Jump to content

tombaker

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you computer running much better. Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.11.12.01 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Nicholas :: NICHOLAS-HP [administrator] 11/11/2012 9:44:57 PM mbam-log-2012-11-11 (21-44-57).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 199135 Time elapsed: 8 minute(s), 30 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  2. Thanks again. Log follows. # AdwCleaner v2.007 - Logfile created 11/11/2012 at 21:25:21 # Updated 06/11/2012 by Xplode # Operating system : Windows 7 Starter Service Pack 1 (32 bits) # User : Nicholas - NICHOLAS-HP # Boot Mode : Normal # Running from : C:\Users\Nicholas\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** Stopped & Deleted : WajamUpdater ***** [Files / Folders] ***** File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi File Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\searchplugins\Conduit.xml File Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\searchplugins\funmoods.xml File Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\searchplugins\SweetIm.xml Folder Deleted : C:\Program Files\Claro LTD Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\midicairus Folder Deleted : C:\Program Files\SweetIM Folder Deleted : C:\Program Files\Wajam Folder Deleted : C:\Program Files\WhiteSmoke_US_New Folder Deleted : C:\Program Files\Yontoo Folder Deleted : C:\Program Files\ZoneAlarm_Security Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\SweetIM Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\Users\Nicholas\AppData\Local\Conduit Folder Deleted : C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Folder Deleted : C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif Folder Deleted : C:\Users\Nicholas\AppData\Local\Softonic Folder Deleted : C:\Users\Nicholas\AppData\Local\Wajam Folder Deleted : C:\Users\Nicholas\AppData\LocalLow\Claro LTD Folder Deleted : C:\Users\Nicholas\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Nicholas\AppData\LocalLow\midicairus Folder Deleted : C:\Users\Nicholas\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Nicholas\AppData\LocalLow\SweetIM Folder Deleted : C:\Users\Nicholas\AppData\LocalLow\WhiteSmoke_US_New Folder Deleted : C:\Users\Nicholas\AppData\LocalLow\ZoneAlarm_Security Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Babylon Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\ConduitCommon Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\CT3184201 Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\CT3244149 Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\extensions\{462be121-2b54-4218-bf00-b9bf8135b23f} Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546} Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\extensions\{efb1e45a-148d-40f9-a3f0-09d5577f9970} Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\extensions\plugin@yontoo.com Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\Smartbar Folder Deleted : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\SweetPacksToolbarData ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\midicairus Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_US_New Key Deleted : HKCU\Software\AppDataLow\Software\ZoneAlarm_Security Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\Claro LTD Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Deleted : HKCU\Software\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EFB1E45A-148D-40F9-A3F0-09D5577F9970} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{156F4006-0999-4E54-9ED3-B7B064D3DD0A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EFB1E45A-148D-40F9-A3F0-09D5577F9970} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FEB40468-2C9A-4868-A0A2-A5318974F879} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\Wajam Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\Claro LTD Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{156F4006-0999-4E54-9ED3-B7B064D3DD0A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7748CAF2-26F7-4B07-91CB-2A51B5FF2764} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EFB1E45A-148D-40F9-A3F0-09D5577F9970} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEB40468-2C9A-4868-A0A2-A5318974F879} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\sim-packages Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2645238 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3184201 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3244149 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F381440-66BC-4935-8D40-6A9BA029DE6C} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87947F05-398D-4C6C-895E-2CEF418476FE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A66349A1-F508-46FD-8DF9-CD55F1400617} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4034DD3-8E42-4902-BB7D-59D83E81EEC5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC7CCCAF-4252-4510-A9CC-7A02E895C012} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE979D54-5944-4F97-98DC-6F8A18DFD9AB} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFB1E45A-148D-40F9-A3F0-09D5577F9970} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{156F4006-0999-4E54-9ED3-B7B064D3DD0A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7748CAF2-26F7-4B07-91CB-2A51B5FF2764} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FEB40468-2C9A-4868-A0A2-A5318974F879} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\midicairus Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_US_New Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm_Security Toolbar Key Deleted : HKLM\Software\midicairus Key Deleted : HKLM\Software\Wajam Key Deleted : HKLM\Software\WhiteSmoke_US_New Key Deleted : HKLM\Software\ZoneAlarm_Security Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{462BE121-2B54-4218-BF00-B9BF8135B23F}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetIM] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetpacks Communicator] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchfunmoods.com/?f=1&a=stonicrio&chnl=stonicrio&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0AzzyD0F0C0CtDtB0A0B0BtN0D0Tzu0CtAtDyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=238377420 --> hxxp://www.google.com Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://searchfunmoods.com/?f=2&a=stonicrio&chnl=stonicrio&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0AzzyD0F0C0CtDtB0A0B0BtN0D0Tzu0CtAtDyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=238377420 --> hxxp://www.google.com -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\prefs.js C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\user.js ... Deleted ! Deleted : user_pref("CT3184201..clientLogIsEnabled", false); Deleted : user_pref("CT3184201..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT3184201..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT3184201.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Deleted : user_pref("CT3184201.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_129724205037270565", true); Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_129724205037426813", true); Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_1330956386000", true); Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_6565815752657123216", true); Deleted : user_pref("CT3184201.CTID", "CT3184201"); Deleted : user_pref("CT3184201.CommunitiesChangesLastCheckTime", "0"); Deleted : user_pref("CT3184201.CurrentServerDate", "12-11-2012"); Deleted : user_pref("CT3184201.DSInstall", true); Deleted : user_pref("CT3184201.DialogsAlignMode", "LTR"); Deleted : user_pref("CT3184201.DialogsGetterLastCheckTime", "Sat Nov 10 2012 22:23:40 GMT-0500 (Eastern Standa[...] Deleted : user_pref("CT3184201.DownloadReferralCookieData", ""); Deleted : user_pref("CT3184201.EMailNotifierPollDate", "Tue Aug 14 2012 14:12:31 GMT-0400 (Eastern Daylight Ti[...] Deleted : user_pref("CT3184201.EnableClickToSearchBox", false); Deleted : user_pref("CT3184201.EnableSearchHistory", false); Deleted : user_pref("CT3184201.EnableSearchSuggest", false); Deleted : user_pref("CT3184201.ExternalComponentPollDate5342832749374672449", "Tue Aug 14 2012 14:14:52 GMT-04[...] Deleted : user_pref("CT3184201.FeedLastCount129724205037739308", 200); Deleted : user_pref("CT3184201.FeedPollDate129237173390688207", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Deleted : user_pref("CT3184201.FeedPollDate129237173390688210", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Deleted : user_pref("CT3184201.FeedPollDate129238703378572556", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Deleted : user_pref("CT3184201.FeedPollDate129238703378572557", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Deleted : user_pref("CT3184201.FeedPollDate129238703378572558", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Deleted : user_pref("CT3184201.FeedPollDate129238703378572559", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Deleted : user_pref("CT3184201.FeedPollDate129238703378572560", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Deleted : user_pref("CT3184201.FeedPollDate129238824209885828", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Deleted : user_pref("CT3184201.FeedPollDate129238824209885829", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Deleted : user_pref("CT3184201.FeedPollDate129238824209885830", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Deleted : user_pref("CT3184201.FeedTTL129237173390688207", 40); Deleted : user_pref("CT3184201.FeedTTL129237173390688210", 40); Deleted : user_pref("CT3184201.FeedTTL129238703378572556", 40); Deleted : user_pref("CT3184201.FeedTTL129238703378572557", 40); Deleted : user_pref("CT3184201.FeedTTL129238703378572558", 40); Deleted : user_pref("CT3184201.FeedTTL129238703378572559", 40); Deleted : user_pref("CT3184201.FeedTTL129238703378572560", 40); Deleted : user_pref("CT3184201.FeedTTL129238824209885828", 40); Deleted : user_pref("CT3184201.FeedTTL129238824209885829", 40); Deleted : user_pref("CT3184201.FeedTTL129238824209885830", 40); Deleted : user_pref("CT3184201.FirstServerDate", "14-8-2012"); Deleted : user_pref("CT3184201.FirstTime", true); Deleted : user_pref("CT3184201.FirstTimeFF3", true); Deleted : user_pref("CT3184201.FirstTimeHiddenVer", true); Deleted : user_pref("CT3184201.FixPageNotFoundErrors", false); Deleted : user_pref("CT3184201.GroupingInvalidateCache", false); Deleted : user_pref("CT3184201.GroupingLastCheckTime", "0"); Deleted : user_pref("CT3184201.GroupingLastServerUpdateTime", "0"); Deleted : user_pref("CT3184201.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT3184201.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT3184201.HPChangedManually", false); Deleted : user_pref("CT3184201.HPInstall", true); Deleted : user_pref("CT3184201.HasUserGlobalKeys", true); Deleted : user_pref("CT3184201.HomePageProtectorEnabled", true); Deleted : user_pref("CT3184201.HomepageBeforeUnload", "hxxp://www.google.ca/"); Deleted : user_pref("CT3184201.Initialize", true); Deleted : user_pref("CT3184201.InitializeCommonPrefs", true); Deleted : user_pref("CT3184201.InstallationAndCookieDataSentCount", 3); Deleted : user_pref("CT3184201.InstallationId", "conduitinstaller.exe"); Deleted : user_pref("CT3184201.InstallationType", "ConduitNSISIntegration"); Deleted : user_pref("CT3184201.InstalledDate", "Tue Aug 14 2012 14:07:06 GMT-0400 (Eastern Daylight Time)"); Deleted : user_pref("CT3184201.InvalidateCache", false); Deleted : user_pref("CT3184201.IsAlertDBUpdated", true); Deleted : user_pref("CT3184201.IsGrouping", false); Deleted : user_pref("CT3184201.IsInitSetupIni", true); Deleted : user_pref("CT3184201.IsMulticommunity", false); Deleted : user_pref("CT3184201.IsOpenThankYouPage", false); Deleted : user_pref("CT3184201.IsOpenUninstallPage", false); Deleted : user_pref("CT3184201.IsProtectorsInit", true); Deleted : user_pref("CT3184201.LanguagePackLastCheckTime", "Sat Nov 10 2012 22:23:40 GMT-0500 (Eastern Standar[...] Deleted : user_pref("CT3184201.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT3184201.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT3184201.LastLogin_3.14.1.0", "Wed Aug 22 2012 18:38:53 GMT-0400 (Eastern Daylight Time)[...] Deleted : user_pref("CT3184201.LastLogin_3.15.1.0", "Mon Nov 05 2012 20:45:30 GMT-0500 (Eastern Standard Time)[...] Deleted : user_pref("CT3184201.LastLogin_3.16.0.3", "Sun Nov 11 2012 18:44:29 GMT-0500 (Eastern Standard Time)[...] Deleted : user_pref("CT3184201.LatestVersion", "3.16.0.3"); Deleted : user_pref("CT3184201.Locale", "en"); Deleted : user_pref("CT3184201.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT3184201.MCDetectTooltipShow", false); Deleted : user_pref("CT3184201.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT3184201.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT3184201.MyStuffEnabledAtInstallation", true); Deleted : user_pref("CT3184201.OriginalFirstVersion", "3.14.1.0"); Deleted : user_pref("CT3184201.RadioIsPodcast", false); Deleted : user_pref("CT3184201.RadioLastCheckTime", "Tue Aug 14 2012 14:16:16 GMT-0400 (Eastern Daylight Time)[...] Deleted : user_pref("CT3184201.RadioLastUpdateIPServer", "0"); Deleted : user_pref("CT3184201.RadioMediaID", "9962"); Deleted : user_pref("CT3184201.RadioMediaType", "Media Player"); Deleted : user_pref("CT3184201.RadioMenuSelectedID", "EBRadioMenu_CT31842019962"); Deleted : user_pref("CT3184201.RadioShrinkedFromSetup", false); Deleted : user_pref("CT3184201.RadioStationName", "California%20Rock"); Deleted : user_pref("CT3184201.RadioStationURL", "hxxp://feedlive.net/california.asx"); Deleted : user_pref("CT3184201.SHRINK_TOOLBAR", 1); Deleted : user_pref("CT3184201.SavedHomepage", "hxxp://www.google.ca/"); Deleted : user_pref("CT3184201.SearchBackToDefaultEngine", false); Deleted : user_pref("CT3184201.SearchBoxWidth", 10); Deleted : user_pref("CT3184201.SearchCaption", "midicairus Customized Web Search"); Deleted : user_pref("CT3184201.SearchEngineBeforeUnload", "midicairus Customized Web Search"); Deleted : user_pref("CT3184201.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT3184201.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT318[...] Deleted : user_pref("CT3184201.SearchInNewTabEnabled", true); Deleted : user_pref("CT3184201.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT3184201.SearchInNewTabLastCheckTime", "Sun Nov 11 2012 12:45:47 GMT-0500 (Eastern Stand[...] Deleted : user_pref("CT3184201.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT3184201.SearchInNewTabUserEnabled", false); Deleted : user_pref("CT3184201.SearchProtectorEnabled", true); Deleted : user_pref("CT3184201.SearchProtectorToolbarDisabled", false); Deleted : user_pref("CT3184201.SendProtectorDataViaLogin", true); Deleted : user_pref("CT3184201.ServiceMapLastCheckTime", "Sun Nov 11 2012 12:45:47 GMT-0500 (Eastern Standard [...] Deleted : user_pref("CT3184201.SettingsLastCheckTime", "Sun Nov 11 2012 18:44:18 GMT-0500 (Eastern Standard Ti[...] Deleted : user_pref("CT3184201.SettingsLastUpdate", "1352141592"); Deleted : user_pref("CT3184201.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3184201&SearchSource=13"); Deleted : user_pref("CT3184201.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT3184201.ThirdPartyComponentsLastCheck", "Tue Aug 14 2012 14:06:56 GMT-0400 (Eastern Day[...] Deleted : user_pref("CT3184201.ThirdPartyComponentsLastUpdate", "1331805997"); Deleted : user_pref("CT3184201.ToolbarShrinkedFromSetup", false); Deleted : user_pref("CT3184201.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3184201"); Deleted : user_pref("CT3184201.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Deleted : user_pref("CT3184201.UserID", "UN83779494276779289"); Deleted : user_pref("CT3184201.WeatherNetwork", ""); Deleted : user_pref("CT3184201.WeatherPollDate", "Tue Aug 14 2012 14:07:22 GMT-0400 (Eastern Daylight Time)"); Deleted : user_pref("CT3184201.WeatherUnit", "C"); Deleted : user_pref("CT3184201.alertChannelId", "1594758"); Deleted : user_pref("CT3184201.approveUntrustedApps", false); Deleted : user_pref("CT3184201.autoDisableScopes", -1); Deleted : user_pref("CT3184201.backendstorage.c2p_iframe_md5", "6537663536626130396366633837326231393531333264[...] Deleted : user_pref("CT3184201.backendstorage.cbcountry_001", "4341"); Deleted : user_pref("CT3184201.backendstorage.cbfirsttime", "5475652041756720313420323031322031343A30373A33362[...] Deleted : user_pref("CT3184201.backendstorage.installationdate14cd7187-6ab1-4fa7-a5ac-ddfa5773148a", "31333434[...] Deleted : user_pref("CT3184201.backendstorage.shoppingapp.gk.exipres", "53756E2041756720313920323031322031343A[...] Deleted : user_pref("CT3184201.backendstorage.shoppingapp.gk.geolocation", "63616E616461"); Deleted : user_pref("CT3184201.backendstorage.toolbarappheartbeat", "7B2231346364373138372D366162312D346661372[...] Deleted : user_pref("CT3184201.backendstorage.toolbarnotificationqueue", "5B7B22617070223A2231346364373138372D[...] Deleted : user_pref("CT3184201.backendstorage.toolbarnotificationsettings", "7B2273656E644E6F74696669636174696[...] Deleted : user_pref("CT3184201.backendstorage.toolbarnotificationuserid", "3638393437303137373637"); Deleted : user_pref("CT3184201.components.1000034", false); Deleted : user_pref("CT3184201.components.1000082", false); Deleted : user_pref("CT3184201.components.1000234", false); Deleted : user_pref("CT3184201.components.129724205034145620", false); Deleted : user_pref("CT3184201.components.129724205036020587", false); Deleted : user_pref("CT3184201.components.129724205037114317", false); Deleted : user_pref("CT3184201.components.129724205037270565", false); Deleted : user_pref("CT3184201.components.129724205037426813", false); Deleted : user_pref("CT3184201.components.129724205037739308", false); Deleted : user_pref("CT3184201.components.129724205038051804", false); Deleted : user_pref("CT3184201.components.129724205038520546", false); Deleted : user_pref("CT3184201.components.129724205039301782", false); Deleted : user_pref("CT3184201.components.129724205040551760", false); Deleted : user_pref("CT3184201.components.1330956386000", false); Deleted : user_pref("CT3184201.components.1958179879799928720", false); Deleted : user_pref("CT3184201.components.4950963945127914423", false); Deleted : user_pref("CT3184201.components.5342832749374672449", false); Deleted : user_pref("CT3184201.components.6565815752657123216", false); Deleted : user_pref("CT3184201.components.8446616961328789392", false); Deleted : user_pref("CT3184201.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Deleted : user_pref("CT3184201.globalFirstTimeInfoLastCheckTime", "Tue Aug 14 2012 14:07:05 GMT-0400 (Eastern [...] Deleted : user_pref("CT3184201.homepageProtectorEnableByLogin", true); Deleted : user_pref("CT3184201.initDone", true); Deleted : user_pref("CT3184201.isAppTrackingManagerOn", true); Deleted : user_pref("CT3184201.isFirstRadioInstallation", false); Deleted : user_pref("CT3184201.isSearchProtectorNotifyChanges", false); Deleted : user_pref("CT3184201.myStuffEnabled", true); Deleted : user_pref("CT3184201.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT3184201.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT3184201.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT3184201.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT3184201.navigateToUrlOnSearch", false); Deleted : user_pref("CT3184201.revertSettingsEnabled", false); Deleted : user_pref("CT3184201.searchProtectorDialogDelayInSec", 10); Deleted : user_pref("CT3184201.searchProtectorEnableByLogin", true); Deleted : user_pref("CT3184201.testingCtid", ""); Deleted : user_pref("CT3184201.toolbarAppMetaDataLastCheckTime", "Sat Nov 10 2012 22:23:40 GMT-0500 (Eastern S[...] Deleted : user_pref("CT3184201.toolbarContextMenuLastCheckTime", "Tue Aug 14 2012 14:07:23 GMT-0400 (Eastern D[...] Deleted : user_pref("CT3184201.usageEnabled", false); Deleted : user_pref("CT3184201.usagesFlag", 2); Deleted : user_pref("CT3244149.1000082.isPlayDisplay", "true"); Deleted : user_pref("CT3244149.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Deleted : user_pref("CT3244149.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3244149.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Deleted : user_pref("CT3244149.FirstTime", "true"); Deleted : user_pref("CT3244149.FirstTimeFF3", "true"); Deleted : user_pref("CT3244149.LoginRevertSettingsEnabled", true); Deleted : user_pref("CT3244149.RevertSettingsEnabled", false); Deleted : user_pref("CT3244149.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT324[...] Deleted : user_pref("CT3244149.UserID", "UN65507178376944810"); Deleted : user_pref("CT3244149.UserId", "ac0b5b70-c29b-3806-1024-733b90b66a1d"); Deleted : user_pref("CT3244149.addressBarTakeOverEnabledInHidden", "true"); Deleted : user_pref("CT3244149.autoDisableScopes", 14); Deleted : user_pref("CT3244149.browser.search.defaultthis.engineName", true); Deleted : user_pref("CT3244149.defaultSearch", "true"); Deleted : user_pref("CT3244149.embeddedsData", "[{\"appId\":\"129895725399351616\",\"apiPermissions\":{\"cross[...] Deleted : user_pref("CT3244149.enableAlerts", "always"); Deleted : user_pref("CT3244149.enableSearchFromAddressBar", "true"); Deleted : user_pref("CT3244149.firstTimeDialogOpened", "true"); Deleted : user_pref("CT3244149.fixPageNotFoundError", "true"); Deleted : user_pref("CT3244149.fixPageNotFoundErrorInHidden", "true"); Deleted : user_pref("CT3244149.fixUrls", true); Deleted : user_pref("CT3244149.hxxp___api31_starwebnet_com.pid2", "7cfaa287c591ff5b"); Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_cache", "[\"c822c1b63853ed273b89[...] Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_defaultGui", "{\"gui\":[{\"type\[...] Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_settings", "{\"initUrl\":\"hxxp:[...] Deleted : user_pref("CT3244149.installId", "230"); Deleted : user_pref("CT3244149.installType", "conduitnsisintegration"); Deleted : user_pref("CT3244149.isCheckedStartAsHidden", true); Deleted : user_pref("CT3244149.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3244149.isFirstTimeToolbarLoading", "false"); Deleted : user_pref("CT3244149.isNewTabEnabled", true); Deleted : user_pref("CT3244149.isPerformedSmartBarTransition", "true"); Deleted : user_pref("CT3244149.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Deleted : user_pref("CT3244149.keyword", true); Deleted : user_pref("CT3244149.migrateAppsAndComponents", true); Deleted : user_pref("CT3244149.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...] Deleted : user_pref("CT3244149.openThankYouPage", "false"); Deleted : user_pref("CT3244149.openUninstallPage", "true"); Deleted : user_pref("CT3244149.search.searchAppId", "129895725399351616"); Deleted : user_pref("CT3244149.search.searchCount", "0"); Deleted : user_pref("CT3244149.searchInNewTabEnabledInHidden", "true"); Deleted : user_pref("CT3244149.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3244149.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Deleted : user_pref("CT3244149.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Deleted : user_pref("CT3244149.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...] Deleted : user_pref("CT3244149.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1351126706288"); Deleted : user_pref("CT3244149.serviceLayer_services_appsMetadata_lastUpdate", "1351126705866"); Deleted : user_pref("CT3244149.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1351126708578"); Deleted : user_pref("CT3244149.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352250572479"); Deleted : user_pref("CT3244149.serviceLayer_services_login_10.13.30.23_lastUpdate", "1352677605926"); Deleted : user_pref("CT3244149.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1351126708786"); Deleted : user_pref("CT3244149.serviceLayer_services_searchAPI_lastUpdate", "1351126700127"); Deleted : user_pref("CT3244149.serviceLayer_services_serviceMap_lastUpdate", "1352604667668"); Deleted : user_pref("CT3244149.serviceLayer_services_toolbarContextMenu_lastUpdate", "1351126708386"); Deleted : user_pref("CT3244149.serviceLayer_services_toolbarSettings_lastUpdate", "1352677605097"); Deleted : user_pref("CT3244149.serviceLayer_services_translation_lastUpdate", "1352604668043"); Deleted : user_pref("CT3244149.settingsINI", true); Deleted : user_pref("CT3244149.shouldFirstTimeDialog", "false"); Deleted : user_pref("CT3244149.smartbar.CTID", "CT3244149"); Deleted : user_pref("CT3244149.smartbar.Uninstall", "0"); Deleted : user_pref("CT3244149.smartbar.homepage", true); Deleted : user_pref("CT3244149.smartbar.isHidden", true); Deleted : user_pref("CT3244149.smartbar.toolbarName", "WhiteSmoke US New "); Deleted : user_pref("CT3244149.toolbarBornServerTime", "25-10-2012"); Deleted : user_pref("CT3244149.toolbarCurrentServerTime", "12-11-2012"); Deleted : user_pref("CT3244149_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3184201&Search[...] Deleted : user_pref("CommunityToolbar.ConduitSearchList", "midicairus Customized Web Search"); Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3184201/CT3184201[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1594758/1588784/CA", "\"0\"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3184201", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3184201",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"c22[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/15846407.xml", "\"b5c1b099f0faf3bdd04[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16190898.xml", "\"44d63de91094a3204da[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16727535.xml", "\"4115d32c6b10efa7998[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17461978.xml", "\"907d277e366d25c8289[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/18676177.xml", "\"360c6d1d473d13c0319[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19058681.xml", "\"7b9cb85b4cc42636969[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19554706.xml", "\"47f210528dd122b471b[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21324258.xml", "\"21eb88f1cd73d13f679[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21879024.xml", "\"76dd52cf46502ecb1a8[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2883841.xml", "\"083e902d554781d2d9b2[...] Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Nicholas\\AppData\\Roaming\\Mozilla[...] Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0"); Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3184201"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3184201"); Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3184201"); Deleted : user_pref("CommunityToolbar.globalUserId", "683cc191-be3d-4357-a317-c5d6f1f6524d"); Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Aug 14 2012 14:07:2[...] Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true); Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Aug 14 2012 14:16:13 GMT-040[...] Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.locale", "en"); Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Aug 14 2012 14:07:01 GMT-0400 (E[...] Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.notifications.userId", "df4fc857-abfd-4763-98c1-d1bec3dccb41"); Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.ca/"); Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...] Deleted : user_pref("CommunityToolbar.twitter.user_15846407.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Deleted : user_pref("CommunityToolbar.twitter.user_16190898.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Deleted : user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Deleted : user_pref("CommunityToolbar.twitter.user_17461978.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Deleted : user_pref("CommunityToolbar.twitter.user_18676177.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Deleted : user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Deleted : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Deleted : user_pref("CommunityToolbar.twitter.user_21324258.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Deleted : user_pref("CommunityToolbar.twitter.user_21879024.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Deleted : user_pref("CommunityToolbar.twitter.user_2883841.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400 [...] Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=1[...] Deleted : user_pref("Smartbar.ConduitSearchEngineList", ""); Deleted : user_pref("Smartbar.ConduitSearchUrlList", ""); Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.sweetim.com/search.asp?src=2&crg=3[...] Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3244149"); Deleted : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={35D3E4C2-197C-11E2-B531-3CD9[...] Deleted : user_pref("browser.search.defaultenginename", "SweetIM Search"); Deleted : user_pref("browser.search.defaultthis.engineName", "midicairus Customized Web Search"); Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=13"); Deleted : user_pref("extensions.claro.admin", false); Deleted : user_pref("extensions.claro.aflt", "babsst"); Deleted : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}"); Deleted : user_pref("extensions.claro.dfltLng", "en"); Deleted : user_pref("extensions.claro.excTlbr", false); Deleted : user_pref("extensions.claro.id", "aa252abb0000000000003cd92b22e57c"); Deleted : user_pref("extensions.claro.instlDay", "15633"); Deleted : user_pref("extensions.claro.instlRef", "sst"); Deleted : user_pref("extensions.claro.prdct", "claro"); Deleted : user_pref("extensions.claro.prtnrId", "claro"); Deleted : user_pref("extensions.claro.tlbrId", "claro"); Deleted : user_pref("extensions.claro.tlbrSrchUrl", ""); Deleted : user_pref("extensions.claro.vrsn", "1.8.3.10"); Deleted : user_pref("extensions.claro.vrsni", "1.8.3.10"); Deleted : user_pref("extensions.claro_i.smplGrp", "none"); Deleted : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1020:14:02"); Deleted : user_pref("extensions.funmoods.aflt", "stonicrio"); Deleted : user_pref("extensions.funmoods.autoRvrt", false); Deleted : user_pref("extensions.funmoods.cntry", "CA"); Deleted : user_pref("extensions.funmoods.cv", "cv5"); Deleted : user_pref("extensions.funmoods.dfltLng", ""); Deleted : user_pref("extensions.funmoods.dfltSrch", true); Deleted : user_pref("extensions.funmoods.dnsErr", true); Deleted : user_pref("extensions.funmoods.envrmnt", "production"); Deleted : user_pref("extensions.funmoods.excTlbr", false); Deleted : user_pref("extensions.funmoods.hdrMd5", "88FDA2133CF6650357E9AF44822B6CE9"); Deleted : user_pref("extensions.funmoods.hmpg", true); Deleted : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=stonicrio&chnl=stonicrio&[...] Deleted : user_pref("extensions.funmoods.id", "D0DF9A85FCC02ABB"); Deleted : user_pref("extensions.funmoods.instlDay", "15645"); Deleted : user_pref("extensions.funmoods.instlRef", "stonicrio"); Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true); Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2220:18:26"); Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0"); Deleted : user_pref("extensions.funmoods.newTab", true); Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=stonicrio&chnl=stonicri[...] Deleted : user_pref("extensions.funmoods.prdct", "funmoods"); Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods"); Deleted : user_pref("extensions.funmoods.sg", "none"); Deleted : user_pref("extensions.funmoods.smplGrp", "none"); Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search"); Deleted : user_pref("extensions.funmoods.tlbrId", "base"); Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=stonicrio&chnl=stonic[...] Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22"); Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2220:18:26"); Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22"); Deleted : user_pref("extensions.funmoods_i.newTab", true); Deleted : user_pref("extensions.funmoods_i.smplGrp", "none"); Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2220:18:26"); Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3244149&SearchSource=2&q=[...] Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...] Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.sweetim.com/search.asp?barid={35D3E4C2[...] Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1352338854822"); Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true"); Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10002"); Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); Deleted : user_pref("sweetim.toolbar.cda.returnValue", "hide"); Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...] Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335"); Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...] Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761"); Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...] Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300"); Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...] Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500"); Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...] Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150"); Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove"); Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp"); Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530"); Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...] Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "true"); Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); Deleted : user_pref("sweetim.toolbar.mode.debug", "false"); Deleted : user_pref("sweetim.toolbar.newtab.created", "true"); Deleted : user_pref("sweetim.toolbar.newtab.enable", "true"); Deleted : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab"); Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.conduit.com/ResultsEx[...] Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "midicairus Customized Web Searc[...] Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.ca/"); Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...] Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...] Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*"); Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "true"); Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js"); Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*"); Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false"); Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS"); Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js"); Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false"); Deleted : user_pref("sweetim.toolbar.scripts.2.callback", ""); Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...] Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", ""); Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script"); Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false"); Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad"); Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...] Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...] Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10"); Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false"); Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); Deleted : user_pref("sweetim.toolbar.simapp_id", "{35D3E4C2-197C-11E2-B531-3CD92B22E57C}"); Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={35D3[...] Deleted : user_pref("sweetim.toolbar.version", "1.7.0.3"); -\\ Google Chrome v [unable to get version] File : C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.27] : search_url = "hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=stonicrio&chnl=stonicrio&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0AzzyD0F0C0CtDtB0A0B0BtN0D0Tzu0CtAtDyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=238377420", Deleted [l.1822] : urls_to_restore_on_startup ="session" : {"restore_on_startup": 4, [ "hxxp://searchfunmoods.com/?f=1&a=stonicrio&chnl=stonicrio&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0AzzyD0F0C0CtDtB0A0B0BtN0D0Tzu0CtAtDyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=238377420" ]}, ************************* AdwCleaner[R1].txt - [55436 octets] - [11/11/2012 21:12:03] AdwCleaner[R2].txt - [55497 octets] - [11/11/2012 21:24:46] AdwCleaner[s1].txt - [56294 octets] - [11/11/2012 21:25:21] ########## EOF - C:\AdwCleaner[s1].txt - [56355 octets] ##########
  3. Thanks, here is the log as per request. # AdwCleaner v2.007 - Logfile created 11/11/2012 at 21:12:03 # Updated 06/11/2012 by Xplode # Operating system : Windows 7 Starter Service Pack 1 (32 bits) # User : Nicholas - NICHOLAS-HP # Boot Mode : Normal # Running from : C:\Users\Nicholas\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** Found : WajamUpdater ***** [Files / Folders] ***** File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi File Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\searchplugins\Conduit.xml File Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\searchplugins\funmoods.xml File Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\searchplugins\SweetIm.xml Folder Found : C:\Program Files\Claro LTD Folder Found : C:\Program Files\Conduit Folder Found : C:\Program Files\midicairus Folder Found : C:\Program Files\SweetIM Folder Found : C:\Program Files\Wajam Folder Found : C:\Program Files\WhiteSmoke_US_New Folder Found : C:\Program Files\Yontoo Folder Found : C:\Program Files\ZoneAlarm_Security Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\SweetIM Folder Found : C:\ProgramData\Tarma Installer Folder Found : C:\Users\Nicholas\AppData\Local\Conduit Folder Found : C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Folder Found : C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif Folder Found : C:\Users\Nicholas\AppData\Local\Softonic Folder Found : C:\Users\Nicholas\AppData\Local\Wajam Folder Found : C:\Users\Nicholas\AppData\LocalLow\Claro LTD Folder Found : C:\Users\Nicholas\AppData\LocalLow\Conduit Folder Found : C:\Users\Nicholas\AppData\LocalLow\midicairus Folder Found : C:\Users\Nicholas\AppData\LocalLow\PriceGong Folder Found : C:\Users\Nicholas\AppData\LocalLow\SweetIM Folder Found : C:\Users\Nicholas\AppData\LocalLow\WhiteSmoke_US_New Folder Found : C:\Users\Nicholas\AppData\LocalLow\ZoneAlarm_Security Folder Found : C:\Users\Nicholas\AppData\Roaming\Babylon Folder Found : C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic Folder Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\ConduitCommon Folder Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\CT3184201 Folder Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\CT3244149 Folder Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\extensions\{462be121-2b54-4218-bf00-b9bf8135b23f} Folder Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546} Folder Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\extensions\{efb1e45a-148d-40f9-a3f0-09d5577f9970} Folder Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\extensions\plugin@yontoo.com Folder Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\Smartbar Folder Found : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\SweetPacksToolbarData ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\midicairus Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AppDataLow\Software\WhiteSmoke_US_New Key Found : HKCU\Software\AppDataLow\Software\ZoneAlarm_Security Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\Claro LTD Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Found : HKCU\Software\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EFB1E45A-148D-40F9-A3F0-09D5577F9970} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{156F4006-0999-4E54-9ED3-B7B064D3DD0A} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EFB1E45A-148D-40F9-A3F0-09D5577F9970} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FEB40468-2C9A-4868-A0A2-A5318974F879} Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\Wajam Key Found : HKLM\Software\Babylon Key Found : HKLM\Software\Claro LTD Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Found : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884} Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Classes\CLSID\{156F4006-0999-4E54-9ED3-B7B064D3DD0A} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{7748CAF2-26F7-4B07-91CB-2A51B5FF2764} Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Found : HKLM\SOFTWARE\Classes\CLSID\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} Key Found : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610} Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EFB1E45A-148D-40F9-A3F0-09D5577F9970} Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Found : HKLM\SOFTWARE\Classes\CLSID\{FEB40468-2C9A-4868-A0A2-A5318974F879} Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Key Found : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\sim-packages Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2645238 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3184201 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3244149 Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Found : HKLM\Software\Conduit Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F381440-66BC-4935-8D40-6A9BA029DE6C} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87947F05-398D-4C6C-895E-2CEF418476FE} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A66349A1-F508-46FD-8DF9-CD55F1400617} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4034DD3-8E42-4902-BB7D-59D83E81EEC5} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC7CCCAF-4252-4510-A9CC-7A02E895C012} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE979D54-5944-4F97-98DC-6F8A18DFD9AB} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFB1E45A-148D-40F9-A3F0-09D5577F9970} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{156F4006-0999-4E54-9ED3-B7B064D3DD0A} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7748CAF2-26F7-4B07-91CB-2A51B5FF2764} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FEB40468-2C9A-4868-A0A2-A5318974F879} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\midicairus Toolbar Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_US_New Toolbar Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm_Security Toolbar Key Found : HKLM\Software\midicairus Key Found : HKLM\Software\Wajam Key Found : HKLM\Software\WhiteSmoke_US_New Key Found : HKLM\Software\ZoneAlarm_Security Key Found : HKU\S-1-5-21-3874675856-2089664676-3425865324-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKU\S-1-5-21-3874675856-2089664676-3425865324-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKU\S-1-5-21-3874675856-2089664676-3425865324-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Key Found : HKU\S-1-5-21-3874675856-2089664676-3425865324-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{462BE121-2B54-4218-BF00-B9BF8135B23F}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetIM] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetpacks Communicator] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchfunmoods.com/?f=1&a=stonicrio&chnl=stonicrio&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0AzzyD0F0C0CtDtB0A0B0BtN0D0Tzu0CtAtDyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=238377420 [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://searchfunmoods.com/?f=2&a=stonicrio&chnl=stonicrio&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0AzzyD0F0C0CtDtB0A0B0BtN0D0Tzu0CtAtDyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=238377420 -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\Nicholas\AppData\Roaming\Mozilla\Firefox\Profiles\tnry80vq.default\prefs.js Found : user_pref("CT3184201..clientLogIsEnabled", false); Found : user_pref("CT3184201..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Found : user_pref("CT3184201..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Found : user_pref("CT3184201.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Found : user_pref("CT3184201.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Found : user_pref("CT3184201.BrowserCompStateIsOpen_129724205037270565", true); Found : user_pref("CT3184201.BrowserCompStateIsOpen_129724205037426813", true); Found : user_pref("CT3184201.BrowserCompStateIsOpen_1330956386000", true); Found : user_pref("CT3184201.BrowserCompStateIsOpen_6565815752657123216", true); Found : user_pref("CT3184201.CTID", "CT3184201"); Found : user_pref("CT3184201.CommunitiesChangesLastCheckTime", "0"); Found : user_pref("CT3184201.CurrentServerDate", "12-11-2012"); Found : user_pref("CT3184201.DSInstall", true); Found : user_pref("CT3184201.DialogsAlignMode", "LTR"); Found : user_pref("CT3184201.DialogsGetterLastCheckTime", "Sat Nov 10 2012 22:23:40 GMT-0500 (Eastern Standa[...] Found : user_pref("CT3184201.DownloadReferralCookieData", ""); Found : user_pref("CT3184201.EMailNotifierPollDate", "Tue Aug 14 2012 14:12:31 GMT-0400 (Eastern Daylight Ti[...] Found : user_pref("CT3184201.EnableClickToSearchBox", false); Found : user_pref("CT3184201.EnableSearchHistory", false); Found : user_pref("CT3184201.EnableSearchSuggest", false); Found : user_pref("CT3184201.ExternalComponentPollDate5342832749374672449", "Tue Aug 14 2012 14:14:52 GMT-04[...] Found : user_pref("CT3184201.FeedLastCount129724205037739308", 200); Found : user_pref("CT3184201.FeedPollDate129237173390688207", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Found : user_pref("CT3184201.FeedPollDate129237173390688210", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Found : user_pref("CT3184201.FeedPollDate129238703378572556", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Found : user_pref("CT3184201.FeedPollDate129238703378572557", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Found : user_pref("CT3184201.FeedPollDate129238703378572558", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Found : user_pref("CT3184201.FeedPollDate129238703378572559", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Found : user_pref("CT3184201.FeedPollDate129238703378572560", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Found : user_pref("CT3184201.FeedPollDate129238824209885828", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Found : user_pref("CT3184201.FeedPollDate129238824209885829", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Found : user_pref("CT3184201.FeedPollDate129238824209885830", "Tue Aug 14 2012 14:07:20 GMT-0400 (Eastern Da[...] Found : user_pref("CT3184201.FeedTTL129237173390688207", 40); Found : user_pref("CT3184201.FeedTTL129237173390688210", 40); Found : user_pref("CT3184201.FeedTTL129238703378572556", 40); Found : user_pref("CT3184201.FeedTTL129238703378572557", 40); Found : user_pref("CT3184201.FeedTTL129238703378572558", 40); Found : user_pref("CT3184201.FeedTTL129238703378572559", 40); Found : user_pref("CT3184201.FeedTTL129238703378572560", 40); Found : user_pref("CT3184201.FeedTTL129238824209885828", 40); Found : user_pref("CT3184201.FeedTTL129238824209885829", 40); Found : user_pref("CT3184201.FeedTTL129238824209885830", 40); Found : user_pref("CT3184201.FirstServerDate", "14-8-2012"); Found : user_pref("CT3184201.FirstTime", true); Found : user_pref("CT3184201.FirstTimeFF3", true); Found : user_pref("CT3184201.FirstTimeHiddenVer", true); Found : user_pref("CT3184201.FixPageNotFoundErrors", false); Found : user_pref("CT3184201.GroupingInvalidateCache", false); Found : user_pref("CT3184201.GroupingLastCheckTime", "0"); Found : user_pref("CT3184201.GroupingLastServerUpdateTime", "0"); Found : user_pref("CT3184201.GroupingServerCheckInterval", 1440); Found : user_pref("CT3184201.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Found : user_pref("CT3184201.HPChangedManually", false); Found : user_pref("CT3184201.HPInstall", true); Found : user_pref("CT3184201.HasUserGlobalKeys", true); Found : user_pref("CT3184201.HomePageProtectorEnabled", true); Found : user_pref("CT3184201.HomepageBeforeUnload", "hxxp://www.google.ca/"); Found : user_pref("CT3184201.Initialize", true); Found : user_pref("CT3184201.InitializeCommonPrefs", true); Found : user_pref("CT3184201.InstallationAndCookieDataSentCount", 3); Found : user_pref("CT3184201.InstallationId", "conduitinstaller.exe"); Found : user_pref("CT3184201.InstallationType", "ConduitNSISIntegration"); Found : user_pref("CT3184201.InstalledDate", "Tue Aug 14 2012 14:07:06 GMT-0400 (Eastern Daylight Time)"); Found : user_pref("CT3184201.InvalidateCache", false); Found : user_pref("CT3184201.IsAlertDBUpdated", true); Found : user_pref("CT3184201.IsGrouping", false); Found : user_pref("CT3184201.IsInitSetupIni", true); Found : user_pref("CT3184201.IsMulticommunity", false); Found : user_pref("CT3184201.IsOpenThankYouPage", false); Found : user_pref("CT3184201.IsOpenUninstallPage", false); Found : user_pref("CT3184201.IsProtectorsInit", true); Found : user_pref("CT3184201.LanguagePackLastCheckTime", "Sat Nov 10 2012 22:23:40 GMT-0500 (Eastern Standar[...] Found : user_pref("CT3184201.LanguagePackReloadIntervalMM", 1440); Found : user_pref("CT3184201.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Found : user_pref("CT3184201.LastLogin_3.14.1.0", "Wed Aug 22 2012 18:38:53 GMT-0400 (Eastern Daylight Time)[...] Found : user_pref("CT3184201.LastLogin_3.15.1.0", "Mon Nov 05 2012 20:45:30 GMT-0500 (Eastern Standard Time)[...] Found : user_pref("CT3184201.LastLogin_3.16.0.3", "Sun Nov 11 2012 18:44:29 GMT-0500 (Eastern Standard Time)[...] Found : user_pref("CT3184201.LatestVersion", "3.16.0.3"); Found : user_pref("CT3184201.Locale", "en"); Found : user_pref("CT3184201.MCDetectTooltipHeight", "83"); Found : user_pref("CT3184201.MCDetectTooltipShow", false); Found : user_pref("CT3184201.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Found : user_pref("CT3184201.MCDetectTooltipWidth", "295"); Found : user_pref("CT3184201.MyStuffEnabledAtInstallation", true); Found : user_pref("CT3184201.OriginalFirstVersion", "3.14.1.0"); Found : user_pref("CT3184201.RadioIsPodcast", false); Found : user_pref("CT3184201.RadioLastCheckTime", "Tue Aug 14 2012 14:16:16 GMT-0400 (Eastern Daylight Time)[...] Found : user_pref("CT3184201.RadioLastUpdateIPServer", "0"); Found : user_pref("CT3184201.RadioMediaID", "9962"); Found : user_pref("CT3184201.RadioMediaType", "Media Player"); Found : user_pref("CT3184201.RadioMenuSelectedID", "EBRadioMenu_CT31842019962"); Found : user_pref("CT3184201.RadioShrinkedFromSetup", false); Found : user_pref("CT3184201.RadioStationName", "California%20Rock"); Found : user_pref("CT3184201.RadioStationURL", "hxxp://feedlive.net/california.asx"); Found : user_pref("CT3184201.SHRINK_TOOLBAR", 1); Found : user_pref("CT3184201.SavedHomepage", "hxxp://www.google.ca/"); Found : user_pref("CT3184201.SearchBackToDefaultEngine", false); Found : user_pref("CT3184201.SearchBoxWidth", 10); Found : user_pref("CT3184201.SearchCaption", "midicairus Customized Web Search"); Found : user_pref("CT3184201.SearchEngineBeforeUnload", "midicairus Customized Web Search"); Found : user_pref("CT3184201.SearchFromAddressBarIsInit", true); Found : user_pref("CT3184201.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT318[...] Found : user_pref("CT3184201.SearchInNewTabEnabled", true); Found : user_pref("CT3184201.SearchInNewTabIntervalMM", 1440); Found : user_pref("CT3184201.SearchInNewTabLastCheckTime", "Sun Nov 11 2012 12:45:47 GMT-0500 (Eastern Stand[...] Found : user_pref("CT3184201.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Found : user_pref("CT3184201.SearchInNewTabUserEnabled", false); Found : user_pref("CT3184201.SearchProtectorEnabled", true); Found : user_pref("CT3184201.SearchProtectorToolbarDisabled", false); Found : user_pref("CT3184201.SendProtectorDataViaLogin", true); Found : user_pref("CT3184201.ServiceMapLastCheckTime", "Sun Nov 11 2012 12:45:47 GMT-0500 (Eastern Standard [...] Found : user_pref("CT3184201.SettingsLastCheckTime", "Sun Nov 11 2012 18:44:18 GMT-0500 (Eastern Standard Ti[...] Found : user_pref("CT3184201.SettingsLastUpdate", "1352141592"); Found : user_pref("CT3184201.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3184201&SearchSource=13"); Found : user_pref("CT3184201.ThirdPartyComponentsInterval", 504); Found : user_pref("CT3184201.ThirdPartyComponentsLastCheck", "Tue Aug 14 2012 14:06:56 GMT-0400 (Eastern Day[...] Found : user_pref("CT3184201.ThirdPartyComponentsLastUpdate", "1331805997"); Found : user_pref("CT3184201.ToolbarShrinkedFromSetup", false); Found : user_pref("CT3184201.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3184201"); Found : user_pref("CT3184201.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Found : user_pref("CT3184201.UserID", "UN83779494276779289"); Found : user_pref("CT3184201.WeatherNetwork", ""); Found : user_pref("CT3184201.WeatherPollDate", "Tue Aug 14 2012 14:07:22 GMT-0400 (Eastern Daylight Time)"); Found : user_pref("CT3184201.WeatherUnit", "C"); Found : user_pref("CT3184201.alertChannelId", "1594758"); Found : user_pref("CT3184201.approveUntrustedApps", false); Found : user_pref("CT3184201.autoDisableScopes", -1); Found : user_pref("CT3184201.backendstorage.c2p_iframe_md5", "6537663536626130396366633837326231393531333264[...] Found : user_pref("CT3184201.backendstorage.cbcountry_001", "4341"); Found : user_pref("CT3184201.backendstorage.cbfirsttime", "5475652041756720313420323031322031343A30373A33362[...] Found : user_pref("CT3184201.backendstorage.installationdate14cd7187-6ab1-4fa7-a5ac-ddfa5773148a", "31333434[...] Found : user_pref("CT3184201.backendstorage.shoppingapp.gk.exipres", "53756E2041756720313920323031322031343A[...] Found : user_pref("CT3184201.backendstorage.shoppingapp.gk.geolocation", "63616E616461"); Found : user_pref("CT3184201.backendstorage.toolbarappheartbeat", "7B2231346364373138372D366162312D346661372[...] Found : user_pref("CT3184201.backendstorage.toolbarnotificationqueue", "5B7B22617070223A2231346364373138372D[...] Found : user_pref("CT3184201.backendstorage.toolbarnotificationsettings", "7B2273656E644E6F74696669636174696[...] Found : user_pref("CT3184201.backendstorage.toolbarnotificationuserid", "3638393437303137373637"); Found : user_pref("CT3184201.components.1000034", false); Found : user_pref("CT3184201.components.1000082", false); Found : user_pref("CT3184201.components.1000234", false); Found : user_pref("CT3184201.components.129724205034145620", false); Found : user_pref("CT3184201.components.129724205036020587", false); Found : user_pref("CT3184201.components.129724205037114317", false); Found : user_pref("CT3184201.components.129724205037270565", false); Found : user_pref("CT3184201.components.129724205037426813", false); Found : user_pref("CT3184201.components.129724205037739308", false); Found : user_pref("CT3184201.components.129724205038051804", false); Found : user_pref("CT3184201.components.129724205038520546", false); Found : user_pref("CT3184201.components.129724205039301782", false); Found : user_pref("CT3184201.components.129724205040551760", false); Found : user_pref("CT3184201.components.1330956386000", false); Found : user_pref("CT3184201.components.1958179879799928720", false); Found : user_pref("CT3184201.components.4950963945127914423", false); Found : user_pref("CT3184201.components.5342832749374672449", false); Found : user_pref("CT3184201.components.6565815752657123216", false); Found : user_pref("CT3184201.components.8446616961328789392", false); Found : user_pref("CT3184201.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Found : user_pref("CT3184201.globalFirstTimeInfoLastCheckTime", "Tue Aug 14 2012 14:07:05 GMT-0400 (Eastern [...] Found : user_pref("CT3184201.homepageProtectorEnableByLogin", true); Found : user_pref("CT3184201.initDone", true); Found : user_pref("CT3184201.isAppTrackingManagerOn", true); Found : user_pref("CT3184201.isFirstRadioInstallation", false); Found : user_pref("CT3184201.isSearchProtectorNotifyChanges", false); Found : user_pref("CT3184201.myStuffEnabled", true); Found : user_pref("CT3184201.myStuffPublihserMinWidth", 400); Found : user_pref("CT3184201.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Found : user_pref("CT3184201.myStuffServiceIntervalMM", 1440); Found : user_pref("CT3184201.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Found : user_pref("CT3184201.navigateToUrlOnSearch", false); Found : user_pref("CT3184201.revertSettingsEnabled", false); Found : user_pref("CT3184201.searchProtectorDialogDelayInSec", 10); Found : user_pref("CT3184201.searchProtectorEnableByLogin", true); Found : user_pref("CT3184201.testingCtid", ""); Found : user_pref("CT3184201.toolbarAppMetaDataLastCheckTime", "Sat Nov 10 2012 22:23:40 GMT-0500 (Eastern S[...] Found : user_pref("CT3184201.toolbarContextMenuLastCheckTime", "Tue Aug 14 2012 14:07:23 GMT-0400 (Eastern D[...] Found : user_pref("CT3184201.usageEnabled", false); Found : user_pref("CT3184201.usagesFlag", 2); Found : user_pref("CT3244149.1000082.isPlayDisplay", "true"); Found : user_pref("CT3244149.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Found : user_pref("CT3244149.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3244149.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Found : user_pref("CT3244149.FirstTime", "true"); Found : user_pref("CT3244149.FirstTimeFF3", "true"); Found : user_pref("CT3244149.LoginRevertSettingsEnabled", true); Found : user_pref("CT3244149.RevertSettingsEnabled", false); Found : user_pref("CT3244149.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT324[...] Found : user_pref("CT3244149.UserID", "UN65507178376944810"); Found : user_pref("CT3244149.UserId", "ac0b5b70-c29b-3806-1024-733b90b66a1d"); Found : user_pref("CT3244149.addressBarTakeOverEnabledInHidden", "true"); Found : user_pref("CT3244149.autoDisableScopes", 14); Found : user_pref("CT3244149.browser.search.defaultthis.engineName", true); Found : user_pref("CT3244149.defaultSearch", "true"); Found : user_pref("CT3244149.embeddedsData", "[{\"appId\":\"129895725399351616\",\"apiPermissions\":{\"cross[...] Found : user_pref("CT3244149.enableAlerts", "always"); Found : user_pref("CT3244149.enableSearchFromAddressBar", "true"); Found : user_pref("CT3244149.firstTimeDialogOpened", "true"); Found : user_pref("CT3244149.fixPageNotFoundError", "true"); Found : user_pref("CT3244149.fixPageNotFoundErrorInHidden", "true"); Found : user_pref("CT3244149.fixUrls", true); Found : user_pref("CT3244149.hxxp___api31_starwebnet_com.pid2", "7cfaa287c591ff5b"); Found : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_cache", "[\"c822c1b63853ed273b89[...] Found : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_defaultGui", "{\"gui\":[{\"type\[...] Found : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_settings", "{\"initUrl\":\"hxxp:[...] Found : user_pref("CT3244149.installId", "230"); Found : user_pref("CT3244149.installType", "conduitnsisintegration"); Found : user_pref("CT3244149.isCheckedStartAsHidden", true); Found : user_pref("CT3244149.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3244149.isFirstTimeToolbarLoading", "false"); Found : user_pref("CT3244149.isNewTabEnabled", true); Found : user_pref("CT3244149.isPerformedSmartBarTransition", "true"); Found : user_pref("CT3244149.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Found : user_pref("CT3244149.keyword", true); Found : user_pref("CT3244149.migrateAppsAndComponents", true); Found : user_pref("CT3244149.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...] Found : user_pref("CT3244149.openThankYouPage", "false"); Found : user_pref("CT3244149.openUninstallPage", "true"); Found : user_pref("CT3244149.search.searchAppId", "129895725399351616"); Found : user_pref("CT3244149.search.searchCount", "0"); Found : user_pref("CT3244149.searchInNewTabEnabledInHidden", "true"); Found : user_pref("CT3244149.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3244149.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Found : user_pref("CT3244149.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Found : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Found : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Found : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Found : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Found : user_pref("CT3244149.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...] Found : user_pref("CT3244149.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1351126706288"); Found : user_pref("CT3244149.serviceLayer_services_appsMetadata_lastUpdate", "1351126705866"); Found : user_pref("CT3244149.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1351126708578"); Found : user_pref("CT3244149.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352250572479"); Found : user_pref("CT3244149.serviceLayer_services_login_10.13.30.23_lastUpdate", "1352677605926"); Found : user_pref("CT3244149.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1351126708786"); Found : user_pref("CT3244149.serviceLayer_services_searchAPI_lastUpdate", "1351126700127"); Found : user_pref("CT3244149.serviceLayer_services_serviceMap_lastUpdate", "1352604667668"); Found : user_pref("CT3244149.serviceLayer_services_toolbarContextMenu_lastUpdate", "1351126708386"); Found : user_pref("CT3244149.serviceLayer_services_toolbarSettings_lastUpdate", "1352677605097"); Found : user_pref("CT3244149.serviceLayer_services_translation_lastUpdate", "1352604668043"); Found : user_pref("CT3244149.settingsINI", true); Found : user_pref("CT3244149.shouldFirstTimeDialog", "false"); Found : user_pref("CT3244149.smartbar.CTID", "CT3244149"); Found : user_pref("CT3244149.smartbar.Uninstall", "0"); Found : user_pref("CT3244149.smartbar.homepage", true); Found : user_pref("CT3244149.smartbar.isHidden", true); Found : user_pref("CT3244149.smartbar.toolbarName", "WhiteSmoke US New "); Found : user_pref("CT3244149.toolbarBornServerTime", "25-10-2012"); Found : user_pref("CT3244149.toolbarCurrentServerTime", "12-11-2012"); Found : user_pref("CT3244149_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3184201&Search[...] Found : user_pref("CommunityToolbar.ConduitSearchList", "midicairus Customized Web Search"); Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3184201/CT3184201[...] Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1594758/1588784/CA", "\"0\"[...] Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3184201", [...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...] Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3184201",[...] Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...] Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"c22[...] Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/15846407.xml", "\"b5c1b099f0faf3bdd04[...] Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16190898.xml", "\"44d63de91094a3204da[...] Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16727535.xml", "\"4115d32c6b10efa7998[...] Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17461978.xml", "\"907d277e366d25c8289[...] Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/18676177.xml", "\"360c6d1d473d13c0319[...] Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19058681.xml", "\"7b9cb85b4cc42636969[...] Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19554706.xml", "\"47f210528dd122b471b[...] Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21324258.xml", "\"21eb88f1cd73d13f679[...] Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21879024.xml", "\"76dd52cf46502ecb1a8[...] Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2883841.xml", "\"083e902d554781d2d9b2[...] Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Nicholas\\AppData\\Roaming\\Mozilla[...] Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0"); Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Found : user_pref("CommunityToolbar.ToolbarsList", "CT3184201"); Found : user_pref("CommunityToolbar.ToolbarsList2", "CT3184201"); Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3184201"); Found : user_pref("CommunityToolbar.globalUserId", "683cc191-be3d-4357-a317-c5d6f1f6524d"); Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Aug 14 2012 14:07:2[...] Found : user_pref("CommunityToolbar.notifications.alertEnabled", true); Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Aug 14 2012 14:16:13 GMT-040[...] Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Found : user_pref("CommunityToolbar.notifications.locale", "en"); Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Aug 14 2012 14:07:01 GMT-0400 (E[...] Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Found : user_pref("CommunityToolbar.notifications.userId", "df4fc857-abfd-4763-98c1-d1bec3dccb41"); Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.ca/"); Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...] Found : user_pref("CommunityToolbar.twitter.user_15846407.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Found : user_pref("CommunityToolbar.twitter.user_16190898.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Found : user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Found : user_pref("CommunityToolbar.twitter.user_17461978.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Found : user_pref("CommunityToolbar.twitter.user_18676177.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Found : user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Found : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Found : user_pref("CommunityToolbar.twitter.user_21324258.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Found : user_pref("CommunityToolbar.twitter.user_21879024.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400[...] Found : user_pref("CommunityToolbar.twitter.user_2883841.LastCheckTime", "Tue Aug 14 2012 14:09:07 GMT-0400 [...] Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=1[...] Found : user_pref("Smartbar.ConduitSearchEngineList", ""); Found : user_pref("Smartbar.ConduitSearchUrlList", ""); Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.sweetim.com/search.asp?src=2&crg=3[...] Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3244149"); Found : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={35D3E4C2-197C-11E2-B531-3CD9[...] Found : user_pref("browser.search.defaultenginename", "SweetIM Search"); Found : user_pref("browser.search.defaultthis.engineName", "midicairus Customized Web Search"); Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=13"); Found : user_pref("extensions.claro.admin", false); Found : user_pref("extensions.claro.aflt", "babsst"); Found : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}"); Found : user_pref("extensions.claro.dfltLng", "en"); Found : user_pref("extensions.claro.excTlbr", false); Found : user_pref("extensions.claro.id", "aa252abb0000000000003cd92b22e57c"); Found : user_pref("extensions.claro.instlDay", "15633"); Found : user_pref("extensions.claro.instlRef", "sst"); Found : user_pref("extensions.claro.prdct", "claro"); Found : user_pref("extensions.claro.prtnrId", "claro"); Found : user_pref("extensions.claro.tlbrId", "claro"); Found : user_pref("extensions.claro.tlbrSrchUrl", ""); Found : user_pref("extensions.claro.vrsn", "1.8.3.10"); Found : user_pref("extensions.claro.vrsni", "1.8.3.10"); Found : user_pref("extensions.claro_i.smplGrp", "none"); Found : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1020:14:02"); Found : user_pref("extensions.funmoods.aflt", "stonicrio"); Found : user_pref("extensions.funmoods.autoRvrt", false); Found : user_pref("extensions.funmoods.cntry", "CA"); Found : user_pref("extensions.funmoods.cv", "cv5"); Found : user_pref("extensions.funmoods.dfltLng", ""); Found : user_pref("extensions.funmoods.dfltSrch", true); Found : user_pref("extensions.funmoods.dnsErr", true); Found : user_pref("extensions.funmoods.envrmnt", "production"); Found : user_pref("extensions.funmoods.excTlbr", false); Found : user_pref("extensions.funmoods.hdrMd5", "88FDA2133CF6650357E9AF44822B6CE9"); Found : user_pref("extensions.funmoods.hmpg", true); Found : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=stonicrio&chnl=stonicrio&[...] Found : user_pref("extensions.funmoods.id", "D0DF9A85FCC02ABB"); Found : user_pref("extensions.funmoods.instlDay", "15645"); Found : user_pref("extensions.funmoods.instlRef", "stonicrio"); Found : user_pref("extensions.funmoods.isdcmntcmplt", true); Found : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2220:18:26"); Found : user_pref("extensions.funmoods.mntrvrsn", "1.3.0"); Found : user_pref("extensions.funmoods.newTab", true); Found : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=stonicrio&chnl=stonicri[...] Found : user_pref("extensions.funmoods.prdct", "funmoods"); Found : user_pref("extensions.funmoods.prtnrId", "funmoods"); Found : user_pref("extensions.funmoods.sg", "none"); Found : user_pref("extensions.funmoods.smplGrp", "none"); Found : user_pref("extensions.funmoods.srchPrvdr", "Search"); Found : user_pref("extensions.funmoods.tlbrId", "base"); Found : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=stonicrio&chnl=stonic[...] Found : user_pref("extensions.funmoods.vrsn", "1.5.23.22"); Found : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2220:18:26"); Found : user_pref("extensions.funmoods.vrsni", "1.5.23.22"); Found : user_pref("extensions.funmoods_i.newTab", true); Found : user_pref("extensions.funmoods_i.smplGrp", "none"); Found : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2220:18:26"); Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3244149&SearchSource=2&q=[...] Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...] Found : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.sweetim.com/search.asp?barid={35D3E4C2[...] Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1352338854822"); Found : user_pref("sweetim.toolbar.Visibility.enable", "true"); Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); Found : user_pref("sweetim.toolbar.cargo", "3.1010000.10002"); Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); Found : user_pref("sweetim.toolbar.cda.returnValue", "hide"); Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...] Found : user_pref("sweetim.toolbar.dialogs.0.height", "335"); Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...] Found : user_pref("sweetim.toolbar.dialogs.0.width", "761"); Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...] Found : user_pref("sweetim.toolbar.dialogs.1.height", "300"); Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...] Found : user_pref("sweetim.toolbar.dialogs.1.width", "500"); Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...] Found : user_pref("sweetim.toolbar.dialogs.2.height", "150"); Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove"); Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog"); Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp"); Found : user_pref("sweetim.toolbar.dialogs.2.width", "530"); Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...] Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "true"); Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); Found : user_pref("sweetim.toolbar.mode.debug", "false"); Found : user_pref("sweetim.toolbar.newtab.created", "true"); Found : user_pref("sweetim.toolbar.newtab.enable", "true"); Found : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab"); Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Found : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.conduit.com/ResultsEx[...] Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "midicairus Customized Web Searc[...] Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.ca/"); Found : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...] Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...] Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*"); Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); Found : user_pref("sweetim.toolbar.scripts.0.enable", "true"); Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js"); Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*"); Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); Found : user_pref("sweetim.toolbar.scripts.1.enable", "false"); Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS"); Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js"); Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false"); Found : user_pref("sweetim.toolbar.scripts.2.callback", ""); Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...] Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", ""); Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script"); Found : user_pref("sweetim.toolbar.scripts.2.enable", "false"); Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad"); Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...] Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...] Found : user_pref("sweetim.toolbar.search.history.capacity", "10"); Found : user_pref("sweetim.toolbar.searchguard.enable", "false"); Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); Found : user_pref("sweetim.toolbar.simapp_id", "{35D3E4C2-197C-11E2-B531-3CD92B22E57C}"); Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={35D3[...] Found : user_pref("sweetim.toolbar.version", "1.7.0.3"); -\\ Google Chrome v [unable to get version] File : C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.27] : search_url = "hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=stonicrio&chnl=stonicrio&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0AzzyD0F0C0CtDtB0A0B0BtN0D0Tzu0CtAtDyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=238377420", Found [l.1822] : urls_to_restore_on_startup ="session" : {"restore_on_startup": 4, [ "hxxp://searchfunmoods.com/?f=1&a=stonicrio&chnl=stonicrio&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0AzzyD0F0C0CtDtB0A0B0BtN0D0Tzu0CtAtDyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=238377420" ]}, ************************* AdwCleaner[R1].txt - [55305 octets] - [11/11/2012 21:12:03] ########## EOF - C:\AdwCleaner[R1].txt - [55366 octets] ##########
  4. PC was slow so I ran Malawarebytes and it found something called FunMoods. However, I am still getting a virus pop up from Sweet IM and PC Fix. A quick scan from Malawarebytes found nothing malicious. Any help is appreciated. Attached are the requested texts. Attach.txt DDS.txt
  5. Okay, the problem that remains is that anytime I try to install or uninstall software (like java) I get a pop up telling me that Windows Installer is not working. I tried installing Microsoft Essentials and the error pops up. I tried installing Adobe Reader updates and the error pops up. Do I have a virus that is preventing Installer from functioning ie to deny me from installing anti-virus software? ComboFix 11-04-08.01 - Jason 08/04/2011 20:25:47.2.2 - x86 Running from: c:\documents and settings\Jason\Desktop\ComboFix.exe * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\Jason\LOCALS~1\Temp\IadHide5.dll c:\documents and settings\Jason\Local Settings\Temp\IadHide5.dll . . ((((((((((((((((((((((((( Files Created from 2011-03-09 to 2011-04-09 ))))))))))))))))))))))))))))))) . . 2011-04-08 00:17 . 2011-04-08 00:18 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2011-04-07 02:52 . 2011-04-08 00:05 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2011-04-07 02:52 . 2011-04-07 02:52 -------- d-----w- c:\program files\AVAST Software 2011-04-07 02:27 . 2011-04-08 00:23 -------- d-----w- c:\documents and settings\Jason\Application Data\FixCleaner 2011-04-07 02:26 . 2011-04-07 02:28 -------- d-----w- c:\program files\FixCleaner 2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-04-07 01:29 . 2011-03-18 17:53 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-04-07 01:29 . 2011-03-18 17:53 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-04-07 01:29 . 2011-03-18 17:53 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-04-07 01:29 . 2011-03-18 17:53 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-04-07 01:29 . 2011-03-18 17:53 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll 2011-04-07 01:29 . 2011-03-18 17:53 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll 2011-04-06 03:24 . 2008-04-13 23:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2011-04-06 03:23 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2011-04-06 03:23 . 2008-04-13 23:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll 2011-04-06 03:23 . 2001-08-18 02:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe 2011-04-06 03:23 . 2001-08-18 02:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe 2011-04-06 03:23 . 2001-08-18 02:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe 2011-04-06 03:23 . 2001-08-17 16:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys 2011-04-06 03:23 . 2004-08-04 01:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys 2011-04-06 03:23 . 2004-08-04 01:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys 2011-04-06 03:23 . 2008-04-13 23:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll 2011-04-06 03:21 . 2004-08-04 01:29 11775 ----a-w- c:\windows\system32\dllcache\wadv05nt.sys 2011-04-06 03:20 . 2001-08-17 17:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys 2011-04-06 03:20 . 2001-08-17 17:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys 2011-04-06 03:20 . 2001-08-17 17:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys 2011-04-06 03:20 . 2001-08-17 17:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys 2011-04-06 03:20 . 2001-08-17 17:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys 2011-04-06 03:20 . 2001-08-17 17:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys 2011-04-06 03:20 . 2001-08-17 17:28 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys 2011-04-06 03:20 . 2008-04-13 17:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys 2011-04-06 03:20 . 2004-08-04 01:31 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys 2011-04-06 03:20 . 2001-08-18 02:36 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll 2011-04-06 03:20 . 2001-08-18 02:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll 2011-04-06 03:20 . 2001-08-18 02:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll 2011-04-06 03:19 . 2001-08-18 02:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll 2011-04-06 03:19 . 2001-08-18 02:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll 2011-04-06 03:19 . 2001-08-17 17:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys 2011-04-06 03:19 . 2001-08-18 02:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll 2011-04-06 03:19 . 2001-08-18 02:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll 2011-04-06 03:19 . 2001-08-18 02:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll 2011-04-06 03:19 . 2001-08-18 02:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll 2011-04-06 03:19 . 2001-08-17 17:52 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys 2011-04-06 03:19 . 2001-08-17 17:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys 2011-04-06 03:19 . 2004-08-10 05:00 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe 2011-04-06 03:19 . 2001-08-17 16:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys 2011-04-06 03:19 . 2001-08-18 02:36 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll 2011-04-06 03:17 . 2004-08-10 05:00 185344 ----a-w- c:\windows\system32\dllcache\thawbrkr.dll 2011-04-06 03:16 . 2001-08-17 18:07 30688 ----a-w- c:\windows\system32\dllcache\sym_u3.sys 2011-04-06 03:16 . 2001-08-17 18:07 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys 2011-04-06 03:16 . 2001-08-18 02:36 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll 2011-04-06 03:16 . 2001-08-17 17:50 103936 ----a-w- c:\windows\system32\dllcache\sx.sys 2011-04-06 03:16 . 2001-08-17 18:02 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys 2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll 2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll 2011-04-06 03:16 . 2001-08-18 02:36 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll 2011-04-06 03:16 . 2001-08-18 02:36 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll 2011-04-06 03:16 . 2001-08-18 02:36 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll 2011-04-06 03:16 . 2001-08-18 02:36 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll 2011-04-06 03:16 . 2001-08-17 16:18 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys 2011-04-06 03:15 . 2001-08-17 17:51 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys 2011-04-06 03:15 . 2004-08-10 05:00 16896 ----a-w- c:\windows\system32\dllcache\status.dll 2011-04-06 03:15 . 2001-08-17 16:11 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys 2011-04-06 03:15 . 2001-08-18 02:36 99328 ----a-w- c:\windows\system32\dllcache\srusd.dll 2011-04-06 03:15 . 2004-08-10 05:00 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll 2011-04-06 03:15 . 2001-08-18 02:36 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll 2011-04-06 03:15 . 2001-08-17 17:51 61824 ----a-w- c:\windows\system32\dllcache\speed.sys 2011-04-06 03:15 . 2001-08-18 02:36 106584 ----a-w- c:\windows\system32\dllcache\spdports.dll 2011-04-06 03:15 . 2001-08-17 18:07 19072 ----a-w- c:\windows\system32\dllcache\sparrow.sys 2011-04-06 03:15 . 2001-08-17 17:56 7552 ----a-w- c:\windows\system32\dllcache\sonypvu1.sys 2011-04-06 03:15 . 2001-08-17 16:51 37040 ----a-w- c:\windows\system32\dllcache\sonypi.sys 2011-04-06 03:15 . 2001-08-18 02:36 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll 2011-04-06 03:13 . 2001-08-18 02:36 28672 ----a-w- c:\windows\system32\dllcache\sma0w.dll 2011-04-06 03:12 . 2001-07-21 18:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys 2011-04-06 03:11 . 2001-08-17 17:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys 2011-04-06 03:10 . 2001-08-17 16:50 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys 2011-04-06 03:09 . 2001-08-17 17:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys 2011-04-06 03:08 . 2008-04-13 23:12 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll 2011-04-06 03:07 . 2004-08-10 05:00 20992 ----a-w- c:\windows\system32\dllcache\permchk.dll 2011-04-06 03:06 . 2001-08-18 02:36 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe 2011-04-06 03:06 . 2001-08-18 02:36 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll 2011-04-06 03:06 . 2001-08-17 18:05 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys 2011-04-06 03:06 . 2001-08-18 02:36 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll 2011-04-06 03:06 . 2001-08-17 18:05 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys 2011-04-06 03:06 . 2001-08-17 18:05 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys 2011-04-06 03:06 . 2001-08-17 18:05 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys 2011-04-06 03:06 . 2001-08-17 18:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys 2011-04-06 03:06 . 2001-08-17 17:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys 2011-04-06 03:06 . 2001-08-17 16:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys 2011-04-06 03:06 . 2001-08-17 16:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys 2011-04-06 03:06 . 2001-08-17 16:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys 2011-04-06 03:06 . 2001-08-17 16:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys 2011-04-06 03:04 . 2001-08-17 18:56 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll 2011-04-06 03:03 . 2008-04-13 17:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys 2011-04-06 03:03 . 2001-08-17 17:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys 2011-04-06 03:03 . 2001-08-17 18:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys 2011-04-06 03:03 . 2008-04-13 17:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys 2011-04-06 03:03 . 2004-08-10 05:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll 2011-04-06 03:03 . 2001-08-17 18:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys 2011-04-06 03:03 . 2001-08-17 17:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys 2011-04-06 03:03 . 2001-08-17 17:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys 2011-04-06 03:03 . 2008-04-13 17:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys 2011-04-06 03:03 . 2001-08-17 17:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys 2011-04-06 03:03 . 2001-08-17 17:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys 2011-04-06 03:03 . 2004-08-10 05:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe 2011-04-06 03:03 . 2001-08-17 16:50 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys 2011-04-06 03:01 . 2001-08-17 16:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys 2011-04-06 03:00 . 2004-08-10 05:00 6144 ----a-w- c:\windows\system32\dllcache\kbd101a.dll 2011-04-06 02:59 . 2001-08-18 02:36 45056 ----a-w- c:\windows\system32\dllcache\icam5com.dll 2011-04-06 02:58 . 2001-08-17 17:28 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys 2011-04-06 02:57 . 2001-08-18 02:36 119296 ----a-w- c:\windows\system32\dllcache\hpdigwia.dll 2011-04-06 02:56 . 2001-08-18 02:36 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll 2011-04-06 02:55 . 2001-08-17 17:53 7296 ----a-w- c:\windows\system32\dllcache\elmsmc.sys 2011-04-06 02:54 . 2001-08-17 16:14 21606 ----a-w- c:\windows\system32\dllcache\digiisdn.sys 2011-04-06 02:53 . 2001-08-17 17:52 14976 ----a-w- c:\windows\system32\dllcache\cpqarray.sys 2011-04-06 02:52 . 2004-08-10 05:00 45568 ----a-w- c:\windows\system32\dllcache\browscap.dll 2011-04-06 02:51 . 2004-08-04 01:32 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys 2011-04-06 02:51 . 2001-08-17 16:20 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys 2011-04-06 02:51 . 2001-08-17 16:20 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys 2011-04-06 02:51 . 2001-08-18 02:36 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll 2011-04-06 02:51 . 2001-08-17 17:52 23552 ----a-w- c:\windows\system32\dllcache\abp480n5.sys 2011-04-06 02:51 . 2008-04-13 17:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys 2011-04-06 02:51 . 2001-08-18 02:36 98304 ----a-w- c:\windows\system32\dllcache\a3d.dll 2011-04-06 02:51 . 2001-08-17 18:55 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-07 02:33 . 2011-01-21 02:58 1409 ----a-w- c:\windows\QTFont.for 2011-01-21 14:44 . 2004-08-10 05:00 439296 ----a-w- c:\windows\system32\shimgvw.dll 2011-03-18 17:53 . 2011-04-07 01:29 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2007-12-17 13:43 27648 --sh--w- c:\windows\system32\Smab0.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-04-08_02.34.10 ))))))))))))))))))))))))))))))))))))))))) . + 2011-04-09 00:43 . 2011-04-09 00:43 16384 c:\windows\Temp\Perflib_Perfdata_7fc.dat + 2005-08-31 05:07 . 2011-04-09 00:47 71732 c:\windows\system32\perfc009.dat - 2005-08-31 05:07 . 2011-04-08 02:35 71732 c:\windows\system32\perfc009.dat + 2005-08-31 05:07 . 2011-04-09 00:47 442466 c:\windows\system32\perfh009.dat - 2005-08-31 05:07 . 2011-04-08 02:35 442466 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SHS"="c:\program files\Rogers\SelfHealing\SHS.exe" [2005-05-17 2418344] "FixCleaner"="c:\program files\FixCleaner\FixCleaner.exe" [2011-04-01 47650656] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-05 344064] "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-04-23 228088] "EPSON Stylus CX4200 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE" [2005-03-08 98304] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-11 67488] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-18 1800464] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http:" [X] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624] McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-27 199184] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-11-25 36903] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\guard32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-04-18 134344] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-04-18 25160] S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2007-10-16 81920] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2007-10-16 2711552] . . Contents of the 'Scheduled Tasks' folder . 2011-04-09 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 15:20] . . ------- Supplementary Scan ------- . IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Jason\Application Data\Mozilla\Firefox\Profiles\gg4xcs3x.default\ FF - prefs.js: browser.search.selectedEngine - Amazon.com FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-04-08 20:49 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(804) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(3244) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe c:\windows\arservice.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\HPZipm12.exe c:\windows\System32\StkASv2K.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\wscntfy.exe c:\windows\system32\Ati2evxx.exe c:\program files\McAfee Security Scan\1.0.150\McUICnt.exe c:\windows\RTHDCPL.EXE c:\windows\system32\space.scr . ************************************************************************** . Completion time: 2011-04-08 21:15:50 - machine was rebooted ComboFix-quarantined-files.txt 2011-04-09 01:15 ComboFix2.txt 2011-04-08 03:00 . Pre-Run: 22,174,978,048 bytes free Post-Run: 21,952,475,136 bytes free . - - End Of File - - 55287CC5C5A8C16BE2ED12A2CC12329C
  6. okay here's the log as I have it: ComboFix 11-04-07.06 - Jason 07/04/2011 22:09:50.1.2 - x86 Running from: c:\documents and settings\Jason\Desktop\ComboFix.exe * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\Jason\LOCALS~1\Temp\IadHide5.dll c:\documents and settings\Administrator\WINDOWS c:\documents and settings\Amy\WINDOWS c:\documents and settings\Default User\WINDOWS c:\documents and settings\Family\WINDOWS c:\documents and settings\HP_Administrator\WINDOWS c:\documents and settings\Jason\Application Data\inst.exe c:\documents and settings\Jason\Local Settings\Temp\IadHide5.dll c:\documents and settings\Jason\WINDOWS c:\documents and settings\Jessica\WINDOWS c:\windows\dat.txt c:\windows\system32\config\systemprofile\WINDOWS c:\windows\system32\dumphive.exe c:\windows\system32\IEDFix.exe c:\windows\system32\Process.exe c:\windows\system32\ps2.bat c:\windows\system32\SrchSTS.exe c:\windows\system32\tmp.reg c:\windows\system32\VACFix.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe D:\Autorun.inf . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_MYWEBSEARCHSERVICE -------\Legacy_USNJSVC -------\Service_MyWebSearchService -------\Service_usnjsvc . . ((((((((((((((((((((((((( Files Created from 2011-03-08 to 2011-04-08 ))))))))))))))))))))))))))))))) . . 2011-04-08 00:17 . 2011-04-08 00:18 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2011-04-07 02:52 . 2011-04-08 00:05 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2011-04-07 02:52 . 2011-04-07 02:52 -------- d-----w- c:\program files\AVAST Software 2011-04-07 02:27 . 2011-04-08 00:23 -------- d-----w- c:\documents and settings\Jason\Application Data\FixCleaner 2011-04-07 02:26 . 2011-04-07 02:28 -------- d-----w- c:\program files\FixCleaner 2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-04-07 01:29 . 2011-03-18 17:53 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-04-07 01:29 . 2011-03-18 17:53 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-04-07 01:29 . 2011-03-18 17:53 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-04-07 01:29 . 2011-03-18 17:53 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-04-07 01:29 . 2011-03-18 17:53 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll 2011-04-07 01:29 . 2011-03-18 17:53 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll 2011-04-06 03:24 . 2008-04-13 23:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2011-04-06 03:23 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2011-04-06 03:23 . 2008-04-13 23:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll 2011-04-06 03:23 . 2001-08-18 02:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe 2011-04-06 03:23 . 2001-08-18 02:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe 2011-04-06 03:23 . 2001-08-18 02:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe 2011-04-06 03:23 . 2001-08-17 16:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys 2011-04-06 03:23 . 2004-08-04 01:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys 2011-04-06 03:23 . 2004-08-04 01:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys 2011-04-06 03:23 . 2008-04-13 23:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll 2011-04-06 03:21 . 2004-08-04 01:29 11775 ----a-w- c:\windows\system32\dllcache\wadv05nt.sys 2011-04-06 03:20 . 2001-08-17 17:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys 2011-04-06 03:20 . 2001-08-17 17:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys 2011-04-06 03:20 . 2001-08-17 17:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys 2011-04-06 03:20 . 2001-08-17 17:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys 2011-04-06 03:20 . 2001-08-17 17:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys 2011-04-06 03:20 . 2001-08-17 17:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys 2011-04-06 03:20 . 2001-08-17 17:28 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys 2011-04-06 03:20 . 2008-04-13 17:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys 2011-04-06 03:20 . 2004-08-04 01:31 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys 2011-04-06 03:20 . 2001-08-18 02:36 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll 2011-04-06 03:20 . 2001-08-18 02:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll 2011-04-06 03:20 . 2001-08-18 02:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll 2011-04-06 03:19 . 2001-08-18 02:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll 2011-04-06 03:19 . 2001-08-18 02:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll 2011-04-06 03:19 . 2001-08-17 17:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys 2011-04-06 03:19 . 2001-08-18 02:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll 2011-04-06 03:19 . 2001-08-18 02:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll 2011-04-06 03:19 . 2001-08-18 02:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll 2011-04-06 03:19 . 2001-08-18 02:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll 2011-04-06 03:19 . 2001-08-17 17:52 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys 2011-04-06 03:19 . 2001-08-17 17:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys 2011-04-06 03:19 . 2004-08-10 05:00 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe 2011-04-06 03:19 . 2001-08-17 16:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys 2011-04-06 03:19 . 2001-08-18 02:36 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll 2011-04-06 03:17 . 2004-08-10 05:00 185344 ----a-w- c:\windows\system32\dllcache\thawbrkr.dll 2011-04-06 03:16 . 2001-08-17 18:07 30688 ----a-w- c:\windows\system32\dllcache\sym_u3.sys 2011-04-06 03:16 . 2001-08-17 18:07 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys 2011-04-06 03:16 . 2001-08-18 02:36 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll 2011-04-06 03:16 . 2001-08-17 17:50 103936 ----a-w- c:\windows\system32\dllcache\sx.sys 2011-04-06 03:16 . 2001-08-17 18:02 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys 2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll 2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll 2011-04-06 03:16 . 2001-08-18 02:36 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll 2011-04-06 03:16 . 2001-08-18 02:36 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll 2011-04-06 03:16 . 2001-08-18 02:36 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll 2011-04-06 03:16 . 2001-08-18 02:36 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll 2011-04-06 03:16 . 2001-08-17 16:18 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys 2011-04-06 03:15 . 2001-08-17 17:51 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys 2011-04-06 03:15 . 2004-08-10 05:00 16896 ----a-w- c:\windows\system32\dllcache\status.dll 2011-04-06 03:15 . 2001-08-17 16:11 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys 2011-04-06 03:15 . 2001-08-18 02:36 99328 ----a-w- c:\windows\system32\dllcache\srusd.dll 2011-04-06 03:15 . 2004-08-10 05:00 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll 2011-04-06 03:15 . 2001-08-18 02:36 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll 2011-04-06 03:15 . 2001-08-17 17:51 61824 ----a-w- c:\windows\system32\dllcache\speed.sys 2011-04-06 03:15 . 2001-08-18 02:36 106584 ----a-w- c:\windows\system32\dllcache\spdports.dll 2011-04-06 03:15 . 2001-08-17 18:07 19072 ----a-w- c:\windows\system32\dllcache\sparrow.sys 2011-04-06 03:15 . 2001-08-17 17:56 7552 ----a-w- c:\windows\system32\dllcache\sonypvu1.sys 2011-04-06 03:15 . 2001-08-17 16:51 37040 ----a-w- c:\windows\system32\dllcache\sonypi.sys 2011-04-06 03:15 . 2001-08-18 02:36 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll 2011-04-06 03:13 . 2001-08-18 02:36 28672 ----a-w- c:\windows\system32\dllcache\sma0w.dll 2011-04-06 03:12 . 2001-07-21 18:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys 2011-04-06 03:11 . 2001-08-17 17:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys 2011-04-06 03:10 . 2001-08-17 16:50 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys 2011-04-06 03:09 . 2001-08-17 17:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys 2011-04-06 03:08 . 2008-04-13 23:12 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll 2011-04-06 03:07 . 2004-08-10 05:00 20992 ----a-w- c:\windows\system32\dllcache\permchk.dll 2011-04-06 03:06 . 2001-08-18 02:36 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe 2011-04-06 03:06 . 2001-08-18 02:36 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll 2011-04-06 03:06 . 2001-08-17 18:05 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys 2011-04-06 03:06 . 2001-08-18 02:36 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll 2011-04-06 03:06 . 2001-08-17 18:05 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys 2011-04-06 03:06 . 2001-08-17 18:05 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys 2011-04-06 03:06 . 2001-08-17 18:05 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys 2011-04-06 03:06 . 2001-08-17 18:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys 2011-04-06 03:06 . 2001-08-17 17:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys 2011-04-06 03:06 . 2001-08-17 16:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys 2011-04-06 03:06 . 2001-08-17 16:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys 2011-04-06 03:06 . 2001-08-17 16:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys 2011-04-06 03:06 . 2001-08-17 16:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys 2011-04-06 03:04 . 2001-08-17 18:56 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll 2011-04-06 03:03 . 2008-04-13 17:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys 2011-04-06 03:03 . 2001-08-17 17:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys 2011-04-06 03:03 . 2001-08-17 18:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys 2011-04-06 03:03 . 2008-04-13 17:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys 2011-04-06 03:03 . 2004-08-10 05:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll 2011-04-06 03:03 . 2001-08-17 18:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys 2011-04-06 03:03 . 2001-08-17 17:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys 2011-04-06 03:03 . 2001-08-17 17:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys 2011-04-06 03:03 . 2008-04-13 17:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys 2011-04-06 03:03 . 2001-08-17 17:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys 2011-04-06 03:03 . 2001-08-17 17:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys 2011-04-06 03:03 . 2004-08-10 05:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe 2011-04-06 03:03 . 2001-08-17 16:50 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys 2011-04-06 03:01 . 2001-08-17 16:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys 2011-04-06 03:00 . 2004-08-10 05:00 6144 ----a-w- c:\windows\system32\dllcache\kbd101a.dll 2011-04-06 02:59 . 2001-08-18 02:36 45056 ----a-w- c:\windows\system32\dllcache\icam5com.dll 2011-04-06 02:58 . 2001-08-17 17:28 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys 2011-04-06 02:57 . 2001-08-18 02:36 119296 ----a-w- c:\windows\system32\dllcache\hpdigwia.dll 2011-04-06 02:56 . 2001-08-18 02:36 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll 2011-04-06 02:55 . 2001-08-17 17:53 7296 ----a-w- c:\windows\system32\dllcache\elmsmc.sys 2011-04-06 02:54 . 2001-08-17 16:14 21606 ----a-w- c:\windows\system32\dllcache\digiisdn.sys 2011-04-06 02:53 . 2001-08-17 17:52 14976 ----a-w- c:\windows\system32\dllcache\cpqarray.sys 2011-04-06 02:52 . 2004-08-10 05:00 45568 ----a-w- c:\windows\system32\dllcache\browscap.dll 2011-04-06 02:51 . 2004-08-04 01:32 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys 2011-04-06 02:51 . 2001-08-17 16:20 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys 2011-04-06 02:51 . 2001-08-17 16:20 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys 2011-04-06 02:51 . 2001-08-18 02:36 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll 2011-04-06 02:51 . 2001-08-17 17:52 23552 ----a-w- c:\windows\system32\dllcache\abp480n5.sys 2011-04-06 02:51 . 2008-04-13 17:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys 2011-04-06 02:51 . 2001-08-18 02:36 98304 ----a-w- c:\windows\system32\dllcache\a3d.dll 2011-04-06 02:51 . 2001-08-17 18:55 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-07 02:33 . 2011-01-21 02:58 1409 ----a-w- c:\windows\QTFont.for 2011-01-21 14:44 . 2004-08-10 05:00 439296 ----a-w- c:\windows\system32\shimgvw.dll 2011-03-18 17:53 . 2011-04-07 01:29 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2007-12-17 13:43 27648 --sh--w- c:\windows\system32\Smab0.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SHS"="c:\program files\Rogers\SelfHealing\SHS.exe" [2005-05-17 2418344] "FixCleaner"="c:\program files\FixCleaner\FixCleaner.exe" [2011-04-01 47650656] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-05 344064] "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-04-23 228088] "EPSON Stylus CX4200 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE" [2005-03-08 98304] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-11 67488] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-18 1800464] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http:" [X] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624] McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-27 199184] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-11-25 36903] . c:\documents and settings\Default User\Start Menu\Programs\Startup\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2005-11-25 27136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\guard32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-04-18 134344] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-04-18 25160] S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2007-10-16 81920] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2007-10-16 2711552] . . Contents of the 'Scheduled Tasks' folder . 2011-04-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 15:20] . 2011-04-07 c:\windows\Tasks\FixCleaner Scan.job - c:\program files\FixCleaner\FixCleaner.exe [2011-04-07 18:45] . . ------- Supplementary Scan ------- . IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Jason\Application Data\Mozilla\Firefox\Profiles\gg4xcs3x.default\ FF - prefs.js: browser.search.selectedEngine - Amazon.com FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/ . - - - - ORPHANS REMOVED - - - - . Notify-efcCsqRK - efcCsqRK.dll Notify-opnnkjGa - opnnkjGa.dll . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-04-07 22:33 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(804) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(3704) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe c:\windows\arservice.exe c:\windows\system32\Ati2evxx.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\HPZipm12.exe c:\windows\System32\StkASv2K.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\wscntfy.exe c:\windows\RTHDCPL.EXE c:\program files\McAfee Security Scan\1.0.150\McUICnt.exe c:\windows\system\hpsysdrv.exe . ************************************************************************** . Completion time: 2011-04-07 23:00:08 - machine was rebooted ComboFix-quarantined-files.txt 2011-04-08 02:59 . Pre-Run: 21,983,531,008 bytes free Post-Run: 22,092,926,976 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect . - - End Of File - - A963D01E31D5D739E0C2B236A4651E53 NEXT LOG . DDS (Ver_11-03-05.01) . . ==== Disk Partitions ========================= . . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Photoshop Elements 6.0 Adobe Reader 9.4.1 Adobe Shockwave Player Agere Systems PCI-SV92PP Soft Modem AiO_Scan_CDA AiOSoftwareNPI ATI Control Panel ATI Display Driver Avi2Dvd 0.4.5 beta AviSynth 2.5 BlackBerry Desktop Software 4.2.2 BlackBerry Device Software v4.5.0 for the BlackBerry 8320 smartphone BufferChm CameraDrivers CCleaner COMODO Internet Security CP_AtenaShokunin1Config CP_CalendarTemplates1 cp_LightScribeConfig cp_LightScribePlugin CP_Package_Basic1 CP_Package_Variety1 CP_Package_Variety2 CP_Package_Variety3 CP_Panorama1Config CueTour Destinations DeviceManagementQFolder DocProc DocumentViewer DocumentViewerQFolder Enhanced Multimedia Keyboard Solution EPSON CX 4200 4800 Guide EPSON Printer Software Fax_CDA ffdshow [rev 610] [2006-12-01] Firebird 2.1.0.16780 (Win32) FixCleaner 2.0.4118 GdiplusUpgrade GTK+ 2.10.6-1 runtime environment Highlight Viewer (Windows Live Toolbar) HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB942288-v3) Hotfix for Windows XP (KB954550-v5) HP Boot Optimizer HP DigitalMedia Archive HP Document Viewer 5.3 HP Image Zone 5.3 HP Image Zone for Media Center PC HP Imaging Device Functions 5.3 HP Photosmart 330,380,420,470,7800,8000,8200 Series HP Photosmart Cameras 5.0 HP PSC & OfficeJet 5.3.A HP Solution Center & Imaging Support Tools 5.3 HP Update HPProductAssistant HpSdpAppCoreApp Inkscape 0.46 InstantShareDevices Java Auto Updater Java 6 Update 2 Java 6 Update 23 Java 6 Update 3 Java 6 Update 5 Java 6 Update 7 Java SE Runtime Environment 6 Update 1 LightScribe 1.4.84.1 Malwarebytes' Anti-Malware Map Button (Windows Live Toolbar) McAfee Security Scan Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Away Mode Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office XP Professional with FrontPage Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Works Mozilla Firefox 4.0 (x86 en-US) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) muvee autoProducer 4.5 muvee autoProducer unPlugged 1.2 NewCopy_CDA PanoStandAlone PC-Doctor 5 for Windows PhotoGallery PS2 PSPrinters08 PSTAPlugin Python 2.2 pywin32 extensions (build 203) Python 2.2.3 QuickTime RandMap RealPlayer Realtek High Definition Audio Driver Rogers Online Protection Rogers Self Healing (remove only) Rogers Update Manager (remove only) Rogers Yahoo! Applications Roxio Media Manager RPS AntiVirus RPS CRT Scan ScannerCopy Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360131) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2416400) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2482017) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982802) SkinsHP1 Smart Menus (Windows Live Toolbar) SolutionCenter Sonic Express Labeler Sonic MyDVD Plus Sonic RecordNow Audio Sonic RecordNow Copy Sonic RecordNow Data Sonic Update Manager Sonic_PrimoSDK Spelling Dictionaries Support For Adobe Reader 9 Spyware Doctor 3.1 SpywareBlaster 4.1 Status StudioTax 2007 StudioTax 2008 StudioTax 2009 SUPER
  7. Thanks. I should point out that I was unable to uninstall any of the java components (error read installer was not working). Nevertheless, here are the scan results: ComboFix 11-04-07.06 - 07/04/2011 22:09:50.1.2 - x86 Running from: c:\documents and settings\J\Desktop\ComboFix.exe * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\J\LOCALS~1\Temp\IadHide5.dll c:\documents and settings\Administrator\WINDOWS c:\documents and settings\A\WINDOWS c:\documents and settings\Default User\WINDOWS c:\documents and settings\Family\WINDOWS c:\documents and settings\HP_Administrator\WINDOWS c:\documents and settings\J\Application Data\inst.exe c:\documents and settings\J\Local Settings\Temp\IadHide5.dll c:\documents and settings\J\WINDOWS c:\documents and settings\Jle\WINDOWS c:\windows\dat.txt c:\windows\system32\config\systemprofile\WINDOWS c:\windows\system32\dumphive.exe c:\windows\system32\IEDFix.exe c:\windows\system32\Process.exe c:\windows\system32\ps2.bat c:\windows\system32\SrchSTS.exe c:\windows\system32\tmp.reg c:\windows\system32\VACFix.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe D:\Autorun.inf . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_MYWEBSEARCHSERVICE -------\Legacy_USNJSVC -------\Service_MyWebSearchService -------\Service_usnjsvc . . ((((((((((((((((((((((((( Files Created from 2011-03-08 to 2011-04-08 ))))))))))))))))))))))))))))))) . . 2011-04-08 00:17 . 2011-04-08 00:18 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2011-04-07 02:52 . 2011-04-08 00:05 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2011-04-07 02:52 . 2011-04-07 02:52 -------- d-----w- c:\program files\AVAST Software 2011-04-07 02:27 . 2011-04-08 00:23 -------- d-----w- c:\documents and settings\J\Application Data\FixCleaner 2011-04-07 02:26 . 2011-04-07 02:28 -------- d-----w- c:\program files\FixCleaner 2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-04-07 01:29 . 2011-03-18 17:53 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-04-07 01:29 . 2011-03-18 17:53 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-04-07 01:29 . 2011-03-18 17:53 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-04-07 01:29 . 2011-03-18 17:53 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-04-07 01:29 . 2011-03-18 17:53 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll 2011-04-07 01:29 . 2011-03-18 17:53 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll 2011-04-06 03:24 . 2008-04-13 23:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2011-04-06 03:23 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2011-04-06 03:23 . 2008-04-13 23:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll 2011-04-06 03:23 . 2001-08-18 02:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe 2011-04-06 03:23 . 2001-08-18 02:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe 2011-04-06 03:23 . 2001-08-18 02:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe 2011-04-06 03:23 . 2001-08-17 16:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys 2011-04-06 03:23 . 2004-08-04 01:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys 2011-04-06 03:23 . 2004-08-04 01:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys 2011-04-06 03:23 . 2008-04-13 23:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll 2011-04-06 03:21 . 2004-08-04 01:29 11775 ----a-w- c:\windows\system32\dllcache\wadv05nt.sys 2011-04-06 03:20 . 2001-08-17 17:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys 2011-04-06 03:20 . 2001-08-17 17:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys 2011-04-06 03:20 . 2001-08-17 17:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys 2011-04-06 03:20 . 2001-08-17 17:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys 2011-04-06 03:20 . 2001-08-17 17:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys 2011-04-06 03:20 . 2001-08-17 17:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys 2011-04-06 03:20 . 2001-08-17 17:28 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys 2011-04-06 03:20 . 2008-04-13 17:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys 2011-04-06 03:20 . 2004-08-04 01:31 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys 2011-04-06 03:20 . 2001-08-18 02:36 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll 2011-04-06 03:20 . 2001-08-18 02:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll 2011-04-06 03:20 . 2001-08-18 02:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll 2011-04-06 03:19 . 2001-08-18 02:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll 2011-04-06 03:19 . 2001-08-18 02:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll 2011-04-06 03:19 . 2001-08-17 17:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys 2011-04-06 03:19 . 2001-08-18 02:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll 2011-04-06 03:19 . 2001-08-18 02:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll 2011-04-06 03:19 . 2001-08-18 02:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll 2011-04-06 03:19 . 2001-08-18 02:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll 2011-04-06 03:19 . 2001-08-17 17:52 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys 2011-04-06 03:19 . 2001-08-17 17:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys 2011-04-06 03:19 . 2004-08-10 05:00 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe 2011-04-06 03:19 . 2001-08-17 16:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys 2011-04-06 03:19 . 2001-08-18 02:36 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll 2011-04-06 03:17 . 2004-08-10 05:00 185344 ----a-w- c:\windows\system32\dllcache\thawbrkr.dll 2011-04-06 03:16 . 2001-08-17 18:07 30688 ----a-w- c:\windows\system32\dllcache\sym_u3.sys 2011-04-06 03:16 . 2001-08-17 18:07 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys 2011-04-06 03:16 . 2001-08-18 02:36 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll 2011-04-06 03:16 . 2001-08-17 17:50 103936 ----a-w- c:\windows\system32\dllcache\sx.sys 2011-04-06 03:16 . 2001-08-17 18:02 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys 2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll 2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll 2011-04-06 03:16 . 2001-08-18 02:36 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll 2011-04-06 03:16 . 2001-08-18 02:36 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll 2011-04-06 03:16 . 2001-08-18 02:36 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll 2011-04-06 03:16 . 2001-08-18 02:36 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll 2011-04-06 03:16 . 2001-08-17 16:18 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys 2011-04-06 03:15 . 2001-08-17 17:51 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys 2011-04-06 03:15 . 2004-08-10 05:00 16896 ----a-w- c:\windows\system32\dllcache\status.dll 2011-04-06 03:15 . 2001-08-17 16:11 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys 2011-04-06 03:15 . 2001-08-18 02:36 99328 ----a-w- c:\windows\system32\dllcache\srusd.dll 2011-04-06 03:15 . 2004-08-10 05:00 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll 2011-04-06 03:15 . 2001-08-18 02:36 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll 2011-04-06 03:15 . 2001-08-17 17:51 61824 ----a-w- c:\windows\system32\dllcache\speed.sys 2011-04-06 03:15 . 2001-08-18 02:36 106584 ----a-w- c:\windows\system32\dllcache\spdports.dll 2011-04-06 03:15 . 2001-08-17 18:07 19072 ----a-w- c:\windows\system32\dllcache\sparrow.sys 2011-04-06 03:15 . 2001-08-17 17:56 7552 ----a-w- c:\windows\system32\dllcache\sonypvu1.sys 2011-04-06 03:15 . 2001-08-17 16:51 37040 ----a-w- c:\windows\system32\dllcache\sonypi.sys 2011-04-06 03:15 . 2001-08-18 02:36 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll 2011-04-06 03:13 . 2001-08-18 02:36 28672 ----a-w- c:\windows\system32\dllcache\sma0w.dll 2011-04-06 03:12 . 2001-07-21 18:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys 2011-04-06 03:11 . 2001-08-17 17:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys 2011-04-06 03:10 . 2001-08-17 16:50 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys 2011-04-06 03:09 . 2001-08-17 17:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys 2011-04-06 03:08 . 2008-04-13 23:12 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll 2011-04-06 03:07 . 2004-08-10 05:00 20992 ----a-w- c:\windows\system32\dllcache\permchk.dll 2011-04-06 03:06 . 2001-08-18 02:36 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe 2011-04-06 03:06 . 2001-08-18 02:36 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll 2011-04-06 03:06 . 2001-08-17 18:05 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys 2011-04-06 03:06 . 2001-08-18 02:36 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll 2011-04-06 03:06 . 2001-08-17 18:05 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys 2011-04-06 03:06 . 2001-08-17 18:05 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys 2011-04-06 03:06 . 2001-08-17 18:05 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys 2011-04-06 03:06 . 2001-08-17 18:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys 2011-04-06 03:06 . 2001-08-17 17:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys 2011-04-06 03:06 . 2001-08-17 16:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys 2011-04-06 03:06 . 2001-08-17 16:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys 2011-04-06 03:06 . 2001-08-17 16:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys 2011-04-06 03:06 . 2001-08-17 16:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys 2011-04-06 03:04 . 2001-08-17 18:56 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll 2011-04-06 03:03 . 2008-04-13 17:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys 2011-04-06 03:03 . 2001-08-17 17:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys 2011-04-06 03:03 . 2001-08-17 18:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys 2011-04-06 03:03 . 2008-04-13 17:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys 2011-04-06 03:03 . 2004-08-10 05:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll 2011-04-06 03:03 . 2001-08-17 18:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys 2011-04-06 03:03 . 2001-08-17 17:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys 2011-04-06 03:03 . 2001-08-17 17:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys 2011-04-06 03:03 . 2008-04-13 17:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys 2011-04-06 03:03 . 2001-08-17 17:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys 2011-04-06 03:03 . 2001-08-17 17:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys 2011-04-06 03:03 . 2004-08-10 05:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe 2011-04-06 03:03 . 2001-08-17 16:50 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys 2011-04-06 03:01 . 2001-08-17 16:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys 2011-04-06 03:00 . 2004-08-10 05:00 6144 ----a-w- c:\windows\system32\dllcache\kbd101a.dll 2011-04-06 02:59 . 2001-08-18 02:36 45056 ----a-w- c:\windows\system32\dllcache\icam5com.dll 2011-04-06 02:58 . 2001-08-17 17:28 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys 2011-04-06 02:57 . 2001-08-18 02:36 119296 ----a-w- c:\windows\system32\dllcache\hpdigwia.dll 2011-04-06 02:56 . 2001-08-18 02:36 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll 2011-04-06 02:55 . 2001-08-17 17:53 7296 ----a-w- c:\windows\system32\dllcache\elmsmc.sys 2011-04-06 02:54 . 2001-08-17 16:14 21606 ----a-w- c:\windows\system32\dllcache\digiisdn.sys 2011-04-06 02:53 . 2001-08-17 17:52 14976 ----a-w- c:\windows\system32\dllcache\cpqarray.sys 2011-04-06 02:52 . 2004-08-10 05:00 45568 ----a-w- c:\windows\system32\dllcache\browscap.dll 2011-04-06 02:51 . 2004-08-04 01:32 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys 2011-04-06 02:51 . 2001-08-17 16:20 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys 2011-04-06 02:51 . 2001-08-17 16:20 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys 2011-04-06 02:51 . 2001-08-18 02:36 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll 2011-04-06 02:51 . 2001-08-17 17:52 23552 ----a-w- c:\windows\system32\dllcache\abp480n5.sys 2011-04-06 02:51 . 2008-04-13 17:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys 2011-04-06 02:51 . 2001-08-18 02:36 98304 ----a-w- c:\windows\system32\dllcache\a3d.dll 2011-04-06 02:51 . 2001-08-17 18:55 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-07 02:33 . 2011-01-21 02:58 1409 ----a-w- c:\windows\QTFont.for 2011-01-21 14:44 . 2004-08-10 05:00 439296 ----a-w- c:\windows\system32\shimgvw.dll 2011-03-18 17:53 . 2011-04-07 01:29 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2007-12-17 13:43 27648 --sh--w- c:\windows\system32\Smab0.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SHS"="c:\program files\Rogers\SelfHealing\SHS.exe" [2005-05-17 2418344] "FixCleaner"="c:\program files\FixCleaner\FixCleaner.exe" [2011-04-01 47650656] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-05 344064] "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-04-23 228088] "EPSON Stylus CX4200 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE" [2005-03-08 98304] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-11 67488] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-18 1800464] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http:" [X] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624] McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-27 199184] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-11-25 36903] . c:\documents and settings\Default User\Start Menu\Programs\Startup\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2005-11-25 27136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\guard32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-04-18 134344] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-04-18 25160] S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2007-10-16 81920] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2007-10-16 2711552] . . Contents of the 'Scheduled Tasks' folder . 2011-04-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 15:20] . 2011-04-07 c:\windows\Tasks\FixCleaner Scan.job - c:\program files\FixCleaner\FixCleaner.exe [2011-04-07 18:45] . . ------- Supplementary Scan ------- . IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\J\Application Data\Mozilla\Firefox\Profiles\gg4xcs3x.default\ FF - prefs.js: browser.search.selectedEngine - Amazon.com FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/ . - - - - ORPHANS REMOVED - - - - . Notify-efcCsqRK - efcCsqRK.dll Notify-opnnkjGa - opnnkjGa.dll . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-04-07 22:33 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(804) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(3704) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe c:\windows\arservice.exe c:\windows\system32\Ati2evxx.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\HPZipm12.exe c:\windows\System32\StkASv2K.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\wscntfy.exe c:\windows\RTHDCPL.EXE c:\program files\McAfee Security Scan\1.0.150\McUICnt.exe c:\windows\system\hpsysdrv.exe . ************************************************************************** . Completion time: 2011-04-07 23:00:08 - machine was rebooted ComboFix-quarantined-files.txt 2011-04-08 02:59 . Pre-Run: 21,983,531,008 bytes free Post-Run: 22,092,926,976 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect . - - End Of File - - A963D01E31D5D739E0C2B236A4651E53
  8. . DDS (Ver_11-03-05.01) - NTFSx86 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_23 . ============== Running Processes =============== . . ============== Pseudo HJT Report =============== . uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: UberButton Class: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll BHO: PCTools Site Guard: {5c8b2a36-3db1-42a4-a3cb-d426709bbfeb} - c:\progra~1\spywar~1\tools\iesdsg.dll BHO: YahooTaggedBM Class: {65d886a2-7ca7-479b-bb95-14d1efb7946a} - c:\progra~1\yahoo!\common\YIeTagBm.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: PCTools Browser Monitor: {b56a7d7d-6927-48c8-a975-17df180c71ac} - c:\progra~1\spywar~1\tools\iesdpb.dll BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll BHO: 1 (0x1) - No File BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [sHS] "c:\program files\rogers\selfhealing\SHS.exe" /background uRun: [update Manager] "c:\program files\rogers\update manager\UpdateManager.exe" /background mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe" mRun: [KBD] c:\hp\kbd\KBD.EXE mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe" mRun: [EPSON Stylus CX4200 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIAEA.EXE /P26 "EPSON Stylus CX4200 Series" /O6 "USB001" /M "Stylus CX4200" mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 6.0\apdproxy.exe" mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\1.0.150\SSScheduler.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe IE: &Search - ?p=ZUfox000 IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000 IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021} - c:\progra~1\spywar~1\tools\iesdpb.dll IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176338543343 DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - hxxp://www.easypix.ca/en/ImageUploader4.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5082/mcfscan.cab DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} - hxxp://walmart.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab? TCP: NameServer = 0 (0x0) TCP: NameServer = MSICD TCP: NameServer = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab TCP: NameServer = c:\windows\downloaded program files\erma.inf TCP: NameServer = 10,1,3,18 TCP: NameServer = Thu, 10 Aug 2006 14:13:40 GMT TCP: NameServer = 0 (0x0) TCP: NameServer = MSICD TCP: NameServer = http://go.microsoft.com/fwlink/?linkid=39204 TCP: NameServer = c:\windows\downloaded program files\LegitCheckControl.inf TCP: NameServer = 1,4,389,0 TCP: NameServer = Sat, 05 Nov 2005 00:53:56 GMT TCP: NameServer = 0 (0x0) TCP: NameServer = MSICD TCP: NameServer = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab TCP: NameServer = c:\windows\downloaded program files\swdir.inf TCP: NameServer = 11,0,0,465 TCP: NameServer = Wed, 06 Aug 2008 11:01:27 GMT TCP: NameServer = 0 (0x0) TCP: NameServer = MSICD TCP: NameServer = http://download.bitdefender.com/resources/scan8/oscan8.cab TCP: NameServer = c:\windows\downloaded program files\oscan8.inf TCP: NameServer = 1,0,0,1 TCP: NameServer = Thu, 01 Jun 2006 17:51:27 GMT TCP: NameServer = 0 (0x0) TCP: NameServer = MSICD TCP: NameServer = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176338543343 TCP: NameServer = c:\windows\downloaded program files\muweb.inf TCP: NameServer = 5,8,0,2469 TCP: NameServer = Thu, 26 May 2005 11:40:19 GMT TCP: NameServer = 0 (0x0) TCP: NameServer = MSICD TCP: NameServer = http://www.easypix.ca/en/ImageUploader4.cab TCP: NameServer = c:\windows\downloaded program files\ImageUploader4.inf TCP: NameServer = 4,1,21,0 TCP: NameServer = Thu, 08 Mar 2007 22:57:52 GMT TCP: NameServer = Java Runtime Environment 1.6.0 TCP: NameServer = MSICD TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab TCP: NameServer = 1.6.0.23 TCP: NameServer = 0 (0x0) TCP: NameServer = MSICD TCP: NameServer = http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab TCP: NameServer = c:\windows\downloaded program files\erma.inf TCP: NameServer = 1,0,0,29 TCP: NameServer = Mon, 15 Sep 2008 19:22:01 GMT TCP: NameServer = Java Runtime Environment 1.6.0 TCP: NameServer = MSICD TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab TCP: NameServer = 1.6.0.1 TCP: NameServer = Java Runtime Environment 1.6.0 TCP: NameServer = MSICD TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab TCP: NameServer = 1.6.0.2 TCP: NameServer = Java Runtime Environment 1.6.0 TCP: NameServer = MSICD TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab TCP: NameServer = 1.6.0.3 TCP: NameServer = Java Runtime Environment 1.6.0 TCP: NameServer = MSICD TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab TCP: NameServer = 1.6.0.5 TCP: NameServer = Java Runtime Environment 1.6.0 TCP: NameServer = MSICD TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab TCP: NameServer = 1.6.0.7 TCP: NameServer = Java Runtime Environment 1.6.0 TCP: NameServer = MSICD TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab TCP: NameServer = 1.6.0.23 TCP: NameServer = Java Runtime Environment 1.6.0 TCP: NameServer = MSICD TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab TCP: NameServer = 1.6.0.23 TCP: NameServer = 0 (0x0) TCP: NameServer = MSICD TCP: NameServer = http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = c:\windows\downloaded program files\gp.inf TCP: NameServer = 1,6,2,41 TCP: NameServer = Fri, 07 Aug 2009 20:06:11 GMT TCP: NameServer = 0 (0x0) TCP: NameServer = MSICD TCP: NameServer = http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5082/mcfscan.cab TCP: NameServer = c:\windows\downloaded program files\mcfscan.inf TCP: NameServer = 2,2,0,5082 TCP: NameServer = Wed, 25 Jul 2007 17:15:32 GMT TCP: NameServer = 0 (0x0) TCP: NameServer = MSICD TCP: NameServer = http://walmart.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab? TCP: NameServer = c:\windows\downloaded program files\PCAXSetup.inf TCP: NameServer = 2,0,0,10 TCP: NameServer = Tue, 22 May 2007 18:04:00 GMT Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Notify: AtiExtEvent - Ati2evxx.dll Notify: avgrsstarter - avgrsstx.dll Notify: efcCsqRK - efcCsqRK.dll Notify: opnnkjGa - opnnkjGa.dll AppInit_DLLs: c:\windows\system32\guard32.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\docume~1\applic~1\mozilla\firefox\profiles\gg4xcs3x.default\ FF - prefs.js: browser.search.selectedEngine - Amazon.com FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/ FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll FF - plugin: c:\documents and settings\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll FF - plugin: c:\program files\mozilla firefox\plugins\NPMyWebS.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg9\Firefox FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff FF - Ext: Flash Video Resources Downloader: max@subfighter.com - %profile%\extensions\max@subfighter.com FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} . ============= SERVICES / DRIVERS =============== . . =============== Created Last 30 ================ . 2011-04-06 03:24:01 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2011-04-06 03:23:56 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2011-04-06 03:23:55 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll 2011-04-06 03:23:50 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe 2011-04-06 03:23:44 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe 2011-04-06 03:23:25 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe 2011-04-06 03:23:19 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys 2011-04-06 03:23:17 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys 2011-04-06 03:23:13 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys 2011-04-06 03:23:11 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll 2011-04-06 03:21:59 11775 ----a-w- c:\windows\system32\dllcache\wadv05nt.sys 2011-04-06 03:20:57 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys 2011-04-06 03:20:52 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys 2011-04-06 03:20:47 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys 2011-04-06 03:20:41 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys 2011-04-06 03:20:36 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys 2011-04-06 03:20:30 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys 2011-04-06 03:20:25 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys 2011-04-06 03:20:23 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys 2011-04-06 03:20:20 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys 2011-04-06 03:20:13 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll 2011-04-06 03:20:08 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll 2011-04-06 03:20:03 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll 2011-04-06 03:19:58 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll 2011-04-06 03:19:53 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll 2011-04-06 03:19:48 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys 2011-04-06 03:19:43 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll 2011-04-06 03:19:38 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll 2011-04-06 03:19:33 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll 2011-04-06 03:19:27 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll 2011-04-06 03:19:22 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys 2011-04-06 03:19:16 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys 2011-04-06 03:19:15 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe 2011-04-06 03:19:09 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys 2011-04-06 03:19:04 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll 2011-04-06 03:17:58 185344 ----a-w- c:\windows\system32\dllcache\thawbrkr.dll 2011-04-06 03:16:59 30688 ----a-w- c:\windows\system32\dllcache\sym_u3.sys 2011-04-06 03:16:55 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys 2011-04-06 03:16:50 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll 2011-04-06 03:16:45 103936 ----a-w- c:\windows\system32\dllcache\sx.sys 2011-04-06 03:16:40 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys 2011-04-06 03:16:35 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll 2011-04-06 03:16:30 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll 2011-04-06 03:16:24 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll 2011-04-06 03:16:19 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll 2011-04-06 03:16:12 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll 2011-04-06 03:16:06 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll 2011-04-06 03:16:01 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys 2011-04-06 03:15:56 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys 2011-04-06 03:15:55 16896 ----a-w- c:\windows\system32\dllcache\status.dll 2011-04-06 03:15:48 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys 2011-04-06 03:15:43 99328 ----a-w- c:\windows\system32\dllcache\srusd.dll 2011-04-06 03:15:42 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll 2011-04-06 03:15:35 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll 2011-04-06 03:15:27 61824 ----a-w- c:\windows\system32\dllcache\speed.sys 2011-04-06 03:15:22 106584 ----a-w- c:\windows\system32\dllcache\spdports.dll 2011-04-06 03:15:17 19072 ----a-w- c:\windows\system32\dllcache\sparrow.sys 2011-04-06 03:15:11 7552 ----a-w- c:\windows\system32\dllcache\sonypvu1.sys 2011-04-06 03:15:07 37040 ----a-w- c:\windows\system32\dllcache\sonypi.sys 2011-04-06 03:15:02 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll 2011-04-06 03:13:57 28672 ----a-w- c:\windows\system32\dllcache\sma0w.dll 2011-04-06 03:12:52 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys 2011-04-06 03:11:57 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys 2011-04-06 03:10:57 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys 2011-04-06 03:09:58 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys 2011-04-06 03:08:59 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll 2011-04-06 03:07:58 20992 ----a-w- c:\windows\system32\dllcache\permchk.dll 2011-04-06 03:06:57 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe 2011-04-06 03:06:53 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll 2011-04-06 03:06:49 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys 2011-04-06 03:06:45 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll 2011-04-06 03:06:41 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys 2011-04-06 03:06:37 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys 2011-04-06 03:06:33 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys 2011-04-06 03:06:29 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys 2011-04-06 03:06:25 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys 2011-04-06 03:06:21 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys 2011-04-06 03:06:15 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys 2011-04-06 03:06:11 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys 2011-04-06 03:06:02 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys 2011-04-06 03:04:56 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll 2011-04-06 03:03:58 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys 2011-04-06 03:03:53 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys 2011-04-06 03:03:46 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys 2011-04-06 03:03:44 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll 2011-04-06 03:03:44 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys 2011-04-06 03:03:36 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys 2011-04-06 03:03:32 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys 2011-04-06 03:03:25 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys 2011-04-06 03:03:20 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys 2011-04-06 03:03:15 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys 2011-04-06 03:03:09 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys 2011-04-06 03:03:07 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe 2011-04-06 03:03:03 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys 2011-04-06 03:01:59 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys 2011-04-06 03:00:59 6144 ----a-w- c:\windows\system32\dllcache\kbd101b.dll 2011-04-06 02:59:58 45056 ----a-w- c:\windows\system32\dllcache\icam5com.dll 2011-04-06 02:58:57 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys 2011-04-06 02:57:59 119296 ----a-w- c:\windows\system32\dllcache\hpdigwia.dll 2011-04-06 02:56:59 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll 2011-04-06 02:55:59 7296 ----a-w- c:\windows\system32\dllcache\elmsmc.sys 2011-04-06 02:54:59 21606 ----a-w- c:\windows\system32\dllcache\digiisdn.sys 2011-04-06 02:53:59 14976 ----a-w- c:\windows\system32\dllcache\cpqarray.sys 2011-04-06 02:52:59 45568 ----a-w- c:\windows\system32\dllcache\browscap.dll 2011-04-06 02:51:59 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys 2011-04-06 02:51:59 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys 2011-04-06 02:51:59 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys 2011-04-06 02:51:58 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll 2011-04-06 02:51:58 23552 ----a-w- c:\windows\system32\dllcache\abp480n5.sys 2011-04-06 02:51:57 98304 ----a-w- c:\windows\system32\dllcache\a3d.dll 2011-04-06 02:51:57 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll 2011-04-06 02:51:57 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys 2011-04-06 02:51:56 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll 2011-04-06 02:51:56 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys 2011-04-06 02:51:55 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys 2011-04-06 02:51:55 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys 2011-04-06 02:39:18 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll 2011-04-06 02:39:10 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll 2011-04-06 02:39:02 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe 2011-04-06 02:39:02 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll 2011-04-06 02:39:01 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll 2011-04-06 02:39:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll 2011-04-06 02:39:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe 2011-04-06 02:38:59 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll 2011-04-03 00:10:15 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy) 2011-04-03 00:09:45 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy) 2011-04-03 00:09:35 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy) 2011-04-03 00:09:17 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy) 2011-03-15 13:08:46 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files . ==================== Find3M ==================== . 2011-04-05 22:32:57 3838 ----a-w- c:\windows\system32\tmp.reg 2011-03-17 03:48:11 1409 ----a-w- c:\windows\QTFont.for 2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll 2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll 2006-05-03 10:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 11:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll 2007-12-17 13:43:00 27648 --sh--w- c:\windows\system32\Smab0.dll . ============= FINISH: =============== . DDS (Ver_11-03-05.01) . . ==== Disk Partitions ========================= . . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Photoshop Elements 6.0 Adobe Reader 9.4.1 Adobe Shockwave Player Agere Systems PCI-SV92PP Soft Modem AiO_Scan_CDA AiOSoftwareNPI ATI Control Panel ATI Display Driver AVG Free 9.0 Avi2Dvd 0.4.5 beta AviSynth 2.5 BlackBerry Desktop Software 4.2.2 BlackBerry Device Software v4.5.0 for the BlackBerry 8320 smartphone BufferChm CameraDrivers CCleaner COMODO Internet Security CP_AtenaShokunin1Config CP_CalendarTemplates1 cp_LightScribeConfig cp_LightScribePlugin CP_Package_Basic1 CP_Package_Variety1 CP_Package_Variety2 CP_Package_Variety3 CP_Panorama1Config CueTour Destinations DeviceManagementQFolder DocProc DocumentViewer DocumentViewerQFolder Enhanced Multimedia Keyboard Solution EPSON CX 4200 4800 Guide EPSON Printer Software Fax_CDA ffdshow [rev 610] [2006-12-01] Firebird 2.1.0.16780 (Win32) GdiplusUpgrade GTK+ 2.10.6-1 runtime environment Highlight Viewer (Windows Live Toolbar) HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB942288-v3) Hotfix for Windows XP (KB954550-v5) HP Boot Optimizer HP DigitalMedia Archive HP Document Viewer 5.3 HP Image Zone 5.3 HP Image Zone for Media Center PC HP Imaging Device Functions 5.3 HP Photosmart 330,380,420,470,7800,8000,8200 Series HP Photosmart Cameras 5.0 HP PSC & OfficeJet 5.3.A HP Solution Center & Imaging Support Tools 5.3 HP Update HPProductAssistant HpSdpAppCoreApp Inkscape 0.46 InstantShareDevices Java Auto Updater Java 6 Update 2 Java 6 Update 23 Java 6 Update 3 Java 6 Update 5 Java 6 Update 7 Java SE Runtime Environment 6 Update 1 LightScribe 1.4.84.1 Malwarebytes' Anti-Malware Map Button (Windows Live Toolbar) McAfee Security Scan Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Away Mode Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office XP Professional with FrontPage Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Works Mozilla Firefox (3.6.16) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) muvee autoProducer 4.5 muvee autoProducer unPlugged 1.2 NewCopy_CDA PanoStandAlone PC-Doctor 5 for Windows PhotoGallery PS2 PSPrinters08 PSTAPlugin Python 2.2 pywin32 extensions (build 203) Python 2.2.3 QuickTime RandMap RealPlayer Realtek High Definition Audio Driver Rogers Online Protection Rogers Self Healing (remove only) Rogers Update Manager (remove only) Rogers Yahoo! Applications Roxio Media Manager RPS AntiVirus RPS CRT Scan ScannerCopy Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360131) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2416400) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2482017) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982802) SkinsHP1 Smart Menus (Windows Live Toolbar) SolutionCenter Sonic Express Labeler Sonic MyDVD Plus Sonic RecordNow Audio Sonic RecordNow Copy Sonic RecordNow Data Sonic Update Manager Sonic_PrimoSDK Spelling Dictionaries Support For Adobe Reader 9 Spyware Doctor 3.1 SpywareBlaster 4.1 Status SUPER
  9. Thanks everyone. I updated the driver and voila! connectivity is back. Still no contents in the folder, but at least my browser works. However, while I tried to install the update I was getting this message: "The Windows Installer service could not be accessed. Contact your support personnel to verify that the Windows Installer service is properly registered." I finally got the update, but is my Windows Installer not correctly installed? Maybe I should post this in another thread.
  10. Okay when I ran the netdiag it told me that my network adapters failed (wmi error). What should I do next?
  11. Thanks. There are no signs of infection, although I ran Malwarebytes and it found nothing. I will try your suggestion and post a followup.
  12. Hello. On my pc when I click on the Network Connections folder it is empty. I`ve checked the device manager for network adapters and it says they are working properly. I unistalled the adapters and let windows re-install them but no luck and still no internet. I also ran: regsvr32 netshell.dll, regsvr32 netcfgx.dll, regsvr32 netman.dll with success, but the folder remains empty. I`m running xp, sp3. Any help is appreciated.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.