Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast is being blocked by group Policy


  • Please log in to reply
52 replies to this topic

#1 bgardner_31

bgardner_31

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 10 February 2013 - 09:41 AM

  "This program is blocked by group
policy. For more information, contact your system administrator" comes
up.  I was able to scan avast by creating a guest accout and opening by
the small icon on the bottom of the screen.  I also was able to scan, I
found the following:


                                                                                     
-C:Users\...\BetterInstaller.exe          
(status)Win32-Ezula-AGE    


                                                                                      
-C:\...\websChamberSquishy.Class                Java:Agent-CLW


When I tried to move them to chest in avast nothing happend,  the result is an error.

 

I have ran Super Anti Sypware, Rogue KIller and ad-aware.  I also can not uninstall  avast because of this.

Please advise.


Edited by hamluis, 10 February 2013 - 10:07 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:43 AM

Posted 10 February 2013 - 10:21 AM

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Report FF Proxy Settings
Reset Ie proxy Settins
Reset FF proxy settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result. 

Download Adware Cleaner run it Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner


Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe


Download Emsisoft Emergency Kit and save it to your desktop. Right-click on EmsisoftEmergencyKit.zip and select Extract All.... Leave all settings as they are and click Extract. You will now have a folder named EmsisoftEmergencyKit on your desktop.

Open the EmsisoftEmergencyKit
http://www.emsisoft.com/en/software/eek/download/
folder and double-click Start.exe.
A new window will open. Under "Run Directly:" click Emergency Kit Scanner.
When asked to run an online update, click Yes.
When the update is finished, click the Back to Security Status link in the left corner. On the main screen click the Scan Now button.
Select the Deep Scan option and click the SCAN button.
When the scan is finished click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
Click the View Report button and in the Reports window double-click on the most recent log. Note, logs are named as follows: a2scan_<date>-<time>.txt.
Copy/paste the report contents in your next reply.



#3 bgardner_31

bgardner_31
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 10 February 2013 - 08:10 PM

MINITOOLBOX results

MiniToolBox by Farbar  Version:10-01-2013
Ran by Tech (administrator) on 10-02-2013 at 18:59:51
Running from "C:\Users\Tech\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost
192.168.2.3 NPI91D0A5

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® PRO/1000 MT Network Connection = Local Area Connection 5 (Connected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection 3 (Media disconnected)
D-Link DFE-530TX+ PCI Adapter = Local Area Connection 4 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Candace-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 5:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-0D-56-A0-26-91
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f52f:e751:fff9:f523%16(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.18(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 10, 2013 9:34:06 AM
   Lease Expires . . . . . . . . . . : Monday, February 11, 2013 9:34:03 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 369102166
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0D-F8-E2-E3-00-1B-FC-51-C5-3D
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 4:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : D-Link DFE-530TX+ PCI Adapter
   Physical Address. . . . . . . . . : 00-0D-88-21-D8-AA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
   Physical Address. . . . . . . . . : 00-48-54-87-97-4E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{7070037B-FB23-46E4-930F-C0F9C7F762D7}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:fe:3a3d:3f57:feed(Preferred)
   Link-local IPv6 Address . . . . . : fe80::fe:3a3d:3f57:feed%9(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{8D1BBE9C-A128-46BE-BB86-23F02B5C96B4}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{68C3DA10-927E-4B11-8BA0-7880F9469B07}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4000:801::1006
      74.125.227.98
      74.125.227.99
      74.125.227.100
      74.125.227.101
      74.125.227.102
      74.125.227.103
      74.125.227.104
      74.125.227.105
      74.125.227.110
      74.125.227.96
      74.125.227.97



Pinging google.com [74.125.227.100] with 32 bytes of data:

Reply from 74.125.227.100: bytes=32 time=21ms TTL=52

Reply from 74.125.227.100: bytes=32 time=22ms TTL=52



Ping statistics for 74.125.227.100:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 21ms, Maximum = 22ms, Average = 21ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=92ms TTL=46

Reply from 98.139.183.24: bytes=32 time=146ms TTL=46



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 92ms, Maximum = 146ms, Average = 119ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 16 ...00 0d 56 a0 26 91 ...... Intel® PRO/1000 MT Network Connection
 15 ...00 0d 88 21 d8 aa ...... D-Link DFE-530TX+ PCI Adapter
 14 ...00 48 54 87 97 4e ...... Realtek RTL8139/810x Family Fast Ethernet NIC
  1 ........................... Software Loopback Interface 1
 17 ...00 00 00 00 00 00 00 e0  isatap.{7070037B-FB23-46E4-930F-C0F9C7F762D7}
  9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 18 ...00 00 00 00 00 00 00 e0  isatap.{8D1BBE9C-A128-46BE-BB86-23F02B5C96B4}
 19 ...00 00 00 00 00 00 00 e0  isatap.{68C3DA10-927E-4B11-8BA0-7880F9469B07}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.18     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.18    266
     192.168.1.18  255.255.255.255         On-link      192.168.1.18    266
    192.168.1.255  255.255.255.255         On-link      192.168.1.18    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.18    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.18    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  9     18 ::/0                     On-link
  1    306 ::1/128                  On-link
  9     18 2001::/32                On-link
  9    266 2001:0:9d38:953c:fe:3a3d:3f57:feed/128
                                    On-link
 16    266 fe80::/64                On-link
  9    266 fe80::/64                On-link
  9    266 fe80::fe:3a3d:3f57:feed/128
                                    On-link
 16    266 fe80::f52f:e751:fff9:f523/128
                                    On-link
  1    306 ff00::/8                 On-link
  9    266 ff00::/8                 On-link
 16    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\EasyRedirect.dll [380240] (EasyTech)
Catalog9 02 C:\Windows\system32\EasyRedirect.dll [380240] (EasyTech)
Catalog9 03 C:\Windows\system32\EasyRedirect.dll [380240] (EasyTech)
Catalog9 04 C:\Windows\system32\EasyRedirect.dll [380240] (EasyTech)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\EasyRedirect.dll [380240] (EasyTech)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/10/2013 06:51:18 PM) (Source: Application Hang) (User: )
Description: The program AdAware.exe version 10.4.49.4168 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 12a0
Start Time: 01ce07b87720f899
Termination Time: 14

Error: (02/10/2013 00:01:48 PM) (Source: Application Error) (User: )
Description: Faulting application spoolsv.exe, version 6.0.6002.18294, time stamp 0x4c6a9898, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x032d0d5a,
process id 0x66c, application start time 0xspoolsv.exe0.

Error: (02/10/2013 09:50:23 AM) (Source: MSDTC) (User: )
Description:

Error: (02/10/2013 09:50:23 AM) (Source: MSDTC) (User: )
Description: 0x2

Error: (02/10/2013 09:50:23 AM) (Source: MSDTC) (User: )
Description:

Error: (02/10/2013 09:50:22 AM) (Source: MSDTC) (User: )
Description:

Error: (02/10/2013 09:50:22 AM) (Source: MSDTC) (User: )
Description: 0x2

Error: (02/10/2013 09:50:22 AM) (Source: MSDTC) (User: )
Description:

Error: (02/10/2013 09:47:51 AM) (Source: MSDTC) (User: )
Description:

Error: (02/10/2013 09:47:51 AM) (Source: MSDTC) (User: )
Description: 0x2


System errors:
=============
Error: (02/10/2013 02:01:35 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{68C3DA10-927E-4B11-8BA0-7880F9469B07}.
The backup browser is stopping.

Error: (02/10/2013 00:04:23 PM) (Source: Service Control Manager) (User: )
Description: Print Spooler1600001Restart the service

Error: (02/10/2013 09:50:23 AM) (Source: Service Control Manager) (User: )
Description: Distributed Transaction Coordinator3221229584 (0xC0001010)

Error: (02/10/2013 09:50:22 AM) (Source: Service Control Manager) (User: )
Description: Distributed Transaction Coordinator3221229584 (0xC0001010)

Error: (02/10/2013 09:47:51 AM) (Source: Service Control Manager) (User: )
Description: Distributed Transaction Coordinator3221229584 (0xC0001010)

Error: (02/10/2013 09:47:50 AM) (Source: Service Control Manager) (User: )
Description: Distributed Transaction Coordinator3221229584 (0xC0001010)

Error: (02/10/2013 09:36:34 AM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (02/10/2013 09:36:29 AM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (02/10/2013 09:35:11 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/10/2013 09:33:59 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:04:50 AM on 2/10/2013 was unexpected.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-02-09 22:41:27.566
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hitmanpro37.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-09 22:41:26.271
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hitmanpro37.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-09 22:41:24.834
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hitmanpro37.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-09 22:41:23.584
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hitmanpro37.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-09 22:41:22.335
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hitmanpro37.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-09 22:41:21.081
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hitmanpro37.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-09 22:41:19.830
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hitmanpro37.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-09 22:41:18.603
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hitmanpro37.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-09 22:41:17.360
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hitmanpro37.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-09 22:41:16.131
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\hitmanpro37.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 8.1.1)
3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
Acrobat.com (Version: 2.3.0)
Acrobat.com (Version: 2.3.0.0)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Ad-Aware Antivirus (Version: 10.4.49.4168)
Ad-Aware Security Add-on (Version: 2.2.0.18)
Adobe AIR (Version: 2.0.2.12610)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Flash Player 11 Plugin (Version: 11.5.502.149)
Adobe Reader 9.5.3 (Version: 9.5.3)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
American Greetings CreataCard
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Panorama Maker 5 (Version: 5.0.1.25)
ASPCA Reminder by We-Care.com v4.0.19.1 (Version: 4.0.19.1)
avast! Free Antivirus (Version: 7.0.1474.0)
Bing Bar (Version: 7.1.391.0)
BitTorrent (Version: 7.7.3.28796)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 100.0.170.000)
Camera Window (Version: 4.6.2)
Canon Camera Support Core Library (Version: 7.0.3.20)
Canon Camera Window for ZoomBrowser EX (Version: 4.6.2)
Canon MovieEdit Task for ZoomBrowser EX (Version: 1.1.1.41)
Canon PhotoRecord (Version: 02.00.00029)
Canon RAW Image Task for ZoomBrowser EX (Version: 1.1)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.0.3)
Canon Utilities PhotoStitch 3.1 (Version: 3.1.13)
Canon Utilities ZoomBrowser EX (Version: 04.06.01035)
CCleaner (Version: 3.27)
CCScore (Version: 6.02.1001.0001)
CR2 (Version: 3.03.0000.0002)
CrazyTalk Cam Suite (Version: 1.0)
CustomerResearchQFolder (Version: 1.00.0000)
D3DX10 (Version: 15.4.2368.0902)
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 100.0.190.000)
DeviceManagementQFolder (Version: 1.00.0000)
DIG Game Manager (Version: 1.2.0.26)
Disney Princess Royal Horse Show (Version: 1.0)
Easy-Hide-IP 5.0.0.3
Enhanced Multimedia Keyboard Solution
ESSBrwr (Version: 6.03.0001.0001)
ESSCDBK (Version: 6.03.0001.0001)
ESScore (Version: 6.03.0001.0001)
ESSgui (Version: 6.03.0001.0001)
ESSini (Version: 6.03.0001.0001)
ESSPCD (Version: 6.03.0001.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSSONIC (Version: 6.2.0001.0001)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 6.03.0001.0001)
Express Burn Disc Burning Software
FlipShare (Version: 5.12.3.0)
Free YouTube Downloader 3.5.126
GearDrvs (Version: 1)
Google Talk Plugin (Version: 3.13.2.11592)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Hardware Diagnostic Tools (Version: 5.00.4424.15)
HP Color LaserJet CM1312 MFP Series 5.0 (Version: 5.0)
HP Customer Experience Enhancements (Version: 5.1.0.2264)
HP Customer Feedback (Version: 1.0.0)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Easy Setup - Frontend (Version: 5.1.0.2269)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.0 (Version: 2.0)
HP Photosmart Essential2.5 (Version: 1.00.0000)
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Total Care Advisor (Version: 1.1.17)
HP Update (Version: 4.000.005.005)
hppCLJCM1312 (Version: 001.000.00131)
hppFaxDrvCM1312 (Version: 005.000.00001)
hppFaxUtilityCM1312 (Version: 001.000.00130)
hppFonts (Version: 001.001.00061)
hppManualsCM1312 (Version: 001.000.00135)
hppQFolderCM1312 (Version: 1.00.0000)
hppscanCM1312 (Version: 001.000.00131)
hppScanToCM1312 (Version: 001.000.00128)
hppSendFaxCM1312 (Version: 005.000.00001)
hppusgCM1312 (Version: 1.1.0.1)
iLivid (Version: 1.92)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Intel® Viiv™ Software (Version: 1.6.361.6)
iRip (Version: 1.0.1.27)
iTunes (Version: 10.6.1.7)
Japanese Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 2 (Version: 1.6.0.20)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 5 (Version: 1.6.0.50)
Junk Mail filter update (Version: 15.4.3502.0922)
JustCloud  (Version: )
kgcbase (Version: 5.03.0000.0004)
Kodak EasyShare software
KSU (Version: 632.62.0004.0003)
Laser App Enterprise (Version: 9.0.0.121)
LightScribe  1.4.142.1 (Version: 1.4.142.1)
MarketResearch (Version: 100.0.170.000)
McAfee Security Scan Plus (Version: 2.0.181.2)
Meeting Service
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office XP Standard for Students and Teachers (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft UI Engine (Version: 4.0.0318.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Web Publishing Wizard 1.52
Microsoft Works (Version: 08.05.0818)
MotoConnect (Version: 1.1.25)
Motorola Driver Installation 4.6.0 (Version: 4.6.0)
MovieEdit Task (Version: 1.1.1.41)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 18.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Musicnotes Software Suite 1.5.3 (Version: 1.5.3)
muvee autoProducer 6.0 (Version: 6.00.050)
My HP Games (Version: HPCMPQ1701)
MySpaceIM (Version: 1.0.756.0)
netbrdg (Version: 6.03.0001.0002)
NetX360 (Version: 4.0.1131.2)
Nikon Message Center 2 (Version: 2.0.1)
NOOK for PC (Version: 2.5.5.9347)
Notifier (Version: 6.02.0001.0001)
NTI Backup Now EZ (Version: 2.5.2.56)
NXPVistaShim
OfotoXMI (Version: 6.03.0001.0001)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
Paint.NET v3.5.10 (Version: 3.60.0)
PhotoStitch (Version: 3.1.13)
Picasa 3 (Version: 3.8)
Picture Control Utility (Version: 1.2.2)
Playhouse Disney
Playhouse Disney Download Manager
PSSWCORE (Version: 2.00.5000)
Python 2.4.3 (Version: 2.4.3150)
Quicken 2008 (Version: 17.1.5.3)
QuickTime (Version: 7.71.80.42)
RAW Image Task 1.1 (Version: 1.1)
Readiris Pro 11 (Version: 11.00.5062)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5377)
RemoteCapture Task 1.0.3 (Version: 1.0.3)
Rhapsody
Rhapsody Player Engine (Version: 1.0.604)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.4.0)
Roxio Creator Basic v9 (Version: 3.4.0)
Roxio Creator Copy (Version: 3.4.0)
Roxio Creator Data (Version: 3.4.0)
Roxio Creator EasyArchive (Version: 3.4.0)
Roxio Creator Tools (Version: 3.4.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio MyDVD Basic v9 (Version: 9.0.559)
Scan (Version: 10.1.0.0)
Scan to PDF (Version: 2.31)
Segoe UI (Version: 15.4.2271.0615)
SFR (Version: 6.02.0001.0001)
SFR2 (Version: 3.03.0000.0002)
SHASTA (Version: 6.03.0000.0001)
Shockwave
skin0001 (Version: 6.03.0001.0001)
SKINXSDK (Version: 6.02.1001.0001)
Snapfish Media Detector (Version: 1.7.0.15)
Soft Data Fax Modem with SmartCP (Version: 7.74.00)
staticcr (Version: 6.03.0001.0001)
SUPERAntiSpyware (Version: 5.6.1014)
tooltips (Version: 6.03.0001.0001)
TrayApp (Version: 100.0.170.000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
uTorrentControl_v2 Toolbar (Version: 6.10.3.27)
ViewNX 2 (Version: 2.1.2)
VLC media player 2.0.5 (Version: 2.0.5)
VPRINTOL (Version: 6.02.0001.0001)
W Photo Studio (Version: 1.0.0.143)
Walgreens PictureMover (Version: 3.5.0.27)
WavePad Sound Editor
Web Assistant 2.0.0.430
WebReg (Version: 100.0.170.000)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Movie Maker 2.6 (Version: 2.6.4040.0)
WIRELESS (Version: 6.03.0001.0001)
Wondershare DVD Creator(Build 2.5.1.4)
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 2045.34 MB
Available physical RAM: 1145.09 MB
Total Pagefile: 4332.71 MB
Available Pagefile: 3249.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.51 MB

========================= Partitions: =====================================

2 Drive c: (HP) (Fixed) (Total:289.26 GB) (Free:142.49 GB) NTFS
3 Drive d: (Recovery) (Fixed) (Total:8.83 GB) (Free:1 GB) NTFS
4 Drive e: (PUB98_ENGLISH) (CDROM) (Total:0.42 GB) (Free:0 GB) CDFS
5 Drive g: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:386.18 GB) NTFS

========================= Users: ========================================

User accounts for \\CANDACE-PC

Administrator            Candace                  Guest                    
IUSR_NMPR                Tech                     


**** End of log ****



#4 bgardner_31

bgardner_31
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 10 February 2013 - 08:25 PM

Adware Cleaner Log

# AdwCleaner v2.112 - Logfile created 02/10/2013 at 19:21:10
# Updated 10/02/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Tech - CANDACE-PC
# Boot Mode : Normal
# Running from : C:\Users\Tech\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : Web Assistant Updater

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml
File Found : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\user.js
File Found : C:\Users\Candace\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Users\Public\Desktop\iLivid.lnk
Folder Found : C:\Program Files\adawaretb
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Ilivid
Folder Found : C:\Program Files\uTorrentControl_v2
Folder Found : C:\Program Files\Web Assistant
Folder Found : C:\ProgramData\blekko toolbars
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\search protection
Folder Found : C:\ProgramData\WeCareReminder
Folder Found : C:\Users\Candace\AppData\Local\Conduit
Folder Found : C:\Users\Candace\AppData\Local\Ilivid Player
Folder Found : C:\Users\Candace\AppData\LocalLow\adawaretb
Folder Found : C:\Users\Candace\AppData\LocalLow\Conduit
Folder Found : C:\Users\Candace\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\Candace\AppData\LocalLow\uTorrentControl_v2
Folder Found : C:\Users\Candace\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Tech\AppData\LocalLow\adawaretb
Folder Found : C:\Users\Tech\AppData\LocalLow\Conduit
Folder Found : C:\Users\Tech\AppData\LocalLow\uTorrentControl_v2

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl_v2 Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\AxSHDocVw.AxWebBrowser
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Found : HKLM\SOFTWARE\Classes\ilivid
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\Software\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26477138-D529-4EBE-8154-D6F019C576C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65703EE0-0437-4557-A234-A4FA4455E2BD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Found : HKLM\Software\uTorrentControl_v2
Key Found : HKLM\Software\Web Assistant
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

File : C:\Users\Candace\AppData\Roaming\Mozilla\Firefox\Profiles\vwfg2g1n.default-1358795226257\prefs.js

[OK] File is clean.

File : C:\Users\Tech\AppData\Roaming\Mozilla\Firefox\Profiles\wv16xcw0.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9322 octets] - [10/02/2013 19:21:10]

########## EOF - C:\AdwCleaner[R1].txt - [9382 octets] ##########
 



#5 bgardner_31

bgardner_31
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 10 February 2013 - 09:04 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows Vista ™ Home Premium x86
Ran by Tech on Sun 02/10/2013 at 19:48:35.19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-4209787955-1442441023-262410778-1003\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-4209787955-1442441023-262410778-1003\software\web assistant"
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0055c089-8582-441b-a0bf-17b458c2a3a8}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\speedypc software"
Successfully deleted: [Folder] "C:\Program Files\free youtube downloader"
Successfully deleted: [Folder] "C:\Program Files\Common Files\speedypc software"



~~~ FireFox

Emptied folder: C:\Users\Tech\AppData\Roaming\mozilla\firefox\profiles\wv16xcw0.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/10/2013 at 20:02:05.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:43 AM

Posted 11 February 2013 - 04:24 AM

Un install the items below.

 

Ad-Aware Antivirus (Version: 10.4.49.4168)
Ad-Aware Security Add-on (Version: 2.2.0.18)

Java™ 6 Update 2 (Version: 1.6.0.20)

Java™ 6 Update 29 (Version: 6.0.290)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 5 (Version: 1.6.0.50)

McAfee Security Scan Plus (Version: 2.0.181.2)

 

 

 

 

 

Run the Hosts fix it.

http://support.microsoft.com/kb/972034

 

Re-run Adware cleaner this time hit the delete button post the new log.

 

Re-run minitoolbox after Adware cleaner has run and rebooted your machine only tick the list hosts file box post that log as welll,also the emisoft log when you have finished the scan.



#7 bgardner_31

bgardner_31
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 11 February 2013 - 06:59 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows Vista ™ Home Premium x86
Ran by Tech on Sun 02/10/2013 at 19:48:35.19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-4209787955-1442441023-262410778-1003\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-4209787955-1442441023-262410778-1003\software\web assistant"
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0055c089-8582-441b-a0bf-17b458c2a3a8}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\speedypc software"
Successfully deleted: [Folder] "C:\Program Files\free youtube downloader"
Successfully deleted: [Folder] "C:\Program Files\Common Files\speedypc software"



~~~ FireFox

Emptied folder: C:\Users\Tech\AppData\Roaming\mozilla\firefox\profiles\wv16xcw0.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/10/2013 at 20:02:05.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:43 AM

Posted 11 February 2013 - 07:23 AM

See my last post I was asking you to re-run Adware cleaner not the junkware removal tool. :)



#9 bgardner_31

bgardner_31
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 11 February 2013 - 07:43 AM

Okay, my apologies. I removed the programs.  I also removed ad-aware itself, as well as:

                                                   Ad-Aware Antivirus (Version: 10.4.49.4168)
                                                   Ad-Aware Security Add-on (Version: 2.2.0.18)

I hope that is not a problem.

# AdwCleaner v2.112 - Logfile created 02/11/2013 at 06:34:11
# Updated 10/02/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Tech - CANDACE-PC
# Boot Mode : Normal
# Running from : C:\Users\Tech\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

File : C:\Users\Candace\AppData\Roaming\Mozilla\Firefox\Profiles\vwfg2g1n.default-1358795226257\prefs.js

[OK] File is clean.

File : C:\Users\Tech\AppData\Roaming\Mozilla\Firefox\Profiles\wv16xcw0.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9451 octets] - [10/02/2013 19:21:10]
AdwCleaner[R2].txt - [1055 octets] - [11/02/2013 06:32:22]
AdwCleaner[S1].txt - [9499 octets] - [10/02/2013 19:25:52]
AdwCleaner[S2].txt - [988 octets] - [11/02/2013 06:34:11]

########## EOF - C:\AdwCleaner[S2].txt - [1047 octets] ##########
 



#10 bgardner_31

bgardner_31
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 11 February 2013 - 07:48 AM

MiniToolBox by Farbar  Version:10-01-2013
Ran by Tech (administrator) on 11-02-2013 at 06:47:16
Running from "C:\Users\Tech\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

::1             localhost
127.0.0.1       localhost


**** End of log ****
 



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:43 AM

Posted 11 February 2013 - 07:55 AM

Ok now onto the EmsisoftEmergencyKit thumbup2.gif 



#12 bgardner_31

bgardner_31
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 11 February 2013 - 07:57 AM

Okay, trying to find the log.



#13 bgardner_31

bgardner_31
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 11 February 2013 - 07:59 AM

Emsisoft Emergency Kit - Version 3.0
Last update: 2/10/2013 8:25:39 PM

Scan settings:

Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\, D:\, G:\

Detect Riskware: Off
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    2/10/2013 8:27:20 PM

C:\Program Files\ImgBurn\SetupImgBurn.exe     detected: Trojan.Win32.Bundled.Toolbar.AMN (A)

Scanned    600246
Found    1

Scan end:    2/11/2013 2:32:07 AM
Scan time:    6:04:47

C:\Program Files\ImgBurn\SetupImgBurn.exe    Quarantined Trojan.Win32.Bundled.Toolbar.AMN (A)

Quarantined    1
 



#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:43 AM

Posted 11 February 2013 - 08:12 AM

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe


Right Click it Run As Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.




Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.



#15 bgardner_31

bgardner_31
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 11 February 2013 - 08:20 AM

Okay, will do.  This may not be an issue.  However, I wanted to let you know that the user "IUSR_NMPR" is unknown to me from the MINITOOLBOX log in the begining. ======================== Users: ========================================


User accounts for \\CANDACE-PC


Administrator            Candace                  Guest                    

IUSR_NMPR                Tech                     



**** End of log ****

also, in avast properties tab under security tab, an "Account Unkown) is listed with a ? by the icon.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users