Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't remove an IDP.Hacktool


  • Please log in to reply
15 replies to this topic

#1 Stefke

Stefke

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:51 AM

Posted 28 December 2012 - 01:33 PM

Hello, i am having a problem with an IDP.Hacktool.B87C2318 that appears as an svchost.exe, whenever i start up my computer my AVG antivirus reports this file, then "cleans it" but everytime i start up my computer this happens again. Also, it seems to have knocked out my windows firewall as it is turned off, and i can't start it up again from the control panel(error code 0x80079422). I tried scanning in safe mod but my AVG starts popping out errors when the scan begins. My malwarebytes anti-malware also shows up nothing when i scan the computer. I have no idea what to do. I have windows 7. I am also afraid my computer has been infected with something else since my firewall is done. Thank you in advance!

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:51 PM

Posted 28 December 2012 - 02:26 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Stefke

Stefke
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:51 AM

Posted 28 December 2012 - 11:11 PM

Results of screen317's Security Check version 0.99.56
Windows 7 x86 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
AVG Anti-Virus Free Edition 2013
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 23
Java 7 Update 9
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.3.300.262
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 14.0.1 Firefox out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 33% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

----------------------------------------------------------------------------------------------------------------------

Farbar Service Scanner Version: 23-12-2012
Ran by Stefan (administrator) on 29-12-2012 at 03:09:04
Running from "C:\Users\Stefan\Downloads"
Windows 7 Ultimate (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is set to Disabled. The default start type is Auto.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-09 10:26] - [2012-03-30 11:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\Windows\system32\dnsrslvr.dll
[2011-04-13 08:44] - [2011-03-03 06:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-14 00:53] - [2009-07-14 02:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-14 00:54] - [2009-07-14 02:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-14 00:23] - [2009-07-14 02:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-14 00:24] - [2009-07-14 02:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll
[2011-02-09 12:03] - [2010-12-21 06:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-07-14 00:30] - [2009-07-14 02:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-10 17:10] - [2012-06-02 05:45] - 0139264 ____A (Microsoft Corporation) F2FDE6C8DBAAD44CC58D1E07E4AF4EED

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

-----------------------------------------------------------------------------------------------------------------------

MiniToolBox by Farbar Version: 25-11-2012
Ran by Stefan (administrator) on 29-12-2012 at 03:11:20
Running from "C:\Users\Stefan\Downloads"
Windows 7 Ultimate (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)
Hamachi Network Interface = Local Area Connection 2 (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection 2" nexthop=25.0.0.1 publish=Yes
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Stefan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sbb.rs

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : sbb.rs
Description . . . . . . . . . . . : Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-06-05-91-56-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f886:7630:80d1:eac%11(Preferred)
IPv4 Address. . . . . . . . . . . : 94.189.140.11(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : 28. ¦Ё¤ЁТў б 2012 18:49:00
Lease Expires . . . . . . . . . . : 29. ¦Ё¤ЁТў б 2012 5:05:30
Default Gateway . . . . . . . . . : 94.189.140.1
DHCP Server . . . . . . . . . . . : 89.216.1.66
DHCPv6 IAID . . . . . . . . . . . : 234888844
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-C1-8E-27-00-1E-8C-AB-3D-06
DNS Servers . . . . . . . . . . . : 89.216.1.30
89.216.1.50
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-19-D6-F0-40
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::19d6:f040(Preferred)
Link-local IPv6 Address . . . . . : fe80::a8cd:2125:f59b:5f27%16(Preferred)
IPv4 Address. . . . . . . . . . . : 25.214.240.64(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : 28. ¦Ё¤ЁТў б 2012 18:49:00
Lease Expires . . . . . . . . . . : 28. ¦Ё¤ЁТў б 2013 18:51:06
Default Gateway . . . . . . . . . : 2620:9b::1900:1
25.0.0.1
DHCP Server . . . . . . . . . . . : 25.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 276461960
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-C1-8E-27-00-1E-8C-AB-3D-06
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{05AE1452-49FE-4E10-ADF0-78608A880F52}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3837:1fae:a142:73f4(Preferred)
Link-local IPv6 Address . . . . . : fe80::3837:1fae:a142:73f4%12(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.sbb.rs:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : sbb.rs
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns5.sbb.rs
Address: 89.216.1.30

Name: google.com
Addresses: 2a00:1450:4001:c02::8a
173.194.70.113
173.194.70.138
173.194.70.139
173.194.70.100
173.194.70.101
173.194.70.102


Pinging google.com [173.194.70.102] with 32 bytes of data:
Reply from 173.194.70.102: bytes=32 time=33ms TTL=50
Reply from 173.194.70.102: bytes=32 time=34ms TTL=50

Ping statistics for 173.194.70.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 33ms, Maximum = 34ms, Average = 33ms
Server: dns5.sbb.rs
Address: 89.216.1.30

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=254ms TTL=50
Reply from 98.139.183.24: bytes=32 time=172ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 172ms, Maximum = 254ms, Average = 213ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 06 05 91 56 4a ......Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
16...7a 79 19 d6 f0 40 ......Hamachi Network Interface
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 25.0.0.1 25.214.240.64 9256
0.0.0.0 0.0.0.0 94.189.140.1 94.189.140.11 20
25.0.0.0 255.0.0.0 On-link 25.214.240.64 9256
25.214.240.64 255.255.255.255 On-link 25.214.240.64 9256
25.255.255.255 255.255.255.255 On-link 25.214.240.64 9256
94.189.140.0 255.255.252.0 On-link 94.189.140.11 276
94.189.140.11 255.255.255.255 On-link 94.189.140.11 276
94.189.143.255 255.255.255.255 On-link 94.189.140.11 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 94.189.140.11 276
224.0.0.0 240.0.0.0 On-link 25.214.240.64 9256
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 94.189.140.11 276
255.255.255.255 255.255.255.255 On-link 25.214.240.64 9256
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 25.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 9020 ::/0 2620:9b::1900:1
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:79fd:3837:1fae:a142:73f4/128
On-link
16 276 2620:9b::/96 On-link
16 276 2620:9b::19d6:f040/128 On-link
11 276 fe80::/64 On-link
16 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::3837:1fae:a142:73f4/128
On-link
16 276 fe80::a8cd:2125:f59b:5f27/128
On-link
11 276 fe80::f886:7630:80d1:eac/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 276 ff00::/8 On-link
16 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
0 9000 ::/0 2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/29/2012 01:37:25 AM) (Source: Application Error) (User: )
Description: Faulting application name: t6sp.exe, version: 1.0.0.1, time stamp: 0x50c7e945
Faulting module name: t6sp.exe, version: 1.0.0.1, time stamp: 0x50c7e945
Exception code: 0xc0000005
Fault offset: 0x00270239
Faulting process id: 0x174c
Faulting application start time: 0xt6sp.exe0
Faulting application path: t6sp.exe1
Faulting module path: t6sp.exe2
Report Id: t6sp.exe3

Error: (12/29/2012 01:36:46 AM) (Source: Application Error) (User: )
Description: Faulting application name: t6sp.exe, version: 1.0.0.1, time stamp: 0x50c7e945
Faulting module name: nvwgf2um.dll, version: 9.18.13.697, time stamp: 0x506b32cd
Exception code: 0xc00000fd
Fault offset: 0x000fe7a4
Faulting process id: 0x174c
Faulting application start time: 0xt6sp.exe0
Faulting application path: t6sp.exe1
Faulting module path: t6sp.exe2
Report Id: t6sp.exe3

Error: (12/28/2012 07:54:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (12/26/2012 03:08:45 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 23.0.1271.97 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: a90

Start Time: 01cde36ae4614878

Termination Time: 133

Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report Id:

Error: (12/25/2012 09:30:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (12/25/2012 00:15:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (12/24/2012 11:29:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: CLMSMonitorServicePDVD12.exe, version: 2.2.0.9808, time stamp: 0x4f31f8a0
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000005
Fault offset: 0x00052a80
Faulting process id: 0x268
Faulting application start time: 0xCLMSMonitorServicePDVD12.exe0
Faulting application path: CLMSMonitorServicePDVD12.exe1
Faulting module path: CLMSMonitorServicePDVD12.exe2
Report Id: CLMSMonitorServicePDVD12.exe3

Error: (12/23/2012 11:35:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: CLMSMonitorServicePDVD12.exe, version: 2.2.0.9808, time stamp: 0x4f31f8a0
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000005
Fault offset: 0x00055f5c
Faulting process id: 0x7f0
Faulting application start time: 0xCLMSMonitorServicePDVD12.exe0
Faulting application path: CLMSMonitorServicePDVD12.exe1
Faulting module path: CLMSMonitorServicePDVD12.exe2
Report Id: CLMSMonitorServicePDVD12.exe3

Error: (12/21/2012 03:59:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (12/19/2012 07:36:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (12/28/2012 08:16:30 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/28/2012 07:58:26 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/28/2012 06:50:33 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (12/28/2012 06:49:14 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (12/28/2012 06:49:01 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (12/28/2012 06:42:30 PM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (12/28/2012 06:42:01 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/28/2012 06:42:01 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/28/2012 06:42:01 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/28/2012 06:42:01 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (12/29/2012 01:37:25 AM) (Source: Application Error)(User: )
Description: t6sp.exe1.0.0.150c7e945t6sp.exe1.0.0.150c7e945c000000500270239174c01cde558c2fd8184D:\Program Files\Call of Duty Black Ops 2\t6sp.exeD:\Program Files\Call of Duty Black Ops 2\t6sp.exee9feefc9-514f-11e2-9352-00060591564a

Error: (12/29/2012 01:36:46 AM) (Source: Application Error)(User: )
Description: t6sp.exe1.0.0.150c7e945nvwgf2um.dll9.18.13.697506b32cdc00000fd000fe7a4174c01cde558c2fd8184D:\Program Files\Call of Duty Black Ops 2\t6sp.exeC:\Windows\system32\nvwgf2um.dlld2a9d8e3-514f-11e2-9352-00060591564a

Error: (12/28/2012 07:54:35 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*E:\KONAMI\Editor PES11\GGS\DelZip179.dllE:\KONAMI\Editor PES11\GGS\DelZip179.dll8

Error: (12/26/2012 03:08:45 PM) (Source: Application Hang)(User: )
Description: chrome.exe23.0.1271.97a9001cde36ae4614878133C:\Program Files\Google\Chrome\Application\chrome.exe

Error: (12/25/2012 09:30:19 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*E:\KONAMI\Editor PES11\GGS\DelZip179.dllE:\KONAMI\Editor PES11\GGS\DelZip179.dll8

Error: (12/25/2012 00:15:24 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*E:\KONAMI\Editor PES11\GGS\DelZip179.dllE:\KONAMI\Editor PES11\GGS\DelZip179.dll8

Error: (12/24/2012 11:29:14 PM) (Source: Application Error)(User: )
Description: CLMSMonitorServicePDVD12.exe2.2.0.98084f31f8a0ntdll.dll6.1.7600.169154ec49cafc000000500052a8026801cde22610e52923D:\Program Files\CyberLink\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exeC:\Windows\SYSTEM32\ntdll.dll583e6450-4e19-11e2-9cb4-00060591564a

Error: (12/23/2012 11:35:27 PM) (Source: Application Error)(User: )
Description: CLMSMonitorServicePDVD12.exe2.2.0.98084f31f8a0ntdll.dll6.1.7600.169154ec49cafc000000500055f5c7f001cde15dc28df8d1D:\Program Files\CyberLink\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exeC:\Windows\SYSTEM32\ntdll.dll0bceb8f7-4d51-11e2-82d9-00060591564a

Error: (12/21/2012 03:59:39 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*E:\KONAMI\Editor PES11\GGS\DelZip179.dllE:\KONAMI\Editor PES11\GGS\DelZip179.dll8

Error: (12/19/2012 07:36:22 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*E:\KONAMI\Editor PES11\GGS\DelZip179.dllE:\KONAMI\Editor PES11\GGS\DelZip179.dll8


CodeIntegrity Errors:
===================================
Date: 2012-08-11 22:54:57.567
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvd3dum.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-08-11 22:54:57.418
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvd3dum.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-08-11 22:48:26.223
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvd3dum.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-08-11 22:48:26.183
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvd3dum.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-08-11 22:44:46.579
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvd3dum.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-08-11 22:44:46.539
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvd3dum.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-08-11 22:39:15.638
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvd3dum.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-08-11 22:39:15.532
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvd3dum.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-07-03 22:39:34.922
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-07-03 19:07:55.020
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

7-Zip 4.65
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader 9.3.4 (Version: 9.3.4)
Apple Application Support (Version: 2.0.1)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.2637)
AVG 2013 (Version: 13.0.2805)
AVG 2013 (Version: 2013.0.2805)
AVG Security Toolbar
Balkanska Liga by BPB Edit Team version 1.0 (Version: 1.0)
BattlEye (A2Free) Uninstall
BattlEye Uninstall
BS.Player FREE (Version: 2.56.1043)
BS_Player Toolbar (Version: )
Call of Duty Black Ops 2 ... (Version: ...)
Cheat Engine 6.1
Cities In Motion
Cities In Motion - Patch 1.0.21
CyberLink PowerDVD 12 (Version: 12.0.1514.54)
Darkest Hour
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Shrink 3.2
Football Manager 2012
Football Manager 2012 Editor
Football Manager 2012 Resource Archiver
Fraps (remove only)
Free WMA to MP3 Converter 1.16
Futuremark SystemInfo (Version: 3.21.2.1)
GadgetBox (Version: 1.0)
Game Graphic Studio (Version: 7.4.0)
Google Chrome (Version: 23.0.1271.97)
Google Update Helper (Version: 1.3.21.123)
Hearts of Iron 2 Doomsday Armageddon Patch 1.1
HHD Software Free Hex Editor Neo 4.97 (Version: 4.97.2.3667)
HOI2 Doomsday Armageddon 1.2
Image Resizer 0.1
Inno Setup Unpacker Explorer 1.0
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 23 (Version: 6.0.230)
JDownloader 0.9 (Version: 0.9)
LogMeIn Hamachi (Version: 2.1.0.294)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mass Effect (Version: 1.00)
Mass Effect 3 v1.1.5427.4
Mass Effect™ 3 (Version: 1.01.0.0)
McAfee Security Scan Plus (Version: 2.0.189.1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 14.0.1468.721)
NBA 2K13 (Version: 1.0.0)
Nero Burning ROM (Version: 10.0.1110)
NVIDIA 3D Vision Controller Driver (Version: 275.33)
NVIDIA 3D Vision Controller Driver 306.97 (Version: 306.97)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Display Control Panel (Version: 6.14.12.5721)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Octoshape add-in for Adobe Flash Player
PES 2010 Editor (Version: 2.1)
Pharaoh - Including Cleopatra Expansion (Version: 1.0.0)
PriceGong 2.6.4 (Version: 2.6.4)
Pro Evolution Soccer 2013 (Version: 1.01.0000)
PunkBuster Services (Version: 0.991)
QuickTime (Version: 7.70.80.34)
RAD Video Tools
Rockstar Games Social Club (Version: 1.0.9.5)
SFT_eng7 Toolbar (Version: 6.9.0.16)
Skype Click to Call (Version: 6.5.11422)
Skype™ 5.10 (Version: 5.10.116)
Softonic toolbar on IE
Steam (Version: 1.0.0.0)
StreamTorrent 1.0
Stronghold Crusader
System Requirements Lab
System Requirements Lab (Version: 4.4.26.0)
System Requirements Lab CYRI (Version: 4.3.1.0)
System Requirements Lab for Intel (Version: 4.4.24.0)
TeamSpeak 3 Client
TVUPlayer 2.5.3.1 (Version: 2.5.3.1)
Ubisoft Game Launcher (Version: 1.0.0.0)
UltraISO Premium V9.36
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Veetle TV 0.9.18 (Version: 0.9.18)
VIO Player version 1.2 (Version: 1.2)
Virtual CD v10 (Version: 10.10.11)
VLC media player 2.0.2 (Version: 2.0.2)
VobSub v2.23 (Remove Only)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
Xvid Video Codec (Version: 1.3.2)
YouTube Downloader Toolbar v4.6 (Version: 4.6)
YTD Video Downloader 3.9.2
ZoneAlarm LTD Toolbar
µTorrent (Version: 3.1.3)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 2047.18 MB
Available physical RAM: 862.68 MB
Total Pagefile: 4094.36 MB
Available Pagefile: 2216.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1928.2 MB

========================= Partitions: =====================================

2 Drive c: (Local Disk) (Fixed) (Total:114.49 GB) (Free:30.33 GB) NTFS
3 Drive d: () (Fixed) (Total:232.89 GB) (Free:60.3 GB) NTFS
4 Drive e: () (Fixed) (Total:232.87 GB) (Free:72.04 GB) NTFS

========================= Users: ========================================

User accounts for \\STEFAN-PC

Administrator ASPNET Guest
Stefan UpdatusUser


**** End of log ****

-----------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2012.12.29.01

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Stefan :: STEFAN-PC [administrator]

29.12.2012 3:17:11
mbam-log-2012-12-29 (03-17-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248654
Time elapsed: 7 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

-------------------------------------------------------------------------------------------------------------------

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-29 03:34:24
-----------------------------
03:34:24.353 OS Version: Windows 6.1.7600
03:34:24.369 Number of processors: 4 586 0xF0B
03:34:24.369 ComputerName: STEFAN-PC UserName: Stefan
03:35:13.844 Initialize success
03:35:24.225 AVAST engine defs: 12122801
03:37:56.531 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
03:37:56.531 Disk 0 Vendor: Maxtor_6Y120M0 YAR51HW0 Size: 117246MB BusType: 3
03:37:56.531 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-6
03:37:56.547 Disk 1 Vendor: WDC_WD5000AAKS-00YGA0 12.01C02 Size: 476940MB BusType: 3
03:37:56.547 Disk 0 MBR read successfully
03:37:56.547 Disk 0 MBR scan
03:37:56.563 Disk 0 Windows XP default MBR code
03:37:56.563 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 117239 MB offset 63
03:37:56.578 Disk 0 scanning sectors +240107490
03:37:56.641 Disk 0 scanning C:\Windows\system32\drivers
03:38:05.394 Service scanning
03:38:25.400 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
03:38:30.663 Service vdrv1000 C:\Windows\system32\DRIVERS\vdrv1000.sys **LOCKED**
03:38:36.441 Modules scanning
03:38:41.219 Disk 0 trace - called modules:
03:38:41.228 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x84c971f8]<<
03:38:41.229 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85b73ac8]
03:38:41.229 3 CLASSPNP.SYS[89eba59e] -> nt!IofCallDriver -> [0x85a2c918]
03:38:41.230 5 ACPI.sys[8976d3b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x85a05908]
03:38:41.230 \Driver\atapi[0x859f2b18] -> IRP_MJ_CREATE -> 0x84c971f8
03:38:42.575 AVAST engine scan C:\Windows
03:38:44.623 AVAST engine scan C:\Windows\system32
03:45:03.809 AVAST engine scan C:\Windows\system32\drivers
03:45:17.053 AVAST engine scan C:\Users\Stefan
04:10:19.487 AVAST engine scan C:\ProgramData
04:12:51.263 Scan finished successfully
05:10:32.332 Disk 0 MBR has been saved successfully to "C:\Users\Stefan\Desktop\MBR.dat"
05:10:32.337 The log file has been saved successfully to "C:\Users\Stefan\Desktop\5.txt"

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:51 PM

Posted 28 December 2012 - 11:31 PM

Download Malwarebytes Anti-Rootkit from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Stefke

Stefke
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:51 AM

Posted 29 December 2012 - 07:15 AM

Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org

Database version: v2012.12.29.05

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Stefan :: STEFAN-PC [administrator]

29.12.2012 13:13:43
mbar-log-2012-12-29 (13-13-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 27452
Time elapsed: 12 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

-------------------------------------------------------------------------------------------------------------------------------

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_23

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.401000 GHz
Memory total: 2146623488, free: 873435136

------------ Kernel report ------------
12/29/2012 12:58:55
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\spcc.sys
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\intelide.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\pciide.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avglogx.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\System32\Drivers\aoousiks.SYS
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\hamachi.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\vdrv1000.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\??\D:\Program Files\CyberLink\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\D:\Program Files\CyberLink\PowerDVD12\PowerDVD12\Common\NavFilter\000.fcl
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Program Files\DAEMON Tools Lite\Engine.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff85b6f640
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-6\
Lower Device Object: 0xffffffff85a21030
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
DriverEntry returned 0x0
Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff85b6f030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff85a12908
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Downloaded database version: v2012.12.29.05
Downloaded database version: v2012.12.27.02
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff85b6f030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85b6fd10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff85b6f030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85a0b918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85a12908, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xffffffffa7f2a178, 0xffffffff85b6f030, 0xffffffff854fda90
Lower DeviceData: 0xffffffffa4443cd8, 0xffffffff85a12908, 0xffffffff8548b200
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
File user open failed: C:\Windows\system32\drivers\sptd.sys (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 91F991F9

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 240107427
Partition file system is NTFS
Partition is not bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 122942324736 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-240101728-240121728)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff85b6f640, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85b70020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff85b6f640, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff859ae868, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85a21030, DeviceName: \Device\Ide\IdeDeviceP1T0L0-6\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xffffffffa2bce198, 0xffffffff85b6f640, 0xffffffff85431820
Lower DeviceData: 0xffffffffae947ce0, 0xffffffff85a21030, 0xffffffff8531ed20
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 42E8DE00

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 488408067
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 488408130 Numsec = 488359935

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:51 PM

Posted 29 December 2012 - 12:02 PM

What is exact file name and its location reported by AVG?

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next...

  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.


=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Stefke

Stefke
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:51 AM

Posted 29 December 2012 - 12:24 PM

The exact file name is IDP.Hacktool.B87C2318 located in C:\Users\Stefan\AppData\Local\Temp\svchost.exe

After both reboot my AVG still reports the virus. Here is the log you requested.

# AdwCleaner v2.104 - Logfile created 12/29/2012 at 18:19:05
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Ultimate (32 bits)
# User : Stefan - STEFAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Stefan\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\user.js
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\BS_Player
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\PriceGong
Folder Deleted : C:\Program Files\SFT_eng7
Folder Deleted : C:\Program Files\Softonic
Folder Deleted : C:\Program Files\YouTube Downloader Toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Administrator\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Stefan\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Folder Deleted : C:\Users\Stefan\AppData\Local\TempDir
Folder Deleted : C:\Users\Stefan\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Stefan\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Stefan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Stefan\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Stefan\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Stefan\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Stefan\AppData\LocalLow\SFT_eng7
Folder Deleted : C:\Users\Stefan\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Stefan\AppData\LocalLow\ZoneAlarm
Folder Deleted : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\i7bgwlh3.default\ConduitCommon
Folder Deleted : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\i7bgwlh3.default\CT1750559
Folder Deleted : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\i7bgwlh3.default\CT3031607
Folder Deleted : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\i7bgwlh3.default\extensions\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}
Folder Deleted : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\i7bgwlh3.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
Folder Deleted : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\i7bgwlh3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Folder Deleted : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\i7bgwlh3.default\extensions\ffxtlbra@softonic.com
Folder Deleted : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\i7bgwlh3.default\extensions\vshare@toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SFT_eng7
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\ZoneAlarm
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CFCB6A2A-8A46-4D65-A299-73FC00BF3F0B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\BS_Player
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75A3ECF0-95F8-4F20-851D-6B350F25C4B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC52497F-5F7A-4901-B66B-EEA65447DCEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFCB6A2A-8A46-4D65-A299-73FC00BF3F0B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2611275
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3031607
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54E4DEF9-3934-4A3A-AA25-20170605C520}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{616E7BDB-18D9-495B-BD2F-B00A6051BD09}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85C5FF9A-EA3C-4383-AAED-50D0A796B033}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7931DBD-C45C-485C-BA8E-FC2E185358B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{75A3ECF0-95F8-4F20-851D-6B350F25C4B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CC52497F-5F7A-4901-B66B-EEA65447DCEE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CFCB6A2A-8A46-4D65-A299-73FC00BF3F0B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SFT_eng7 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SFT_eng7
Key Deleted : HKLM\Software\Softonic
Key Deleted : HKLM\Software\ZoneAlarm
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (en-US)

File : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\i7bgwlh3.default\prefs.js

C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\i7bgwlh3.default\user.js ... Deleted !

Deleted : user_pref("CT1750559..clientLogIsEnabled", false);
Deleted : user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT1750559.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1750559.BrowserCompStateIsOpen_129495727276863004", true);
Deleted : user_pref("CT1750559.BrowserCompStateIsOpen_129502713039250930", true);
Deleted : user_pref("CT1750559.BrowserCompStateIsOpen_129544988592463877", true);
Deleted : user_pref("CT1750559.BrowserCompStateIsOpen_129634080503807015", true);
Deleted : user_pref("CT1750559.CTID", "CT1750559");
Deleted : user_pref("CT1750559.CurrentServerDate", "29-12-2012");
Deleted : user_pref("CT1750559.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1750559.DialogsGetterLastCheckTime", "Sat Dec 29 2012 03:40:06 GMT+0100 (Central Europe[...]
Deleted : user_pref("CT1750559.DownloadReferralCookieData", "");
Deleted : user_pref("CT1750559.FirstServerDate", "31-8-2010");
Deleted : user_pref("CT1750559.FirstTime", true);
Deleted : user_pref("CT1750559.FirstTimeFF3", true);
Deleted : user_pref("CT1750559.FixPageNotFoundErrors", true);
Deleted : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1750559.HasUserGlobalKeys", true);
Deleted : user_pref("CT1750559.Initialize", true);
Deleted : user_pref("CT1750559.InitializeCommonPrefs", true);
Deleted : user_pref("CT1750559.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT1750559.InstallationType", "Unknown");
Deleted : user_pref("CT1750559.InstalledDate", "Tue Aug 31 2010 00:14:15 GMT+0200 (Central Europe Daylight Tim[...]
Deleted : user_pref("CT1750559.InvalidateCache", false);
Deleted : user_pref("CT1750559.IsGrouping", false);
Deleted : user_pref("CT1750559.IsMulticommunity", false);
Deleted : user_pref("CT1750559.IsOpenThankYouPage", true);
Deleted : user_pref("CT1750559.IsOpenUninstallPage", true);
Deleted : user_pref("CT1750559.LanguagePackLastCheckTime", "Sat Dec 29 2012 03:40:06 GMT+0100 (Central Europe [...]
Deleted : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT1750559.LastLogin_2.5.6.0", "Tue Aug 31 2010 00:14:16 GMT+0200 (Central Europe Daylight[...]
Deleted : user_pref("CT1750559.LastLogin_3.12.0.7", "Wed Apr 25 2012 02:32:16 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT1750559.LastLogin_3.12.2.3", "Sun Jun 03 2012 23:42:32 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT1750559.LastLogin_3.13.0.6", "Mon Jul 16 2012 01:06:02 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT1750559.LastLogin_3.14.1.0", "Sun Aug 26 2012 20:40:52 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT1750559.LastLogin_3.15.1.0", "Sun Nov 25 2012 20:34:10 GMT+0100 (Central Europe Standar[...]
Deleted : user_pref("CT1750559.LastLogin_3.16.0.3", "Sat Dec 29 2012 03:40:05 GMT+0100 (Central Europe Standar[...]
Deleted : user_pref("CT1750559.LatestVersion", "3.16.0.3");
Deleted : user_pref("CT1750559.Locale", "en-us");
Deleted : user_pref("CT1750559.LoginCache", 4);
Deleted : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1750559.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT1750559.RadioIsPodcast", false);
Deleted : user_pref("CT1750559.RadioLastCheckTime", "Tue Aug 31 2010 00:14:16 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Deleted : user_pref("CT1750559.RadioMediaID", "11237206");
Deleted : user_pref("CT1750559.RadioMediaType", "Media Player");
Deleted : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Deleted : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Deleted : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Deleted : user_pref("CT1750559.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT1750559.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT175[...]
Deleted : user_pref("CT1750559.SearchInNewTabEnabled", true);
Deleted : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Sat Dec 29 2012 03:40:03 GMT+0100 (Central Europ[...]
Deleted : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT1750559.ServiceMapLastCheckTime", "Sat Dec 29 2012 03:40:03 GMT+0100 (Central Europe St[...]
Deleted : user_pref("CT1750559.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT1750559.SettingsLastCheckTime", "Sat Dec 29 2012 03:40:01 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("CT1750559.SettingsLastUpdate", "1356544299");
Deleted : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Tue Aug 31 2010 00:14:15 GMT+0200 (Central Eur[...]
Deleted : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT1750559.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1750559");
Deleted : user_pref("CT1750559.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT1750559.UserID", "UN14395741688827235");
Deleted : user_pref("CT1750559.WeatherNetwork", "");
Deleted : user_pref("CT1750559.WeatherPollDate", "Tue Aug 31 2010 00:14:18 GMT+0200 (Central Europe Daylight T[...]
Deleted : user_pref("CT1750559.WeatherUnit", "C");
Deleted : user_pref("CT1750559.alertChannelId", "31130");
Deleted : user_pref("CT1750559.clientLogIsEnabled", true);
Deleted : user_pref("CT1750559.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT1750559.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT1750559.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT1750559.initDone", true);
Deleted : user_pref("CT1750559.myStuffEnabled", true);
Deleted : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT1750559.revertSettingsEnabled", true);
Deleted : user_pref("CT1750559.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT1750559.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT1750559.testingCtid", "");
Deleted : user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Sat Dec 29 2012 03:40:06 GMT+0100 (Central E[...]
Deleted : user_pref("CT1750559.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT1750559.usagesFlag", 2);
Deleted : user_pref("CT3031607..clientLogIsEnabled", false);
Deleted : user_pref("CT3031607..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3031607..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3031607.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3031607.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3031607.BrowserCompStateIsOpen_129524509878872275", true);
Deleted : user_pref("CT3031607.BrowserCompStateIsOpen_129780204584723943", true);
Deleted : user_pref("CT3031607.BrowserCompStateIsOpen_129784496726587929", true);
Deleted : user_pref("CT3031607.CTID", "CT3031607");
Deleted : user_pref("CT3031607.CurrentServerDate", "29-12-2012");
Deleted : user_pref("CT3031607.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3031607.DialogsGetterLastCheckTime", "Sat Dec 29 2012 03:40:03 GMT+0100 (Central Europe[...]
Deleted : user_pref("CT3031607.DownloadReferralCookieData", "");
Deleted : user_pref("CT3031607.EMailNotifierPollDate", "Sun Sep 18 2011 15:03:21 GMT+0200 (Central Europe Dayl[...]
Deleted : user_pref("CT3031607.FirstServerDate", "18-9-2011");
Deleted : user_pref("CT3031607.FirstTime", true);
Deleted : user_pref("CT3031607.FirstTimeFF3", true);
Deleted : user_pref("CT3031607.FixPageNotFoundErrors", false);
Deleted : user_pref("CT3031607.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3031607.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3031607.HasUserGlobalKeys", true);
Deleted : user_pref("CT3031607.Initialize", true);
Deleted : user_pref("CT3031607.InitializeCommonPrefs", true);
Deleted : user_pref("CT3031607.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT3031607.InstallationId", "CT3031607_SFT_eng7.exe");
Deleted : user_pref("CT3031607.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT3031607.InstalledDate", "Sun Sep 18 2011 15:03:21 GMT+0200 (Central Europe Daylight Tim[...]
Deleted : user_pref("CT3031607.InvalidateCache", false);
Deleted : user_pref("CT3031607.IsGrouping", false);
Deleted : user_pref("CT3031607.IsInitSetupIni", true);
Deleted : user_pref("CT3031607.IsMulticommunity", false);
Deleted : user_pref("CT3031607.IsOpenThankYouPage", false);
Deleted : user_pref("CT3031607.IsOpenUninstallPage", true);
Deleted : user_pref("CT3031607.LanguagePackLastCheckTime", "Sat Dec 29 2012 03:40:03 GMT+0100 (Central Europe [...]
Deleted : user_pref("CT3031607.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3031607.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3031607.LastLogin_3.12.0.7", "Wed Apr 25 2012 02:32:20 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT3031607.LastLogin_3.12.2.3", "Sun Jun 03 2012 23:42:31 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT3031607.LastLogin_3.13.0.6", "Mon Jul 16 2012 01:06:00 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT3031607.LastLogin_3.14.1.0", "Sun Aug 26 2012 20:40:45 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT3031607.LastLogin_3.15.1.0", "Sun Nov 25 2012 20:34:15 GMT+0100 (Central Europe Standar[...]
Deleted : user_pref("CT3031607.LastLogin_3.16.0.3", "Sat Dec 29 2012 03:40:03 GMT+0100 (Central Europe Standar[...]
Deleted : user_pref("CT3031607.LastLogin_3.6.0.10", "Sun Sep 18 2011 15:03:22 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT3031607.LatestVersion", "3.16.0.3");
Deleted : user_pref("CT3031607.Locale", "en");
Deleted : user_pref("CT3031607.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3031607.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3031607.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3031607.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3031607.OriginalFirstVersion", "3.6.0.10");
Deleted : user_pref("CT3031607.RadioIsPodcast", false);
Deleted : user_pref("CT3031607.RadioLastCheckTime", "Sun Sep 18 2011 15:03:27 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT3031607.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT3031607.RadioLastUpdateServer", "129524557143500000");
Deleted : user_pref("CT3031607.RadioMediaID", "21889800");
Deleted : user_pref("CT3031607.RadioMediaType", "Media Player");
Deleted : user_pref("CT3031607.RadioMenuSelectedID", "EBRadioMenu_CT303160721889800");
Deleted : user_pref("CT3031607.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT3031607.RadioStationName", "California%20Rock%20-%20Rock");
Deleted : user_pref("CT3031607.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Deleted : user_pref("CT3031607.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3031607.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT303[...]
Deleted : user_pref("CT3031607.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3031607.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3031607.SearchInNewTabLastCheckTime", "Sat Dec 29 2012 03:39:59 GMT+0100 (Central Europ[...]
Deleted : user_pref("CT3031607.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3031607.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT3031607.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT3031607.ServiceMapLastCheckTime", "Sat Dec 29 2012 03:40:02 GMT+0100 (Central Europe St[...]
Deleted : user_pref("CT3031607.SettingsLastCheckTime", "Sat Dec 29 2012 03:39:58 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("CT3031607.SettingsLastUpdate", "1356544299");
Deleted : user_pref("CT3031607.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3031607.ThirdPartyComponentsLastCheck", "Sun Sep 18 2011 15:03:15 GMT+0200 (Central Eur[...]
Deleted : user_pref("CT3031607.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT3031607.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3031607.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3031607");
Deleted : user_pref("CT3031607.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3031607.UserID", "UN48980864532989942");
Deleted : user_pref("CT3031607.ValidationData_Toolbar", 1);
Deleted : user_pref("CT3031607.alertChannelId", "1423186");
Deleted : user_pref("CT3031607.backendstorage.youtubelang", "5553");
Deleted : user_pref("CT3031607.components.129524450094515146", false);
Deleted : user_pref("CT3031607.components.129524450332752173", false);
Deleted : user_pref("CT3031607.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3031607.globalFirstTimeInfoLastCheckTime", "Sun Sep 18 2011 15:03:23 GMT+0200 (Central [...]
Deleted : user_pref("CT3031607.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3031607.initDone", true);
Deleted : user_pref("CT3031607.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3031607.isFirstRadioInstallation", false);
Deleted : user_pref("CT3031607.myStuffEnabled", true);
Deleted : user_pref("CT3031607.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3031607.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3031607.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3031607.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3031607.revertSettingsEnabled", false);
Deleted : user_pref("CT3031607.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3031607.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3031607.testingCtid", "");
Deleted : user_pref("CT3031607.toolbarAppMetaDataLastCheckTime", "Sat Dec 29 2012 03:40:03 GMT+0100 (Central E[...]
Deleted : user_pref("CT3031607.toolbarContextMenuLastCheckTime", "Sun Sep 18 2011 15:03:26 GMT+0200 (Central E[...]
Deleted : user_pref("CT3031607.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1750559/CT1750559[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3031607/CT3031607[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1423186/1418841/RS", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/RS", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1750559", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3031607", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1750559",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3031607",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3031607&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"17e[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Stefan\\AppData\\Roaming\\Mozilla\\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1750559,ConduitEngine,CT3031607");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559,CT3031607");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3031607");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Mar 20 2011 17:40:51 GMT+01[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jun 24 2011 19:31:14 GMT+0200 (Centr[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Jun 25 2011 18:30:11 GMT+0200 (Central E[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "a26df6fb-622a-4ed8-9333-a3bc687cc7d1");
Deleted : user_pref("CommunityToolbar.globalUserId", "0da5632a-f9a1-446c-a13b-7084e96f7287");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3031607");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Sep 18 2011 15:03:2[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Sep 18 2011 16:03:45 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Sep 18 2011 15:03:21 GMT+0200 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "6c19134f-b953-41f4-8dc0-382e960bea16");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Jun 15 2011 15:28:28 GMT+0200 (Central Euro[...]
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Jun 25 2011 18:19:24 GMT+0200 (Central Eu[...]
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/20/2011 18");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Sun Mar 20 2011 17:40:52 GMT+0100 (Central Europe Standard[...]
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Jun 25 2011 18:30:12 GMT+0200 (Central Eur[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Tue Mar 22 2011 20:56:31 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Jun 25 2011 16:02:48 GMT+0200 (Central Europe Dayl[...]
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Jun 25 2011 16:02:48 GMT+0200 (Central Europe [...]
Deleted : user_pref("ConduitEngine.UserID", "UN59933938794149495");
Deleted : user_pref("ConduitEngine.componentAlertEnabled", false);
Deleted : user_pref("ConduitEngine.engineLocale", "en-US");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Jun 25 2011 18:30:12 GMT+0200 (Centr[...]
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Jun 25 2011 18:19:25 GMT+0200 (Cent[...]
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 1);
Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\13.2.0.5");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("extensions.Softonic.admin", false);
Deleted : user_pref("extensions.Softonic.aflt", "SD");
Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Deleted : user_pref("extensions.Softonic.cntry", "RS");
Deleted : user_pref("extensions.Softonic.cv", "cv5");
Deleted : user_pref("extensions.Softonic.dfltLng", "");
Deleted : user_pref("extensions.Softonic.dfltlng", "en");
Deleted : user_pref("extensions.Softonic.dfltsrch", "false");
Deleted : user_pref("extensions.Softonic.envrmnt", "production");
Deleted : user_pref("extensions.Softonic.excTlbr", false);
Deleted : user_pref("extensions.Softonic.hdrMd5", "E842E8A683C0D3A96B9024DCC0513E22");
Deleted : user_pref("extensions.Softonic.hmpg", false);
Deleted : user_pref("extensions.Softonic.hrdid", "e0981b3400000000000000060591564a");
Deleted : user_pref("extensions.Softonic.id", "e0981b3400000000000000060591564a");
Deleted : user_pref("extensions.Softonic.instlDay", "15535");
Deleted : user_pref("extensions.Softonic.instlRef", "MON00005");
Deleted : user_pref("extensions.Softonic.instlday", "15535");
Deleted : user_pref("extensions.Softonic.instlref", "MON00005");
Deleted : user_pref("extensions.Softonic.isdcmntcmplt", true);
Deleted : user_pref("extensions.Softonic.keywordurl", "");
Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.6.4.320:23:54");
Deleted : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Deleted : user_pref("extensions.Softonic.newTab", false);
Deleted : user_pref("extensions.Softonic.newtab", "false");
Deleted : user_pref("extensions.Softonic.newtaburl", "");
Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Deleted : user_pref("extensions.Softonic.propectorlck", 90702571);
Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Deleted : user_pref("extensions.Softonic.prtnrid", "softonic");
Deleted : user_pref("extensions.Softonic.radiomystations", "[{\"id\":\"1069\",\"name\":\"ORS Romбntica en espa[...]
Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Deleted : user_pref("extensions.Softonic.savedVrsnTs", "1");
Deleted : user_pref("extensions.Softonic.sg", "cz");
Deleted : user_pref("extensions.Softonic.similarsitesstorage-pid2", "d49aeb5631046ef5");
Deleted : user_pref("extensions.Softonic.smplGrp", "none");
Deleted : user_pref("extensions.Softonic.smplgrp", "none");
Deleted : user_pref("extensions.Softonic.srch", "");
Deleted : user_pref("extensions.Softonic.srchprvdr", "");
Deleted : user_pref("extensions.Softonic.tlbrId", "base");
Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00005/tb_v1?SearchSource[...]
Deleted : user_pref("extensions.Softonic.tlbrid", "base");
Deleted : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/MON00005/tb_v1?SearchSource[...]
Deleted : user_pref("extensions.Softonic.vrsn", "1.6.4.3");
Deleted : user_pref("extensions.Softonic.vrsnTs", "1.6.4.320:23:54");
Deleted : user_pref("extensions.Softonic.vrsni", "1.6.4.3");
Deleted : user_pref("extensions.Softonic.vrsnts", "1.6.4.320:23:54");
Deleted : user_pref("extensions.Softonic_i.newTab", false);
Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");
Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.6.4.320:23:54");
Deleted : user_pref("extensions.enabledAddons", "ffxtlbra@softonic.com:1.6.0,support@lastpass.com:2.0.0,brief@[...]
Deleted : user_pref("extensions.facemoods._xpiupdate", true);
Deleted : user_pref("extensions.facemoods.aflt", "_#wbst");
Deleted : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Deleted : user_pref("extensions.facemoods.first_time", false);
Deleted : user_pref("extensions.facemoods.id", "_#a4dcb72f45d04a21a74f2eae63f21fe5");
Deleted : user_pref("extensions.facemoods.instlDay", "_#15286");
Deleted : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Deleted : user_pref("extensions.facemoods.sid", "_#a4dcb72f45d04a21a74f2eae63f21fe5");
Deleted : user_pref("extensions.facemoods.update", "_#v1.4.0");
Deleted : user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3031607&SearchSource=2&q=[...]
Deleted : user_pref("vshare.install.date", "1284768000000");
Deleted : user_pref("vshare.install.finished", "1.0.0");
Deleted : user_pref("vshare.install.guid", "{eeb9567e-c680-42fb-a965-2418edb9082b}");
Deleted : user_pref("vshare.install.isHidden", true);
Deleted : user_pref("vshare.install.laststatreq", "1300752000000");
Deleted : user_pref("vshare.install.newtab", false);

File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\dlhkzhuu.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [50059 octets] - [29/12/2012 18:19:05]

########## EOF - C:\AdwCleaner[S1].txt - [50120 octets] ##########

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:51 PM

Posted 30 December 2012 - 02:43 PM

Eset?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 Stefke

Stefke
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:51 AM

Posted 30 December 2012 - 08:53 PM

Sorry, i forgot - here it is:

C:\Users\All Users\Adobe\2F2471.vbe VBS/CoinMiner.C trojan unable to clean
C:\ProgramData\Adobe\2F2471.vbe VBS/CoinMiner.C trojan cleaned by deleting - quarantined
C:\WINDOWS stari\Installer\$PatchCache$\Managed\006DFDF283378374095DCFA4AC80CD63\1.0.0\pes2008.exe probably unknown WIN32 virus deleted - quarantined
C:\Windows.old\Documents and Settings\All Users\Documents\$$$.dll Win32/SuspLibLoad.A trojan cleaned - quarantined
D:\WINDOWS\system32\jbeshytk.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
D:\WINDOWS\system32\OoUDffii.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
D:\WINDOWS\system32\OoUDffii.ini2 Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
D:\WINDOWS\system32\rtmloemk.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
D:\WINDOWS\system32\wvtpruql.ini Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:51 PM

Posted 30 December 2012 - 09:10 PM

Is AVG still complaining?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 Stefke

Stefke
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:51 AM

Posted 31 December 2012 - 06:41 AM

It isn't, that did the trick, i also managed to start up my windows firewall. Thank you so much!

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:51 PM

Posted 31 December 2012 - 11:15 AM

Very good.
I'd like to see new FSS log.

Also...

Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

=======================

Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 Stefke

Stefke
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:51 AM

Posted 31 December 2012 - 12:16 PM

Farbar Service Scanner Version: 23-12-2012
Ran by Stefan (administrator) on 31-12-2012 at 18:15:31
Running from "C:\Users\Stefan\Downloads"
Windows 7 Ultimate (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-09 10:26] - [2012-03-30 11:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\Windows\system32\dnsrslvr.dll
[2011-04-13 08:44] - [2011-03-03 06:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-14 00:53] - [2009-07-14 02:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-14 00:54] - [2009-07-14 02:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-14 00:23] - [2009-07-14 02:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-14 00:24] - [2009-07-14 02:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll
[2011-02-09 12:03] - [2010-12-21 06:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-07-14 00:30] - [2009-07-14 02:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-10 17:10] - [2012-06-02 05:45] - 0139264 ____A (Microsoft Corporation) F2FDE6C8DBAAD44CC58D1E07E4AF4EED

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:51 PM

Posted 31 December 2012 - 12:42 PM

Did you disable Action Center on purpose?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 Stefke

Stefke
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:51 AM

Posted 01 January 2013 - 08:12 AM

No, i didn't, maybe it was knocked down when the virus took down my windows firewall, i managed to start it up via services again, it is working fine now.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users