Jump to content

Recommended Posts

I'm unable to run Malwarebytes or AVG due to permission restrictions.  Computer is running XP Media Center SP3.  I'm sure this computer is loaded with malware. 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_24
Run by Jacki at 12:38:45 on 2014-01-30
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3070.2071 [GMT -6:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Free Firewall Firewall *Enabled* 
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\PasswordBox\pbbtnService.exe
C:\Program Files\Pogo Games\PGMTrusted.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE\Monitor.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE
C:\Program Files\Common Files\AOL\1169875595\ee\AOLSoftware.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\Jacki\Application Data\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uWindow Title = Powered by Charter Communications
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uProxyOverride = <local>
uURLSearchHooks: <No Name>: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - c:\program files\utilitychest_49\bar\1.bin\49SrcAs.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: Search Assistant BHO: {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - c:\program files\utilitychest_49\bar\1.bin\49SrcAs.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - c:\program files\aol toolbar\aoltb.dll
BHO: Charter Toolbar: {4E7BD74F-2B8D-469E-85AB-AF21F3D9AE2F} - c:\program files\chartertoolbar\chartertoolbar.dll
BHO: Toolbar BHO: {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - 
BHO: ShopAtHome.com Cash Back Helper: {66516A07-F617-488A-90CF-4E690CFB3C5F} - c:\documents and settings\jacki\application data\shopathome\shopathometoolbar\tbcore3U.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\17.3.2.101\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: midicairus Toolbar: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - c:\program files\midicairus\prxtbmid0.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: Ask Toolbar: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - c:\program files\aol toolbar\aoltb.dll
TB: Charter Toolbar: {4E7BD74F-2B8D-469E-85AB-AF21F3D9AE2F} - c:\program files\chartertoolbar\chartertoolbar.dll
TB: midicairus Toolbar: {EFB1E45A-148D-40F9-A3F0-09D5577F9970} - c:\program files\midicairus\prxtbmid0.dll
TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - c:\documents and settings\jacki\application data\shopathome\shopathometoolbar\tbcore3U.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll
TB: Charter Toolbar: {4E7BD74F-2B8D-469E-85AB-AF21F3D9AE2F} - c:\program files\chartertoolbar\chartertoolbar.dll
TB: midicairus Toolbar: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - c:\program files\midicairus\prxtbmid0.dll
TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - c:\documents and settings\jacki\application data\shopathome\shopathometoolbar\tbcore3U.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\17.3.2.101\AVG SafeGuard toolbar_toolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [NBJ] "c:\program files\ahead\nero backitup\NBJ.exe"
uRun: [EPSON Stylus C84 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /M "Stylus C84" /EF "HKCU"
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [cdloader] "c:\documents and settings\jacki\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [EPSON Stylus Photo R220 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIAIA.EXE /P30 "EPSON Stylus Photo R220 Series" /M "Stylus Photo R220" /EF "HKCU"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [CTSysVol] c:\program files\creative\sound blaster live! 24-bit\surround mixer\CTSysVol.exe /r
mRun: [P17Helper] Rundll32 P17.dll,P17Helper
mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [LVCOMS] c:\program files\common files\logitech\qcdriver\LVCOMS.EXE
mRun: [ulead AutoDetector] c:\program files\ulead systems\ulead photo explorer 8.0 se\Monitor.exe
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [EPSON Stylus Photo R220 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIAIA.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB003" /M "Stylus Photo R220"
mRun: [HostManager] c:\program files\common files\aol\1169875595\ee\AOLSoftware.exe
mRun: [EPSON Stylus Photo R220 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\E_FATIAIA.EXE /P39 "EPSON Stylus Photo R220 Series (Copy 1)" /O6 "USB003" /M "Stylus Photo R220"
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [shopAtHomeWatcher] c:\documents and settings\jacki\application data\shopathome\shopathomehelper\ShopAtHomeWatcher.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\jacki\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mi1933~1\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - c:\progra~1\yahoo!\messen~1\YPager.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 172.16.1.1
TCP: Interfaces\{2C1AB247-DB2C-4415-9228-75FF07734EE5} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{DF39F4E8-CD05-4705-A930-4C1268C4D686} : DHCPNameServer = 172.16.1.1
TCP: Interfaces\{F3AE5859-673C-47C6-A5A2-D3069BA35A5C} : NameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\17.3.0\ViProtocol.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.102\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jacki\application data\mozilla\firefox\profiles\mnebujlp.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - component: c:\documents and settings\jacki\application data\mozilla\firefox\profiles\mnebujlp.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - component: c:\documents and settings\jacki\application data\mozilla\firefox\profiles\mnebujlp.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\MailUtil.dll
FF - plugin: c:\documents and settings\jacki\application data\mozilla\firefox\profiles\mnebujlp.default\extensions\{efb1e45a-148d-40f9-a3f0-09d5577f9970}\plugins\np-mswmp.dll
FF - plugin: c:\documents and settings\jacki\local settings\application data\yahoo!\browserplus\2.7.1\plugins\npybrowserplus_2.7.1.dll
FF - plugin: c:\progra~1\mi1933~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mi1933~1\office14\NPSPWRAP.DLL
FF - plugin: c:\progra~1\mozill~1\plugins\npdeployJava1.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npdnu.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npdnupdater2.dll
FF - plugin: c:\progra~1\mozill~1\plugins\npnul32.dll
FF - plugin: c:\progra~1\mozill~1\plugins\NPOFFICE.DLL
FF - plugin: c:\progra~1\mozill~1\plugins\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false
FF - user.js: extensions.zonealarm.id - e0da87600000000000000011952a47d5
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 15968
FF - user.js: extensions.zonealarm.vrsn - 1.8.22.0
FF - user.js: extensions.zonealarm.vrsni - 1.8.22.0
FF - user.js: extensions.zonealarm.vrsnTs - 1.8.22.011:14:29
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1025
FF - user.js: extensions.zonealarm.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - goughDev3
FF - user.js: extensions.zonealarm.instlRef - ZLN36064925514202-1012
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.ffxUnstlRst - false
FF - user.js: extensions.zonealarm.admin - false
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm.rvrt - true
FF - user.js: extensions.zonealarm.hmpg - true
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.dnsErr - true
FF - user.js: extensions.zonealarm.newTab - true
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-3-31 37664]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-7-8 214024]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2013-8-12 528232]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-11-20 283136]
R2 PasswordBox;PasswordBox;c:\program files\passwordbox\pbbtnService.exe [2013-11-1 67584]
R2 PGMTrusted;PGMTrusted;c:\program files\pogo games\PGMTrusted.exe [2012-10-29 519920]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-9-8 5087584]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesService32.exe [2013-10-8 1739064]
R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
R2 vToolbarUpdater17.1.3;vToolbarUpdater17.1.3;c:\program files\common files\avg secure search\vtoolbarupdater\17.1.3\ToolbarUpdater.exe [2013-11-20 1643696]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files\checkpoint\zonealarm\ZAPrivacyService.exe [2013-6-18 54160]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesDriver32.sys [2013-9-18 12320]
S2 UtilityChest_49Service;Utility ChestService;c:\progra~1\utilit~2\bar\1.bin\49barsvc.exe --> c:\progra~1\utilit~2\bar\1.bin\49barsvc.exe [?]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-8-15 34248]
S3 QCPro;Logitech QuickCam Pro USB(PID_D001);c:\windows\system32\drivers\p35u.sys [2005-8-20 116448]
.
=============== Created Last 30 ================
.
2014-01-30 18:06:29 -------- d--h--w- c:\windows\PIF
2014-01-30 06:03:40 -------- d-----w- c:\program files\ESET
2014-01-30 05:33:11 -------- d--h--w- c:\windows\system32\GroupPolicy
.
==================== Find3M  ====================
.
2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-25 07:48:36 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-11-20 16:47:10 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll
.
============= FINISH: 12:44:38.20 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 8/20/2005 11:19:41 AM
System Uptime: 1/30/2014 3:23:44 AM (9 hours ago)
.
Motherboard: Dell Inc.           |  | 0X8582
Processor:               Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 144 GiB total, 87.025 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Sound Blaster Live! 24-bit
Device ID: PCI\VEN_1102&DEV_0007&SUBSYS_10071102&REV_00\4&5855BE9&0&20F0
Manufacturer: Creative
Name: Sound Blaster Live! 24-bit
PNP Device ID: PCI\VEN_1102&DEV_0007&SUBSYS_10071102&REV_00\4&5855BE9&0&20F0
Service: P17
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01A71028&REV_01\4&5855BE9&0&40F0
Manufacturer: Intel
Name: Intel® PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01A71028&REV_01\4&5855BE9&0&40F0
Service: E100B
.
==== System Restore Points ===================
.
RP2910: 11/1/2013 4:46:27 PM - System Checkpoint
RP2911: 11/3/2013 8:59:58 AM - System Checkpoint
RP2912: 11/4/2013 1:26:56 PM - System Checkpoint
RP2913: 11/5/2013 1:37:31 PM - System Checkpoint
RP2914: 11/6/2013 1:42:47 PM - System Checkpoint
RP2915: 11/8/2013 5:44:45 PM - System Checkpoint
RP2916: 11/9/2013 6:17:36 PM - System Checkpoint
RP2917: 11/11/2013 8:40:21 PM - System Checkpoint
RP2918: 11/13/2013 12:09:44 AM - System Checkpoint
RP2919: 11/13/2013 11:37:37 PM - Software Distribution Service 3.0
RP2920: 11/15/2013 10:14:07 AM - System Checkpoint
RP2921: 11/16/2013 10:18:20 AM - System Checkpoint
RP2922: 11/18/2013 10:05:36 AM - System Checkpoint
RP2923: 11/19/2013 11:52:46 AM - System Checkpoint
RP2924: 11/20/2013 12:14:36 PM - System Checkpoint
RP2925: 11/22/2013 9:25:08 AM - System Checkpoint
RP2926: 11/23/2013 4:25:06 PM - System Checkpoint
RP2927: 11/24/2013 5:20:23 PM - System Checkpoint
RP2928: 11/25/2013 5:31:57 PM - System Checkpoint
RP2929: 11/27/2013 11:27:13 AM - System Checkpoint
RP2930: 11/30/2013 12:18:19 PM - System Checkpoint
RP2931: 12/1/2013 12:40:05 PM - System Checkpoint
RP2932: 12/2/2013 4:47:04 PM - System Checkpoint
RP2933: 12/3/2013 4:53:00 PM - System Checkpoint
RP2934: 12/4/2013 4:57:42 PM - System Checkpoint
RP2935: 12/6/2013 3:28:28 PM - System Checkpoint
RP2936: 12/7/2013 4:20:14 PM - System Checkpoint
RP2937: 12/9/2013 10:45:28 AM - System Checkpoint
RP2938: 12/10/2013 11:01:04 AM - System Checkpoint
RP2939: 12/11/2013 11:22:19 AM - System Checkpoint
RP2940: 12/12/2013 12:27:43 AM - Software Distribution Service 3.0
RP2941: 12/19/2013 1:24:22 PM - System Checkpoint
RP2942: 12/20/2013 3:00:18 AM - Software Distribution Service 3.0
RP2943: 12/21/2013 3:04:47 AM - System Checkpoint
RP2944: 12/29/2013 12:36:43 PM - System Checkpoint
RP2945: 12/30/2013 1:09:04 PM - System Checkpoint
RP2946: 1/3/2014 9:05:15 PM - System Checkpoint
RP2947: 1/8/2014 5:40:33 PM - System Checkpoint
RP2948: 1/9/2014 5:42:27 PM - System Checkpoint
RP2949: 1/10/2014 7:11:51 PM - System Checkpoint
RP2950: 1/11/2014 7:40:38 PM - System Checkpoint
RP2951: 1/12/2014 7:52:38 PM - System Checkpoint
RP2952: 1/13/2014 8:44:24 PM - System Checkpoint
RP2953: 1/18/2014 8:56:33 PM - System Checkpoint
RP2954: 1/19/2014 12:39:46 AM - Software Distribution Service 3.0
RP2955: 1/24/2014 1:28:29 PM - System Checkpoint
RP2956: 1/25/2014 1:51:18 PM - System Checkpoint
RP2957: 1/25/2014 4:32:50 PM - Removed ABBYY FineReader 5.0 Sprint
RP2958: 1/30/2014 3:00:29 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.06)
Adobe Shockwave Player 11.5
Amazon Send to Kindle
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
AOLIcon
Ask Toolbar
ATI Control Panel
ATI Display Driver
AVG 2013
AVG PC TuneUp 2014
AVG PC TuneUp 2014 (en-US)
AVG SafeGuard toolbar
Charter Toolbar
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Creative MediaSource
Creative Memories Memory Manager
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Picture Studio v3.0
Dell Support 3.1
Dell System Restore
Digital Line Detect
DLL Opener
Docs Opener
Download Updater (AOL LLC)
EarthLink setup files
EPSON Copy Utility 3
EPSON ESPR220 Reference Guide
EPSON Print CD
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
ESET Online Scanner v3
Files Opened
Google Chrome
Google Update Helper
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel Matrix Storage Manager
Intel® PRO Network Connections Software v9.2.4.11
Intel® PROSafe for Wired Connections
Internet Explorer Default Page
Java Auto Updater
Java 6 Update 24
Jewel Quest
Jewel Quest Solitaire
Kaspersky Online Scanner
LEGO My Style Kindergarten
Logitech QuickCam
Macromedia Flash Player
magicJack
Malwarebytes Anti-Malware version 1.75.0.1300
MasterPlans 1.5
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office FrontPage 2003
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft PowerPoint Viewer 97
Microsoft Software Update for Web Folders  (English) 14
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works Suite Add-in for Microsoft Word
midicairus Toolbar
Modem Helper
Monopoly City
Mozilla Firefox (3.0.19)
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicmatch for Windows Media Player
Musicmatch® Jukebox
My Way Search Assistant
Nero 6 Ultra Edition
Otto
Photo DVD 1.0
PhotoImpression 5
Pogo Games
PowerDVD 5.5
QuickTime
QuickTime 3.0
RealPlayer Basic
Scrapbook Factory Deluxe 3.0
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2817670) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834902-v2)
Security Update for Windows Media Player (KB2834902)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shockwave
ShopAtHome.com Toolbar
Sonic Encoders
Sound Blaster Live! 24-bit
Supreme Savings
TeamViewer 8
TomTom HOME
Ulead Photo Explorer 8.0 SE
Ulead PhotoImpact 8 SE
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Utility Chest Internet Explorer Toolbar
VC_MergeModuleToMSI
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Player 10
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WiseFixer 3.2
WONswap
Works Upgrade
Yahoo! BrowserPlus 2.7.1
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
ZoneAlarm Firewall
ZoneAlarm Free Firewall
ZoneAlarm Security
ZoneAlarm Security Toolbar 
.
==== Event Viewer Messages From Past Week ========
.
1/30/2014 3:26:04 AM, error: Service Control Manager [7000]  - The Utility ChestService service failed to start due to the following error:  The system cannot find the 
 
file specified.
1/29/2014 8:35:45 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-
 
11D0-8F20-00805F2CD064}
1/29/2014 8:33:00 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AVGIDSDriver AVGIDSShim Avgldx86 
 
Fips intelppm mfehidk
1/29/2014 8:33:00 PM, error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the 
 
following error:  A device attached to the system is not functioning.
1/29/2014 8:32:10 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: 
 
{1BE1F766-5536-11D1-B726-00C04FB926AF}
1/29/2014 8:14:46 PM, error: Dhcp [1002]  - The IP address lease 192.168.2.5 for the Network Card with network address 0011952A47D5 has been denied by the DHCP server 
 
172.16.1.1 (The DHCP Server sent a DHCPNACK message).
1/24/2014 11:08:03 AM, error: Dhcp [1002]  - The IP address lease 192.168.2.5 for the Network Card with network address 0011952A47D5 has been denied by the DHCP server 
 
192.168.2.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Please download RKill from here: http://www.bleepingcomputer.com/download/rkill/

 

There are three buttons to choose from with different names on, select the first one and save it to your desktop.

 

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
  • If the tool does not run from any of the links provided, please let me know.

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Let me see those logs in next reply..

 

Kevin

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Lots of Adware dross on your system, run the following to remove it:-

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

Also:

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced logs from those steps, also give an update o remaining issues or concerns...

 

Thanks,

 

Kevin

fixlist.txt

Link to post
Share on other sites

Everything seems to be working fine.  Logs attached.  

 

This machine is not my system.  I've been attempting to help out a family member. I'd appreciate any advice on how to prevent things like this in the future.   

Thanks, Kevin!

 

Anita

 

-------Fixlog------

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-01-2014 01
Ran by Jacki at 2014-02-01 09:24:16 Run:1
Running from C:\Documents and Settings\Jacki\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Start
HKLM\...\Run: [shopAtHomeWatcher] - C:\Documents and Settings\Jacki\Application Data\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [103864 2012-10-18] ()
C:\Documents and Settings\Jacki\Application Data\ShopAtHome
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\McAfee.com <====== ATTENTION
MountPoints2: J - J:\autorun.exe
MountPoints2: {c0b6ea1c-e253-11db-949c-00038a000015} - J:\InstallTomTomHOME.exe
BHO: Search Assistant BHO - {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files\UtilityChest_49\bar\1.bin\49SrcAs.dll (MindSpark)
C:\Program Files\UtilityChest_49
S2 UtilityChest_49Service; C:\PROGRA~1\UTILIT~2\bar\1.bin\49barsvc.exe [x]
U1 WS2IFSL; 
U3 mbr; \??\C:\DOCUME~1\Jacki\LOCALS~1\Temp\mbr.sys [x]
C:\Documents and Settings\All Users\mjsetup.exe
C:\Documents and Settings\All Users\setup.exe
C:\WINDOWS\Tasks\At1.job
C:\Documents and Settings\Jacki\Local Settings\Temp\hpzscr01.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\Jacki\APPLIC~1\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:131C0EE9
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:21F28B00
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:57B4E612
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:A73EAFFB
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F3AB0B43
AlternateDataStreams: C:\Documents and Settings\Jacki\Desktop\Update_kindle_3.1_B006 (1).bin:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\Jacki\Desktop\Update_kindle_3.1_B006 (1).bin:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
End
*****************
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeWatcher => Value deleted successfully.
C:\Documents and Settings\Jacki\Application Data\ShopAtHome => Moved successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0b6ea1c-e253-11db-949c-00038a000015} => Key deleted successfully.
HKCR\CLSID\{c0b6ea1c-e253-11db-949c-00038a000015} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06e05b40-77fa-40b6-9077-ed1a7577b1ef} => Key deleted successfully.
HKCR\CLSID\{06e05b40-77fa-40b6-9077-ed1a7577b1ef} => Key deleted successfully.
C:\Program Files\UtilityChest_49 => Moved successfully.
UtilityChest_49Service => Service deleted successfully.
WS2IFSL => Service deleted successfully.
mbr => Service not found.
C:\Documents and Settings\All Users\mjsetup.exe => Moved successfully.
C:\Documents and Settings\All Users\setup.exe => Moved successfully.
C:\WINDOWS\Tasks\At1.job => Moved successfully.
C:\Documents and Settings\Jacki\Local Settings\Temp\hpzscr01.exe => Moved successfully.
C:\WINDOWS\Tasks\At1.job not found.
C:\Documents and Settings\All Users\Application Data\TEMP => ":131C0EE9" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":21F28B00" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":57B4E612" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":A73EAFFB" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":F3AB0B43" ADS removed successfully.
C:\Documents and Settings\Jacki\Desktop\Update_kindle_3.1_B006 (1).bin => ":SummaryInformation" ADS removed successfully.
C:\Documents and Settings\Jacki\Desktop\Update_kindle_3.1_B006 (1).bin => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
 
==== End of Fixlog ====
 
------AdwCleaner[sO]--------
# AdwCleaner v3.018 - Report created 01/02/2014 at 09:37:26
# Updated 28/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jacki - TASHA
# Running from : C:\Documents and Settings\Jacki\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\open it!
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\SiteRanker
Folder Deleted : C:\Program Files\AppGraffiti
Folder Deleted : C:\Program Files\AskBarDis
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\Program Files\openit
Folder Deleted : C:\Program Files\SelectRebates
Folder Deleted : C:\Program Files\Supreme Savings
Folder Deleted : C:\Program Files\TotalRecipeSearch_14EI
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\midicairus
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Documents and Settings\Jacki\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Jacki\Local Settings\Application Data\iac
Folder Deleted : C:\Documents and Settings\Jacki\Local Settings\Application Data\midicairus
Folder Deleted : C:\Documents and Settings\Jacki\Application Data\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Documents and Settings\Jacki\Application Data\DriverCure
Folder Deleted : C:\Documents and Settings\Jacki\Application Data\iWin
Folder Deleted : C:\Documents and Settings\Jacki\Application Data\utilitychest_49
Folder Deleted : C:\Documents and Settings\Jacki\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Jacki\Application Data\Mozilla\Firefox\Profiles\mnebujlp.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\Jacki\Application Data\Mozilla\Firefox\Profiles\mnebujlp.default\CT3184201
Folder Deleted : C:\Documents and Settings\Jacki\Application Data\Mozilla\Firefox\Profiles\mnebujlp.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Documents and Settings\Jacki\Application Data\Mozilla\Firefox\Profiles\mnebujlp.default\Extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
Folder Deleted : C:\Documents and Settings\Jacki\Application Data\Mozilla\Firefox\Profiles\mnebujlp.default\Extensions\{efb1e45a-148d-40f9-a3f0-09d5577f9970}
Folder Deleted : C:\Documents and Settings\Jacki\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Program Files\Mozilla Firefox\Components\AskSearch.js
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Documents and Settings\Jacki\Application Data\Mozilla\Firefox\Profiles\mnebujlp.default\searchplugins\Ask.xml
File Deleted : C:\Documents and Settings\Jacki\Application Data\Mozilla\Firefox\Profiles\mnebujlp.default\searchplugins\Conduit.xml
File Deleted : C:\Documents and Settings\Jacki\Application Data\Mozilla\Firefox\Profiles\mnebujlp.default\searchplugins\zonealarm.xml
File Deleted : C:\Documents and Settings\Jacki\Application Data\Mozilla\Firefox\Profiles\mnebujlp.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{ED76C299-85BC-4891-9237-74A140C28832}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2
Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\RebateInf.RebateInfObj
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3184201
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{156F4006-0999-4E54-9ED3-B7B064D3DD0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDF6C42-132C-45F5-92DE-DC13F40C6DAB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23B38049-323F-443D-9732-F454E5B15B72}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3462C343-BE19-4143-AF70-CEFB56F46FC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A421C8F-E238-4AEB-8874-B8B5F2CC4772}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{60E91567-EF8A-4520-BCE2-83ABA5256799}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B9F8C21-46EC-4C0B-8683-E755EF84577A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B278D9F8-0FA9-465E-9938-0C392605D8E3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{156F4006-0999-4E54-9ED3-B7B064D3DD0A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3462C343-BE19-4143-AF70-CEFB56F46FC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A421C8F-E238-4AEB-8874-B8B5F2CC4772}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{60E91567-EF8A-4520-BCE2-83ABA5256799}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B278D9F8-0FA9-465E-9938-0C392605D8E3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{156F4006-0999-4E54-9ED3-B7B064D3DD0A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B559DA3-3250-46FA-89E7-A6B83FDD5CC1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5954B5F-9609-429F-8F53-DA7BC806E37B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{84DC9F6C-C9A5-4C64-AB67-D6EF60F963C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E08A9998-D98F-476F-8F5C-37C80FE0A4DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{84DC9F6C-C9A5-4C64-AB67-D6EF60F963C8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Common Files\AOL\1169875595\ee\aolsoftware.exe]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\MyWaySA
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SiteRanker
Key Deleted : HKCU\Software\smartbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Supreme Savings
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\midicairus
Key Deleted : HKCU\Software\AppDataLow\AskBarDis
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\Software\AskBarDis
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\iWon
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\Software\MyWaySA
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\Software\midicairus
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Supreme Savings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\midicairus Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Supreme Savings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\midicairus Toolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v3.0.19 (en-US)
 
[ File : C:\Documents and Settings\Jacki\Application Data\Mozilla\Firefox\Profiles\mnebujlp.default\prefs.js ]
 
Line Deleted : user_pref("CT3184201..clientLogIsEnabled", false);
Line Deleted : user_pref("CT3184201.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_129724205037270565", true);
Line Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_129724205037426813", true);
Line Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_130094118902993153", true);
Line Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_130094119114847944", true);
Line Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_130094119575686716", true);
Line Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_130105395871520577", true);
Line Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_1330956386000", true);
Line Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_1367225899000", true);
Line Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_6565815752657123216", true);
Line Deleted : user_pref("CT3184201.CTID", "CT3184201");
Line Deleted : user_pref("CT3184201.CommunitiesChangesLastCheckTime", "0");
Line Deleted : user_pref("CT3184201.CurrentServerDate", "2-5-2013");
Line Deleted : user_pref("CT3184201.DSInstall", true);
Line Deleted : user_pref("CT3184201.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT3184201.DialogsGetterLastCheckTime", "Tue Apr 30 2013 13:04:44 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT3184201.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT3184201.EMailNotifierCheckInterval", "5");
Line Deleted : user_pref("CT3184201.EMailNotifierPollDate", "Tue Nov 06 2012 14:39:24 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.EMailNotifierSound", "NONE");
Line Deleted : user_pref("CT3184201.ExternalComponentPollDate5342832749374672449", "Fri Nov 30 2012 10:47:56 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FeedLastCount129724205037739308", 0);
Line Deleted : user_pref("CT3184201.FeedPollDate129237173390688207", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FeedPollDate129237173390688210", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FeedPollDate129238703378572556", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FeedPollDate129238703378572557", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FeedPollDate129238703378572558", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FeedPollDate129238703378572559", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FeedPollDate129238703378572560", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FeedPollDate129238824209885828", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FeedPollDate129238824209885829", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FeedPollDate129238824209885830", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.FirstServerDate", "6-11-2012");
Line Deleted : user_pref("CT3184201.FirstTime", true);
Line Deleted : user_pref("CT3184201.FirstTimeFF3", true);
Line Deleted : user_pref("CT3184201.FirstTimeHiddenVer", true);
Line Deleted : user_pref("CT3184201.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT3184201.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT3184201.GroupingLastCheckTime", "0");
Line Deleted : user_pref("CT3184201.GroupingLastServerUpdateTime", "0");
Line Deleted : user_pref("CT3184201.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT3184201.HPInstall", true);
Line Deleted : user_pref("CT3184201.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT3184201.HomePageProtectorEnabled", true);
Line Deleted : user_pref("CT3184201.Initialize", true);
Line Deleted : user_pref("CT3184201.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT3184201.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT3184201.InstallationId", "conduitinstaller.exe");
Line Deleted : user_pref("CT3184201.InstallationType", "ConduitNSISIntegration");
Line Deleted : user_pref("CT3184201.InstalledDate", "Tue Nov 06 2012 13:09:02 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.InvalidateCache", false);
Line Deleted : user_pref("CT3184201.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT3184201.IsGrouping", false);
Line Deleted : user_pref("CT3184201.IsInitSetupIni", true);
Line Deleted : user_pref("CT3184201.IsMulticommunity", false);
Line Deleted : user_pref("CT3184201.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT3184201.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT3184201.IsProtectorsInit", true);
Line Deleted : user_pref("CT3184201.LanguagePackLastCheckTime", "Thu May 02 2013 10:23:43 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT3184201.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT3184201.LastLogin_3.14.1.0", "Mon Apr 22 2013 10:04:29 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT3184201.LastLogin_3.18.0.7", "Thu May 02 2013 10:23:43 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT3184201.LatestVersion", "3.18.0.7");
Line Deleted : user_pref("CT3184201.Locale", "en");
Line Deleted : user_pref("CT3184201.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT3184201.MCDetectTooltipShow", false);
Line Deleted : user_pref("CT3184201.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT3184201.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT3184201.OriginalFirstVersion", "3.14.1.0");
Line Deleted : user_pref("CT3184201.RadioIsPodcast", false);
Line Deleted : user_pref("CT3184201.RadioLastCheckTime", "Fri Nov 30 2012 10:48:01 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT3184201.RadioLastUpdateServer", "3");
Line Deleted : user_pref("CT3184201.RadioMediaID", "9962");
Line Deleted : user_pref("CT3184201.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT3184201.RadioMenuSelectedID", "EBRadioMenu_CT31842019962");
Line Deleted : user_pref("CT3184201.RadioShrinkedFromSetup", false);
Line Deleted : user_pref("CT3184201.RadioStationName", "California%20Rock");
Line Deleted : user_pref("CT3184201.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT3184201.SearchCaption", "midicairus Customized Web Search");
Line Deleted : user_pref("CT3184201.SearchEngineBeforeUnload", "midicairus Customized Web Search");
Line Deleted : user_pref("CT3184201.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT3184201.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT3184201.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT3184201.SearchInNewTabLastCheckTime", "Thu May 02 2013 10:23:42 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT3184201.SearchProtectorEnabled", true);
Line Deleted : user_pref("CT3184201.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT3184201.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT3184201.ServiceMapLastCheckTime", "Thu May 02 2013 10:23:42 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT3184201.SettingsLastCheckTime", "Thu May 02 2013 10:23:42 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT3184201.SettingsLastUpdate", "1367479395");
Line Deleted : user_pref("CT3184201.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT3184201.ThirdPartyComponentsLastCheck", "Fri Nov 30 2012 10:47:49 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT3184201.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT3184201.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT3184201.UserID", "UN12842303018862045");
Line Deleted : user_pref("CT3184201.ValidationData_Search", 2);
Line Deleted : user_pref("CT3184201.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT3184201.WeatherNetwork", "");
Line Deleted : user_pref("CT3184201.WeatherPollDate", "Fri Nov 30 2012 10:48:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.WeatherUnit", "F");
Line Deleted : user_pref("CT3184201.alertChannelId", "1594758");
Line Deleted : user_pref("CT3184201.approveUntrustedApps", false);
Line Deleted : user_pref("CT3184201.autoDisableScopes", -1);
Line Deleted : user_pref("CT3184201.components.1000034", false);
Line Deleted : user_pref("CT3184201.components.129724205034145620", false);
Line Deleted : user_pref("CT3184201.globalFirstTimeInfoLastCheckTime", "Wed Nov 21 2012 15:02:11 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3184201.initDone", true);
Line Deleted : user_pref("CT3184201.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT3184201.isFirstRadioInstallation", false);
Line Deleted : user_pref("CT3184201.myStuffEnabled", true);
Line Deleted : user_pref("CT3184201.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT3184201.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT3184201.navigateToUrlOnSearch", false);
Line Deleted : user_pref("CT3184201.revertSettingsEnabled", false);
Line Deleted : user_pref("CT3184201.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT3184201.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3184201.testingCtid", "");
Line Deleted : user_pref("CT3184201.toolbarAppMetaDataLastCheckTime", "Thu May 02 2013 10:23:43 GMT-0500 (Central Daylight Time)");
Line Deleted : user_pref("CT3184201.toolbarContextMenuLastCheckTime", "Wed Nov 21 2012 15:02:11 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT3184201.usagesFlag", 2);
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "midicairus Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3184201");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3184201");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3184201");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "6f0b540c-0cd7-4abe-acfd-c0aed8c0ee71");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3184201");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Nov 30 2012 10:48:01 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Nov 30 2012 10:48:08 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Nov 30 2012 10:48:00 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "3a916cc6-6fc5-4ad4-8bd3-ce8b8582882d");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Inbox Search");
Line Deleted : user_pref("CommunityToolbar.permanenceEngine", false);
Line Deleted : user_pref("CommunityToolbar.twitter.user_15846407.LastCheckTime", "Fri Nov 30 2012 10:48:02 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.twitter.user_16190898.LastCheckTime", "Fri Nov 30 2012 10:48:01 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Fri Nov 30 2012 10:48:02 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.twitter.user_17461978.LastCheckTime", "Fri Nov 30 2012 10:48:02 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.twitter.user_18676177.LastCheckTime", "Fri Nov 30 2012 10:48:02 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Fri Nov 30 2012 10:48:01 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Fri Nov 30 2012 10:48:02 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.twitter.user_21324258.LastCheckTime", "Fri Nov 30 2012 10:48:02 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.twitter.user_21879024.LastCheckTime", "Fri Nov 30 2012 10:48:02 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.twitter.user_2883841.LastCheckTime", "Fri Nov 30 2012 10:48:02 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("aol_toolbar.buttons.layout", "aol_mail_5496;share_this_page_23802;aol_mail;weather_4982;shoutcast_radio_5302;ebay_5016;");
Line Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
Line Deleted : user_pref("aol_toolbar.guid", "{B8743683-0078-0E25-A9B4-11D2F426AE63}");
Line Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.6518");
Line Deleted : user_pref("aol_toolbar.metrics.activestampdate", "2");
Line Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "4");
Line Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2013");
Line Deleted : user_pref("aol_toolbar.metrics.originalDate", "4");
Line Deleted : user_pref("aol_toolbar.metrics.originalHours", "19");
Line Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "20");
Line Deleted : user_pref("aol_toolbar.metrics.originalMonth", "4");
Line Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "38");
Line Deleted : user_pref("aol_toolbar.metrics.originalYear", "2010");
Line Deleted : user_pref("aol_toolbar.remote.alerts.xml", "1367508223895");
Line Deleted : user_pref("aol_toolbar.remote.publish.xml", "1367508224132");
Line Deleted : user_pref("aol_toolbar.remote.ticker.rss", "1367514225100");
Line Deleted : user_pref("aol_toolbar.rtw.active", false);
Line Deleted : user_pref("aol_toolbar.search.cid", "15-02-2011");
Line Deleted : user_pref("aol_toolbar.search.focusnewtab", false);
Line Deleted : user_pref("aol_toolbar.search.instd", "20100327173508622");
Line Deleted : user_pref("aol_toolbar.search.newtab", false);
Line Deleted : user_pref("aol_toolbar.search.oid", "04-04-2010");
Line Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
Line Deleted : user_pref("aol_toolbar.search.savehistory", true);
Line Deleted : user_pref("aol_toolbar.search.searchtype", "web");
Line Deleted : user_pref("aol_toolbar.search.source", "tb50-ff-aol");
Line Deleted : user_pref("aol_toolbar.skin.custom", false);
Line Deleted : user_pref("aol_toolbar.surf.date", "4");
Line Deleted : user_pref("aol_toolbar.surf.lastDate", "2");
Line Deleted : user_pref("aol_toolbar.surf.lastMonth", "4");
Line Deleted : user_pref("aol_toolbar.surf.lastYear", "2013");
Line Deleted : user_pref("aol_toolbar.surf.mURL", "");
Line Deleted : user_pref("aol_toolbar.surf.mURLh", "0");
Line Deleted : user_pref("aol_toolbar.surf.mURLw", "0");
Line Deleted : user_pref("aol_toolbar.surf.mURLx", "0");
Line Deleted : user_pref("aol_toolbar.surf.mURLy", "0");
Line Deleted : user_pref("aol_toolbar.surf.milestone", "-1");
Line Deleted : user_pref("aol_toolbar.surf.month", "4");
Line Deleted : user_pref("aol_toolbar.surf.prevMonth", "83");
Line Deleted : user_pref("aol_toolbar.surf.show", true);
Line Deleted : user_pref("aol_toolbar.surf.total", "1348");
Line Deleted : user_pref("aol_toolbar.surf.week", "21");
Line Deleted : user_pref("aol_toolbar.surf.year", "188");
Line Deleted : user_pref("aol_toolbar.ticker.animation", "hscroll");
Line Deleted : user_pref("aol_toolbar.ticker.collapsed", "0");
Line Deleted : user_pref("aol_toolbar.ticker.endColor", "444444");
Line Deleted : user_pref("aol_toolbar.ticker.fontFamily", "Arial, Helvetica, sans-serif");
Line Deleted : user_pref("aol_toolbar.ticker.fontSize", "10");
Line Deleted : user_pref("aol_toolbar.ticker.maxWidth", "200");
Line Deleted : user_pref("aol_toolbar.ticker.show", true);
Line Deleted : user_pref("aol_toolbar.ticker.startColor", "0D0D0D");
Line Deleted : user_pref("aol_toolbar.ticker.tipHidden", "Show Headlines");
Line Deleted : user_pref("aol_toolbar.ticker.tipVisible", "Hide Headlines");
Line Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "midicairus Customized Web Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("extensions.snipit.askTbInstalled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._14Members_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.installDate", "2012110613");
Line Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.partnerId", "^YK^xdm209^S02464^us");
Line Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.partnerSubId", "CP--_OXB7bECFUTAKgods0YAfA");
Line Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.toolbarId", "3E647B66-81A9-4AE2-9B27-F2D305F18028");
Line Deleted : user_pref("extensions.toolbar.mindspark._14Members_.options.defaultSearch", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._14Members_.options.homePageEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._14Members_.options.keywordEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._14Members_.options.tabEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "totalrecipesearch@mindspark.com");
 
-\\ Google Chrome v32.0.1700.102
 
[ File : C:\Documents and Settings\Jacki\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [52387 octets] - [01/02/2014 09:28:03]
AdwCleaner[s0].txt - [53369 octets] - [01/02/2014 09:37:26]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [53430 octets] ##########
 
----------JRT---------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by Jacki on Sat 02/01/2014 at  9:50:47.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\search protection
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\aol toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sparktrust
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\aol toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sparktrust
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4623A8C4-150D-4983-8982-68C01E7D6541}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\domaiq uninstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-85AB-AF21F3D9AE2F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-85AB-AF21F3D9AE30}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-85AB-AF21F3D9AE31}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-85AB-AF21F3D9AE2F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EE0BDD94-AC35-4354-8011-B7AD9EB8F67D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CAC254B5-0407-47AD-9AB4-C9518A200844}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3EF64538-8B54-4573-B48F-4D34B0238AB2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66516A07-F617-488A-90CF-4E690CFB3C5F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66516A07-F617-488A-90CF-4E690CFB3C5F}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\aol toolbar"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\regwork"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\sparktrust"
Successfully deleted: [Folder] "C:\Documents and Settings\Jacki\Application Data\sparktrust"
Successfully deleted: [Folder] "C:\Documents and Settings\Jacki\Local Settings\Application Data\aol toolbar"
Successfully deleted: [Folder] "C:\Program Files\aol toolbar"
Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Program Files\regwork"
 
 
 
~~~ FireFox
 
Successfully deleted: [Folder] C:\Documents and Settings\Jacki\Application Data\mozilla\firefox\profiles\mnebujlp.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Successfully deleted the following from C:\Documents and Settings\Jacki\Application Data\mozilla\firefox\profiles\mnebujlp.default\prefs.js
 
user_pref("ibryte_playbryte.installpixelfired", true);
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/01/2014 at  9:57:45.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
--------Malwarebytes----------
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.01.05
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jacki :: TASHA [administrator]
 
2/1/2014 10:02:30 AM
mbam-log-2014-02-01 (10-02-30).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: File System | P2P
Objects scanned: 229857
Time elapsed: 2 minute(s), 25 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 
Link to post
Share on other sites

Yep permissions issue is fixed, We need to run an online AV scan to ensure there are no remnants of any infection left on your system that we may have missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report in next reply

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Let me see those logs....

Link to post
Share on other sites

Kevin,

 

The ESET Online scan found nothing.  The only issue causing me a bit of concern is when I click to open a new tab in Internet Explorer I get a white page with with a Zone Alarm search box in the center.  I can't find anyway to disable or get rid of that.  Should I be concerned about it?

 

Here's the checkup log.

 

 Results of screen317's Security Check version 0.99.79 
 Windows XP Service Pack 3 x86  
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled! 
AVG AntiVirus Free Edition 2013  
 Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 AVG PC TuneUp 2014 
 AVG PC TuneUp 2014 (en-US)
 Java 6 Update 24 
 Java version out of Date!
 Adobe Flash Player  11.8.800.94 
 Adobe Reader XI 
 Mozilla Firefox (3.0.19) Firefox out of Date! 
 Google Chrome 32.0.1700.102 
 Google Chrome 32.0.1700.76 
````````Process Check: objlist.exe by Laurent```````` 
 AVG avgwdsvc.exe
 CheckPoint ZoneAlarm vsmon.exe 
 CheckPoint ZoneAlarm ZAPrivacyService.exe 
 CheckPoint ZoneAlarm zatray.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 6%
````````````````````End of Log``````````````````````
 

Link to post
Share on other sites

Regarding Internet Explorer, go here: http://windows.microsoft.com/en-gb/windows-vista/reset-internet-explorer-8-settings  Scroll to "Rest Internet Explorer settings automatically" expand that option, run the "Fixit" does that help?

 

Next,

 

Your Java javaicon.gif is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.

 

Upgrading Java:

 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them.

 

Let me know if any remaining issues or concerns...

 

Kevin

Link to post
Share on other sites

Kevin,

 

I'm unable to do the fix you requested on Internet Explorer.  When I click on the FixIt button, I get two run boxes that pop up.  Clicking Run on those boxes opens a Windows Picture and Fax window saying "no preview available".

 

I'm having no luck with the Java either.  When I click "Do I have Java?", on the verifying installation window I get a white box with "Error. Click for details."  There is no clickable link.  Eventually it says we are unable to verify if Java is currently installed and enabled in your browser.  I have made sure Java is enabled in the browser.  Closed the browser, reopened and tried again with the same results.  I did not attempt to download and install the latest version without going through the verifying version routine so have no idea if that would have worked.

 

Anita

Link to post
Share on other sites

For Internet Explorer go here: http://go.microsoft.com/?linkid=9646978 download the fixit tool to your Desktop, run the tool, accept the agreement and follow the prompt. That should reset IE to Default settings.

 

For Java, go to start > control panel > add/remove programs. Uninstall any version of Java that is listed...

 

Go here: https://www.java.com/en/download/help/windows_manual_download.xml  d/l and install Java...

 

Kevin

Link to post
Share on other sites

Ok run the following to clean up:

 

We need to remove FRST,  first it is very important to deal with its own Quarantine folder by using FRST itself..

 

OK, we continue:

 

Delete any fixlist.txt file previously used, continue:

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

 

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). That will confirm the removal action, delete if successful.

 

Next,

 

Delete FRST.exe from your Desktop or the folder it was saved to, navigate to and delete its folder C:\FRST

 

Next,

 

Download "Delfix by Xplode" and save it to your desktop.

Delfix link mirror

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 


  •    
  • Activate UAC
       
  • Remove disinfection tools
       
  • Purge System Restore

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Let me know if those steps complete, also if any remaining issues or concerns. Read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Kevin

 

 

fixlist.txt

Link to post
Share on other sites

Kevin,

 

The fixlog.text confirmed the removal action so I deleted the program as instructed.

 

Had a bit of an issue downloading the Delfix.  When I click on the link a new IE window opens and nothing happens.  This has been an issue when I am using IE in opening all the links you have sent.  It's not an issue if I'm using Chrome.  I can get around it by either copying and pasting the link into a new tab or click open in a new tab and it comes right up.  Seems I shouldn't have to do that.  I'm thinking maybe a setting somewhere that will automatically open it in a new tab rather than a new IE window?

 

Also in Delfix the Activate UAC was grayed out so couldn't select that.  I made sure the others were checked that you requested and ran the program.  Hope that was the OK.

 

Other than these things everything seems to be fine.

 

Anita

Link to post
Share on other sites

UAC was greyed out because XP does not have that option, only Vista and Above....

 

Regarding the Tab issue, maybe the settings are wrong. Open Internet Explorer > Tools > Internet Options, select the "General" tab. Midway in that window you see the "Tabs" button, you will then see a window similar to what I attach, make sure your settings are the same, then click apply > ok. Does that help?

post-3601-0-37144800-1391547930_thumb.pn

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.