computer has a conduit infection. I tried to fix it last year sometime but I wasn't able to because of living arrangements. I should be able to stay for the whole duration now. Just looking in the control panel, I noticed GigaClicker, Mipony, and Linksicle. I think these are causing problems? This computer was also a computer that experienced I think identity theft. I would appreciate some help! Sincerely,Blonde2345 DDS DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.17.2Run by WilsHome at 16:06:27 on 2013-12-22Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.4925 [GMT -5:00].AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG2014\avgrsa.exeC:\Program Files (x86)\AVG\AVG2014\avgcsrva.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\LSI SoftModem\agr64svc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\AVG\AVG2014\avgidsagent.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exeC:\Windows\SysWOW64\Rundll32.exeC:\Windows\system32\taskhost.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\system32\dldtcoms.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtc:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Windows\Explorer.EXEc:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\Common Files\Motive\pcCMService.exeC:\Program Files\Common Files\Motive\pcCMService.exeC:\Program Files (x86)\Common Files\Motive\pcServiceHost.exeC:\Program Files (x86)\DriverUpdate\DriverUpdate.exeC:\Windows\System32\svchost.exe -k HPZ12C:\PROGRA~2\READIN~2\bar\1.bin\6xbarsvc.exeC:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\rundll32.exeC:\Windows\system32\rundll32.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exeC:\Program Files (x86)\AVG\AVG2014\avgnsa.exeC:\Program Files (x86)\AVG\AVG2014\avgemca.exec:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exec:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exeC:\Windows\system32\svchost.exe -k HPServiceC:\Windows\System32\WUDFHost.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Program Files\ATT-SST\pcTrayApp.exeC:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exeC:\Users\WilsHome\AppData\Roaming\Smilebox\SmileboxTray.exeC:\Users\WilsHome\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exeC:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\Common Files\aol\1259386940\ee\aolsoftware.exeC:\Program Files (x86)\AVG Secure Search\vprot.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\AVG\AVG2014\avgui.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\taskeng.exeC:\Users\WilsHome\AppData\Local\GCC\Controller.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\AOL Desktop 9.7\waol.exeC:\Program Files (x86)\AOL Desktop 9.7\shellmon.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEc:\program files (x86)\aol toolbar\aoltbServer.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uSearch Bar = PreserveuURLSearchHooks: <No Name>: {421fb3de-4b9f-48e5-abf1-f96f8aaca70a} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xSrcAs.dlluURLSearchHooks: ytbclick B6 Toolbar: {22c11b72-54db-4a18-897f-8deccaf9e26d} - C:\Program Files (x86)\ytbclick_B6\prxtbytbc.dllmURLSearchHooks: ytbclick B6 Toolbar: {22c11b72-54db-4a18-897f-8deccaf9e26d} - C:\Program Files (x86)\ytbclick_B6\prxtbytbc.dlldURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>mWinlogon: Userinit = userinit.exe,BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: ytbclick B6 Toolbar: {22c11b72-54db-4a18-897f-8deccaf9e26d} - C:\Program Files (x86)\ytbclick_B6\prxtbytbc.dllBHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dllBHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dllBHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllBHO: AOL OnePoint: {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.326.1\NativeBHO.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dllTB: ReadingFanatic: {B36151D1-7770-4480-87E4-F89FB54E173D} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dllTB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dllTB: ytbclick B6 Toolbar: {22C11B72-54DB-4A18-897F-8DECCAF9E26D} - C:\Program Files (x86)\ytbclick_B6\prxtbytbc.dllTB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: ReadingFanatic: {b36151d1-7770-4480-87e4-f89fb54e173d} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dllTB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dllTB: ytbclick B6 Toolbar: {22c11b72-54db-4a18-897f-8deccaf9e26d} - C:\Program Files (x86)\ytbclick_B6\prxtbytbc.dllTB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dllTB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllEB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEWuRun: [smileboxTray] "C:\Users\WilsHome\AppData\Roaming\Smilebox\SmileboxTray.exe"uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exeuRun: [AdobeBridge] <no file>uRunOnce: [Application Restart #2] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --enable-experimental-extension-apis --flag-switches-end --restore-last-session http://static.australianbrewingcompany.com/g/?z=1&ilmernzkvtaztus=90E6BA5806C24CD8&pu=&s=D-chrome&nm=ilmernzkvtaztus&t=mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exemRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exemRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1259386940\ee\AOLSoftware.exemRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exemRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumemRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLYmRun: [shopAtHomeWatcher] C:\Users\WilsHome\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exemRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbyloginmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exeStartupFolder: C:\Users\WilsHome\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\WilsHome\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AOLONE~1.LNK - C:\Program Files (x86)\AOL OnePoint\IDVault.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}Trusted Zone: $talisma_url$TCP: NameServer = 75.75.75.75 75.75.76.76TCP: Interfaces\{AA2D74CE-0772-4D5F-AE05-137AAAB18D6A} : DHCPNameServer = 75.75.75.75 75.75.76.76Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: ElectroLyrics-16: {11111111-1111-1111-1111-110411411152} - x64-BHO: Linksicle: {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - C:\Program Files\Linksicle\IE\LinksicleClientIE.dllx64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dllx64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartupx64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /backgroundx64-Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\pcTrayApp.exe"x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Updatex64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exex64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\FF - prefs.js: browser.search.selectedEngine - AOL SearchFF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\npsitesafety.dllFF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dllFF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\NP6xStub.dllFF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: 2013-10-28 00:00; tvwyeqlpbtusahnd@rhjqfbbmdtxgdqqi.com; C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\extensions\tvwyeqlpbtusahnd@rhjqfbbmdtxgdqqi.comFF - ExtSQL: 2013-10-28 11:20; {22c11b72-54db-4a18-897f-8deccaf9e26d}; C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\extensions\{22c11b72-54db-4a18-897f-8deccaf9e26d}FF - ExtSQL: 2013-10-28 11:23; ext@flash-Enhancer.com; C:\Program Files (x86)\AmiExt\flashEnhancer\ffFF - ExtSQL: 1969-12-31 19:00; {7affbfae-c4e2-4915-8c0f-00fa3ec610a1}; C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}FF - ExtSQL: !HIDDEN! 2013-10-28 11:21; tvwyeqlpbtusahnd@rhjqfbbmdtxgdqqi.com; C:\Program Files (x86)\Mozilla Firefox\extensions\tvwyeqlpbtusahnd@rhjqfbbmdtxgdqqi.com.---- FIREFOX POLICIES ----FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false============= SERVICES / DRIVERS ===============.R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 46368]R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]R2 dldt_device;dldt_device;C:\Windows\System32\dldtcoms.exe -service --> C:\Windows\System32\dldtcoms.exe -service [?]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2013-12-20 121616]R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2012-8-27 361472]R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2012-8-27 441344]R2 pcServiceHost;pcServiceHost;C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe [2012-8-27 342016]R2 ReadingFanatic_6xService;ReadingFanaticService;C:\PROGRA~2\READIN~2\bar\1.bin\6xbarsvc.exe [2012-12-26 42504]R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-2-18 968880]R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-5 1771544]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 IDVaultSvc;AOL OnePoint Service;C:\Program Files (x86)\AOL OnePoint\IDVaultSvc.exe [2013-7-8 47896]S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-5-12 1025352]S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-10-12 16152]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-23 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-13 1255736].=============== Created Last 30 ================.2013-12-18 14:50:48 -------- d-----w- C:\temp2013-12-18 14:42:02 -------- d-----w- C:\Program Files\Linksicle2013-12-18 14:41:42 -------- d-----w- C:\Users\WilsHome\AppData\Local\cache2013-12-18 14:41:41 -------- d-----w- C:\Users\WilsHome\AppData\Local\Mobogenie2013-12-18 14:41:06 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee2013-12-18 14:40:58 -------- d-----w- C:\Program Files (x86)\Mobogenie2013-12-18 14:40:46 -------- d-----w- C:\Program Files (x86)\McAfee2013-12-11 08:07:06 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe2013-12-11 08:07:06 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe2013-12-11 08:07:05 12625920 ----a-w- C:\Windows\System32\wmploc.DLL2013-12-11 08:07:04 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL2013-12-11 03:59:56 202752 ----a-w- C:\Windows\System32\scrrun.dll.==================== Find3M ====================.2013-12-22 18:20:37 16152 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys2013-12-11 01:03:23 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-12-11 01:03:23 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-11-10 21:10:12 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2013-11-06 02:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys2013-11-05 02:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys2013-11-01 04:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys2013-11-01 03:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-10-25 03:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll2013-10-04 02:16:30 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll2013-10-04 01:36:04 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll2013-10-02 21:14:52 58192 ----a-w- C:\Windows\System32\drivers\lsnfd.sys2013-10-01 05:52:08 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe.============= FINISH: 16:09:33.02 =============== Attach UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 11/27/2009 7:52:45 PMSystem Uptime: 12/22/2013 1:19:46 PM (3 hours ago).Motherboard: PEGATRON CORPORATION | | VIOLETProcessor: AMD Athlon II X4 620 Processor | CPU 1 | 2600/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 584 GiB total, 483.65 GiB free.D: is FIXED (NTFS) - 12 GiB total, 2.217 GiB free.E: is CDROM (CDFS)G: is RemovableH: is RemovableI: is RemovableJ: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP415: 12/20/2013 11:56:52 AM - Removed WeatherBug.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)64 Bit HP CIO Components Installer6500_E709_eDocs6500_E709_Help6500_E709aAdobe AIRAdobe Download AssistantAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Help ManagerAdobe InDesign CS6Adobe Reader 9.5.5Adobe® Content ViewerAmazon KindleAOL OnePointAOL ToolbarAOL Uninstaller (Choose which Products to Remove)Apple Application SupportApple Mobile Device SupportApple Software UpdateAT&T Troubleshoot & Resolve Toolatt.net Internet MailAvery Wizard 4.0AVG 2014AVG PC Tuneup 2011AVG Security ToolbarBing BarBing Rewards Client InstallerBonjourbpd_scanBPDSoftwareBPDSoftware_IniBufferChmCompatibility Pack for the 2007 Office systemCyberLink DVD Suite DeluxeDestinationsDeviceDiscoveryDirectX for Managed Code Update (Summer 2004)DocMgrDocProcDownload Updater (AOL Inc.)DriverUpdateDropboxEPSON Printer SoftwareFaxFlash Player Pro V5.4FlashPlayerGigaClicks CrawlerGoogle ChromeGoogle Update HelperGoToMeeting 5.4.0.1082GPBaseService2GRE POWERPREPHardware Diagnostic ToolsHewlett-Packard ACLM.NET v1.2.1.1HP AdvisorHP Customer Experience EnhancementsHP Customer Participation Program 13.0HP Document Manager 2.0HP GamesHP Imaging Device Functions 13.0HP MediaSmart DemoHP MediaSmart DVDHP MediaSmart Movie ThemesHP MediaSmart Music/Photo/VideoHP MediaSmart SmartMenuHP OdometerHP Officejet 6500 E709 SeriesHP Product DetectionHP Remote SolutionHP SetupHP Solution Center 13.0HP Support AssistantHP Support InformationHP UpdateHPProductAssistantHPSSupplyiCloudiTunesJava 7 Update 17Java Auto UpdaterJava 6 Update 30JavaFX 2.1.1LabelPrintLeague of LegendsLightScribe System SoftwareLightspark 0.5.3-gitLinksicleLSI PCI-SV92EX Soft ModemMacromedia Shockwave PlayerMalwarebytes Anti-Malware version 1.75.0.1300MarketResearchMcAfee Security Scan PlusMcAfee SiteAdvisorMicrosoft .NET Framework 1.1Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Default ManagerMicrosoft Live Search ToolbarMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office Home and Student 60 day trialMicrosoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher 2007Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft VC9 runtime librariesMicrosoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual Studio 2010 Tools for Office Runtime (x64)Microsoft Web Publishing Wizard 1.52Microsoft WorksMicrosoft_VC80_CRT_x86Microsoft_VC90_CRT_x86Mipony Download Manager PackagesMobileMe Control PanelMozilla Firefox 19.0 (x86 en-US)Mozilla Maintenance ServiceMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Network64NVIDIA DriversOCR Software by I.R.I.S. 13.0OverDrive Media ConsolePDF Settings CS6PictureMoverPower2GoPowerDirectorPowerRecoverPRIVATE WiFiProductContextQuickTimeReadingFanatic ToolbarRealtek High Definition Audio DriverSafariScanSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition Shop for HP SuppliesSmileboxSolutionCenterStatusStrongvault Online BackupThe Print Shop 21ToolboxTrayAppUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Viewpoint Media PlayerVisual C++ 8.0 Runtime Setup Package (x64)Visual Studio 2008 x64 RedistributablesVisual Studio 2010 x64 RedistributablesVisual Studio 2012 x64 RedistributablesVisual Studio 2012 x86 RedistributablesVisualBee for Microsoft PowerPointWebRegYahoo! Toolbar.==== Event Viewer Messages From Past Week ========.12/22/2013 3:05:51 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {ABC01078-F197-4B0B-ADBC-CFE684B39C82} and APPID Unavailable to the user WilsHome-PC\WilsHome SID (S-1-5-21-1142207997-2693153613-130597048-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.12/22/2013 1:23:03 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {3EEF301F-B596-4C0B-BD92-013BEAFCE793} and APPID {3EEF301F-B596-4C0B-BD92-013BEAFCE793} to the user WilsHome-PC\WilsHome SID (S-1-5-21-1142207997-2693153613-130597048-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.12/22/2013 1:20:58 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFS12/22/2013 1:20:57 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AOL OnePoint Service service to connect.12/22/2013 1:20:57 PM, Error: Service Control Manager [7000] - The AOL OnePoint Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion..==== End Of File =========================== Link to post Share on other sites More sharing options...
kevinf80 Posted December 22, 2013 ID:767907 Share Posted December 22, 2013 Hello and P2P/Piracy Warning: If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy. Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop. Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator Click on the Scan button. AdwCleaner will begin...be patient as the scan may take some time to complete. When it's done you'll see: Pending: Uncheck any elements you don't want removed. Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. Look over the log especially under Files/Folders for any program you want to save. If there's a program you want to save, just uncheck it from AdwCleaner. If you're not sure, post the log for review. If you're ready to clean it all up.....click the Clean button. After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically. Copy and paste the contents of that logfile in your next reply. A copy of that logfile will also be saved in the C:\AdwCleaner folder. Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine To restore an item that has been deleted (if necessary): Go to Tools > Quarantine Manager > check what you want restored > now click on Restore. Next, Run Malwarebytes, Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.Please Update and run a Full scanMake sure that everything is checked, and click Remove Selected on any found items. Post the produced logs... Kevin Link to post Share on other sites More sharing options...
Blonde2345 Posted December 24, 2013 Author ID:768621 Share Posted December 24, 2013 Hi, Kevinf80Sorry for the late reply, been busy with the holiday season. I hope you have had a happy holidays so far. Thank you for taking the time to help me with my problem. I have run the AdwCleaner.exe. I still had an old one from a few months ago. Xplode's site is in French? The BleepingComputer Link had a lot of the in-Text links that constantly redirected when I downloaded the file. I think I downloaded the right one. I am posting a list of everything that it found (from the Report Button). I am just worried on a few things like C:/End and and the Background Containers (in Files and in the Registry section). I assume AdwCleaner removes all unnecessary things for my computer so it would be safe to just blanket remove everything? Thanks again. # AdwCleaner v3.016 - Report created 24/12/2013 at 13:05:51# Updated 23/12/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : WilsHome - WILSHOME-PC# Running from : C:\Users\WilsHome\Downloads\AdwCleaner (1).exe# Option : Scan ***** [ Services ] ***** Service Found : vToolbarUpdater14.2.0 ***** [ Files / Folders ] ***** File Found : C:\ENDFile Found : C:\Program Files (x86)\Mozilla Firefox\nsprotector.jsFile Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorageFile Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorageFile Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journalFile Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorageFile Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage-journalFile Found : C:\Users\WilsHome\AppData\Roaming\BabMaint.exeFile Found : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\searchplugins\Conduit.xmlFile Found : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\user.jsFile Found : C:\Windows\System32\Tasks\BackgroundContainer Startup TaskFile Found : C:\Windows\System32\Tasks\DSiteFile Found : C:\Windows\System32\Tasks\Scheduled Update for Ask ToolbarFolder Found : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\jddlccindkmjbgjockcahgoaenfpmhhlFolder Found : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\Extensions\{22c11b72-54db-4a18-897f-8deccaf9e26d}Folder Found : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}Folder Found C:\Program Files (x86)\AOL ToolbarFolder Found C:\Program Files (x86)\AVG Secure SearchFolder Found C:\Program Files (x86)\Common Files\AVG Secure SearchFolder Found C:\Program Files (x86)\Common Files\Software Update UtilityFolder Found C:\Program Files (x86)\ConduitFolder Found C:\Program Files (x86)\MobogenieFolder Found C:\Program Files (x86)\MyPC BackupFolder Found C:\Program Files (x86)\SearchprotectFolder Found C:\Program Files (x86)\tuguu slFolder Found C:\Program Files (x86)\ViewpointFolder Found C:\Program Files (x86)\ytbclick_B6Folder Found C:\Program Files\LinksicleFolder Found C:\ProgramData\AOL ToolbarFolder Found C:\ProgramData\AskFolder Found C:\ProgramData\AVG Secure SearchFolder Found C:\ProgramData\ConduitFolder Found C:\ProgramData\ViewpointFolder Found C:\Users\WilsHome\AppData\Local\AOL ToolbarFolder Found C:\Users\WilsHome\AppData\Local\AVG Secure SearchFolder Found C:\Users\WilsHome\AppData\Local\ConduitFolder Found C:\Users\WilsHome\AppData\Local\MobogenieFolder Found C:\Users\WilsHome\AppData\Local\PackageAwareFolder Found C:\Users\WilsHome\AppData\Local\SwvUpdaterFolder Found C:\Users\WilsHome\AppData\Local\Temp\AirInstallerFolder Found C:\Users\WilsHome\AppData\LocalLow\AVG Secure SearchFolder Found C:\Users\WilsHome\AppData\LocalLow\ConduitFolder Found C:\Users\WilsHome\AppData\LocalLow\PriceGongFolder Found C:\Users\WilsHome\AppData\LocalLow\ytbclick_B6Folder Found C:\Users\WilsHome\AppData\Roaming\DSiteFolder Found C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\CT3298937Folder Found C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\SmartbarFolder Found C:\Users\WilsHome\AppData\Roaming\SearchprotectFolder Found C:\Users\WilsHome\Documents\Mobogenie ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\APN PIPKey Found : HKCU\Software\AppDataLow\Software\BackgroundContainerKey Found : HKCU\Software\AppDataLow\Software\ConduitKey Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopesKey Found : HKCU\Software\AppDataLow\Software\CrossriderKey Found : HKCU\Software\AppDataLow\Software\PriceGongKey Found : HKCU\Software\AppDataLow\Software\Shopping Sidekick PluginKey Found : HKCU\Software\AppDataLow\Software\SmartBarKey Found : HKCU\Software\AppDataLow\Software\ytbclick_B6Key Found : HKCU\Software\AppDataLow\ToolbarKey Found : HKCU\Software\AVG Secure SearchKey Found : HKCU\Software\ConduitKey Found : HKCU\Software\dsiteproductsKey Found : HKCU\Software\Google\Chrome\Extensions\jddlccindkmjbgjockcahgoaenfpmhhlKey Found : HKCU\Software\installedbrowserextensionsKey Found : HKCU\Software\InstalledThirdPartyProgramsKey Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.comKey Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E40DD9EB-217C-4110-AEA5-904A06461FF0}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E40DD9EB-217C-4110-AEA5-904A06461FF0}Key Found : HKCU\Software\PIPKey Found : HKCU\Software\tuguu slKey Found : HKCU\Software\YahooPartnerToolbarKey Found : [x64] HKCU\Software\APN PIPKey Found : [x64] HKCU\Software\AVG Secure SearchKey Found : [x64] HKCU\Software\ConduitKey Found : [x64] HKCU\Software\dsiteproductsKey Found : [x64] HKCU\Software\installedbrowserextensionsKey Found : [x64] HKCU\Software\InstalledThirdPartyProgramsKey Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : [x64] HKCU\Software\PIPKey Found : [x64] HKCU\Software\tuguu slKey Found : [x64] HKCU\Software\YahooPartnerToolbarKey Found : HKLM\Software\AVG Secure SearchKey Found : HKLM\Software\AVG Security ToolbarKey Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXEKey Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXEKey Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLLKey Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPIKey Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObjKey Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlKey Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondaryKey Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182202}Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412252}Key Found : HKLM\SOFTWARE\Classes\CLSID\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}Key Found : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Found : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}Key Found : HKLM\SOFTWARE\Classes\CLSID\{E40DD9EB-217C-4110-AEA5-904A06461FF0}Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserKey Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1Key Found : HKLM\SOFTWARE\Classes\dnUpdateKey Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowserKey Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdControllerKey Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186602}Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416652}Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocolKey Found : HKLM\SOFTWARE\Classes\SKey Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApiKey Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3298937Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLEKey Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1Key Found : HKLM\Software\ConduitKey Found : HKLM\Software\firstsearchKey Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jddlccindkmjbgjockcahgoaenfpmhhlKey Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofKey Found : HKLM\Software\InfoAtomsKey Found : HKLM\Software\MetaStreamKey Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97629203-3299-4622-AB27-BF6161EBA472}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF2A20F1-F178-4C05-B010-AC5066F558DB}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancsKey Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancsKey Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E40DD9EB-217C-4110-AEA5-904A06461FF0}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure SearchKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtilityKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayerKey Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-pluginKey Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMPKey Found : HKLM\Software\PIPKey Found : HKLM\Software\SearchProtectKey Found : HKLM\Software\ViewpointKey Found : HKLM\Software\ytbclick_B6Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412252}Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186602}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416652}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}Key Found : [x64] HKLM\SOFTWARE\InstalledThirdPartyProgramsKey Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}Key Found : [x64] HKLM\SOFTWARE\Updater By SweetpacksValue Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [backgroundContainer]Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v19.0 (en-US) [ File : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\prefs.js ] Line Found : user_pref("CT3298937.FirstTime", "true");Line Found : user_pref("CT3298937.FirstTimeFF3", "true");Line Found : user_pref("CT3298937.UserID", "UN26178511482112819");Line Found : user_pref("CT3298937.defaultSearch", "true");Line Found : user_pref("CT3298937.enableAlerts", "true");Line Found : user_pref("CT3298937.enableSearchFromAddressBar", "true");Line Found : user_pref("CT3298937.fixPageNotFoundError", "true");Line Found : user_pref("CT3298937.fullUserID", "UN26178511482112819.IN.20131028112036");Line Found : user_pref("CT3298937.installId", "cidamie1");Line Found : user_pref("CT3298937.installType", "conduitnsisintegration");Line Found : user_pref("CT3298937.isCheckedStartAsHidden", true);Line Found : user_pref("CT3298937.lastVersion", "10.21.1.7");Line Found : user_pref("CT3298937.mam_gk_installer_preapproved.enc", "ZmFsc2U=");Line Found : user_pref("CT3298937.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3298937%26octid%3DCT3298937%26SearchSource%3D61%26CUI%3DUN26178511482112819%26UM%3D[...]Line Found : user_pref("CT3298937.openThankYouPage", "false");Line Found : user_pref("CT3298937.openUninstallPage", "true");Line Found : user_pref("CT3298937.revertSettingsEnabled", "true");Line Found : user_pref("CT3298937.settingsINI", true);Line Found : user_pref("CT3298937.shouldFirstTimeDialog", "false");Line Found : user_pref("CT3298937.smartbar.CTID", "CT3298937");Line Found : user_pref("CT3298937.smartbar.Uninstall", "0");Line Found : user_pref("CT3298937.smartbar.toolbarName", "ytbclick B6 ");Line Found : user_pref("CT3298937.startPage", "true");Line Found : user_pref("CT3298937_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386081569112,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");Line Found : user_pref("aol_toolbar.aolmail.address", "");Line Found : user_pref("aol_toolbar.aolmail.count", "0");Line Found : user_pref("aol_toolbar.aolmail.id", "value");Line Found : user_pref("aol_toolbar.aolmail.imagelist.layout", "empty");Line Found : user_pref("aol_toolbar.aolmail.popup.autoclose", "true");Line Found : user_pref("aol_toolbar.aolmail.user", "");Line Found : user_pref("aol_toolbar.buttons.layout", "mapquest_40872;ebay_46278;netflix_46519;techcrunch_47552;radio_46530;");Line Found : user_pref("aol_toolbar.calendar.date", "{system.date.timestamp}");Line Found : user_pref("aol_toolbar.calendar.displaydate", "{system.date.locale}");Line Found : user_pref("aol_toolbar.calendar.timestamp", "1386081570575");Line Found : user_pref("aol_toolbar.curtain.congrats", "curtain");Line Found : user_pref("aol_toolbar.firsttime.showwindow", false);Line Found : user_pref("aol_toolbar.guid", "{7196771D-D7D7-13B5-9971-17738B3A3276}");Line Found : user_pref("aol_toolbar.install.distroid", "aol");Line Found : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.9660");Line Found : user_pref("aol_toolbar.install.lid", "hyplognew00000010");Line Found : user_pref("aol_toolbar.install.mtmhp", "txtlnkusaolp00000051");Line Found : user_pref("aol_toolbar.install.ncid", "");Line Found : user_pref("aol_toolbar.install.sethomepage", "0");Line Found : user_pref("aol_toolbar.install.setsearch", "0");Line Found : user_pref("aol_toolbar.install.type", "new");Line Found : user_pref("aol_toolbar.metrics.activestampdate", "3");Line Found : user_pref("aol_toolbar.metrics.activestampmonth", "11");Line Found : user_pref("aol_toolbar.metrics.activestampyear", "2013");Line Found : user_pref("aol_toolbar.metrics.log", false);Line Found : user_pref("aol_toolbar.metrics.originalDate", "31");Line Found : user_pref("aol_toolbar.metrics.originalHours", "4");Line Found : user_pref("aol_toolbar.metrics.originalMinutes", "0");Line Found : user_pref("aol_toolbar.metrics.originalMonth", "10");Line Found : user_pref("aol_toolbar.metrics.originalSeconds", "0");Line Found : user_pref("aol_toolbar.metrics.originalYear", "2013");Line Found : user_pref("aol_toolbar.search.button", false);Line Found : user_pref("aol_toolbar.search.cid", "31-10-2013");Line Found : user_pref("aol_toolbar.search.instd", "F7B3EB33550743ABAB4D303703C3E3D8");Line Found : user_pref("aol_toolbar.search.oid", "31-10-2013");Line Found : user_pref("aol_toolbar.search.placement", "right");Line Found : user_pref("aol_toolbar.search.savehistory", false);Line Found : user_pref("aol_toolbar.search.searchtype", "web");Line Found : user_pref("aol_toolbar.search.source", "TB50CL-ff");Line Found : user_pref("aol_toolbar.skin.custom", false);Line Found : user_pref("aol_toolbar.upgrade.showwindow", false);Line Found : user_pref("aol_toolbar.weather.condition", "30");Line Found : user_pref("aol_toolbar.weather.degc", "5");Line Found : user_pref("aol_toolbar.weather.degf", "41");Line Found : user_pref("aol_toolbar.weather.degrees", "F");Line Found : user_pref("aol_toolbar.weather.lastupdate", "");Line Found : user_pref("aol_toolbar.weather.locationid", "USNY0996");Line Found : user_pref("aol_toolbar.weather.zipcode", "10006");Line Found : user_pref("aol_toolbar.widgets.layout", "aolmail,calendar,weather");Line Found : user_pref("aol_toolbar.widgets.log", false);Line Found : user_pref("aol_toolbar.widgets.version", "5.74.1.9660");Line Found : user_pref("extensions.crossrider.bic", "1420fc1b8b40fe569b4418a118c9ab4b");Line Found : user_pref("plugin.state.npconduitfirefoxplugin", 2); -\\ Google Chrome v31.0.1650.63 [ File : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\preferences ] Found : icon_urlFound : search_urlFound : suggest_urlFound : keywordFound : search_urlFound : icon_urlFound : search_urlFound : suggest_urlFound : keyword ************************* AdwCleaner[R0].txt - [24338 octets] - [24/12/2013 13:05:51] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24399 octets] ########## Link to post Share on other sites More sharing options...
Blonde2345 Posted December 24, 2013 Author ID:768627 Share Posted December 24, 2013 So, while I was taking a shower, another person in the house clicked clean on the AdwCleaner.exe. *sigh* I guess it doesn't matter about C:/End or the Background Container. I am currently running the MalwareBytes Full Scan.When I went into Google Chrome to get back to this site after AdwCleaner rebooted the computer, I noticed that using the search bar in Google Chrome redirects through search.conduit.com and then goes into Bing. I also noticed the Linksicle and this PriceChecker thing were still extensions for GoogleChrome so I removed them from the Toolbars. AdwCleaner S0 # AdwCleaner v3.016 - Report created 24/12/2013 at 13:40:08# Updated 23/12/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : WilsHome - WILSHOME-PC# Running from : C:\Users\WilsHome\Downloads\AdwCleaner (1).exe# Option : Clean ***** [ Services ] ***** Service Deleted : vToolbarUpdater14.2.0 ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AOL ToolbarFolder Deleted : C:\ProgramData\AskFolder Deleted : C:\ProgramData\AVG Secure SearchFolder Deleted : C:\ProgramData\ConduitFolder Deleted : C:\ProgramData\ViewpointFolder Deleted : C:\Program Files (x86)\AOL ToolbarFolder Deleted : C:\Program Files (x86)\AVG Secure SearchFolder Deleted : C:\Program Files (x86)\ConduitFolder Deleted : C:\Program Files (x86)\MobogenieFolder Deleted : C:\Program Files (x86)\MyPC BackupFolder Deleted : C:\Program Files (x86)\SearchprotectFolder Deleted : C:\Program Files (x86)\tuguu slFolder Deleted : C:\Program Files (x86)\ViewpointFolder Deleted : C:\Program Files (x86)\ytbclick_B6Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure SearchFolder Deleted : C:\Program Files (x86)\Common Files\Software Update UtilityFolder Deleted : C:\Program Files\LinksicleFolder Deleted : C:\Users\WilsHome\AppData\Local\AOL ToolbarFolder Deleted : C:\Users\WilsHome\AppData\Local\AVG Secure SearchFolder Deleted : C:\Users\WilsHome\AppData\Local\ConduitFolder Deleted : C:\Users\WilsHome\AppData\Local\MobogenieFolder Deleted : C:\Users\WilsHome\AppData\Local\PackageAwareFolder Deleted : C:\Users\WilsHome\AppData\Local\SwvUpdaterFolder Deleted : C:\Users\WilsHome\AppData\Local\Temp\AirInstallerFolder Deleted : C:\Users\WilsHome\AppData\LocalLow\AVG Secure SearchFolder Deleted : C:\Users\WilsHome\AppData\LocalLow\ConduitFolder Deleted : C:\Users\WilsHome\AppData\LocalLow\PriceGongFolder Deleted : C:\Users\WilsHome\AppData\LocalLow\ytbclick_B6Folder Deleted : C:\Users\WilsHome\AppData\Roaming\DSiteFolder Deleted : C:\Users\WilsHome\AppData\Roaming\SearchprotectFolder Deleted : C:\Users\WilsHome\Documents\MobogenieFolder Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\SmartbarFolder Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\CT3298937Folder Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}Folder Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\Extensions\{22c11b72-54db-4a18-897f-8deccaf9e26d}Folder Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\jddlccindkmjbgjockcahgoaenfpmhhlFile Deleted : C:\ENDFile Deleted : C:\Users\WilsHome\AppData\Roaming\BabMaint.exeFile Deleted : C:\Program Files (x86)\Mozilla Firefox\nsprotector.jsFile Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\searchplugins\Conduit.xmlFile Deleted : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\user.jsFile Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorageFile Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorageFile Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journalFile Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorageFile Deleted : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage-journalFile Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup TaskFile Deleted : C:\Windows\System32\Tasks\DSiteFile Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofKey Deleted : HKCU\Software\Google\Chrome\Extensions\jddlccindkmjbgjockcahgoaenfpmhhlKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jddlccindkmjbgjockcahgoaenfpmhhlKey Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.comValue Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [backgroundContainer]Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLLKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPIKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObjKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlKey Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondaryKey Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserKey Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1Key Deleted : HKLM\SOFTWARE\Classes\dnUpdateKey Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowserKey Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdControllerKey Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocolKey Deleted : HKLM\SOFTWARE\Classes\SKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApiKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLEKey Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancsKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancsKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCSValue Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-pluginKey Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMPKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298937Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E40DD9EB-217C-4110-AEA5-904A06461FF0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182202}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412252}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186602}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416652}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E40DD9EB-217C-4110-AEA5-904A06461FF0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{22C11B72-54DB-4A18-897F-8DECCAF9E26D}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E40DD9EB-217C-4110-AEA5-904A06461FF0}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E40DD9EB-217C-4110-AEA5-904A06461FF0}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF2A20F1-F178-4C05-B010-AC5066F558DB}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97629203-3299-4622-AB27-BF6161EBA472}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{22C11B72-54DB-4A18-897F-8DECCAF9E26D}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412252}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186602}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416652}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\APN PIPKey Deleted : HKCU\Software\AVG Secure SearchKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\dsiteproductsKey Deleted : HKCU\Software\installedbrowserextensionsKey Deleted : HKCU\Software\InstalledThirdPartyProgramsKey Deleted : HKCU\Software\PIPKey Deleted : HKCU\Software\tuguu slKey Deleted : HKCU\Software\YahooPartnerToolbarKey Deleted : HKCU\Software\AppDataLow\ToolbarKey Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerKey Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopesKey Deleted : HKCU\Software\AppDataLow\Software\CrossriderKey Deleted : HKCU\Software\AppDataLow\Software\PriceGongKey Deleted : HKCU\Software\AppDataLow\Software\Shopping Sidekick PluginKey Deleted : HKCU\Software\AppDataLow\Software\SmartBarKey Deleted : HKCU\Software\AppDataLow\Software\ytbclick_B6Key Deleted : HKLM\Software\AVG Secure SearchKey Deleted : HKLM\Software\AVG Security ToolbarKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\firstsearchKey Deleted : HKLM\Software\InfoAtomsKey Deleted : HKLM\Software\MetaStreamKey Deleted : HKLM\Software\PIPKey Deleted : HKLM\Software\SearchProtectKey Deleted : HKLM\Software\ViewpointKey Deleted : HKLM\Software\ytbclick_B6Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure SearchKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtilityKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayerKey Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyProgramsKey Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v19.0 (en-US) [ File : C:\Users\WilsHome\AppData\Roaming\Mozilla\Firefox\Profiles\d8ynuuf7.default\prefs.js ] Line Deleted : user_pref("CT3298937.FirstTime", "true");Line Deleted : user_pref("CT3298937.FirstTimeFF3", "true");Line Deleted : user_pref("CT3298937.UserID", "UN26178511482112819");Line Deleted : user_pref("CT3298937.defaultSearch", "true");Line Deleted : user_pref("CT3298937.enableAlerts", "true");Line Deleted : user_pref("CT3298937.enableSearchFromAddressBar", "true");Line Deleted : user_pref("CT3298937.fixPageNotFoundError", "true");Line Deleted : user_pref("CT3298937.fullUserID", "UN26178511482112819.IN.20131028112036");Line Deleted : user_pref("CT3298937.installId", "cidamie1");Line Deleted : user_pref("CT3298937.installType", "conduitnsisintegration");Line Deleted : user_pref("CT3298937.isCheckedStartAsHidden", true);Line Deleted : user_pref("CT3298937.lastVersion", "10.21.1.7");Line Deleted : user_pref("CT3298937.mam_gk_installer_preapproved.enc", "ZmFsc2U=");Line Deleted : user_pref("CT3298937.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3298937%26octid%3DCT3298937%26SearchSource%3D61%26CUI%3DUN26178511482112819%26UM%3D[...]Line Deleted : user_pref("CT3298937.openThankYouPage", "false");Line Deleted : user_pref("CT3298937.openUninstallPage", "true");Line Deleted : user_pref("CT3298937.revertSettingsEnabled", "true");Line Deleted : user_pref("CT3298937.settingsINI", true);Line Deleted : user_pref("CT3298937.shouldFirstTimeDialog", "false");Line Deleted : user_pref("CT3298937.smartbar.CTID", "CT3298937");Line Deleted : user_pref("CT3298937.smartbar.Uninstall", "0");Line Deleted : user_pref("CT3298937.smartbar.toolbarName", "ytbclick B6 ");Line Deleted : user_pref("CT3298937.startPage", "true");Line Deleted : user_pref("CT3298937_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386081569112,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");Line Deleted : user_pref("aol_toolbar.aolmail.address", "");Line Deleted : user_pref("aol_toolbar.aolmail.count", "0");Line Deleted : user_pref("aol_toolbar.aolmail.id", "value");Line Deleted : user_pref("aol_toolbar.aolmail.imagelist.layout", "empty");Line Deleted : user_pref("aol_toolbar.aolmail.popup.autoclose", "true");Line Deleted : user_pref("aol_toolbar.aolmail.user", "");Line Deleted : user_pref("aol_toolbar.buttons.layout", "mapquest_40872;ebay_46278;netflix_46519;techcrunch_47552;radio_46530;");Line Deleted : user_pref("aol_toolbar.calendar.date", "{system.date.timestamp}");Line Deleted : user_pref("aol_toolbar.calendar.displaydate", "{system.date.locale}");Line Deleted : user_pref("aol_toolbar.calendar.timestamp", "1386081570575");Line Deleted : user_pref("aol_toolbar.curtain.congrats", "curtain");Line Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);Line Deleted : user_pref("aol_toolbar.guid", "{7196771D-D7D7-13B5-9971-17738B3A3276}");Line Deleted : user_pref("aol_toolbar.install.distroid", "aol");Line Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.9660");Line Deleted : user_pref("aol_toolbar.install.lid", "hyplognew00000010");Line Deleted : user_pref("aol_toolbar.install.mtmhp", "txtlnkusaolp00000051");Line Deleted : user_pref("aol_toolbar.install.ncid", "");Line Deleted : user_pref("aol_toolbar.install.sethomepage", "0");Line Deleted : user_pref("aol_toolbar.install.setsearch", "0");Line Deleted : user_pref("aol_toolbar.install.type", "new");Line Deleted : user_pref("aol_toolbar.metrics.activestampdate", "3");Line Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "11");Line Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2013");Line Deleted : user_pref("aol_toolbar.metrics.log", false);Line Deleted : user_pref("aol_toolbar.metrics.originalDate", "31");Line Deleted : user_pref("aol_toolbar.metrics.originalHours", "4");Line Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "0");Line Deleted : user_pref("aol_toolbar.metrics.originalMonth", "10");Line Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "0");Line Deleted : user_pref("aol_toolbar.metrics.originalYear", "2013");Line Deleted : user_pref("aol_toolbar.search.button", false);Line Deleted : user_pref("aol_toolbar.search.cid", "31-10-2013");Line Deleted : user_pref("aol_toolbar.search.instd", "F7B3EB33550743ABAB4D303703C3E3D8");Line Deleted : user_pref("aol_toolbar.search.oid", "31-10-2013");Line Deleted : user_pref("aol_toolbar.search.placement", "right");Line Deleted : user_pref("aol_toolbar.search.savehistory", false);Line Deleted : user_pref("aol_toolbar.search.searchtype", "web");Line Deleted : user_pref("aol_toolbar.search.source", "TB50CL-ff");Line Deleted : user_pref("aol_toolbar.skin.custom", false);Line Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);Line Deleted : user_pref("aol_toolbar.weather.condition", "30");Line Deleted : user_pref("aol_toolbar.weather.degc", "5");Line Deleted : user_pref("aol_toolbar.weather.degf", "41");Line Deleted : user_pref("aol_toolbar.weather.degrees", "F");Line Deleted : user_pref("aol_toolbar.weather.lastupdate", "");Line Deleted : user_pref("aol_toolbar.weather.locationid", "USNY0996");Line Deleted : user_pref("aol_toolbar.weather.zipcode", "10006");Line Deleted : user_pref("aol_toolbar.widgets.layout", "aolmail,calendar,weather");Line Deleted : user_pref("aol_toolbar.widgets.log", false);Line Deleted : user_pref("aol_toolbar.widgets.version", "5.74.1.9660");Line Deleted : user_pref("extensions.crossrider.bic", "1420fc1b8b40fe569b4418a118c9ab4b");Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2); -\\ Google Chrome v31.0.1650.63 [ File : C:\Users\WilsHome\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : icon_urlDeleted : search_urlDeleted : suggest_urlDeleted : keyword ************************* AdwCleaner[R0].txt - [24588 octets] - [24/12/2013 13:05:51]AdwCleaner[s0].txt - [24470 octets] - [24/12/2013 13:40:08] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [24531 octets] ########## Link to post Share on other sites More sharing options...
Blonde2345 Posted December 24, 2013 Author ID:768629 Share Posted December 24, 2013 I removed those toolbar extensions after AdwCleaner but before the MalwareBytes Full Scan. Link to post Share on other sites More sharing options...
kevinf80 Posted December 24, 2013 ID:768642 Share Posted December 24, 2013 Thanks for update, post Malwarebytes log anytime you`re ready. Also let me know if any improvement.. Link to post Share on other sites More sharing options...
Blonde2345 Posted December 24, 2013 Author ID:768652 Share Posted December 24, 2013 The scan is going very slow. I will post the log when it is done. Thank you so much for your help. Link to post Share on other sites More sharing options...
kevinf80 Posted December 24, 2013 ID:768660 Share Posted December 24, 2013 Ok.... Link to post Share on other sites More sharing options...
Blonde2345 Posted December 24, 2013 Author ID:768671 Share Posted December 24, 2013 Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.12.24.05 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476WilsHome :: WILSHOME-PC [administrator] 12/24/2013 1:51:04 PMmbam-log-2013-12-24 (13-51-04).txt Scan type: Full scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 815993Time elapsed: 3 hour(s), 18 minute(s), 9 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) That is the MalwareBytes log. Google Chrome is still doing stuff through search.conduit.com and I can see programs like Linksicle, GigaclicksCrawler in the control panel. That stuff is safe I am assuming? Link to post Share on other sites More sharing options...
kevinf80 Posted December 24, 2013 ID:768674 Share Posted December 24, 2013 Download Zoek.zip from here http://www.hijackthis.nl/smeenk/220813/zoek.zip and save that zip file to your Desktop. Double click zip file and extract to your Desktop: you will now have 3 versions of the tool on the Desktop: Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html[/url Double click on each in turn until one version of Zoek will run (accept UAC) The following window will open: Copy and paste the following script from the code box and paste into the field. standardsearch;autoruns;autoclean;emptyclsid;emptyalltemp;installedprogs;CHRdefaults; Select the "Run Script" tab. The following window will open: Please be patient and do not use the PC when the scan is in progress. When complete you maybe asked to re-boot your PC, if so please do Post the produced log in your next reply, also tell me if any improvement.. Kevin Link to post Share on other sites More sharing options...
Blonde2345 Posted December 27, 2013 Author ID:769512 Share Posted December 27, 2013 Hi, KevinSorry for the late response. When I go to download Zoek, it automatically places it into the Downloads folder on the computer. It also opens up a new window from an ad on that website. When I move that folder to the desktop and extract all the files, it creates a new folder on my desktop. When I open that folder it has the three files. I have double clicked and accepted the UAC but none of them work. The DOS one and the Screensaver one briefly open what appears to be a DOS box but neither of those two open the Zoek control panel. Also, I don't understand the Security permissions you linked. When I click on the link the page says it cannot be located. Link to post Share on other sites More sharing options...
kevinf80 Posted December 27, 2013 ID:769526 Share Posted December 27, 2013 Try the following link for information to turn off security: http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/ To save to the desktop using Firefox. Run Firefox, select > tools > options > general tab. In the Download section set the Desktop as d/l preference.... When you have Zoek in place turn off security and make sure browsers are all closed.... Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 31, 2013 Root Admin ID:771017 Share Posted December 31, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts