dmvkenny

Need help removing pup.optional.datamngr

19 posts in this topic

Hi, I've been using malwarebytes for a while and recently when I run a full scan I noticed that pup.optional.datamngr and pup.optional.searchtoolbar keep showing up.

 

Could someone please help me get rid of these, I use my computer for work and I'm pretty worried.

 

Thanks.

 

Share this post


Link to post
Share on other sites

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes)

P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, Adobe host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes)

MrC

Note:

Please read all of my instructions completely including these.

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Share this post


Link to post
Share on other sites
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 4/24/2011 7:24:46 PM

System Uptime: 8/24/2013 7:42:35 AM (13 hours ago)

.

Motherboard: FOXCONN |  | 2AB1 

Processor: AMD Phenom II X4 840T Processor | CPU 1 | 783/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 918 GiB total, 704.976 GiB free.

D: is FIXED (NTFS) - 13 GiB total, 1.63 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! Firewall NDIS Filter Miniport

Device ID: ROOT\SW_ASWNDISMP\0000

Manufacturer: ALWIL Software

Name: avast! Firewall NDIS Filter Miniport

PNP Device ID: ROOT\SW_ASWNDISMP\0000

Service: aswNdis

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! Firewall NDIS Filter Miniport

Device ID: ROOT\SW_ASWNDISMP\0001

Manufacturer: ALWIL Software

Name: Microsoft Virtual WiFi Miniport Adapter - avast! Firewall NDIS Filter Miniport

PNP Device ID: ROOT\SW_ASWNDISMP\0001

Service: aswNdis

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! Firewall NDIS Filter Miniport

Device ID: ROOT\SW_ASWNDISMP\0002

Manufacturer: ALWIL Software

Name: 802.11 USB Wireless LAN Card - avast! Firewall NDIS Filter Miniport

PNP Device ID: ROOT\SW_ASWNDISMP\0002

Service: aswNdis

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! Firewall NDIS Filter Miniport

Device ID: ROOT\SW_ASWNDISMP\0003

Manufacturer: ALWIL Software

Name: Realtek PCIe FE Family Controller - avast! Firewall NDIS Filter Miniport

PNP Device ID: ROOT\SW_ASWNDISMP\0003

Service: aswNdis

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! Firewall NDIS Filter Miniport

Device ID: ROOT\SW_ASWNDISMP\0004

Manufacturer: ALWIL Software

Name: 802.11n Wireless LAN Card - avast! Firewall NDIS Filter Miniport

PNP Device ID: ROOT\SW_ASWNDISMP\0004

Service: aswNdis

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! Firewall NDIS Filter Miniport

Device ID: ROOT\SW_ASWNDISMP\0005

Manufacturer: ALWIL Software

Name: WAN Miniport (IP) - avast! Firewall NDIS Filter Miniport

PNP Device ID: ROOT\SW_ASWNDISMP\0005

Service: aswNdis

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! Firewall NDIS Filter Miniport

Device ID: ROOT\SW_ASWNDISMP\0006

Manufacturer: ALWIL Software

Name: WAN Miniport (Network Monitor) - avast! Firewall NDIS Filter Miniport

PNP Device ID: ROOT\SW_ASWNDISMP\0006

Service: aswNdis

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! Firewall NDIS Filter Miniport

Device ID: ROOT\SW_ASWNDISMP\0007

Manufacturer: ALWIL Software

Name: WAN Miniport (IPv6) - avast! Firewall NDIS Filter Miniport

PNP Device ID: ROOT\SW_ASWNDISMP\0007

Service: aswNdis

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! Firewall NDIS Filter Miniport

Device ID: ROOT\SW_ASWNDISMP\0008

Manufacturer: ALWIL Software

Name: avast! Firewall NDIS Filter Miniport

PNP Device ID: ROOT\SW_ASWNDISMP\0008

Service: aswNdis

.

==== System Restore Points ===================

.

RP355: 8/11/2013 6:00:51 PM - Graboid Video 3.6 Setup

RP356: 8/11/2013 6:02:03 PM - Removed Homeschool Tracker Basic

RP357: 8/14/2013 4:30:34 PM - Windows Update

RP358: 8/22/2013 11:05:18 PM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Download Assistant

Adobe Edge Animate

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Help Manager

Adobe Illustrator CS6

Adobe InDesign CS6

Adobe Photoshop Elements 10

Adobe Photoshop.com Inspiration Browser

Adobe Reader XI (11.0.03)

Adobe Shockwave Player 12.0

Adobe® Content Viewer

Alcor Micro USB Card Reader

AMD APP SDK Runtime

AMD Drag and Drop Transcoding

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

avast! Free Antivirus

Belltech Small Business Publisher 5.2.0

Big Fish Games: Game Manager

Blender

Bonjour

CoffeeCup Free HTML Editor

Compatibility Pack for the 2007 Office system

CyberLink DVD Suite Deluxe

D3DX10

Demolition Master 3D

Dual-Core Optimizer

DVD Menu Pack for HP MediaSmart Video

Elements 10 Organizer

eReg

Evernote v. 4.6.4

Facebook Video Calling 1.2.0.287

Farm Frenzy

FileZilla Server

Filter Forge 3.014

Fishdom 3: Collector's Edition

Free Window Registry Repair

Google Chrome

Google Update Helper

GoToMeeting 5.3.0.977

Hardware Helper

Hewlett-Packard ACLM.NET v1.2.1.1

HP Auto

HP Client Services

HP Customer Experience Enhancements

HP MediaSmart DVD

HP MediaSmart Photo

HP MediaSmart SmartMenu

HP MediaSmart Video

HP Odometer

HP Setup

HP Setup Manager

HP Support Assistant

HP Support Information

HP Update

HP Vision Hardware Diagnostics

Hulu Desktop

iCloud

Internet TV for Windows Media Center

iTunes

Java 7 Update 25

JavaFX 2.1.1

Jing

Junk Mail filter update

Lexmark 2600 Series

Lexmark Fax Solutions

Logitech SetPoint 6.30

Logitech Webcam Software

Logitech Webcam Software Driver Package

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Expression Web 4

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Mouse and Keyboard Center

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office File Validation Add-In

Microsoft Office Professional Edition 2003

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Web Publishing Wizard 1.52

Microsoft WSE 3.0 Runtime

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Movie Theme Pack for HP MediaSmart Video

Mozilla Firefox 23.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

NVIDIA PhysX

PDF Complete Special Edition

PDF Settings CS6

Pdf995

Pencil

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

PSE10 STI Installer

Python 3.3.0 (64-bit)

QuickTime

RAD Video Tools

Ralink 802.11n Wireless LAN Card

Reader Rabbit Preschool® Sparkle Star Rescue!

Realtek HDMI Audio Driver for ATI

Realtek High Definition Audio Driver

Recovery Manager

Revo Uninstaller 1.94

Rosetta Stone Version 3

RoxioNow Player

Secunia PSI (3.0.0.7010)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Sitoo Web

Skype Click to Call

Skype™ 6.3

Snagit 10.0.2

swMSM

System Requirements Lab CYRI

Traffic Travis 4.1.0

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update Installer for WildTangent Games App

VC 9.0 Runtime

VoiceOver Kit

VTech Download Agent Library

Vuze

Vuze Remote Toolbar

Web Page Maker V3.21

WildTangent Games

WildTangent Games App (HP Games)

Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0)

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR archiver

Xceed ActiveX Components v6.5

Xvid Video Codec

Yahoo! Messenger

Yahoo! Software Update

.

==== Event Viewer Messages From Past Week ========

.

8/22/2013 2:53:13 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFS sptd

8/22/2013 2:51:52 PM, Error: sptd [4]  - Driver detected an internal error in its data structures for .

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites
DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 10.25.2

Run by Khalil at 20:46:15 on 2013-08-24

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5887.4363 [GMT -4:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: avast! Antivirus *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Windows\system32\spool\DRIVERS\x64\3\lxdnserv.exe

C:\Windows\system32\lxdncoms.exe

C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

C:\Program Files (x86)\Secunia\PSI\PSIA.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\WUDFHost.exe

C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Program Files (x86)\Lexmark 2600 Series\lxdnMsdMon.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\TechSmith\Jing\Jing.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files (x86)\Secunia\PSI\sua.exe

C:\Windows\system32\taskhost.exe

C:\Windows\notepad.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = Preserve

mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

mWinlogon: Userinit = userinit.exe,

BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll

BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - <orphaned>

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

TB: Vuze Remote Toolbar: {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll

uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent

uRun: [AdobeBridge] <no file>

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\Khalil\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VERBAC~1.LNK - C:\Program Files (x86)\VerbAce Research\VerbAce-Pro\VerbAce-Pro.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html







TCP: NameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{85A8D237-F6E2-46AF-AC8D-616AB0A06793} : DHCPNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{B2AEDD40-E0B4-4932-8912-4A5508D1763D} : DHCPNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{B2AEDD40-E0B4-4932-8912-4A5508D1763D}\6585852503 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{B2AEDD40-E0B4-4932-8912-4A5508D1763D}\9354D4C433 : DHCPNameServer = 192.168.1.1 71.242.0.12

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - 

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 

x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - 

x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - 

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll

x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

x64-Run: [lxdnmon.exe] "C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe"

x64-Run: [lxdnamon] "C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe"

x64-Run: [AmIcoSinglun64] c:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - 

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll


x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

x64-SSODL: WebCheck - <orphaned>

x64-STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\


FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Khalil\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-08-04 20:06; {a7c6cf7f-112c-4500-a7ea-39801a327e5f}; C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi

FF - ExtSQL: 2013-08-05 03:04; {9BAE5926-8513-417d-8E47-774955A7C60D}; C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\extensions\{9BAE5926-8513-417d-8E47-774955A7C60D}.xpi

FF - ExtSQL: 2013-08-05 03:04; firefoxaddon@youtubeenhancer.com; C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\extensions\firefoxaddon@youtubeenhancer.com

.

---- FIREFOX POLICIES ----

FF - user.js: network.proxy.socks - 

FF - user.js: network.proxy.socks_port - 0

FF - user.js: network.proxy.type - 0

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

FF - user.js: extensions.funmoods.hmpg - true


FF - user.js: extensions.funmoods.dfltSrch - true

FF - user.js: extensions.funmoods.srchPrvdr - Search

FF - user.js: extensions.funmoods.dnsErr - true

FF - user.js: extensions.funmoods_i.newTab - true



FF - user.js: extensions.funmoods.id - 6431504638DD0DD9

FF - user.js: extensions.funmoods.instlDay - 15659

FF - user.js: extensions.funmoods.vrsn - 1.5.23.22

FF - user.js: extensions.funmoods.vrsni - 1.5.23.22

FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2218:6:51

FF - user.js: extensions.funmoods.prtnrId - funmoods

FF - user.js: extensions.funmoods.prdct - funmoods

FF - user.js: extensions.funmoods.aflt - download

FF - user.js: extensions.funmoods_i.smplGrp - none

FF - user.js: extensions.funmoods.tlbrId - base

FF - user.js: extensions.funmoods.instlRef - download

FF - user.js: extensions.funmoods.dfltLng - 

FF - user.js: extensions.funmoods.excTlbr - false

FF - user.js: extensions.funmoods.autoRvrt - false

FF - user.js: extensions.funmoods.envrmnt - production

FF - user.js: extensions.funmoods.isdcmntcmplt - true

FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0

.

.

FF - user.js: extensions.delta.tlbrSrchUrl - 

FF - user.js: extensions.delta.id - ec5b0dd90000000000001c659de120ca

FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

FF - user.js: extensions.delta.instlDay - 15848

FF - user.js: extensions.delta.vrsn - 1.8.21.5

FF - user.js: extensions.delta.vrsni - 1.8.21.5

FF - user.js: extensions.delta.vrsnTs - 1.8.21.521:18:10

FF - user.js: extensions.delta.prtnrId - delta

FF - user.js: extensions.delta.prdct - delta

FF - user.js: extensions.delta.aflt - babsst

FF - user.js: extensions.delta.smplGrp - none

FF - user.js: extensions.delta.tlbrId - base

FF - user.js: extensions.delta.instlRef - sst

FF - user.js: extensions.delta.dfltLng - en

FF - user.js: extensions.delta.excTlbr - false

FF - user.js: extensions.delta.ffxUnstlRst - true

FF - user.js: extensions.delta.admin - false

FF - user.js: extensions.delta_i.babTrack - affID=121631&tt=gc_

FF - user.js: extensions.delta_i.babExt - 

FF - user.js: extensions.delta_i.srcExt - ss

FF - user.js: extensions.delta.autoRvrt - false

FF - user.js: extensions.delta.rvrt - false

FF - user.js: extensions.delta.newTab - false

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-3-31 82600]

R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-3-31 42664]

R0 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-7-11 22600]

R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-14 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-14 189936]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-6-15 55856]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-6-23 1030952]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-6-23 378944]

R1 GizmoDrv;Gizmo Device Driver;C:\Windows\System32\drivers\gizmodrv.sys [2011-6-8 34704]

R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-5 204288]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-6-23 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-6-23 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-20 46808]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]

R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]

R2 lxdn_device;lxdn_device;C:\Windows\System32\lxdncoms.exe -service --> C:\Windows\System32\lxdncoms.exe -service [?]

R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxdnserv.exe [2008-2-27 29184]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-12-10 1119768]

R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]

R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-5-29 1226704]

R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-5-29 658896]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]

R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176]

R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-5-29 18456]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-21 471144]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-5-4 47232]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-3-1 161384]

S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-4-27 46136]

S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-4-29 32768]

S3 FlyUsb;FLY Fusion;C:\Windows\System32\drivers\FlyUsb.sys [2011-11-12 24576]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2012-5-24 15896]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-5-24 327576]

S3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-30 19456]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-30 57856]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 vcd10bus;Virtual CD v10 Bus Enumerator;C:\Windows\System32\drivers\vcd10bus.sys [2011-6-4 40464]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-27 1255736]

S3 WsAudioDevice_383S(1);WsAudioDevice_383S(1);C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [2013-2-8 29288]

.

=============== Created Last 30 ================

.

2013-08-22 23:32:30 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll

2013-08-20 22:02:00 -------- d-----w- C:\Program Files\iPod

2013-08-20 22:01:59 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-08-20 22:01:59 -------- d-----w- C:\Program Files\iTunes

2013-08-19 06:19:19 -------- d-----w- C:\Users\Khalil\AppData\Local\{24E1B2F6-1609-4EBB-91AC-638599B49EBF}

2013-08-14 20:32:25 -------- d-----w- C:\Windows\System32\MRT

2013-08-14 20:30:13 1472512 ----a-w- C:\Windows\System32\crypt32.dll

2013-08-14 20:30:13 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-08-14 20:30:12 224256 ----a-w- C:\Windows\System32\wintrust.dll

2013-08-14 20:30:12 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-08-14 20:30:12 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll

2013-08-14 20:30:12 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-08-14 20:30:12 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-08-14 20:30:12 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-08-14 20:30:07 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-08-14 20:30:07 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-08-14 20:30:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-08-14 20:30:02 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-08-14 20:28:59 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-08-14 15:11:04 4774272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2013-08-14 15:11:04 4774272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2013-08-10 22:03:53 934912 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtNetwork4.dll

2013-08-10 22:03:53 7826432 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtGui4.dll

2013-08-10 22:03:53 413600 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\UninstallWizard.exe

2013-08-10 22:03:53 335360 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtXml4.dll

2013-08-10 22:03:53 268800 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtSvg4.dll

2013-08-10 22:03:53 2150400 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtCore4.dll

2013-08-10 22:03:53 159656 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\ProductExtend.exe

2013-08-05 20:27:28 -------- d-----w- C:\Program Files (x86)\PdaNet for Android

2013-08-05 20:21:45 -------- d-----w- C:\Users\Khalil\.android

2013-08-05 20:21:30 -------- d-----w- C:\Program Files (x86)\WugFresh Development

2013-08-05 17:01:14 -------- d-----w- C:\Users\Khalil\AppData\Local\{0572D692-0A94-400F-A387-BDB2556F3B32}

2013-08-03 02:44:35 -------- d-----w- C:\Users\Khalil\AppData\Roaming\KompoZer

2013-08-02 04:46:40 -------- d-----w- C:\Users\Khalil\AppData\Roaming\kompozer.net

2013-08-02 04:46:40 -------- d-----w- C:\Users\Khalil\AppData\Local\kompozer.net

2013-08-02 04:46:34 -------- d-----w- C:\Program Files (x86)\KompoZer

.

==================== Find3M  ====================

.

2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-07-11 23:32:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-11 23:32:10 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll

2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll

2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll

2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-06-29 02:32:09 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-06-29 02:32:09 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-06-23 19:01:46 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-06-23 19:01:45 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-06-23 19:01:45 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll

2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

2013-06-02 07:40:55 8107 ----a-w- C:\Windows\w7dsd.reg

2013-06-02 07:40:55 8089 ----a-w- C:\Windows\w7dse.reg

2013-06-02 07:40:55 275360 ----a-w- C:\Windows\System32\DreamScene.dll

2013-05-29 10:53:54 18456 ----a-w- C:\Windows\System32\drivers\psi_mf_amd64.sys

.

============= FINISH: 20:47:26.48 ===============

Share this post


Link to post
Share on other sites

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
If you agree with everything listed to be removed...........

Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Share this post


Link to post
Share on other sites
RogueKiller V8.6.6 _x64_ [Aug 19 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com




 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Khalil [Admin rights]

Mode : Scan -- Date : 08/24/2013 21:05:45

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 2 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: ST310005 28AS SATA Disk Device +++++

--- User ---

[MBR] f81a32567fdc8eeb2e76ee6bcd6ed40a

[bSP] 50a6909c01ce082d7c4a626cd6c2db9a : Windows Vista/7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 940197 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1925730304 | Size: 13570 Mo

User = LL1 ... OK!

User != LL2 ... KO!

--- LL2 ---

[MBR] 936ee65c489c71557f2847c19619d215

[bSP] 01574a9947641bbbeaa239964a5c5341 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 264071168 | Size: 300 Mo

 

+++++ PhysicalDrive1: ST310005 28AS SATA Disk Device +++++

Error reading User MBR!

User = LL1 ... OK!

Error reading LL2 MBR!

 

+++++ PhysicalDrive2: ST310005 28AS SATA Disk Device +++++

Error reading User MBR!

User = LL1 ... OK!

Error reading LL2 MBR!

 

Finished : << RKreport[0]_S_08242013_210545.txt >>

Share this post


Link to post
Share on other sites
# AdwCleaner v3.001 - Report created 25/08/2013 at 01:27:01

# Updated 24/08/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Khalil - KHALIL-HP

# Running from : C:\Users\Khalil\Desktop\AdwCleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

File Found : C:\END

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Found : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\\invalidprefs.js

File Found : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\Extensions\hdvc@hdvc.com.xpi

File Found : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\searchplugins\Babylon.xml

File Found : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\searchplugins\delta.xml

File Found : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\user.js

File Found : C:\Windows\System32\roboot64.exe

Folder Found C:\Program Files (x86)\Common Files\Wondershare

Folder Found C:\Program Files (x86)\driver-soft

Folder Found C:\Program Files (x86)\MyPC Backup

Folder Found C:\Program Files (x86)\MyPC Backup 

Folder Found C:\Program Files (x86)\Vuze_Remote

Folder Found C:\Program Files (x86)\Vuze_Remote

Folder Found C:\Program Files (x86)\Wondershare

Folder Found C:\ProgramData\Babylon

Folder Found C:\ProgramData\boost_interprocess

Folder Found C:\Users\abdul rahim\AppData\Local\Wondershare

Folder Found C:\Users\abdul rahim\AppData\LocalLow\Conduit

Folder Found C:\Users\abdul rahim\AppData\LocalLow\ConduitEngine

Folder Found C:\Users\abdul rahim\AppData\LocalLow\PriceGong

Folder Found C:\Users\abdul rahim\AppData\LocalLow\Vuze_Remote

Folder Found C:\Users\abdul rahim\AppData\LocalLow\Vuze_Remote

Folder Found C:\Users\Khalil\AppData\Local\Conduit

Folder Found C:\Users\Khalil\AppData\Local\cre

Folder Found C:\Users\Khalil\AppData\Local\Shopping Sidekick Plugin

Folder Found C:\Users\Khalil\AppData\Local\Temp\boost_interprocess

Folder Found C:\Users\Khalil\AppData\Local\Wondershare

Folder Found C:\Users\Khalil\AppData\Local\Zoom_Downloader

Folder Found C:\Users\Khalil\AppData\LocalLow\Conduit

Folder Found C:\Users\Khalil\AppData\LocalLow\PriceGong

Folder Found C:\Users\Khalil\AppData\LocalLow\Vuze_Remote

Folder Found C:\Users\Khalil\AppData\LocalLow\Vuze_Remote

Folder Found C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\Conduit

Folder Found C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\ConduitCommon

Folder Found C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\jetpack

Folder Found C:\Users\Khalil\AppData\Roaming\Wondershare

Folder Found C:\Users\Sumayyah\AppData\Local\Wondershare

Folder Found C:\Users\Zaynab\AppData\Local\Wondershare

Folder Found C:\Users\Zaynab\AppData\LocalLow\Conduit

Folder Found C:\Users\Zaynab\AppData\LocalLow\PriceGong

Folder Found C:\Users\Zaynab\AppData\LocalLow\Vuze_Remote

Folder Found C:\Users\Zaynab\AppData\LocalLow\Vuze_Remote

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Found : HKCU\Software\AppDataLow\Software\Crossrider

Key Found : HKCU\Software\AppDataLow\Software\PriceGong

Key Found : HKCU\Software\AppDataLow\Software\SmartBar

Key Found : HKCU\Software\AppDataLow\Software\Vuze_Remote

Key Found : HKCU\Software\AppDataLow\Toolbar

Key Found : HKCU\Software\BabSolution

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\Cr_Installer

Key Found : HKCU\Software\DataMngr

Key Found : HKCU\Software\DataMngr_Toolbar

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Found : HKCU\Software\YahooPartnerToolbar

Key Found : HKCU\Software\Zugo

Key Found : [x64] HKCU\Software\BabSolution

Key Found : [x64] HKCU\Software\Conduit

Key Found : [x64] HKCU\Software\Cr_Installer

Key Found : [x64] HKCU\Software\DataMngr

Key Found : [x64] HKCU\Software\DataMngr_Toolbar

Key Found : [x64] HKCU\Software\InstallCore

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Found : [x64] HKCU\Software\YahooPartnerToolbar

Key Found : [x64] HKCU\Software\Zugo

Key Found : HKLM\Software\Babylon

Key Found : HKLM\SOFTWARE\Classes\AppID\

Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL

Key Found : HKLM\SOFTWARE\Classes\CLSID\

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1D83E060-BF1B-40AB-AA6A-91EB60B8EEED}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Found : HKLM\SOFTWARE\Classes\Interface\

Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Found : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\TypeLib\

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\DataMngr

Key Found : HKLM\SOFTWARE\e55db8bb468b848

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AE7A061-14F8-403D-99A5-F0E869A10A25}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAFA7109-03E6-46BD-88C5-5D4BDE592CB6}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D83E060-BF1B-40AB-AA6A-91EB60B8EEED}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar

Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi

Key Found : HKLM\Software\Vuze_Remote

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : [x64] HKLM\SOFTWARE\Tarma Installer

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9D425283-D487-4337-BAB6-AB8354A81457}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16660

 

 

-\\ Mozilla Firefox v23.0 (en-US)

 

[ File : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\prefs.js ]

 

Line Found : user_pref("CT2192277_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1367886605255,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");

Line Found : user_pref("CT2790392..clientLogIsEnabled", false);



Line Found : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);


Line Found : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);

Line Found : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);

Line Found : user_pref("CT2790392.CTID", "CT2790392");

Line Found : user_pref("CT2790392.CurrentServerDate", "7-5-2013");

Line Found : user_pref("CT2790392.DSInstall", true);

Line Found : user_pref("CT2790392.DialogsAlignMode", "LTR");

Line Found : user_pref("CT2790392.DialogsGetterLastCheckTime", "Mon May 06 2013 20:30:11 GMT-0400 (Eastern Daylight Time)");

Line Found : user_pref("CT2790392.DownloadReferralCookieData", "");

Line Found : user_pref("CT2790392.FirstServerDate", "7-5-2013");

Line Found : user_pref("CT2790392.FirstTime", true);

Line Found : user_pref("CT2790392.FirstTimeFF3", true);

Line Found : user_pref("CT2790392.FirstTimeHiddenVer", true);

Line Found : user_pref("CT2790392.FixPageNotFoundErrors", true);

Line Found : user_pref("CT2790392.GroupingServerCheckInterval", 1440);


Line Found : user_pref("CT2790392.HPInstall", true);

Line Found : user_pref("CT2790392.HasUserGlobalKeys", true);

Line Found : user_pref("CT2790392.Initialize", true);

Line Found : user_pref("CT2790392.InitializeCommonPrefs", true);

Line Found : user_pref("CT2790392.InstallationAndCookieDataSentCount", 1);

Line Found : user_pref("CT2790392.InstallationType", "Unknown");

Line Found : user_pref("CT2790392.InstalledDate", "Mon May 06 2013 20:30:22 GMT-0400 (Eastern Daylight Time)");

Line Found : user_pref("CT2790392.IsGrouping", false);

Line Found : user_pref("CT2790392.IsInitSetupIni", true);

Line Found : user_pref("CT2790392.IsMulticommunity", false);

Line Found : user_pref("CT2790392.IsOpenThankYouPage", true);

Line Found : user_pref("CT2790392.IsOpenUninstallPage", true);

Line Found : user_pref("CT2790392.LanguagePackLastCheckTime", "Mon May 06 2013 20:30:11 GMT-0400 (Eastern Daylight Time)");

Line Found : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);


Line Found : user_pref("CT2790392.LastLogin_3.18.0.7", "Mon May 06 2013 20:30:25 GMT-0400 (Eastern Daylight Time)");

Line Found : user_pref("CT2790392.LatestVersion", "3.18.0.7");

Line Found : user_pref("CT2790392.Locale", "en");

Line Found : user_pref("CT2790392.MCDetectTooltipHeight", "83");


Line Found : user_pref("CT2790392.MCDetectTooltipWidth", "295");

Line Found : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);

Line Found : user_pref("CT2790392.OriginalFirstVersion", "3.18.0.7");


Line Found : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");

Line Found : user_pref("CT2790392.SearchFromAddressBarIsInit", true);


Line Found : user_pref("CT2790392.SearchInNewTabEnabled", true);

Line Found : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);

Line Found : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Mon May 06 2013 20:30:25 GMT-0400 (Eastern Daylight Time)");


Line Found : user_pref("CT2790392.SearchProtectorToolbarDisabled", true);

Line Found : user_pref("CT2790392.SendProtectorDataViaLogin", true);

Line Found : user_pref("CT2790392.ServiceMapLastCheckTime", "Mon May 06 2013 20:30:08 GMT-0400 (Eastern Daylight Time)");

Line Found : user_pref("CT2790392.SettingsLastCheckTime", "Mon May 06 2013 20:30:08 GMT-0400 (Eastern Daylight Time)");

Line Found : user_pref("CT2790392.SettingsLastUpdate", "1367848385");


Line Found : user_pref("CT2790392.ToolbarDisabled", true);

Line Found : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);


Line Found : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]

Line Found : user_pref("CT2790392.UserID", "UN95984683342893571");

Line Found : user_pref("CT2790392.alertChannelId", "1182482");


Line Found : user_pref("CT2790392.homepageProtectorEnableByLogin", true);

Line Found : user_pref("CT2790392.initDone", true);

Line Found : user_pref("CT2790392.myStuffEnabled", true);

Line Found : user_pref("CT2790392.myStuffPublihserMinWidth", 400);


Line Found : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);


Line Found : user_pref("CT2790392.navigateToUrlOnSearch", false);

Line Found : user_pref("CT2790392.revertSettingsEnabled", true);

Line Found : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);

Line Found : user_pref("CT2790392.searchProtectorEnableByLogin", true);

Line Found : user_pref("CT2790392.testingCtid", "");

Line Found : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Mon May 06 2013 20:30:11 GMT-0400 (Eastern Daylight Time)");

Line Found : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2504091");


Line Found : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar Customized Web Search");










Line Found : user_pref("CommunityToolbar.EngineOwner", "");

Line Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}");

Line Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bittorrentbar");

Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");

Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");

Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");

Line Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");

Line Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun May 29 2011 21:16:49 GMT-0400 (Eastern Daylight Time)");

Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jun 22 2011 01:30:59 GMT-0400 (Eastern Daylight Time)");


Line Found : user_pref("CommunityToolbar.alert.locale", "en");

Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 18:39:42 GMT-0400 (Eastern Daylight Time)");

Line Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");

Line Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);


Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);

Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Line Found : user_pref("CommunityToolbar.alert.userId", "585aadf4-52d1-486a-9898-24c4bb6bb89c");

Line Found : user_pref("CommunityToolbar.globalUserId", "597d2c45-187c-48a2-9159-d832f4df1b70");

Line Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");



Line Found : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar Customized Web Search");


Line Found : user_pref("extensions.delta.admin", false);

Line Found : user_pref("extensions.delta.aflt", "babsst");

Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

Line Found : user_pref("extensions.delta.autoRvrt", "false");

Line Found : user_pref("extensions.delta.dfltLng", "en");

Line Found : user_pref("extensions.delta.excTlbr", false);

Line Found : user_pref("extensions.delta.ffxUnstlRst", true);

Line Found : user_pref("extensions.delta.id", "ec5b0dd90000000000001c659de120ca");

Line Found : user_pref("extensions.delta.instlDay", "15848");

Line Found : user_pref("extensions.delta.instlRef", "sst");

Line Found : user_pref("extensions.delta.newTab", false);

Line Found : user_pref("extensions.delta.prdct", "delta");

Line Found : user_pref("extensions.delta.prtnrId", "delta");

Line Found : user_pref("extensions.delta.rvrt", "false");

Line Found : user_pref("extensions.delta.smplGrp", "none");

Line Found : user_pref("extensions.delta.tlbrId", "base");

Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");

Line Found : user_pref("extensions.delta.vrsn", "1.8.21.5");

Line Found : user_pref("extensions.delta.vrsnTs", "1.8.21.521:18:10");

Line Found : user_pref("extensions.delta.vrsni", "1.8.21.5");

Line Found : user_pref("extensions.delta_i.babExt", "");

Line Found : user_pref("extensions.delta_i.babTrack", "affID=121631&tt=gc_");

Line Found : user_pref("extensions.delta_i.srcExt", "ss");

Line Found : user_pref("extensions.funmoods.aflt", "download");

Line Found : user_pref("extensions.funmoods.autoRvrt", false);

Line Found : user_pref("extensions.funmoods.dfltLng", "");

Line Found : user_pref("extensions.funmoods.dfltSrch", true);

Line Found : user_pref("extensions.funmoods.dnsErr", true);

Line Found : user_pref("extensions.funmoods.envrmnt", "production");

Line Found : user_pref("extensions.funmoods.excTlbr", false);

Line Found : user_pref("extensions.funmoods.hmpg", true);


Line Found : user_pref("extensions.funmoods.id", "6431504638DD0DD9");

Line Found : user_pref("extensions.funmoods.instlDay", "15659");

Line Found : user_pref("extensions.funmoods.instlRef", "download");

Line Found : user_pref("extensions.funmoods.isdcmntcmplt", true);

Line Found : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");


Line Found : user_pref("extensions.funmoods.prdct", "funmoods");

Line Found : user_pref("extensions.funmoods.prtnrId", "funmoods");

Line Found : user_pref("extensions.funmoods.srchPrvdr", "Search");

Line Found : user_pref("extensions.funmoods.tlbrId", "base");


Line Found : user_pref("extensions.funmoods.vrsn", "1.5.23.22");

Line Found : user_pref("extensions.funmoods.vrsni", "1.5.23.22");

Line Found : user_pref("extensions.funmoods_i.newTab", true);

Line Found : user_pref("extensions.funmoods_i.smplGrp", "none");

Line Found : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2218:6:51");

 

[ File : C:\Users\Sumayyah\AppData\Roaming\Mozilla\Firefox\Profiles\bkjl2mim.default\prefs.js ]

 

Line Found : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]

Line Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

 

[ File : C:\Users\abdul rahim\AppData\Roaming\Mozilla\Firefox\Profiles\am7xfghj.default\prefs.js ]

 

Line Found : user_pref("extensions.crossrider.bic", "13b009e8a51abab8cfa8ef29994b1267");

Line Found : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]

Line Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

Line Found : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");

 

-\\ Google Chrome v29.0.1547.57

 

[ File : C:\Users\Khalil\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Found : homepage

 

[ File : C:\Users\Sumayyah\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\abdul rahim\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\Zaynab\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [30910 octets] - [24/08/2013 23:36:37]

AdwCleaner[R1].txt - [30971 octets] - [25/08/2013 01:01:00]

AdwCleaner[R2].txt - [30786 octets] - [25/08/2013 01:27:01]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [30847 octets] ##########

Share this post


Link to post
Share on other sites
# AdwCleaner v3.001 - Report created 25/08/2013 at 03:13:38

# Updated 24/08/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Khalil - KHALIL-HP

# Running from : C:\Users\Khalil\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\boost_interprocess

Folder Deleted : C:\Program Files (x86)\driver-soft

Folder Deleted : C:\Program Files (x86)\MyPC Backup 

Folder Deleted : C:\Program Files (x86)\Vuze_Remote

Folder Deleted : C:\Program Files (x86)\Wondershare

Folder Deleted : C:\Program Files (x86)\Common Files\Wondershare

Folder Deleted : C:\Users\Khalil\AppData\Local\Conduit

Folder Deleted : C:\Users\Khalil\AppData\Local\cre

Folder Deleted : C:\Users\Khalil\AppData\Local\Shopping Sidekick Plugin

Folder Deleted : C:\Users\Khalil\AppData\Local\Wondershare

Folder Deleted : C:\Users\Khalil\AppData\Local\Zoom_Downloader

Folder Deleted : C:\Users\Khalil\AppData\Local\Temp\boost_interprocess

Folder Deleted : C:\Users\Khalil\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Khalil\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Khalil\AppData\LocalLow\Vuze_Remote

Folder Deleted : C:\Users\Khalil\AppData\Roaming\Wondershare

Folder Deleted : C:\Users\Sumayyah\AppData\Local\Wondershare

Folder Deleted : C:\Users\abdul rahim\AppData\Local\Wondershare

Folder Deleted : C:\Users\abdul rahim\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\abdul rahim\AppData\LocalLow\ConduitEngine

Folder Deleted : C:\Users\abdul rahim\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\abdul rahim\AppData\LocalLow\Vuze_Remote

Folder Deleted : C:\Users\Zaynab\AppData\Local\Wondershare

Folder Deleted : C:\Users\Zaynab\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Zaynab\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Zaynab\AppData\LocalLow\Vuze_Remote

Folder Deleted : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\Conduit

Folder Deleted : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\ConduitCommon

Folder Deleted : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\jetpack

File Deleted : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\Extensions\hdvc@hdvc.com.xpi

File Deleted : C:\END

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Deleted : C:\Windows\System32\roboot64.exe

File Deleted : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\searchplugins\Babylon.xml

File Deleted : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\searchplugins\delta.xml

File Deleted : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\\invalidprefs.js

File Deleted : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\user.js

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi

Key Deleted : HKLM\SOFTWARE\e55db8bb468b848

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1D83E060-BF1B-40AB-AA6A-91EB60B8EEED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}

[#] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AE7A061-14F8-403D-99A5-F0E869A10A25}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAFA7109-03E6-46BD-88C5-5D4BDE592CB6}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9D425283-D487-4337-BAB6-AB8354A81457}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Cr_Installer

Key Deleted : HKCU\Software\DataMngr

[#] Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKCU\Software\Zugo

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\Vuze_Remote

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16660

 

 

-\\ Mozilla Firefox v23.0 (en-US)

 

[ File : C:\Users\Khalil\AppData\Roaming\Mozilla\Firefox\Profiles\tg2kf4fp.default\prefs.js ]

 

Line Deleted : user_pref("CT2192277_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1367886605255,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");

Line Deleted : user_pref("CT2790392..clientLogIsEnabled", false);



Line Deleted : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);


Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);

Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);

Line Deleted : user_pref("CT2790392.CTID", "CT2790392");

Line Deleted : user_pref("CT2790392.CurrentServerDate", "7-5-2013");

Line Deleted : user_pref("CT2790392.DSInstall", true);

Line Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");

Line Deleted : user_pref("CT2790392.DialogsGetterLastCheckTime", "Mon May 06 2013 20:30:11 GMT-0400 (Eastern Daylight Time)");

Line Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");

Line Deleted : user_pref("CT2790392.FirstServerDate", "7-5-2013");

Line Deleted : user_pref("CT2790392.FirstTime", true);

Line Deleted : user_pref("CT2790392.FirstTimeFF3", true);

Line Deleted : user_pref("CT2790392.FirstTimeHiddenVer", true);

Line Deleted : user_pref("CT2790392.FixPageNotFoundErrors", true);

Line Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);


Line Deleted : user_pref("CT2790392.HPInstall", true);

Line Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);

Line Deleted : user_pref("CT2790392.Initialize", true);

Line Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);

Line Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 1);

Line Deleted : user_pref("CT2790392.InstallationType", "Unknown");

Line Deleted : user_pref("CT2790392.InstalledDate", "Mon May 06 2013 20:30:22 GMT-0400 (Eastern Daylight Time)");

Line Deleted : user_pref("CT2790392.IsGrouping", false);

Line Deleted : user_pref("CT2790392.IsInitSetupIni", true);

Line Deleted : user_pref("CT2790392.IsMulticommunity", false);

Line Deleted : user_pref("CT2790392.IsOpenThankYouPage", true);

Line Deleted : user_pref("CT2790392.IsOpenUninstallPage", true);

Line Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Mon May 06 2013 20:30:11 GMT-0400 (Eastern Daylight Time)");

Line Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);


Line Deleted : user_pref("CT2790392.LastLogin_3.18.0.7", "Mon May 06 2013 20:30:25 GMT-0400 (Eastern Daylight Time)");

Line Deleted : user_pref("CT2790392.LatestVersion", "3.18.0.7");

Line Deleted : user_pref("CT2790392.Locale", "en");

Line Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");


Line Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");

Line Deleted : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);

Line Deleted : user_pref("CT2790392.OriginalFirstVersion", "3.18.0.7");


Line Deleted : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");

Line Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);


Line Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);

Line Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);

Line Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Mon May 06 2013 20:30:25 GMT-0400 (Eastern Daylight Time)");


Line Deleted : user_pref("CT2790392.SearchProtectorToolbarDisabled", true);

Line Deleted : user_pref("CT2790392.SendProtectorDataViaLogin", true);

Line Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Mon May 06 2013 20:30:08 GMT-0400 (Eastern Daylight Time)");

Line Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Mon May 06 2013 20:30:08 GMT-0400 (Eastern Daylight Time)");

Line Deleted : user_pref("CT2790392.SettingsLastUpdate", "1367848385");


Line Deleted : user_pref("CT2790392.ToolbarDisabled", true);

Line Deleted : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);


Line Deleted : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]

Line Deleted : user_pref("CT2790392.UserID", "UN95984683342893571");

Line Deleted : user_pref("CT2790392.alertChannelId", "1182482");


Line Deleted : user_pref("CT2790392.homepageProtectorEnableByLogin", true);

Line Deleted : user_pref("CT2790392.initDone", true);

Line Deleted : user_pref("CT2790392.myStuffEnabled", true);

Line Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);


Line Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);


Line Deleted : user_pref("CT2790392.navigateToUrlOnSearch", false);

Line Deleted : user_pref("CT2790392.revertSettingsEnabled", true);

Line Deleted : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);

Line Deleted : user_pref("CT2790392.searchProtectorEnableByLogin", true);

Line Deleted : user_pref("CT2790392.testingCtid", "");

Line Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Mon May 06 2013 20:30:11 GMT-0400 (Eastern Daylight Time)");

Line Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2504091");


Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar Customized Web Search");










Line Deleted : user_pref("CommunityToolbar.EngineOwner", "");

Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}");

Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bittorrentbar");

Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");

Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");

Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");

Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");

Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun May 29 2011 21:16:49 GMT-0400 (Eastern Daylight Time)");

Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jun 22 2011 01:30:59 GMT-0400 (Eastern Daylight Time)");


Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");

Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 18:39:42 GMT-0400 (Eastern Daylight Time)");

Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");

Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);


Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);

Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Line Deleted : user_pref("CommunityToolbar.alert.userId", "585aadf4-52d1-486a-9898-24c4bb6bb89c");

Line Deleted : user_pref("CommunityToolbar.globalUserId", "597d2c45-187c-48a2-9159-d832f4df1b70");

Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");



Line Deleted : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar Customized Web Search");


Line Deleted : user_pref("extensions.delta.admin", false);

Line Deleted : user_pref("extensions.delta.aflt", "babsst");

Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

Line Deleted : user_pref("extensions.delta.autoRvrt", "false");

Line Deleted : user_pref("extensions.delta.dfltLng", "en");

Line Deleted : user_pref("extensions.delta.excTlbr", false);

Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);

Line Deleted : user_pref("extensions.delta.id", "ec5b0dd90000000000001c659de120ca");

Line Deleted : user_pref("extensions.delta.instlDay", "15848");

Line Deleted : user_pref("extensions.delta.instlRef", "sst");

Line Deleted : user_pref("extensions.delta.newTab", false);

Line Deleted : user_pref("extensions.delta.prdct", "delta");

Line Deleted : user_pref("extensions.delta.prtnrId", "delta");

Line Deleted : user_pref("extensions.delta.rvrt", "false");

Line Deleted : user_pref("extensions.delta.smplGrp", "none");

Line Deleted : user_pref("extensions.delta.tlbrId", "base");

Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");

Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");

Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.521:18:10");

Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");

Line Deleted : user_pref("extensions.delta_i.babExt", "");

Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=121631&tt=gc_");

Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");

Line Deleted : user_pref("extensions.funmoods.aflt", "download");

Line Deleted : user_pref("extensions.funmoods.autoRvrt", false);

Line Deleted : user_pref("extensions.funmoods.dfltLng", "");

Line Deleted : user_pref("extensions.funmoods.dfltSrch", true);

Line Deleted : user_pref("extensions.funmoods.dnsErr", true);

Line Deleted : user_pref("extensions.funmoods.envrmnt", "production");

Line Deleted : user_pref("extensions.funmoods.excTlbr", false);

Line Deleted : user_pref("extensions.funmoods.hmpg", true);


Line Deleted : user_pref("extensions.funmoods.id", "6431504638DD0DD9");

Line Deleted : user_pref("extensions.funmoods.instlDay", "15659");

Line Deleted : user_pref("extensions.funmoods.instlRef", "download");

Line Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true);

Line Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");


Line Deleted : user_pref("extensions.funmoods.prdct", "funmoods");

Line Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");

Line Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");

Line Deleted : user_pref("extensions.funmoods.tlbrId", "base");


Line Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22");

Line Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22");

Line Deleted : user_pref("extensions.funmoods_i.newTab", true);

Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");

Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2218:6:51");

 

[ File : C:\Users\Sumayyah\AppData\Roaming\Mozilla\Firefox\Profiles\bkjl2mim.default\prefs.js ]

 

Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]

Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

 

[ File : C:\Users\abdul rahim\AppData\Roaming\Mozilla\Firefox\Profiles\am7xfghj.default\prefs.js ]

 

Line Deleted : user_pref("extensions.crossrider.bic", "13b009e8a51abab8cfa8ef29994b1267");

Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]

Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");

 

-\\ Google Chrome v29.0.1547.57

 

[ File : C:\Users\Khalil\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted : homepage

 

[ File : C:\Users\Sumayyah\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\abdul rahim\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\Zaynab\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [30910 octets] - [24/08/2013 23:36:37]

AdwCleaner[R1].txt - [30971 octets] - [25/08/2013 01:01:00]

AdwCleaner[R2].txt - [31032 octets] - [25/08/2013 01:27:01]

AdwCleaner[R3].txt - [31093 octets] - [25/08/2013 03:10:02]

AdwCleaner[R4].txt - [31154 octets] - [25/08/2013 03:12:43]

AdwCleaner[s0].txt - [29947 octets] - [25/08/2013 03:13:38]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [30008 octets] ##########

Share this post


Link to post
Share on other sites

Do you run Malwarebytes and how is it??

 

MrC

Share this post


Link to post
Share on other sites
Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.08.25.02

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16660

Khalil :: KHALIL-HP [administrator]

 

8/25/2013 3:21:50 AM

mbam-log-2013-08-25 (03-21-50).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 310617

Time elapsed: 8 minute(s), 49 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

Share this post


Link to post
Share on other sites

Thanks MrC,

 

Everythings running smooth and it looks like the malware etc. is gone.

I really appreciate the help, what ratio should I run a full scan/quick scan.

Share this post


Link to post
Share on other sites

what ratio should I run a full scan/quick scan.

Once a month should be fine.

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC

Share this post


Link to post
Share on other sites

How are we doing??

Do you still need help or can I close this post??

MrC

Share this post


Link to post
Share on other sites
 Results of screen317's Security Check version 0.99.73  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 10  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

avast! Antivirus   

 Antivirus up to date!   

`````````Anti-malware/Other Utilities Check:````````` 

 Secunia PSI (3.0.0.7010)   

 Malwarebytes Anti-Malware version 1.75.0.1300  

 JavaFX 2.1.1    

 Java 7 Update 25  

 Adobe Flash Player 11.8.800.94  

 Adobe Reader XI  

 Mozilla Firefox (23.0) 

 Google Chrome 28.0.1500.95  

 Google Chrome 29.0.1547.57  

````````Process Check: objlist.exe by Laurent````````  

 AVAST Software Avast AvastSvc.exe  

 AVAST Software Avast AvastUI.exe  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 0% 

````````````````````End of Log`````````````````````` 

Share this post


Link to post
Share on other sites

Everything looks good, just update Chrome, the current version is "Version 29.0.1547.62"

-------------------------------------------------

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)

---------------------------------

If you used FRST:

Download the fixlist.txt to the same folder as FRST.

Run FRST and click Fix only once and wait

That will delete the quarantine folder created by FRST.

-----------------------------

If you used DeFogger to disable your CD Emulation drivers, please re-enable them.

-------------------------------

Please download OTC to your desktop.

http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")

Click on the CleanUp! button and follow the prompts.

(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)

You will be asked to reboot the machine to finish the Cleanup process, choose Yes.

After the reboot all the tools we used should be gone.

Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Share this post


Link to post
Share on other sites

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.