dejah307 Posted October 13, 2013 Report Share Posted October 13, 2013 My computer is running slow and I need help to clean it up. Link to post Share on other sites
flashh4 Posted October 13, 2013 Report Share Posted October 13, 2013 Howdy and welcome to BestTechie !!! My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!Do Not Remove anything or run any tools/programs until advised to do so !Perform all actions in the order given.Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up ! Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections. If you think you have similar problems, please post a log in the Malware Removal forum and wait for help. ===================================AdwCleaner Please download adwcleaner by Xplode onto your desktop.Double click on AdwCleaner.exe to run the tool again. Windows XP : Double click on the icon to run it. Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator" *Click on the Scan button. *AdwCleaner will begin to scan your computer like it did before. *After the scan has finished... *This time, click on the Clean button. *Press OK when asked to close all programs and follow the onscreen prompts. *Press OK again to allow AdwCleaner to restart the computer and complete the removal process. *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically. *Copy and paste the contents of that logfile in your next reply. *A copy of that logfile will also be saved in the C:\AdwCleaner folder.NEXT Please download Junkware Removal Tool and save to your desk top. Shut down your protection software now to avoid potential conflicts. * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". * The tool will open and start scanning your system. * Please be patient as this can take a while to complete depending on your system's specifications. * On completion, a log (JRT.txt) is saved to your desktop and will automatically open. * Post the contents of JRT.txt into your next reply ! Re-Boot your computer now !!NEXTMALWAREBYTES with Pics:Please download Malwarebytes' Anti-Malware to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan.When the scan is complete, click OK, then Show Results to view the results. * Then click Remove Selected . * When completed, a log will open in Notepad. Please save it to a convenient location and post the results. * Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.Please don't attach the scans / logs, use "copy/paste". Post these logs !! ThanksChuck Link to post Share on other sites
dejah307 Posted October 14, 2013 Author Report Share Posted October 14, 2013 # AdwCleaner v3.007 - Report created 13/10/2013 at 17:23:29# Updated 09/10/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Dejah - DEJAH-PC# Running from : C:\Users\Dejah\Downloads\adwcleaner.exe# Option : Clean***** [ Services ] *****Service Deleted : CltMngSvc[#] Service Deleted : IBUpdaterService[#] Service Deleted : Yontoo Desktop Updater***** [ Files / Folders ] *****Folder Deleted : C:\ProgramData\AVG Secure SearchFolder Deleted : C:\ProgramData\BabylonFolder Deleted : C:\ProgramData\ConduitFolder Deleted : C:\ProgramData\SweetIMFolder Deleted : C:\ProgramData\Tarma InstallerFolder Deleted : C:\Program Files (x86)\AVG Secure SearchFolder Deleted : C:\Program Files (x86)\ConduitFolder Deleted : C:\Program Files (x86)\optimizer proFolder Deleted : C:\Program Files (x86)\SearchprotectFolder Deleted : C:\Program Files (x86)\SelectRebatesFolder Deleted : C:\Program Files (x86)\SweetIMFolder Deleted : C:\Program Files (x86)\ZyngaFolder Deleted : C:\Program Files (x86)\SweetPacksFolder Deleted : C:\Program Files (x86)\SweetPacks_A11Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure SearchFolder Deleted : C:\Windows\SysWOW64\ARFCFolder Deleted : C:\Windows\SysWOW64\jmdpFolder Deleted : C:\Windows\SysWOW64\WNLTFolder Deleted : C:\Users\Dejah\AppData\Local\apnFolder Deleted : C:\Users\Dejah\AppData\Local\AVG Secure SearchFolder Deleted : C:\Users\Dejah\AppData\Local\ConduitFolder Deleted : C:\Users\Dejah\AppData\LocalLow\AVG Secure SearchFolder Deleted : C:\Users\Dejah\AppData\LocalLow\ConduitFolder Deleted : C:\Users\Dejah\AppData\LocalLow\DeltaFolder Deleted : C:\Users\Dejah\AppData\LocalLow\SweetIMFolder Deleted : C:\Users\Dejah\AppData\LocalLow\ZyngaFolder Deleted : C:\Users\Dejah\AppData\LocalLow\SweetPacksFolder Deleted : C:\Users\Dejah\AppData\LocalLow\SweetPacks_A11Folder Deleted : C:\Users\Dejah\AppData\Roaming\BabylonFolder Deleted : C:\Users\Dejah\AppData\Roaming\DefaultTabFolder Deleted : C:\Users\Dejah\AppData\Roaming\DSiteFolder Deleted : C:\Users\Dejah\AppData\Roaming\iWinFolder Deleted : C:\Users\Dejah\AppData\Roaming\optimizer proFolder Deleted : C:\Users\Dejah\AppData\Roaming\SearchprotectFolder Deleted : C:\Users\Dejah\Documents\optimizer proFolder Deleted : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\jetpackFolder Deleted : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\Extensions\[email protected]Folder Deleted : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\Extensions\Avg@toolbarFolder Deleted : C:\Users\Dejah\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbclFolder Deleted : C:\Users\Dejah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofFolder Deleted : C:\Users\Dejah\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfedmikikmahmpaimpfelmikhaigobp[!] Folder Deleted : C:\Users\Dejah\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfedmikikmahmpaimpfelmikhaigobpFile Deleted : C:\ENDFile Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnkFile Deleted : C:\Windows\System32\dmwu.exeFile Deleted : C:\Windows\System32\ImhxxpComm.dllFile Deleted : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\bProtector_extensions.rdfFile Deleted : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\defaulttab.configFile Deleted : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\invalidprefs.jsFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xmlFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xmlFile Deleted : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\searchplugins\delta.xmlFile Deleted : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\searchplugins\searchgol.xmlFile Deleted : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\searchplugins\search-here.xmlFile Deleted : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\user.jsFile Deleted : C:\Users\Dejah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorageFile Deleted : C:\Windows\System32\Tasks\DSite***** [ Shortcuts ] ********** [ Registry ] *****Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahlaKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofKey Deleted : HKCU\Software\Google\Chrome\Extensions\opfedmikikmahmpaimpfelmikhaigobpKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\opfedmikikmahmpaimpfelmikhaigobpValue Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchProtect]Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLLKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPIKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObjKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtilsKey Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimatorKey Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1Key Deleted : HKLM\SOFTWARE\Classes\Prod.capKey Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbhoKey Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocolKey Deleted : HKLM\SOFTWARE\Classes\SKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApiKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbarKey Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhookKey Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetieKey Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLEKey Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancsKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancsKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exeValue Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetIM]Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-pluginKey Deleted : HKCU\Software\90d7d0e03bb912Key Deleted : HKLM\SOFTWARE\90d7d0e03bb912Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3310511Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3316071Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ConduitFloatingPlugin_opfedmikikmahmpaimpfelmikhaigobp]Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ConduitFloatingPlugin_banjjklfojcdbofbhbgiedekefohoaff]Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E8A1050-CF67-4575-92DF-DCC60E7D952D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E6C03E0-D368-4690-8168-9848D4C0F587}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{707DCA12-3F99-4D94-AFEA-06DCC0AE0108}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D94B53EB-4F19-43C9-80CB-0645C447694C}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B13EC3E-999A-4B70-B9CB-2617B8323822}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BA373B3-227F-4D72-8591-3CD81DA123A8}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E8A1050-CF67-4575-92DF-DCC60E7D952D}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{707DCA12-3F99-4D94-AFEA-06DCC0AE0108}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B13EC3E-999A-4B70-B9CB-2617B8323822}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7E8A1050-CF67-4575-92DF-DCC60E7D952D}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{707DCA12-3F99-4D94-AFEA-06DCC0AE0108}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B13EC3E-999A-4B70-B9CB-2617B8323822}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5E6C03E0-D368-4690-8168-9848D4C0F587}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D94B53EB-4F19-43C9-80CB-0645C447694C}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9BA373B3-227F-4D72-8591-3CD81DA123A8}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF143CEE-9D39-4788-A089-CBE99FA86E54}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{398FEE9F-EAF9-4879-98D7-0677E0D47D15}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{493A230F-C5C7-4303-9593-29D9855D929B}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5651A468-756F-4D66-B8C3-7FF8E29D00AF}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7E8A1050-CF67-4575-92DF-DCC60E7D952D}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{707DCA12-3F99-4D94-AFEA-06DCC0AE0108}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7E8A1050-CF67-4575-92DF-DCC60E7D952D}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{707DCA12-3F99-4D94-AFEA-06DCC0AE0108}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7E8A1050-CF67-4575-92DF-DCC60E7D952D}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{707DCA12-3F99-4D94-AFEA-06DCC0AE0108}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\1ClickDownloadKey Deleted : HKCU\Software\AVG Secure SearchKey Deleted : HKCU\Software\BabSolutionKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\DataMngr[#] Key Deleted : HKCU\Software\DataMngr_ToolbarKey Deleted : HKCU\Software\Default TabKey Deleted : HKCU\Software\dsiteproductsKey Deleted : HKCU\Software\ilividKey Deleted : HKCU\Software\IMKey Deleted : HKCU\Software\ImInstallerKey Deleted : HKCU\Software\InstallCoreKey Deleted : HKCU\Software\searchgol LTDKey Deleted : HKCU\Software\SearchProtectKey Deleted : HKCU\Software\smartbarKey Deleted : HKCU\Software\wnltKey Deleted : HKCU\Software\YahooPartnerToolbarKey Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKCU\Software\AppDataLow\ToolbarKey Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopesKey Deleted : HKCU\Software\AppDataLow\Software\smartbarKey Deleted : HKCU\Software\AppDataLow\Software\SweetPacksKey Deleted : HKCU\Software\AppDataLow\Software\SweetPacks_A11Key Deleted : HKCU\Software\AppDataLow\Software\ZyngaKey Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}Key Deleted : HKLM\Software\AVG Secure SearchKey Deleted : HKLM\Software\AVG Security ToolbarKey Deleted : HKLM\Software\BabylonKey Deleted : HKLM\Software\BabylonToolbarKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\DataMngrKey Deleted : HKLM\Software\Freeze.comKey Deleted : HKLM\Software\SearchProtectKey Deleted : HKLM\Software\SweetPacksKey Deleted : HKLM\Software\SweetPacks_A11Key Deleted : HKLM\Software\ZyngaKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure SearchKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtectKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wnltKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zynga ToolbarKey Deleted : [x64] HKLM\SOFTWARE\Tarma InstallerKey Deleted : [x64] HKLM\SOFTWARE\wnltData Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL***** [ Browsers ] *****-\\ Internet Explorer v10.0.9200.16720Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]-\\ Mozilla Firefox v24.0 (en-US)[ File : C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\prefs.js ]Line Deleted : user_pref("CT3310511.FF19Solved", "true");Line Deleted : user_pref("CT3310511.UserID", "UN39393586881330638");Line Deleted : user_pref("CT3310511.browser.search.defaultthis.engineName", "true");Line Deleted : user_pref("CT3310511.fullUserID", "UN39393586881330638.IN.20131013135210");Line Deleted : user_pref("CT3310511.installDate", "13/10/2013 13:52:22");Line Deleted : user_pref("CT3310511.installSessionId", "{B9EE29DA-AF5B-4F74-85E0-2E19EBB758A8}");Line Deleted : user_pref("CT3310511.installSp", "TRUE");Line Deleted : user_pref("CT3310511.installerVersion", "1.7.1.7");Line Deleted : user_pref("CT3310511.keyword", "true");Line Deleted : user_pref("CT3310511.originalSearchEngine", "");Line Deleted : user_pref("CT3310511.originalSearchEngineName", "");Line Deleted : user_pref("CT3310511.searchRevert", "false");Line Deleted : user_pref("CT3310511.searchUserMode", "2");Line Deleted : user_pref("CT3310511.smartbar.homepage", "true");Line Deleted : user_pref("CT3310511.versionFromInstaller", "10.20.3.20");Line Deleted : user_pref("CT3310511.xpeMode", "0");Line Deleted : user_pref("CT3316071.ConnectTB_activeApp.enc", "aW5zdGFncmFt");Line Deleted : user_pref("CT3316071.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");Line Deleted : user_pref("CT3316071.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");Line Deleted : user_pref("CT3316071.FF19Solved", "true");Line Deleted : user_pref("CT3316071.FirstTime", "true");Line Deleted : user_pref("CT3316071.FirstTimeFF3", "true");Line Deleted : user_pref("CT3316071.LAST_CLIENT_STATS_SUBMIT_2.enc", "MTM4MTcwMTY1Mg==");Line Deleted : user_pref("CT3316071.PG_ENABLE", "dHJ1ZQ==");Line Deleted : user_pref("CT3316071.SF_JUST_INSTALLED.enc", "RkFMU0U=");Line Deleted : user_pref("CT3316071.SF_STATUS.enc", "RU5BQkxFRA==");Line Deleted : user_pref("CT3316071.SF_USER_ID.enc", "Y2lkXzEzMTAyMDEzMTYwNTAzODg0MzA2");Line Deleted : user_pref("CT3316071.UserID", "UN21364190081381716");Line Deleted : user_pref("CT3316071.acp_personal.appstate.enc", "ZW5hYmxl");Line Deleted : user_pref("CT3316071.addressBarTakeOverEnabledInHidden", "true");Line Deleted : user_pref("CT3316071.browser.search.defaultthis.engineName", "true");Line Deleted : user_pref("CT3316071.cbfirsttime.enc", "U3VuIE9jdCAxMyAyMDEzIDE2OjAwOjUzIEdNVC0wNjAwIChNb3VudGFpbiBTdGFuZGFyZCBUaW1lKQ==");Line Deleted : user_pref("CT3316071.countryCode", "US");Line Deleted : user_pref("CT3316071.defaultSearch", "true");Line Deleted : user_pref("CT3316071.embeddedsData", "[{\"appId\":\"130250223890654913\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]Line Deleted : user_pref("CT3316071.enableAlerts", "true");Line Deleted : user_pref("CT3316071.enableSearchFromAddressBar", "true");Line Deleted : user_pref("CT3316071.firstTimeDialogOpened", "true");Line Deleted : user_pref("CT3316071.fixPageNotFoundError", "true");Line Deleted : user_pref("CT3316071.fixPageNotFoundErrorByUser", "true");Line Deleted : user_pref("CT3316071.fixPageNotFoundErrorInHidden", "true");Line Deleted : user_pref("CT3316071.fullUserID", "UN21364190081381716.IN.20131013112442");Line Deleted : user_pref("CT3316071.installDate", "13/10/2013 11:25:02");Line Deleted : user_pref("CT3316071.installId", "cid103");Line Deleted : user_pref("CT3316071.installSessionId", "{7DBD227C-CC21-40E4-986D-7C9DE48E50A6}");Line Deleted : user_pref("CT3316071.installSp", "TRUE");Line Deleted : user_pref("CT3316071.installType", "conduitnsisintegration");Line Deleted : user_pref("CT3316071.installUsage", "2013-10-13T20:29:15.8612764+03:00");Line Deleted : user_pref("CT3316071.installUsageEarly", "2013-10-13T20:29:12.4237764+03:00");Line Deleted : user_pref("CT3316071.installerVersion", "1.7.1.7");Line Deleted : user_pref("CT3316071.isCheckedStartAsHidden", true);Line Deleted : user_pref("CT3316071.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");Line Deleted : user_pref("CT3316071.isFirstTimeToolbarLoading", "false");Line Deleted : user_pref("CT3316071.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");Line Deleted : user_pref("CT3316071.keyword", "true");Line Deleted : user_pref("CT3316071.lastVersion", "10.20.3.520");Line Deleted : user_pref("CT3316071.mam_gk_appStateReportTime.enc", "MTM4MTcwMTAwODg5MQ==");Line Deleted : user_pref("CT3316071.mam_gk_appState_ACplus.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appState_CouponBuddy.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appState_Discover.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appState_Discover_Apps.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appState_Easytobook.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appState_Easytobook_targeted.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appState_Easytobookcars.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appState_Find-a-Pro.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appState_PriceGong.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appState_WindowShopper.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appState_app13.enc", "b24=");Line Deleted : user_pref("CT3316071.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFVybCI6bnVsbCwib3B0aW9uc0Rp[...]Line Deleted : user_pref("CT3316071.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");Line Deleted : user_pref("CT3316071.mam_gk_calledSetupService.enc", "MQ==");Line Deleted : user_pref("CT3316071.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJTZWFyY2giLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIxZWJkNjhhYS0yMmUxLTQ1N2EtYTkzNC02ZDJkMDRkMGRjMWMiLCJ[...]Line Deleted : user_pref("CT3316071.mam_gk_currentVersion.enc", "MS4xMC40LjA=");Line Deleted : user_pref("CT3316071.mam_gk_existingUsersRecoveryDone.enc", "MQ==");Line Deleted : user_pref("CT3316071.mam_gk_first_time.enc", "MQ==");Line Deleted : user_pref("CT3316071.mam_gk_installer_preapproved.enc", "ZmFsc2U=");Line Deleted : user_pref("CT3316071.mam_gk_lastLoginTime.enc", "MTM4MTcwMTAwNTI0Mg==");Line Deleted : user_pref("CT3316071.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]Line Deleted : user_pref("CT3316071.mam_gk_mamEnabled.enc", "dHJ1ZQ==");Line Deleted : user_pref("CT3316071.mam_gk_new_welcome_experience.enc", "MQ==");Line Deleted : user_pref("CT3316071.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");Line Deleted : user_pref("CT3316071.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMzVfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiVVMiLCJpc1dlbGNvbWVFeHBl[...]Line Deleted : user_pref("CT3316071.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");Line Deleted : user_pref("CT3316071.mam_gk_userId.enc", "NzU3MTQzZmYtNDVkMi00MjczLTk3MmEtMWI2MGY2OGYxMTU1");Line Deleted : user_pref("CT3316071.mam_gk_user_approval_interacted.enc", "MQ==");Line Deleted : user_pref("CT3316071.mam_gk_welcomeDialogMode.enc", "MQ==");Line Deleted : user_pref("CT3316071.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsweetpacksa11.ourtoolbar.com%2FUninstallInstructions%2F\",\"EB_MAIN_FRAME_TITLE\":\"%0A%09How%20to%20Uninstall%0A\",[...]Line Deleted : user_pref("CT3316071.openThankYouPage", "false");Line Deleted : user_pref("CT3316071.openUninstallPage", "true");Line Deleted : user_pref("CT3316071.originalHomepage", "about:home");Line Deleted : user_pref("CT3316071.originalSearchAddressUrl", "");Line Deleted : user_pref("CT3316071.originalSearchEngine", "");Line Deleted : user_pref("CT3316071.originalSearchEngineName", "");Line Deleted : user_pref("CT3316071.price-gong.isManagedApp", "true");Line Deleted : user_pref("CT3316071.revertSettingsEnabled", "false");Line Deleted : user_pref("CT3316071.search.searchAppId", "130250223890654913");Line Deleted : user_pref("CT3316071.search.searchCount", "0");Line Deleted : user_pref("CT3316071.searchFromAddressBarEnabledByUser", "true");Line Deleted : user_pref("CT3316071.searchInNewTabEnabledByUser", "true");Line Deleted : user_pref("CT3316071.searchInNewTabEnabledInHidden", "true");Line Deleted : user_pref("CT3316071.searchRevert", "false");Line Deleted : user_pref("CT3316071.searchSuggestEnabledByUser", "true");Line Deleted : user_pref("CT3316071.searchUserMode", "2");Line Deleted : user_pref("CT3316071.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");Line Deleted : user_pref("CT3316071.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");Line Deleted : user_pref("CT3316071.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");Line Deleted : user_pref("CT3316071.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3316071\"}");Line Deleted : user_pref("CT3316071.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"SweetPacks A11 \"}");Line Deleted : user_pref("CT3316071.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");Line Deleted : user_pref("CT3316071.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");Line Deleted : user_pref("CT3316071.serviceLayer_services_Configuration_lastUpdate", "1381685376126");Line Deleted : user_pref("CT3316071.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1381685380081");Line Deleted : user_pref("CT3316071.serviceLayer_services_appsMetadata_lastUpdate", "1381685380101");Line Deleted : user_pref("CT3316071.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1381685379862");Line Deleted : user_pref("CT3316071.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1381685376782");Line Deleted : user_pref("CT3316071.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1381685380561");Line Deleted : user_pref("CT3316071.serviceLayer_services_login_10.20.3.20_lastUpdate", "1381685380589");Line Deleted : user_pref("CT3316071.serviceLayer_services_login_10.20.3.520_lastUpdate", "1381689376062");Line Deleted : user_pref("CT3316071.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1381685379963");Line Deleted : user_pref("CT3316071.serviceLayer_services_searchAPI_lastUpdate", "1381685376765");Line Deleted : user_pref("CT3316071.serviceLayer_services_serviceMap_lastUpdate", "1381685375181");Line Deleted : user_pref("CT3316071.serviceLayer_services_toolbarContextMenu_lastUpdate", "1381685380425");Line Deleted : user_pref("CT3316071.serviceLayer_services_toolbarSettings_lastUpdate", "1381700993258");Line Deleted : user_pref("CT3316071.serviceLayer_services_translation_lastUpdate", "1381685380524");Line Deleted : user_pref("CT3316071.settingsINI", true);Line Deleted : user_pref("CT3316071.shouldFirstTimeDialog", "false");Line Deleted : user_pref("CT3316071.showToolbarPermission", "false");Line Deleted : user_pref("CT3316071.smartbar.CTID", "CT3316071");Line Deleted : user_pref("CT3316071.smartbar.Uninstall", "0");Line Deleted : user_pref("CT3316071.smartbar.homepage", "true");Line Deleted : user_pref("CT3316071.smartbar.toolbarName", "SweetPacks A11 ");Line Deleted : user_pref("CT3316071.startPage", "true");Line Deleted : user_pref("CT3316071.toolbarBornServerTime", "13-10-2013");Line Deleted : user_pref("CT3316071.toolbarCurrentServerTime", "13-10-2013");Line Deleted : user_pref("CT3316071.toolbarLoginClientTime", "Sun Oct 13 2013 11:29:40 GMT-0600 (Mountain Standard Time)");Line Deleted : user_pref("CT3316071.versionFromInstaller", "10.20.3.20");Line Deleted : user_pref("CT3316071.xpeMode", "0");Line Deleted : user_pref("CT3316071_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1381701630505,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "SweetPacks A11 Customized Web Search");Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3316071");Line Deleted : user_pref("browser.search.defaultenginename", "SweetPacks Customized Web Search");Line Deleted : user_pref("browser.search.defaultthis.engineName", "SweetPacks Customized Web Search");Line Deleted : user_pref("browser.search.selectedEngine", "SweetPacks Customized Web Search");Line Deleted : user_pref("extensions.delta.admin", false);Line Deleted : user_pref("extensions.delta.aflt", "babsst");Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");Line Deleted : user_pref("extensions.delta.autoRvrt", "false");Line Deleted : user_pref("extensions.delta.dfltLng", "en");Line Deleted : user_pref("extensions.delta.excTlbr", false);Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);Line Deleted : user_pref("extensions.delta.id", "b699d7ec0000000000000ceee6aa1c99");Line Deleted : user_pref("extensions.delta.instlDay", "15811");Line Deleted : user_pref("extensions.delta.instlRef", "sst");Line Deleted : user_pref("extensions.delta.newTab", false);Line Deleted : user_pref("extensions.delta.prdct", "delta");Line Deleted : user_pref("extensions.delta.prtnrId", "delta");Line Deleted : user_pref("extensions.delta.rvrt", "false");Line Deleted : user_pref("extensions.delta.smplGrp", "none");Line Deleted : user_pref("extensions.delta.tlbrId", "base");Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");Line Deleted : user_pref("extensions.delta.vrsn", "1.8.16.16");Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.16.1618:12:21");Line Deleted : user_pref("extensions.delta.vrsni", "1.8.16.16");Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);Line Deleted : user_pref("extensions.helperbar.Visibility", false);Line Deleted : user_pref("extensions.helperbar.countryiso", "us");Line Deleted : user_pref("extensions.helperbar.downloadprovider", "quickobrw");Line Deleted : user_pref("extensions.helperbar.installationid", "bfc6c26d-eaac-c9e7-a697-c8c0045cd21a");Line Deleted : user_pref("extensions.helperbar.installdate", "13/10/2013");Line Deleted : user_pref("extensions.helperbar.publisher", "quickobrw");Line Deleted : user_pref("extensions.sahtb.searchEngineNameSAH", "Web Search");Line Deleted : user_pref("extensions.searchgol.admin", false);Line Deleted : user_pref("extensions.searchgol.aflt", "babsst");Line Deleted : user_pref("extensions.searchgol.appId", "{4277F7CF-0000-46CF-BA49-D624465C4BAB}");Line Deleted : user_pref("extensions.searchgol.autoRvrt", "false");Line Deleted : user_pref("extensions.searchgol.bbDpng", "13");Line Deleted : user_pref("extensions.searchgol.cntry", "US");Line Deleted : user_pref("extensions.searchgol.dfltLng", "en");Line Deleted : user_pref("extensions.searchgol.excTlbr", false);Line Deleted : user_pref("extensions.searchgol.ffxUnstlRst", false);Line Deleted : user_pref("extensions.searchgol.hdrMd5", "4B92B447727CF84FC610D4691203ADC3");Line Deleted : user_pref("extensions.searchgol.id", "b699d7ec0000000000000ceee6aa1c99");Line Deleted : user_pref("extensions.searchgol.instlDay", "15991");Line Deleted : user_pref("extensions.searchgol.instlRef", "sst");Line Deleted : user_pref("extensions.searchgol.lastVrsnTs", "1.8.16.1911:35:56");Line Deleted : user_pref("extensions.searchgol.newTab", false);Line Deleted : user_pref("extensions.searchgol.prdct", "searchgol");Line Deleted : user_pref("extensions.searchgol.prtnrId", "searchgol");Line Deleted : user_pref("extensions.searchgol.rvrt", "false");Line Deleted : user_pref("extensions.searchgol.sg", "azb");Line Deleted : user_pref("extensions.searchgol.smplGrp", "none");Line Deleted : user_pref("extensions.searchgol.tlbrId", "base");Line Deleted : user_pref("extensions.searchgol.tlbrSrchUrl", "");Line Deleted : user_pref("extensions.searchgol.vrsn", "1.8.16.19");Line Deleted : user_pref("extensions.searchgol.vrsnTs", "1.8.16.1911:35:56");Line Deleted : user_pref("extensions.searchgol.vrsni", "1.8.16.19");Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3316071");Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3310511");Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3310511");Line Deleted : user_pref("smartbar.machineId", "IFGWXFTPJEIWOGGMKZVSKLO+SWTS/C8XJZ5XFE1HSAJWK4QXVMCTTE43+MSTG5X/ZMJTDCIBISCL8YKXODWIFA");-\\ Google Chrome v30.0.1599.69[ File : C:\Users\Dejah\AppData\Local\Google\Chrome\User Data\Default\preferences ]Deleted : homepageDeleted : urls_to_restore_on_startupDeleted : icon_urlDeleted : search_urlDeleted : keyword*************************AdwCleaner[R0].txt - [47335 octets] - [13/10/2013 17:13:55]AdwCleaner[s0].txt - [46421 octets] - [13/10/2013 17:23:29]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [46482 octets] ########## Link to post Share on other sites
flashh4 Posted October 14, 2013 Report Share Posted October 14, 2013 Dejah, that will take a load off the system !! Post the other logs as you get them !! ThanksChuck Link to post Share on other sites
dejah307 Posted October 14, 2013 Author Report Share Posted October 14, 2013 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.4 (10.06.2013:1)OS: Windows 7 Home Premium x64Ran by Dejah on Sun 10/13/2013 at 18:18:37.66~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry ValuesSuccessfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\pc health kitSuccessfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\selectrebatesSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3221914198-481495801-3267788807-1001\Software\SweetIMSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetimSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCSSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCSSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6468C1EA-BFC0-402C-AA6F-0689AED8A39A}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}~~~ Files~~~ FoldersSuccessfully deleted: [Folder] "C:\Users\Dejah\AppData\Roaming\pc health kit"Successfully deleted: [Folder] "C:\Users\Dejah\appdata\local\cre"Successfully deleted: [Folder] "C:\Program Files (x86)\firstrowsportapp.com"Successfully deleted: [Folder] "C:\Program Files (x86)\freehdsport.tv"Failed to delete: [Folder] "C:\Program Files (x86)\pc health kit"Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\homepage protection"Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{06722501-21DD-4E94-9F62-7DF2E4C4963C}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{06F6275F-712D-4E80-9865-4B0E61CC90D8}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{0931EFD2-10FA-4DAA-8C72-D138D9FFE1AF}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{0C1915F1-AF70-4030-B45B-33A79D79DD3D}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{1301B6BE-0129-492B-9235-C9AB2178B20A}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{136C885E-2065-4049-BE17-A90404DD17D2}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{1A80154C-0A0E-4AEC-B6C1-79C55E361A15}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{1FEA2193-6E12-4428-80B6-8BDDDD0F14B3}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{228B9B38-C313-4DBA-9C18-525A261EF105}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{33FA2F53-7BA6-4C5D-88AC-71F89876CDED}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{35D51852-70D4-41DD-B99B-23F395B54B6F}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{375DBC53-38DD-4DD1-B284-BCC4DE698C5D}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{3DE92426-C559-415C-AC5E-1D119BDDAB04}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{473EAD1D-5C0E-4DCF-BDF3-B1954489804C}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{4D532CF6-941D-4EE4-BE3B-8BE36848F546}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{5203E50D-5621-41F3-B4B8-9430DC85A3AD}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{53FFA6D2-C083-4240-8B13-A1CEC23172BE}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{5805F4E6-A359-48A1-B9D9-93354040B7B0}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{583501BE-8D7B-407C-AFE3-BD517413FA7B}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{671C7243-C6D0-4EB2-87A5-7A66F85CF343}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{6944C0B3-02E4-4EB1-B4B3-A1947D442861}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{706FD2F3-3EA9-4F95-8D4C-3D28E5C62B0D}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{76EDE711-D26A-4406-BD07-0D400CF2A107}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{79DC9B68-C085-4156-AD98-78748322B439}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{7FEB8BEE-8A37-4540-B069-DA16FEBFA83F}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{858D0DDD-AD0D-4869-8A5A-AE97BE6532DC}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{86C5553D-024D-44AA-8C2C-516316EA2F72}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{8CB0FA1A-4D39-4A14-AC8B-04BEEBFAC25D}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{94F8C598-24C8-4318-92BB-EAC522B3EC45}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{95B46064-ED8B-4202-ABA1-CACBBF5E6B05}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{A20D4824-D3D2-45DC-8560-A1BFDBA4D335}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{A5773953-0B50-4206-8BA2-CB7F4A969448}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{A768CB58-46A4-44EB-A80D-A03BD4191D5B}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{ABE461DE-AA23-4534-904E-740F0D85F86F}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{ADEABBD0-1E41-40AA-9A52-F756E69D7CD7}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{AF4A4E0E-5E5F-48F4-8BDB-8429A3CFC170}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{B5F4C25C-A38C-45FB-98E6-D10EAC3B25C4}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{B75272D3-DF3D-427D-8017-595C13268AD9}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{B9C1ECBD-D42F-4DD2-A5D3-01225A4270F9}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{BB67DA81-6427-4524-9D53-197B442A4F5D}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{C0EE1C6A-CDCB-47F2-8E72-7781AFA582B2}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{C10AEA31-C5FF-4B22-90C3-074B08A70377}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{C1D18D08-7356-4CA0-A8CC-D1BB95604B2F}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{C659CF8E-FFAD-4FD5-8718-E6F528856C77}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{C9B134E5-9BF8-43CE-8F9B-44ED186C661E}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{CE585A37-5FE6-486B-BE09-89414198799F}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{D2D3818E-7995-4836-8ACD-6B15EEE786A5}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{D3D2EDFA-ECA5-4CDD-8A5C-5BD4354975B8}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{D4588C7B-A53E-47C3-84DE-64A17CCCE721}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{D8068586-7E37-4515-AE2A-9FA521100EB1}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{D8851C5E-B2B3-4033-8074-B90DE0AA883E}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{DA47B4AC-2D7C-4C69-B6E4-10980E89F14E}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{DE019232-6433-4D53-8A99-120DA4C8B7CA}Successfully deleted: [Empty Folder] C:\Users\Dejah\appdata\local\{E1873F2F-7989-410C-AA5B-28E6A58B926E}~~~ FireFoxSuccessfully deleted: [Folder] C:\Users\Dejah\AppData\Roaming\mozilla\firefox\profiles\wn65gwho.default\extensions\stagedSuccessfully deleted the following from C:\Users\Dejah\AppData\Roaming\mozilla\firefox\profiles\wn65gwho.default\prefs.jsuser_pref("extensions.defaulttab.installdate", 1381689372);user_pref("extensions.defaulttab.lastNetSeerDownload", 1381689374);user_pref("extensions.defaulttab.useNewTabWhiteList", false);user_pref("extensions.sahtb.url.merchants.data", "<?xml version=\"1.0\" ?><MerchantSettings><v n=\"396\" /><GlobalSuppresses><s u=\".cab\" g=\"13\" i=\"1342\" /><s u=\".eot\"Emptied folder: C:\Users\Dejah\AppData\Roaming\mozilla\firefox\profiles\wn65gwho.default\minidumps [183 files]~~~ ChromeSuccessfully deleted: [Folder] C:\Users\Dejah\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sun 10/13/2013 at 18:34:48.03End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Link to post Share on other sites
flashh4 Posted October 14, 2013 Report Share Posted October 14, 2013 Dejah, great we got rid of a bunch more crap ! It's looking a lot better !! Now the Malwarebytes log !! ThanksChuck Link to post Share on other sites
dejah307 Posted October 14, 2013 Author Report Share Posted October 14, 2013 Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.10.13.06Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16721Dejah :: DEJAH-PC [administrator]Protection: Enabled10/13/2013 6:41:00 PMmbam-log-2013-10-13 (18-41-00).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 218000Time elapsed: 13 minute(s), 40 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 2HKCU\Software\PC Health Kit (Rogue.PCHealthKit) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Google\Chrome\Extensions\nbdbmopeebalgaeghmjoegpkngglikgn (PUP.Optional.FreeHDSport.A) -> Quarantined and deleted successfully.Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 10C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit (Rogue.PCHealthKit) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\plugins (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.Files Detected: 87C:\$Recycle.Bin\S-1-5-21-3221914198-481495801-3267788807-1001\$RV7CFSH.exe (PUP.Optional.OptimizePro.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\A23w9Mqz.exe.part (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\csnmvhXL.exe.part (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\Installer.exe (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\newsetup.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nsc21C.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nsd1165.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nse6050.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nsfC2E4.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nshA9CC.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nsm63E7.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nso4B85.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nso544E.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nso9DD9.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nsoE9F5.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nsrA0F9.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nsrCEEB.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\nswE5A3.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\Shortcut_BundleSweetIMSetup.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\Shortcut_IMsetup.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\SweetIMInstallValidator.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\W8CStcef.exe.part (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\WSSetup.exe (PUP.Optional.InstallBrain.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\YsAt8s1u.exe.part (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\716184.Uninstall\__Uninstall_.exe (PUP.Optional.InstallCore) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\B1428E56-BAB0-7891-9D27-F1682C038350\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\sl.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\sl.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\is1412836710\444433314_stp.EXE (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.C:\Users\Dejah\Downloads\FirstRowSportAppsSetup(18_3f)2_ff(1).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.C:\Users\Dejah\Downloads\FirstRowSportAppsSetup(18_3f)2_ff(2).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.C:\Users\Dejah\Downloads\FirstRowSportAppsSetup(18_3f)2_ff.exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.C:\Users\Dejah\Downloads\FLVPlayerSetup.exe (PUP.Optional.InstallCore) -> Quarantined and deleted successfully.C:\Users\Dejah\Local Settings\Temporary Internet Files\Content.IE5\1VQYCAAY\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\Local Settings\Temporary Internet Files\Content.IE5\1VQYCAAY\SweetPacks_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\Local Settings\Temporary Internet Files\Content.IE5\BY7AHGYO\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\Local Settings\Temporary Internet Files\Content.IE5\DDW9EQLD\bundlesweetimsetup[1].exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.C:\Users\Dejah\Local Settings\Temporary Internet Files\Content.IE5\DDW9EQLD\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\Local Settings\Temporary Internet Files\Content.IE5\SPZL9A0P\checktbexist[1].exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.C:\Users\Dejah\Local Settings\Temporary Internet Files\Content.IE5\SPZL9A0P\mgsqlite3[1].7z (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.C:\Users\Dejah\Local Settings\Temporary Internet Files\Content.IE5\SPZL9A0P\SweetPacks[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Windows\Installer\2a12569.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.C:\Windows\Installer\3f862a.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.C:\Setup.exe (Trojan.Agent) -> Quarantined and deleted successfully.C:\Users\Dejah\Desktop\PC Health Kit.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit\PC Health Kit.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit\Check updates.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit\Help.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit\PC Health Kit on the Web.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit\Uninstall PC Health Kit.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\CT3310511.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\CT3310511.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\initdata.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3310511\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\CT3316071.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Dejah\AppData\Local\Temp\ct3316071\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.(end) Link to post Share on other sites
flashh4 Posted October 14, 2013 Report Share Posted October 14, 2013 Dejah, cleaned a lot more so lets keep at it if you have time ?? Download http://download.bleepingcomputer.com/sUBs/dds.scr Double click dds.scr to run the tool. If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt. DDS will now scan your computer. When the scan is complete, DDS will open two (2) logs: DDS.txt Attach.txt If not saved these logs will be automatically deleted when closed, so save both to your Desktop. Please note it is important that you post BOTH logs in your topic.Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS http://download.bleepingcomputer.com/sUBs/dds.com Post next !! Chuck Link to post Share on other sites
dejah307 Posted October 14, 2013 Author Report Share Posted October 14, 2013 DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 1.6.0_26Run by Dejah at 20:36:05 on 2013-10-13Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2812.1184 [GMT -6:00].AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG2012\avgrsa.exeC:\Program Files (x86)\AVG\AVG2012\avgcsrva.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atieclxx.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exeC:\Program Files\LSI SoftModem\agr64svc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exeC:\Users\Dejah\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exeC:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exeC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exeC:\Program Files (x86)\CyberLink\Shared files\RichVideo.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exeC:\Program Files (x86)\AVG\AVG2012\avgnsa.exeC:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exeC:\Windows\System32\StikyNot.exeC:\Program Files (x86)\HP\QuickPlay\QPService.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exeC:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Users\Dejah\AppData\Roaming\HP SimpleSave Application\StartHelper.exeC:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exeC:\Program Files (x86)\AVG\AVG2012\avgtray.exeC:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exeC:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exeC:\Program Files (x86)\PC Health Kit\PCHKSmartScan.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\PC Health Kit\PCHKReminder.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Windows\System32\WUDFHost.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exeC:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Windows\explorer.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>mWinlogon: Userinit = userinit.exe,BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dllBHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenuRun: [AdobeBridge] <no file>mRun: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"mRun: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartmRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDEDmRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exemRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exemRun: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe "C:\Program Files (x86)\HP\HP UT\"mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exemRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbyloginmRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exemRun: [Conime] C:\Windows\System32\conime.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exemRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentmRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScriptdRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"StartupFolder: C:\Users\Dejah\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\HPSIMP~1.LNK - C:\Users\Dejah\AppData\Roaming\HP SimpleSave Application\StartHelper.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-System: WallpaperStyle = 2mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: WallpaperStyle = 2IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTCP: NameServer = 192.168.2.1TCP: Interfaces\{0FEE2970-B2B0-47DB-8498-DD22FFD89C03} : DHCPNameServer = 69.145.248.4 69.146.17.2 69.144.49.29TCP: Interfaces\{B84D00CA-F5B4-4B14-87CC-AFA2D7CEE966} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{B84D00CA-F5B4-4B14-87CC-AFA2D7CEE966}\665647A75627 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{B84D00CA-F5B4-4B14-87CC-AFA2D7CEE966}\8656C66627963686D2665647A75627 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{B84D00CA-F5B4-4B14-87CC-AFA2D7CEE966}\C696E6B6379737 : DHCPNameServer = 69.145.248.4 69.146.17.2 69.144.49.29Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllAppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dllSSODL: WebCheck - <orphaned>mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exex64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dllx64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dllx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Dejah\AppData\Roaming\Mozilla\Firefox\Profiles\wn65gwho.default\FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff4.dllFF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dllFF - plugin: C:\Users\Dejah\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dllFF - plugin: C:\Users\Dejah\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dllFF - plugin: C:\Users\Dejah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dllFF - plugin: C:\Users\Dejah\AppData\Roaming\Facebook\npfbplugin_1_0_1.dllFF - plugin: C:\Users\Dejah\AppData\Roaming\Facebook\npfbplugin_1_0_3.dllFF - plugin: C:\Users\Dejah\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dllFF - ExtSQL: !HIDDEN! 2010-01-28 16:26; [email protected]; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3.============= SERVICES / DRIVERS ===============.R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-10-23 55856]R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-4-11 384800]R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-8-30 46368]R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-10-11 89600]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-7-2 203264]R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]R2 BackupService;BackupService;C:\Users\Dejah\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-10-23 83512]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-13 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-13 701512]R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-3-15 428384]R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-13 25928]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-6-23 216576]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-10-11 215040]R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2009-10-11 36408]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [?]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-22 48488]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-6 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-5 1255736]S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]S4 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2013-10-14 00:39:38 -------- d-----w- C:\Users\Dejah\AppData\Roaming\Malwarebytes2013-10-14 00:39:29 -------- d-----w- C:\ProgramData\Malwarebytes2013-10-14 00:39:28 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-10-14 00:39:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-10-14 00:18:33 -------- d-----w- C:\Windows\ERUNT2013-10-13 23:13:52 -------- d-----w- C:\AdwCleaner2013-10-13 19:52:40 -------- d-----w- C:\Program Files (x86)\VS Revo Group2013-10-13 19:51:26 -------- d-----w- C:\Program Files (x86)\PC Health Kit2013-10-13 17:37:16 -------- d-----w- C:\Users\Dejah\AppData\Local\avgchrome2013-10-13 17:24:13 -------- d-----w- C:\Windows\System32\ljkb2013-10-10 11:44:11 633856 ----a-w- C:\Windows\System32\comctl32.dll2013-10-10 11:43:59 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll2013-10-04 23:22:44 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-10-04 23:22:44 -------- d-----w- C:\Program Files\iTunes2013-10-04 23:22:44 -------- d-----w- C:\Program Files\iPod2013-10-04 23:22:44 -------- d-----w- C:\Program Files (x86)\iTunes.==================== Find3M ====================.2013-10-13 18:11:59 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2013-10-09 18:12:58 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-09 18:12:58 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-09 07:57:00 829264 ----a-w- C:\Windows\System32\msvcr100.dll2013-09-09 07:57:00 608080 ----a-w- C:\Windows\System32\msvcp100.dll2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-20 10:33:12 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll2013-07-20 10:33:08 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll.============= FINISH: 20:37:14.10 =============== Link to post Share on other sites
dejah307 Posted October 14, 2013 Author Report Share Posted October 14, 2013 .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 1/28/2010 4:07:34 PMSystem Uptime: 10/13/2013 6:05:57 PM (2 hours ago).Motherboard: Quanta | | 363FProcessor: AMD Athlon II Dual-Core M300 | Socket S1G3 | 800/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 219 GiB total, 5.818 GiB free.D: is FIXED (NTFS) - 13 GiB total, 2.179 GiB free.E: is CDROM (UDF)F: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP538: 10/13/2013 1:57:03 PM - Revo Uninstaller's restore point - Optimizer Pro v3.2RP539: 10/13/2013 2:01:58 PM - Revo Uninstaller's restore point - Optimizer Pro v3.2.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)Acrobat.comActivate Norton Online BackupAdobe Acrobat 9 Pro - English, Français, DeutschAdobe Acrobat 9.5.5 - CPSID_83708Adobe AIRAdobe Community HelpAdobe Connect Add-inAdobe Content ViewerAdobe Creative Suite 5 Design StandardAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Folio Producer tools for InDesign CS5Adobe Media PlayerAdobe Photoshop Elements 10Adobe Photoshop Lightroom 3.5 64-bitAdobe Photoshop.com Inspiration BrowserAdobe Reader XI (11.0.02)Adobe Support AdvisoraioprntaioscnnrAmazon KindleAMD USB Filter DriverApple Application SupportApple Mobile Device SupportApple Software UpdateArcSoft Print CreationsArcSoft Print Creations - Album PageArcSoft Print Creations - FunhouseArcSoft Print Creations - Greeting CardArcSoft Print Creations - Photo BookArcSoft Print Creations - Photo CalendarArcSoft Print Creations - ScrapbookArcSoft Print Creations - Slimline CardAtheros Driver Installation ProgramATI Catalyst Install ManagerAVG 2012BonjourC4USelfUpdaterCatalyst Control Center - BrandingCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-core-staticccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCScorecenterCisco EAP-FAST ModuleCisco LEAP ModuleCisco PEAP ModuleCoach WDM x64Compatibility Pack for the 2007 Office systemCyberLink DVD SuiteCyberLink YouCamD3DX10Elements 10 OrganizerESSBrwrESSCDBKESScoreessentialsESSguiESSiniESSPCDESSPDockESSTOOLSessvatgtFacebook Messenger 2.1.4814.0Facebook Plug-InFacebook Video Calling 1.2.0.287ffdshow [rev 2527] [2008-12-19]Google ChromeGoogle Toolbar for Internet ExplorerHaali Media SplitterHewlett-Packard ACLM.NET v1.2.1.1Homepage ProtectionHotel Mahjong DeluxeHotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)HP AdvisorHP Customer Experience EnhancementsHP DVD Play 3.7HP GamesHP Quick Launch ButtonsHP SetupHP Smart Web Printing 4.60HP Support AssistantHP UpdateHP User Guides 0148HP Wireless AssistanthppMSRedisthppusgP1000HPSSupplyIDT AudioIntel® C++ Redistributables for Windows* on Intel® 64iTunesJava Auto UpdaterJava 6 Update 14 (64-bit)Java 6 Update 26Junk Mail filter updateKodak AIO PrinterKODAK AiO SoftwareKodak EasyShare softwareksDIPLabelPrintLearning Lodge NavigatorLG USB Modem driverLightroom Plug-in Merge to 32-bit HDR 1.0.2LightScribe System SoftwareLSI HDA ModemMalwarebytes Anti-Malware version 1.75.0.1300MarketResearchMcAfee Security Scan PlusMesh RuntimeMessenger CompanionMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Live Search ToolbarMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Professional Plus 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual Studio Tools for Applications 2.0 - ENUMicrosoft Visual Studio Tools for Applications 2.0 RuntimeMicrosoft_VC80_ATL_x86Microsoft_VC80_ATL_x86_x64Microsoft_VC80_CRT_x86Microsoft_VC80_CRT_x86_x64Microsoft_VC80_MFC_x86Microsoft_VC80_MFC_x86_x64Microsoft_VC80_MFCLOC_x86Microsoft_VC80_MFCLOC_x86_x64Microsoft_VC90_ATL_x86Microsoft_VC90_ATL_x86_x64Microsoft_VC90_CRT_x86Microsoft_VC90_CRT_x86_x64Microsoft_VC90_MFC_x86Microsoft_VC90_MFC_x86_x64Move Media PlayerMozilla Firefox 24.0 (x86 en-US)Mozilla Maintenance ServiceMrvlUsgTrackingMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKMSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB2721691)MSXML 4.0 SP3 Parser (KB2758694)MSXML 4.0 SP3 Parser (KB973685)muvee RevealnetbrdgNotepad++ocrOfotoXMIonOne PerfectPresetsPC Health Kit v3.2PDF Settings CS5PhotoFrame 4.6.5 FreePhotoTools 2.6.3 FreePMBPower2GoPowerDirectorPowerRecoverPreReqPrimoPro Media Director Version 1.1.1.1PSE10 STI InstallerQLBCASLQuickTimeRealtek 8136 8168 8169 Ethernet DriverRealtek USB 2.0 Card ReaderRespondus LockDown BrowserRevo Uninstaller 1.95RuntimeSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596825) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597973) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687309) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687439) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760411) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760585) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760591) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2827326) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2827329) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit EditionSecurity Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2827330) 32-Bit EditionSFRSHASTAShopAtHome.com Toolbarskin0001SKINXSDKSlingbox - Watch Your TV AnywhereSlingPlayerSmartSound Common DataSmartSound Quicktracks 5SmartWebPrintingSony Image Data SuiteSony RAW DriverstaticcrSweetIM for Messenger 2.9SweetIM Toolbar for Internet Explorer 3.6Synaptics Pointing Device DriverUnity Web PlayerUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Update Installer for WildTangent Games AppVisual C++ 8.0 Runtime Setup Package (x64)Visual Studio 2008 x64 RedistributablesVPRINTOLVTech Download Agent LibraryWildTangent Games App (HP Games)Windows Driver Package - FotoNation (CoachUsb) Image (03/10/2009 4.82.0.0)Windows Driver Package - FotoNation (CoachVid) Image (03/10/2009 4.82.0.0)Windows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Messenger Companion CoreWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Media Player Firefox PluginWIRELESSYahoo! MessengerYahoo! Search ProtectionYahoo! Software UpdateYahoo! Toolbar.==== End Of File =========================== Link to post Share on other sites
flashh4 Posted October 14, 2013 Report Share Posted October 14, 2013 Dejah, i need you to go into your add/remove programs panel & remove/delete/ uninstall these 2 programs !! PC Health Kit v3.2ShopAtHome.com Toolbar Do you still have OTL on your desktop ?? Chuck Link to post Share on other sites
flashh4 Posted October 14, 2013 Report Share Posted October 14, 2013 Dejah ........ Download OTL again & click the clean-up button !! Clean up with OTL Right-click OTL.exe and select " Run as administrator " to run it. This will remove all the tools we used to clean your pc. Close all other programs apart from OTL as this step will require a reboot On the OTL main screen, press the CleanUp! button Say Yes to the prompt and then allow the program to reboot your computer.You can now delete any tools we used if they remain on your Desktop.If any remain just delete them !! Link to post Share on other sites
flashh4 Posted October 14, 2013 Report Share Posted October 14, 2013 Dejah, thanks for staying to the end !! If you run into my post on the ads i would appreciate a compliment if you think we did good !!It makes for good PR for Besttechie !!! Thanks ===================== I know you may have some of these installed, this is just my standard all clean speech !Congratulation you are clean !!!Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop. Here are some tips to reduce the potential for spyware infection in the future: 1. Make your Internet Explorer more secure - This can be done by following these simple instructions: * From within Internet Explorer click on the Tools menu and then click on Options. * Click once on the Security tab * Click once on the Internet icon so it becomes highlighted. * Click once on the Custom Level button. * Change the Download signed ActiveX controls to Prompt * Change the Download unsigned ActiveX controls to Disable * Change the Initialize and script ActiveX controls not marked as safe to Disable * Change the Installation of desktop items to Prompt * Change the Launching programs and files in an IFRAME to Prompt * Change the Navigate sub-frames across different domains to Prompt * When all these settings have been made, click on the OK button. * If it prompts you as to whether or not you want to save the settings, press the Yes button. * Next press the Apply button and then the OK to exit the Internet Properties page. 2. Enable Protected Mode in Internet Explorer . This helps Windows Vista users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps: * Open Internet Explorer * Click on Tools > Internet Options * Press Security tab * Select Internet zone then place check next to Enable Protected Mode if not already done * Do the same for Local Intranet, Trusted Sites and Restricted Sites and then press Apply * Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.NOTE: Fire Fox is a great browser also >>> http://www.mozilla.org/en-US/firefox/fx/I use & like FireFox !!3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection. 4. Firewall Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here. **There are firewalls listed in this tutorial that could be downloaded and used but I would personally only recommend using one of the following two below:Online Armor Free Online Armor FreeAgnitum Outpost Firewall Free Agnitum Outpost Firewall5. Make sure you keep your Windows OS current. Windows XP users can visit Windows update Windows update regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open. 6. Consider a custom hosts file such as MVPS HOSTS This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002 Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file. 7. WOT (Web of Trust) WOT As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.8.Finally, I strongly recommend that you read TonyKlein's good advice A must is a great Antivirus, i recommend you using AVAST its free >>> http://www.avast.com/free-antivirus-downloadYou are behind on some updates, please visit the Secunia Software Inspector >>>http://secunia.com/vulnerability_scanning/online/ Update any vulnerable software you have. Many malware now use zero day exploits in outdated versions of browsers and third party programs like Flash Player,Java Runtime , Winzip, Acrobat Reader etc to allow them to install silently without your knowledge or detection by your antivirus protection.To insure better safety, these are a must have:Rule #1 ........ Good AntivirusRule #2 ........ Good FirewallRule #3 ........ Good Router is Great ! (optional but best)Happy surfing and Stay CleanChuck Let me know how it's running ??? It will run a little slow until a few normal reboots ! The should get faster !!Hope i have helped you !! Link to post Share on other sites
flashh4 Posted October 14, 2013 Report Share Posted October 14, 2013 I will close this in 5 days !! If it needs re-opened just PM me here or another MOD !! Thanks Dejah !! Link to post Share on other sites
flashh4 Posted October 18, 2013 Report Share Posted October 18, 2013 Locking this, mission accomplished .....clean !!If you need this re-opened please PM me or another Mod !! ThanksChuck Link to post Share on other sites
Recommended Posts