Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trying to uninstall pc optimiser pro


  • Please log in to reply
8 replies to this topic

#1 bb98765

bb98765

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:06 AM

Posted 18 February 2013 - 10:57 AM

Im trying to uninstall 'pc optimiser pro' from a pc. I downloaded revo uninstaller but the' optimiser' doesnt come up in the revo list. It also doesnt appear in the add/remove programmes list on the pc.. It wont let me delete it from program files or uninstalling it from the program list of the start button doesnt work either.. At present I am running  malwarebytes on the infected pc. Anyone have any ideas ? Many thanks in advance. 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:06 AM

Posted 18 February 2013 - 11:17 AM

Hello, lets see if these don't get it out.

 

 

Please download ADWCleaner by Xplode onto your desktop.

•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
       icon on your desktop.

       

       

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:

 


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

 

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Edited by boopme, 18 February 2013 - 11:18 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 bb98765

bb98765
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:06 AM

Posted 18 February 2013 - 12:36 PM

Thanks for your reply. Im in the process of carrying out your instructions , but because the infected pc is on business premises and they will soon be going home , I wont be replying until tomorrow sometime. Thanks again.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:06 AM

Posted 18 February 2013 - 09:27 PM

Ok, tommorrow ...


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 bb98765

bb98765
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:06 AM

Posted 19 February 2013 - 04:36 AM

Hi there. Ive carried out the instructions , andthe optimiser still pops up , still a folder in the program files which doesnt allow itself to be deleted.

Here are the log files.

 

# AdwCleaner v2.112 - Logfile created 02/18/2013 at 16:41:21
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - SCP-WRK17
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\My Documents\Downloads\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
Stopped & Deleted : CltMngSvc
 
***** [Files / Folders] *****
 
Deleted on reboot : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7vqicteh.default\searchplugins\Conduit.xml
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\END
File Deleted : C:\user.js
File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\AskSearch
Folder Deleted : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\BabylonToolbar
Folder Deleted : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\CT3279141
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7vqicteh.default\CT3279141
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7vqicteh.default\extensions\{f0e59437-6148-4a98-b0a6-60d557ef57f4}
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7vqicteh.default\extensions\toolbar@ask.com
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7vqicteh.default\Smartbar
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\SearchProtect
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\SwvUpdater
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\vShare.tv plugin
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\BabylonChromeExtension
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\Software\SearchProtect
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/home?AF=17978&babsrc=NT_def --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://startsear.ch/ --> hxxp://www.google.com
 
-\\ Mozilla Firefox v5.0 (en-GB)
 
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7vqicteh.default\prefs.js
 
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7vqicteh.default\user.js ... Deleted !
 
Deleted : user_pref("CT3279141.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3279141.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3279141.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3279141.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3279141.FF19Solved", "true");
Deleted : user_pref("CT3279141.FirstTime", "true");
Deleted : user_pref("CT3279141.FirstTimeFF3", "true");
Deleted : user_pref("CT3279141.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...]
Deleted : user_pref("CT3279141.UserID", "UN40418051841001927");
Deleted : user_pref("CT3279141.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3279141.autoDisableScopes", -1);
Deleted : user_pref("CT3279141.browser.search.defaultthis.engineName", "true");
Deleted : user_pref("CT3279141.defaultSearch", "true");
Deleted : user_pref("CT3279141.embeddedsData", "[{\"appId\":\"130028020976478709\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3279141.enableAlerts", "always");
Deleted : user_pref("CT3279141.enableFix404ByUser", "TRUE");
Deleted : user_pref("CT3279141.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3279141.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3279141.fixPageNotFoundError", "true");
Deleted : user_pref("CT3279141.fixPageNotFoundErrorByUser", "true");
Deleted : user_pref("CT3279141.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3279141.fixUrls", true);
Deleted : user_pref("CT3279141.hxxp___api20_starwebnet_com.pid2.enc", "M2Q4YTY0MzQwOGJmNWViZA==");
Deleted : user_pref("CT3279141.installDate", "18/2/2013 14:19:22");
Deleted : user_pref("CT3279141.installId", "9818");
Deleted : user_pref("CT3279141.installType", "conduitnsisintegration");
Deleted : user_pref("CT3279141.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3279141.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3279141.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3279141.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3279141.keyword", "true");
Deleted : user_pref("CT3279141.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Deleted : user_pref("CT3279141.lastVersion", "10.14.65.43");
Deleted : user_pref("CT3279141.mam_gk_CouponBuddy_appState.enc", "");
Deleted : user_pref("CT3279141.mam_gk_PriceGong_appState.enc", "");
Deleted : user_pref("CT3279141.mam_gk_currentVersion.enc", "MS40LjAuNA==");
Deleted : user_pref("CT3279141.mam_gk_first_time.enc", "");
Deleted : user_pref("CT3279141.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Deleted : user_pref("CT3279141.mam_gk_lastLoginTime.enc", "");
Deleted : user_pref("CT3279141.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3279141.mam_gk_settings1.4.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Deleted : user_pref("CT3279141.mam_gk_userId.enc", "");
Deleted : user_pref("CT3279141.mam_gk_user_apps_selection.enc", "");
Deleted : user_pref("CT3279141.migrateAppsAndComponents", true);
Deleted : user_pref("CT3279141.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"[...]
Deleted : user_pref("CT3279141.openThankYouPage", "false");
Deleted : user_pref("CT3279141.openUninstallPage", "true");
Deleted : user_pref("CT3279141.revertSettingsEnabled", "true");
Deleted : user_pref("CT3279141.search.searchAppId", "130028020976478709");
Deleted : user_pref("CT3279141.search.searchCount", "0");
Deleted : user_pref("CT3279141.searchFromAddressBarEnabledByUser", "true");
Deleted : user_pref("CT3279141.searchInNewTabEnabledByUser", "true");
Deleted : user_pref("CT3279141.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3279141.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3279141.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3279141.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Deleted : user_pref("CT3279141.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3279141.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3279141.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3279141.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3279141.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1361198360542");
Deleted : user_pref("CT3279141.serviceLayer_services_appsMetadata_lastUpdate", "1361198359859");
Deleted : user_pref("CT3279141.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1361198360019");
Deleted : user_pref("CT3279141.serviceLayer_services_location_lastUpdate", "1361198355570");
Deleted : user_pref("CT3279141.serviceLayer_services_login_10.14.65.43_lastUpdate", "1361198361044");
Deleted : user_pref("CT3279141.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1361198359799");
Deleted : user_pref("CT3279141.serviceLayer_services_searchAPI_lastUpdate", "1361198355954");
Deleted : user_pref("CT3279141.serviceLayer_services_serviceMap_lastUpdate", "1361198355073");
Deleted : user_pref("CT3279141.serviceLayer_services_setupAPI_lastUpdate", "1361198356330");
Deleted : user_pref("CT3279141.serviceLayer_services_toolbarContextMenu_lastUpdate", "1361198359570");
Deleted : user_pref("CT3279141.serviceLayer_services_toolbarSettings_lastUpdate", "1361198355655");
Deleted : user_pref("CT3279141.serviceLayer_services_translation_lastUpdate", "1361198360504");
Deleted : user_pref("CT3279141.settingsINI", true);
Deleted : user_pref("CT3279141.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3279141.smartbar.CTID", "CT3279141");
Deleted : user_pref("CT3279141.smartbar.Uninstall", "0");
Deleted : user_pref("CT3279141.smartbar.homepage", true);
Deleted : user_pref("CT3279141.smartbar.toolbarName", "WhiteSmoke B ");
Deleted : user_pref("CT3279141.startPage", "true");
Deleted : user_pref("CT3279141.toolbarBornServerTime", "18-2-2013");
Deleted : user_pref("CT3279141.toolbarCurrentServerTime", "18-2-2013");
Deleted : user_pref("CT3279141_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3279141&octid=CT327914[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", " hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3279141");
Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&Sea[...]
Deleted : user_pref("browser.search.selectedEngine", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3279141&octid=CT3279141&Sea[...]
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babclient");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=17978");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "900e7815000000000000000f1fe226d1");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "900e7815000000000000000f1fe226d1");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15316");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "std");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "def");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:56:11");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.asktb.cbid", "X9");
Deleted : user_pref("extensions.asktb.config-updated", false);
Deleted : user_pref("extensions.asktb.crumb", "2011.04.14+01.50.32-toolbar001iad-GB-TWFuY2hlc3RlcixVbml0ZWQgS2[...]
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://uk.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Deleted : user_pref("extensions.asktb.dtid", "YYYYYYYYGB");
Deleted : user_pref("extensions.asktb.first-launch", true);
Deleted : user_pref("extensions.asktb.first-restart-after-config-update", true);
Deleted : user_pref("extensions.asktb.fresh-install", false);
Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1308749851977");
Deleted : user_pref("extensions.asktb.locale", "en_UK");
Deleted : user_pref("extensions.asktb.o", "16515");
Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.r", "3");
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.silent-upgrade", true);
Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=2&CU[...]
Deleted : user_pref("smartBar.searchInNewTabOwner", "CT3279141");
Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279141&octid=CT3279141[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.originalHomepage", "www.google.co.uk");
Deleted : user_pref("smartbar.originalSearchAddressUrl", " hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sour[...]
Deleted : user_pref("smartbar.originalSearchEngine", "");
 
-\\ Google Chrome v24.0.1312.57
 
File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [25457 octets] - [18/02/2013 16:41:21]
 
########## EOF - C:\AdwCleaner[S1].txt - [25518 octets] ##########
 
 
 
 
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\56\68c2ab38-179fa547    multiple threats    deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\4cafbd48-52a35488    multiple threats    deleted - quarantined
C:\Documents and Settings\Administrator\Desktop\adlsoft_uncompressor_3_3_last.exe    a variant of Win32/InstallCore.D application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Desktop\PDFConverterSetup.exe    a variant of Win32/InstallCore.D application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Desktop\GarageWoodworks\GWjobs\TranslateLite.exe    a variant of Win32/AdInstaller application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Local Settings\Temp\MyBabylonTB.exe    a variant of Win32/Toolbar.Babylon application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Local Settings\Temp\04848B7F-BAB0-7891-B349-0AF0223A406E\MyBabylonTB.exe    Win32/Toolbar.Babylon application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Local Settings\Temp\ICReinstall\PDFConverterSetup.exe    a variant of Win32/InstallCore.D application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Local Settings\Temp\is1972027439\AskInstallChecker-1.5.0.0.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\My Documents\Downloads\Gimp_Setup.exe    a variant of Win32/Adware.iBryte.A application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\My Documents\Downloads\revouninstaller-setup.exe    Win32/DownloadAdmin.G application    cleaned by deleting - quarantined
C:\Program Files\MSN Messenger\msimg32.dll    Win32/Toolbar.MyWebSearch application    cleaned by deleting - quarantined
C:\Program Files\MSN Messenger\riched20.dll    Win32/FunWeb application    cleaned by deleting - quarantined
 
 
 
MiniToolBox by Farbar  Version:10-01-2013
Ran by Administrator (administrator) on 19-02-2013 at 09:20:00
Running from "C:\Documents and Settings\Administrator\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
92.242.132.4    www.formspring.me
92.242.132.4    formspring.me
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : SCP-WRK17
 
        Primary Dns Suffix  . . . . . . . : scp.corp
 
        Node Type . . . . . . . . . . . . : Hybrid
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : scp.corp
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
 
        Physical Address. . . . . . . . . : 00-0F-1F-E2-26-D1
 
 
 
PPP adapter PIPEX Broadband:
 
 
 
        Connection-specific DNS Suffix  . : 
 
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
 
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
 
        Dhcp Enabled. . . . . . . . . . . : No
 
        IP Address. . . . . . . . . . . . : 89.242.238.100
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
 
        Default Gateway . . . . . . . . . : 89.242.238.100
 
        DNS Servers . . . . . . . . . . . : 62.24.134.1
 
                                            62.24.243.2
 
        NetBIOS over Tcpip. . . . . . . . : Disabled
 
Server:  host-62-24-134-1.as13285.net
Address:  62.24.134.1
 
Name:    google.com
Addresses:  173.194.34.67, 173.194.34.70, 173.194.34.65, 173.194.34.64
      173.194.34.71, 173.194.34.72, 173.194.34.73, 173.194.34.66, 173.194.34.78
      173.194.34.68, 173.194.34.69
 
 
 
Pinging google.com [173.194.34.128] with 32 bytes of data:
 
 
 
Reply from 173.194.34.128: bytes=32 time=36ms TTL=56
 
Reply from 173.194.34.128: bytes=32 time=39ms TTL=56
 
 
 
Ping statistics for 173.194.34.128:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 36ms, Maximum = 39ms, Average = 37ms
 
Server:  host-62-24-134-1.as13285.net
Address:  62.24.134.1
 
Name:    yahoo.com
Addresses:  98.138.253.109, 206.190.36.45, 98.139.183.24
 
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
 
 
Reply from 98.138.253.109: bytes=32 time=344ms TTL=48
 
Reply from 98.138.253.109: bytes=32 time=213ms TTL=48
 
 
 
Ping statistics for 98.138.253.109:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 213ms, Maximum = 344ms, Average = 278ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0f 1f e2 26 d1 ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
0x20004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   89.242.238.100  89.242.238.100      1
     89.242.232.1  255.255.255.255   89.242.238.100  89.242.238.100      1
   89.242.238.100  255.255.255.255        127.0.0.1       127.0.0.1      50
   89.255.255.255  255.255.255.255   89.242.238.100  89.242.238.100      50
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
        224.0.0.0        240.0.0.0   89.242.238.100  89.242.238.100      1
  255.255.255.255  255.255.255.255   89.242.238.100  89.242.238.100      1
  255.255.255.255  255.255.255.255   89.242.238.100               2      1
Default Gateway:    89.242.238.100
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
         10.0.7.0    255.255.255.0      192.168.1.2       1
========================= Winsock entries =====================================
 
Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 02 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/13/2010 08:15:15 AM) (Source: AutoEnrollment) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.
 
Error: (10/13/2010 08:15:13 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
 
Error: (10/12/2010 04:15:46 PM) (Source: AutoEnrollment) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.
 
Error: (10/12/2010 08:16:00 AM) (Source: AutoEnrollment) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.
 
Error: (10/12/2010 08:15:58 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
 
Error: (10/11/2010 04:58:50 PM) (Source: AutoEnrollment) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.
 
Error: (10/11/2010 04:58:49 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
 
Error: (10/11/2010 09:06:18 AM) (Source: AutoEnrollment) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.
 
Error: (10/11/2010 09:06:17 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
 
Error: (10/10/2010 00:51:04 PM) (Source: AutoEnrollment) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.
 
 
System errors:
=============
Error: (10/20/2010 08:24:22 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error: 
%%3
 
Error: (10/20/2010 08:23:01 AM) (Source: NETLOGON) (User: )
Description: No Domain Controller is available for domain SCP due to the following: 
%%1311.
 
Make sure that the computer is connected to the network and try
again. If the problem persists, please contact your domain administrator.
 
Error: (10/19/2010 04:55:14 PM) (Source: NETLOGON) (User: )
Description: No Domain Controller is available for domain SCP due to the following: 
%%1311.
 
Make sure that the computer is connected to the network and try
again. If the problem persists, please contact your domain administrator.
 
Error: (10/19/2010 04:42:02 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 480 minutes.
NtpClient has no source of accurate time.
 
Error: (10/19/2010 00:55:14 PM) (Source: NETLOGON) (User: )
Description: No Domain Controller is available for domain SCP due to the following: 
%%1311.
 
Make sure that the computer is connected to the network and try
again. If the problem persists, please contact your domain administrator.
 
Error: (10/19/2010 00:41:57 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 240 minutes.
NtpClient has no source of accurate time.
 
Error: (10/19/2010 10:41:57 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 120 minutes.
NtpClient has no source of accurate time.
 
Error: (10/19/2010 09:41:57 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 60 minutes.
NtpClient has no source of accurate time.
 
Error: (10/19/2010 09:11:57 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 29 minutes.
NtpClient has no source of accurate time.
 
Error: (10/19/2010 08:56:57 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
 
 
Microsoft Office Sessions:
=========================
Error: (10/13/2010 08:15:15 AM) (Source: AutoEnrollment)(User: )
Description: local system0x8007054bThe specified domain either does not exist or could not be contacted.
 
Error: (10/13/2010 08:15:13 AM) (Source: Userenv)(User: NT AUTHORITY)
Description: The specified domain either does not exist or could not be contacted.
 
Error: (10/12/2010 04:15:46 PM) (Source: AutoEnrollment)(User: )
Description: local system0x8007054bThe specified domain either does not exist or could not be contacted.
 
Error: (10/12/2010 08:16:00 AM) (Source: AutoEnrollment)(User: )
Description: local system0x8007054bThe specified domain either does not exist or could not be contacted.
 
Error: (10/12/2010 08:15:58 AM) (Source: Userenv)(User: NT AUTHORITY)
Description: The specified domain either does not exist or could not be contacted.
 
Error: (10/11/2010 04:58:50 PM) (Source: AutoEnrollment)(User: )
Description: local system0x8007054bThe specified domain either does not exist or could not be contacted.
 
Error: (10/11/2010 04:58:49 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: The specified domain either does not exist or could not be contacted.
 
Error: (10/11/2010 09:06:18 AM) (Source: AutoEnrollment)(User: )
Description: local system0x8007054bThe specified domain either does not exist or could not be contacted.
 
Error: (10/11/2010 09:06:17 AM) (Source: Userenv)(User: NT AUTHORITY)
Description: The specified domain either does not exist or could not be contacted.
 
Error: (10/10/2010 00:51:04 PM) (Source: AutoEnrollment)(User: )
Description: local system0x8007054bThe specified domain either does not exist or could not be contacted.
 
 
=========================== Installed Programs ============================
 
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Flash Player 10 Plugin (Version: 10.3.181.14)
Adobe Photoshop Album 2.0 Starter Edition (Version: 2.00.000)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player (Version: 10.3.0.24)
Apple Application Support (Version: 1.5.0)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
AutoCAD 2007 - English (Version: 17.0.54.110)
Autodesk DWF Viewer (Version: 6.5)
avast! Internet Security (Version: 7.0.1474.0)
Belarc Advisor 6.0
BlackBerry v4.1.0 for the 7290 Wireless Handheld (Version: 4.1.0.292 (Platform 1.8.0.144))
Bonjour (Version: 2.0.4.0)
Broadcom Advanced Control Suite 2 (Version: 7.58.01)
Citrix XenApp Web Plugin (Version: 11.0.0.5357)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
Critical Update for Windows Media Player 11 (KB959772)
CutePDF Writer 2.7
DSL-200 DSL Modem
EPSON Scan
ESET Online Scanner v3
File Type Assistant
Google Chrome (Version: 24.0.1312.57)
Google Earth (Version: 4.1.7087.5048)
Google Earth (Version: 6.1.0.5001)
Google SketchUp 7 (Version: 2.1.6860)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Google Updater (Version: 2.4.2432.1652)
IncrediMail Xe (Version:  5.7.0.3476)
InstallIQ Updater (Version: 1.4.1.0)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4410)
IrfanView (remove only) (Version: 4.30)
iTunes (Version: 10.2.1.1)
Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 2 (Version: 1.6.0.20)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 5 (Version: 1.6.0.50)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
LiveUpdate 2.6 (Symantec Corporation) (Version: 2.6.18.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MediaWidget 6.0
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Converter Pack (Version: 11.0.0.0)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 2.0.40115.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
MobileMe Control Panel (Version: 3.1.5.0)
Mozilla Firefox 5.0 (x86 en-GB) (Version: 5.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
Nokia Connectivity Cable Driver (Version: 6.80.5.1)
OMCI (Version: 7.01.0382)
OpenOffice.org 3.3 (Version: 3.3.9567)
QuickTime (Version: 7.69.80.9)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.94 (Version: 1.94)
Safari (Version: 5.33.20.27)
Segoe UI (Version: 14.0.4327.805)
SoftConsole (Version: 3.2.34)
Spotify (Version: 0.3.17)
Spotify (Version: 0.8.3.222.g317ab79d)
Spybot - Search & Destroy (Version: 1.6.2)
System Requirements Lab for Intel (Version: 4.4.24.0)
TAPI (Version: 3.2.14)
TeamViewer 5 (Version: 5.0.9104 )
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB943729)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
vShare.tv plugin 1.2 (Version: 1.2)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.8.0031.9)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8098.930)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Rights Management Client Backwards Compatibility SP2 (Version: 5.2.70)
Windows Rights Management Client with Service Pack 2 (Version: 5.2.70)
WinZip 14.5 (Version: 14.5.9095)
XML Paper Specification Shared Components Pack 1.0
XTNDConnect PC
 
========================= Memory info: ===================================
 
Percentage of memory in use: 33%
Total physical RAM: 3062.07 MB
Available physical RAM: 2024.62 MB
Total Pagefile: 4947.93 MB
Available Pagefile: 4061.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.73 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:74.44 GB) (Free:31.91 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\SCP-WRK17
 
Administrator            ASPNET                   Guest                    
HelpAssistant            nsisadmin                SUPPORT_388945a0         
User                     
 
 
**** End of log ****
 
 
 
Many thanks


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:06 AM

Posted 19 February 2013 - 01:30 PM

Have yiou looked to see if it is in your Browser... Manage add ons?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 bb98765

bb98765
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:06 AM

Posted 20 February 2013 - 03:17 AM

Ill be back there to check it out on Thursday morning. This pc runs intenet explorer , Firefox and Chrome , so Ill look at them all .



#8 bb98765

bb98765
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:06 AM

Posted 21 February 2013 - 05:08 AM

Hi again. Couldnt find it in any of the add-ons for the three browsers. Still pops up on fire up and maintains a presence in the lowerright  toolbar...What can I try next ? 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:06 AM

Posted 21 February 2013 - 02:28 PM

We are going to have to go in and find it. Please start a new topic.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users