Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Issues with Firefox, flash, and roboform


  • This topic is locked This topic is locked
8 replies to this topic

#1 cyberski

cyberski

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern Wisconsin
  • Local time:07:05 AM

Posted 19 February 2013 - 07:55 PM

Edit Added: typo and forgot to attah file

 

Hello....

The problem I am having is that 2-3 months ago, while using firefox, all online videos like the ones at youtube, vimeo, yahoo etc..... would not play right. What happens is that I have to click the area where the video is and some of the time that was enough to get them to play, and some of the time it would not work. It would work probably about 50% of the time. I did all the basic fixes like all run without add ons, making sure all plugins are up to date and nothing helped, and so I just kind of accepted the situation. Fast forward to about a week ago when all of the sudden anything associated with roboform stopped working. The toolbar disappeared and so did all the options in the right click contents menu. I uninstalled roboform, then reinstalled and that did not help the situation. As one might think, it's the disaperence of roboform is what concerns me the most seeing that most of the info associated with roboform is credit card numbers and other personal info. I ran hijackthis and it did show a couple serious files. I did nothing about what showed.

Obviously I cannot say that both issues are related, but I kind of think they may.

 

Thank You for the assistance...

Jim 

 

 

Here is the dds file and the attached attach.txt file:

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457  BrowserJavaVersion: 10.13.2
Run by Hoochie Daddy at 18:17:31 on 2013-02-19
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4044.2041 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\windows\SysWOW64\PSIService.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\windows\System32\vds.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Laplink\Laplink DiskImage\oodiag.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\System32\vdsldr.exe
C:\windows\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\System32\rundll32.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Laplink\Laplink DiskImage\ooditray.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AntiLogger\AntiLogger.exe
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\wuauclt.exe
C:\Users\Hoochie Daddy\AppData\Local\Mozilla Firefox\firefox.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: FireShot: {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} -
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [AntiLogger] "C:\Program Files (x86)\AntiLogger\AntiLogger.exe" /minimized
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{4DEA9F6C-6A50-43D6-B4D0-F18BFAF17D57} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{4DEA9F6C-6A50-43D6-B4D0-F18BFAF17D57} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{4DEA9F6C-6A50-43D6-B4D0-F18BFAF17D57}\84F6D656 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{4DEA9F6C-6A50-43D6-B4D0-F18BFAF17D57}\84F6D656 : DHCPNameServer = 68.115.71.53 68.113.206.10 66.189.0.100
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-TB: FireShot: {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} -
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [OODITRAY.EXE] C:\Program Files\Laplink\Laplink DiskImage\ooditray.exe
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&rls=org.mozilla:en-US:official&client=firefox-a&sourceid=navclient&gfns=1&q=
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-12 14:33; {22119944-ED35-4ab1-910B-E619EA06A115}; C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF - ExtSQL: 2013-01-12 15:06; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-01-12 15:06; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF - ExtSQL: 2013-01-12 15:06; adblockpopups@jessehakanen.net; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\adblockpopups@jessehakanen.net.xpi
FF - ExtSQL: 2013-01-12 15:07; elemhidehelper@adblockplus.org; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\elemhidehelper@adblockplus.org.xpi
FF - ExtSQL: 2013-01-12 15:08; fbp@fbpurity.com; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\fbp@fbpurity.com.xpi
FF - ExtSQL: 2013-01-12 15:08; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2013-01-12 15:09; {0b457cAA-602d-484a-8fe7-c1d894a011ba}; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF - ExtSQL: 2013-01-12 15:10; {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - ExtSQL: 2013-01-12 15:11; googledictionary@toptip.ca; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\googledictionary@toptip.ca.xpi
FF - ExtSQL: 2013-01-12 15:12; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2013-01-12 15:13; jid0-Rp5hqR3GGdGwDtdjWGZHQAKOFSA@jetpack; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\jid0-Rp5hqR3GGdGwDtdjWGZHQAKOFSA@jetpack
FF - ExtSQL: 2013-01-12 15:13; {FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3}; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3}.xpi
FF - ExtSQL: 2013-01-12 15:14; {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
FF - ExtSQL: 2013-01-12 15:14; nosquint@urandom.ca; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\nosquint@urandom.ca.xpi
FF - ExtSQL: 2013-01-12 15:15; jid0-RZ1wv8WwA7CKjr2eJZV648uKiuE@jetpack; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\jid0-RZ1wv8WwA7CKjr2eJZV648uKiuE@jetpack
FF - ExtSQL: 2013-01-12 15:17; jid1-xUfzOsOFlzSOXg@jetpack; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi
FF - ExtSQL: 2013-01-12 15:20; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF - ExtSQL: 2013-01-12 15:20; thumbnailZoom@dadler.github.com; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\thumbnailZoom@dadler.github.com.xpi
FF - ExtSQL: 2013-01-12 15:22; info@technologymob.com; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\info@technologymob.com.xpi
FF - ExtSQL: 2013-01-12 19:38; en-US@dictionaries.addons.mozilla.org; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\en-US@dictionaries.addons.mozilla.org
FF - ExtSQL: 2013-01-14 20:00; undoclosedtabsbutton@supernova00.biz; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\undoclosedtabsbutton@supernova00.biz.xpi
FF - ExtSQL: 2013-02-02 19:48; gmailadsremover@florian.bersier; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\gmailadsremover@florian.bersier.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R0 NBVol;Nero Backup Volume Filter Driver;C:\windows\System32\drivers\NBVol.sys [2011-12-26 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\windows\System32\drivers\NBVolUp.sys [2011-12-26 15920]
R0 oodisr;O&O DiskImage Snapshot/Restore Driver;C:\windows\System32\drivers\oodisr.sys [2010-5-27 117344]
R0 oodisrh;oodisrh;C:\windows\System32\drivers\oodisrh.sys [2010-5-27 40032]
R0 oodivd;O&O DiskImage Virtual Devices Driver;C:\windows\System32\drivers\oodivd.sys [2010-5-27 210528]
R0 oodivdh;oodivdh;C:\windows\System32\drivers\oodivdh.sys [2010-5-27 42592]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384]
R1 AntiLog32;AntiLog32;C:\windows\System32\drivers\AntiLog64.sys [2012-6-12 45368]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-10-9 984144]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-10-9 370288]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-2-16 43112]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-10-9 25232]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-10-9 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-5 44808]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-9 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-9 676936]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-7-22 690472]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]
R2 OO DiskImage;OO DiskImage;C:\Program Files\Laplink\Laplink DiskImage\oodiag.exe [2010-5-27 3511640]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO\TecoService.exe [2011-5-24 294848]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-8 2656280]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-11-8 76912]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2011-12-26 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-11-8 38096]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-11-8 1109096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 DigiartyVirtualCDBus;Digiarty Virtual Driver;C:\windows\System32\drivers\DigiartyVirtualCDBus.sys [2011-12-25 275648]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-11-8 250984]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2011-11-8 307304]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-11-8 57216]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-9 138152]
S3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2011-7-1 828856]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-12-20 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-02-19 23:44:48    --------    d-----w-    C:\Program Files (x86)\Runtime Software
2013-02-19 23:33:20    --------    d-----w-    C:\Program Files (x86)\Cobian Backup 11
2013-02-19 22:44:05    --------    d-----w-    C:\Users\Hoochie Daddy\AppData\Local\Mozilla Firefox
2013-02-19 04:06:26    9161176    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D4DC3251-F540-4AC3-9033-4F5B728AA50A}\mpengine.dll
2013-02-18 20:09:15    996352    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-18 20:09:15    768000    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-18 03:20:20    9161176    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-16 06:59:55    --------    d-----w-    C:\Users\Hoochie Daddy\AppData\Roaming\DikobrazGames
2013-02-15 23:22:27    --------    d-----w-    C:\Program Files (x86)\DsNET Corp
2013-02-13 20:28:25    5553512    ----a-w-    C:\windows\System32\ntoskrnl.exe
2013-02-13 20:28:24    3967848    ----a-w-    C:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 20:28:22    3913064    ----a-w-    C:\windows\SysWow64\ntoskrnl.exe
2013-02-13 20:25:31    3153408    ----a-w-    C:\windows\System32\win32k.sys
2013-02-13 20:25:28    215040    ----a-w-    C:\windows\System32\winsrv.dll
2013-02-13 20:25:26    25600    ----a-w-    C:\windows\SysWow64\setup16.exe
2013-02-13 20:25:26    14336    ----a-w-    C:\windows\SysWow64\ntvdm64.dll
2013-02-13 20:25:25    7680    ----a-w-    C:\windows\SysWow64\instnm.exe
2013-02-13 20:25:25    5120    ----a-w-    C:\windows\SysWow64\wow32.dll
2013-02-13 20:25:20    2048    ----a-w-    C:\windows\SysWow64\user.exe
2013-02-13 20:25:18    288088    ----a-w-    C:\windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 20:25:18    1913192    ----a-w-    C:\windows\System32\drivers\tcpip.sys
2013-02-05 20:22:38    95648    ----a-w-    C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-05 08:19:52    --------    d-----w-    C:\Users\Hoochie Daddy\AppData\Roaming\Dekovir
2013-02-01 06:27:17    --------    d-----w-    C:\Users\Hoochie Daddy\AppData\Local\SuperEasy_Software
2013-02-01 06:26:03    --------    d-----w-    C:\ProgramData\SuperEasy Software
2013-02-01 06:26:02    --------    d-----w-    C:\Program Files (x86)\Common Files\HDX4
2013-02-01 06:25:57    --------    d-----w-    C:\Program Files (x86)\SuperEasy Software
2013-01-30 09:14:47    --------    d-----w-    C:\Users\Hoochie Daddy\AppData\Roaming\All Free Video Joiner
2013-01-30 09:14:36    348160    ----a-w-    C:\windows\SysWow64\NCTWMAFile2.dll
2013-01-30 09:14:35    458752    ----a-w-    C:\windows\SysWow64\NCTAudioRecord2.dll
2013-01-30 09:14:35    458752    ----a-w-    C:\windows\SysWow64\NCTAudioPlayer2.dll
2013-01-30 09:14:34    1986560    ----a-w-    C:\windows\SysWow64\NCTAudioFile2.dll
2013-01-30 09:14:34    1212416    ----a-w-    C:\windows\SysWow64\NCTAudioInformation2.dll
2013-01-30 09:14:27    --------    d-----w-    C:\Program Files (x86)\All Free Video Joiner
2013-01-28 01:36:56    --------    d-----w-    C:\Users\Hoochie Daddy\AppData\Roaming\Boilsoft
2013-01-28 01:36:27    --------    d-----w-    C:\Program Files (x86)\Boilsoft
2013-01-26 22:23:21    --------    d-----w-    C:\ProgramData\GoldWave
2013-01-26 22:21:36    --------    d-----w-    C:\Program Files (x86)\GoldWave
2013-01-25 07:42:29    --------    d-----w-    C:\Users\Hoochie Daddy\AppData\Roaming\Oberon Media
2013-01-25 03:24:33    178688    ----a-w-    C:\windows\SysWow64\unrar.dll
2013-01-25 03:24:05    --------    d-----w-    C:\Program Files (x86)\K-Lite Codec Pack
2013-01-25 03:22:06    --------    d-----w-    C:\Users\Hoochie Daddy\AppData\Local\Programs
2013-01-25 03:20:28    --------    d-----w-    C:\Users\Hoochie Daddy\AppData\Local\Coupon Companion Plugin
2013-01-25 03:02:46    --------    d-----w-    C:\ProgramData\APN
2013-01-22 02:35:05    --------    dc-h--w-    C:\ProgramData\{A62AB9D5-FDCF-49B1-9F0A-F80A3E614529}
2013-01-21 10:01:34    --------    d-----w-    C:\ProgramData\Garmin
.
==================== Find3M  ====================
.
2013-02-16 05:43:40    71024    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-16 05:43:40    691568    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2013-02-05 20:22:13    861088    ----a-w-    C:\windows\SysWow64\npDeployJava1.dll
2013-02-05 20:22:13    782240    ----a-w-    C:\windows\SysWow64\deployJava1.dll
2013-01-30 10:53:22    273840    ------w-    C:\windows\System32\MpSigStub.exe
2013-01-22 02:35:08    45368    ----a-w-    C:\windows\System32\drivers\AntiLog64.sys
2013-01-20 21:59:04    230320    ----a-w-    C:\windows\System32\drivers\MpFilter.sys
2013-01-20 21:59:04    130008    ----a-w-    C:\windows\System32\drivers\NisDrvWFP.sys
2013-01-19 04:53:48    1056    --sha-w-    C:\windows\SysWow64\KGyGaAvL.sys
2013-01-14 07:25:48    108448    ----a-w-    C:\windows\System32\WindowsAccessBridge-64.dll
2013-01-14 07:25:40    960416    ----a-w-    C:\windows\System32\deployJava1.dll
2013-01-14 07:25:40    1081760    ----a-w-    C:\windows\System32\npDeployJava1.dll
2013-01-04 04:43:21    44032    ----a-w-    C:\windows\apppatch\acwow64.dll
2012-12-16 17:11:22    46080    ----a-w-    C:\windows\System32\atmlib.dll
2012-12-16 14:45:03    367616    ----a-w-    C:\windows\System32\atmfd.dll
2012-12-16 14:13:28    295424    ----a-w-    C:\windows\SysWow64\atmfd.dll
2012-12-16 14:13:20    34304    ----a-w-    C:\windows\SysWow64\atmlib.dll
2012-12-07 13:20:16    441856    ----a-w-    C:\windows\System32\Wpc.dll
2012-12-07 13:15:31    2746368    ----a-w-    C:\windows\System32\gameux.dll
2012-12-07 12:26:17    308736    ----a-w-    C:\windows\SysWow64\Wpc.dll
2012-12-07 12:20:43    2576384    ----a-w-    C:\windows\SysWow64\gameux.dll
2012-12-07 11:20:04    30720    ----a-w-    C:\windows\System32\usk.rs
2012-12-07 11:20:03    43520    ----a-w-    C:\windows\System32\csrr.rs
2012-12-07 11:20:03    23552    ----a-w-    C:\windows\System32\oflc.rs
2012-12-07 11:20:01    45568    ----a-w-    C:\windows\System32\oflc-nz.rs
2012-12-07 11:20:01    44544    ----a-w-    C:\windows\System32\pegibbfc.rs
2012-12-07 11:20:01    20480    ----a-w-    C:\windows\System32\pegi-fi.rs
2012-12-07 11:20:00    20480    ----a-w-    C:\windows\System32\pegi-pt.rs
2012-12-07 11:19:59    20480    ----a-w-    C:\windows\System32\pegi.rs
2012-12-07 11:19:58    46592    ----a-w-    C:\windows\System32\fpb.rs
2012-12-07 11:19:57    40960    ----a-w-    C:\windows\System32\cob-au.rs
2012-12-07 11:19:57    21504    ----a-w-    C:\windows\System32\grb.rs
2012-12-07 11:19:57    15360    ----a-w-    C:\windows\System32\djctq.rs
2012-12-07 11:19:56    55296    ----a-w-    C:\windows\System32\cero.rs
2012-12-07 11:19:55    51712    ----a-w-    C:\windows\System32\esrb.rs
2012-11-30 05:45:35    362496    ----a-w-    C:\windows\System32\wow64win.dll
2012-11-30 05:45:35    243200    ----a-w-    C:\windows\System32\wow64.dll
2012-11-30 05:45:35    13312    ----a-w-    C:\windows\System32\wow64cpu.dll
2012-11-30 05:43:12    16384    ----a-w-    C:\windows\System32\ntvdm64.dll
2012-11-30 05:41:07    424448    ----a-w-    C:\windows\System32\KernelBase.dll
2012-11-30 04:53:59    274944    ----a-w-    C:\windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48    338432    ----a-w-    C:\windows\System32\conhost.exe
2012-11-30 02:38:59    6144    ---ha-w-    C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59    4608    ---ha-w-    C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59    3584    ---ha-w-    C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59    3072    ---ha-w-    C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-28 07:58:53    250880    ----a-r-    C:\windows\JSZSetupX4.exe
2012-11-23 03:13:57    68608    ----a-w-    C:\windows\System32\taskhost.exe
2012-11-22 05:44:23    800768    ----a-w-    C:\windows\System32\usp10.dll
2012-11-22 04:45:03    626688    ----a-w-    C:\windows\SysWow64\usp10.dll
.
============= FINISH: 18:18:41.05 ===============
 


Attached File  attach.txt   14.23KB   2 downloads


Edited by cyberski, 19 February 2013 - 08:06 PM.

s522Dck.jpg


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,773 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:05 AM

Posted 21 February 2013 - 10:45 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===
 
Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
* IMPORTANT !!! Save ComboFix.exe to your Desktop
 
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.
How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html
Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall
Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html
Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===
 
Third party programs if not up to date can be the cause infiltration of an infection.
Please run this security check for my review.
Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===
 
Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.
Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
  • Please post the logs for my review.


    #3 cyberski

    cyberski
    • Topic Starter

    • Members
    • 42 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Northern Wisconsin
    • Local time:07:05 AM

    Posted 21 February 2013 - 08:45 PM

    Hello and thank you for your assistance nasdaq.

     

    BTW...don't know if it's important, but the securityCheck file is showing that I am running firefox V16.0.1, but I'm running V19 

     

    Here are the requested files:

     

    ComboFix 13-02-21.02 - Hoochie Daddy 02/21/2013  18:23:50.1.2 - x64
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4044.2532 [GMT -6:00]
    Running from: c:\users\Hoochie Daddy\Desktop\fix\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\SysWow64\URTTemp
    c:\windows\SysWow64\URTTemp\regtlib.exe
    .
    .
    (((((((((((((((((((((((((   Files Created from 2013-01-22 to 2013-02-22  )))))))))))))))))))))))))))))))
    .
    .
    2013-02-22 00:32 . 2013-02-22 00:32    --------    d-----w-    c:\users\Default\AppData\Local\temp
    2013-02-22 00:32 . 2013-02-22 00:32    --------    d-----w-    c:\users\Guest\AppData\Local\temp
    2013-02-21 21:43 . 2013-01-09 01:12    1392128    ----a-w-    c:\windows\system32\wininet.dll
    2013-02-21 09:48 . 2013-02-08 00:28    9162192    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A794D93-DF95-44A9-82E7-7728E6FC873A}\mpengine.dll
    2013-02-21 09:38 . 2013-02-22 00:12    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Roaming\Nico Mak Computing
    2013-02-21 09:37 . 2011-11-10 16:33    18760    ----a-w-    c:\windows\system32\roboot64.exe
    2013-02-21 09:36 . 2013-02-21 10:03    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Roaming\uTorrent
    2013-02-20 23:57 . 2013-02-08 00:28    9162192    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-02-20 02:31 . 2013-02-20 09:39    --------    d-----w-    c:\program files (x86)\VolumeTouch
    2013-02-19 23:44 . 2013-02-19 23:44    --------    d-----w-    c:\program files (x86)\Runtime Software
    2013-02-19 23:33 . 2013-02-19 23:38    --------    d-----w-    c:\program files (x86)\Cobian Backup 11
    2013-02-19 22:44 . 2013-02-19 22:45    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Local\Mozilla Firefox
    2013-02-18 20:09 . 2013-01-09 01:10    996352    ----a-w-    c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-18 20:09 . 2013-01-08 22:01    768000    ----a-w-    c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-16 06:59 . 2013-02-16 06:59    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Roaming\DikobrazGames
    2013-02-15 23:22 . 2013-02-15 23:22    --------    d-----w-    c:\program files (x86)\DsNET Corp
    2013-02-15 22:31 . 2013-02-15 22:31    186432    ----a-w-    c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
    2013-02-13 20:28 . 2013-01-05 05:53    5553512    ----a-w-    c:\windows\system32\ntoskrnl.exe
    2013-02-13 20:28 . 2013-01-05 05:00    3967848    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
    2013-02-13 20:28 . 2013-01-05 05:00    3913064    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
    2013-02-13 20:25 . 2013-01-04 03:26    3153408    ----a-w-    c:\windows\system32\win32k.sys
    2013-02-13 20:25 . 2013-01-04 05:46    215040    ----a-w-    c:\windows\system32\winsrv.dll
    2013-02-13 20:25 . 2013-01-04 02:47    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
    2013-02-13 20:25 . 2013-01-04 02:47    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
    2013-02-13 20:25 . 2013-01-04 04:51    5120    ----a-w-    c:\windows\SysWow64\wow32.dll
    2013-02-13 20:25 . 2013-01-04 02:47    7680    ----a-w-    c:\windows\SysWow64\instnm.exe
    2013-02-13 20:25 . 2013-01-04 02:47    2048    ----a-w-    c:\windows\SysWow64\user.exe
    2013-02-13 20:25 . 2013-01-03 06:00    1913192    ----a-w-    c:\windows\system32\drivers\tcpip.sys
    2013-02-13 20:25 . 2013-01-03 06:00    288088    ----a-w-    c:\windows\system32\drivers\FWPKCLNT.SYS
    2013-02-05 20:22 . 2013-02-05 20:22    95648    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-02-05 20:22 . 2013-02-05 20:22    --------    d-----w-    c:\program files (x86)\Java
    2013-02-05 08:19 . 2013-02-05 08:19    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Roaming\Dekovir
    2013-02-01 06:27 . 2013-02-01 06:27    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Local\SuperEasy_Software
    2013-02-01 06:26 . 2013-02-01 06:26    --------    d-----w-    c:\programdata\SuperEasy Software
    2013-02-01 06:26 . 2013-02-01 06:26    --------    d-----w-    c:\program files (x86)\Common Files\HDX4
    2013-02-01 06:25 . 2013-02-01 06:25    --------    d-----w-    c:\program files (x86)\SuperEasy Software
    2013-01-30 09:14 . 2013-01-30 09:14    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Roaming\All Free Video Joiner
    2013-01-30 09:14 . 2005-02-24 17:51    348160    ----a-w-    c:\windows\SysWow64\NCTWMAFile2.dll
    2013-01-30 09:14 . 2005-04-25 19:01    458752    ----a-w-    c:\windows\SysWow64\NCTAudioRecord2.dll
    2013-01-30 09:14 . 2005-04-25 19:01    458752    ----a-w-    c:\windows\SysWow64\NCTAudioPlayer2.dll
    2013-01-30 09:14 . 2005-05-18 17:52    1212416    ----a-w-    c:\windows\SysWow64\NCTAudioInformation2.dll
    2013-01-30 09:14 . 2005-05-17 18:37    1986560    ----a-w-    c:\windows\SysWow64\NCTAudioFile2.dll
    2013-01-30 09:14 . 2013-01-30 09:14    --------    d-----w-    c:\program files (x86)\All Free Video Joiner
    2013-01-28 01:36 . 2013-01-28 01:36    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Roaming\Boilsoft
    2013-01-28 01:36 . 2013-01-28 01:36    --------    d-----w-    c:\program files (x86)\Boilsoft
    2013-01-26 22:23 . 2013-01-26 22:23    --------    d-----w-    c:\programdata\GoldWave
    2013-01-26 22:21 . 2013-01-26 22:21    --------    d-----w-    c:\program files (x86)\GoldWave
    2013-01-25 07:42 . 2013-01-25 07:42    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Roaming\Oberon Media
    2013-01-25 03:24 . 2012-06-09 18:21    178688    ----a-w-    c:\windows\SysWow64\unrar.dll
    2013-01-25 03:24 . 2013-01-25 03:24    --------    d-----w-    c:\program files (x86)\K-Lite Codec Pack
    2013-01-25 03:22 . 2013-01-25 03:22    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Local\Programs
    2013-01-25 03:20 . 2013-02-18 21:24    --------    d-----w-    c:\users\Hoochie Daddy\AppData\Local\Coupon Companion Plugin
    2013-01-25 03:02 . 2013-01-25 03:02    --------    d-----w-    c:\programdata\APN
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-02-18 20:14 . 2011-12-22 09:04    70004024    ----a-w-    c:\windows\system32\MRT.exe
    2013-02-16 05:43 . 2012-10-20 06:44    71024    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-02-16 05:43 . 2012-10-20 06:44    691568    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2013-02-05 20:22 . 2012-10-18 08:05    861088    ----a-w-    c:\windows\SysWow64\npDeployJava1.dll
    2013-02-05 20:22 . 2011-08-01 07:30    782240    ----a-w-    c:\windows\SysWow64\deployJava1.dll
    2013-01-30 10:53 . 2010-11-21 03:27    273840    ------w-    c:\windows\system32\MpSigStub.exe
    2013-01-22 02:35 . 2012-06-12 20:19    45368    ----a-w-    c:\windows\system32\drivers\AntiLog64.sys
    2013-01-20 21:59 . 2013-01-20 21:59    230320    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
    2013-01-20 21:59 . 2011-04-27 21:25    130008    ----a-w-    c:\windows\system32\drivers\NisDrvWFP.sys
    2013-01-14 07:25 . 2013-01-14 07:25    108448    ----a-w-    c:\windows\system32\WindowsAccessBridge-64.dll
    2013-01-14 07:25 . 2013-01-14 07:26    308640    ----a-w-    c:\windows\system32\javaws.exe
    2013-01-14 07:25 . 2013-01-14 07:25    188832    ----a-w-    c:\windows\system32\javaw.exe
    2013-01-14 07:25 . 2013-01-14 07:25    188832    ----a-w-    c:\windows\system32\java.exe
    2013-01-14 07:25 . 2012-10-18 01:27    960416    ----a-w-    c:\windows\system32\deployJava1.dll
    2013-01-14 07:25 . 2012-10-18 01:27    1081760    ----a-w-    c:\windows\system32\npDeployJava1.dll
    2013-01-04 04:43 . 2013-02-13 20:25    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    2012-12-16 17:11 . 2013-01-06 07:11    46080    ----a-w-    c:\windows\system32\atmlib.dll
    2012-12-16 14:45 . 2013-01-06 07:11    367616    ----a-w-    c:\windows\system32\atmfd.dll
    2012-12-16 14:13 . 2013-01-06 07:11    295424    ----a-w-    c:\windows\SysWow64\atmfd.dll
    2012-12-16 14:13 . 2013-01-06 07:11    34304    ----a-w-    c:\windows\SysWow64\atmlib.dll
    2012-12-14 22:49 . 2011-12-26 18:27    24176    ----a-w-    c:\windows\system32\drivers\mbam.sys
    2012-12-11 12:54 . 2012-12-11 12:54    10    ----a-w-    c:\windows\Fonts\wfonts.key
    2012-12-07 13:20 . 2013-01-12 20:51    441856    ----a-w-    c:\windows\system32\Wpc.dll
    2012-12-07 13:15 . 2013-01-12 20:51    2746368    ----a-w-    c:\windows\system32\gameux.dll
    2012-12-07 12:26 . 2013-01-12 20:51    308736    ----a-w-    c:\windows\SysWow64\Wpc.dll
    2012-12-07 12:20 . 2013-01-12 20:51    2576384    ----a-w-    c:\windows\SysWow64\gameux.dll
    2012-12-07 11:20 . 2013-01-12 20:51    30720    ----a-w-    c:\windows\system32\usk.rs
    2012-12-07 11:20 . 2013-01-12 20:51    43520    ----a-w-    c:\windows\system32\csrr.rs
    2012-12-07 11:20 . 2013-01-12 20:51    23552    ----a-w-    c:\windows\system32\oflc.rs
    2012-12-07 11:20 . 2013-01-12 20:51    45568    ----a-w-    c:\windows\system32\oflc-nz.rs
    2012-12-07 11:20 . 2013-01-12 20:51    44544    ----a-w-    c:\windows\system32\pegibbfc.rs
    2012-12-07 11:20 . 2013-01-12 20:51    20480    ----a-w-    c:\windows\system32\pegi-fi.rs
    2012-12-07 11:20 . 2013-01-12 20:51    20480    ----a-w-    c:\windows\system32\pegi-pt.rs
    2012-12-07 11:19 . 2013-01-12 20:51    20480    ----a-w-    c:\windows\system32\pegi.rs
    2012-12-07 11:19 . 2013-01-12 20:51    46592    ----a-w-    c:\windows\system32\fpb.rs
    2012-12-07 11:19 . 2013-01-12 20:51    40960    ----a-w-    c:\windows\system32\cob-au.rs
    2012-12-07 11:19 . 2013-01-12 20:51    21504    ----a-w-    c:\windows\system32\grb.rs
    2012-12-07 11:19 . 2013-01-12 20:51    15360    ----a-w-    c:\windows\system32\djctq.rs
    2012-12-07 11:19 . 2013-01-12 20:51    55296    ----a-w-    c:\windows\system32\cero.rs
    2012-12-07 11:19 . 2013-01-12 20:51    51712    ----a-w-    c:\windows\system32\esrb.rs
    2012-12-07 10:46 . 2013-01-12 20:51    43520    ----a-w-    c:\windows\SysWow64\csrr.rs
    2012-12-07 10:46 . 2013-01-12 20:51    30720    ----a-w-    c:\windows\SysWow64\usk.rs
    2012-12-07 10:46 . 2013-01-12 20:51    45568    ----a-w-    c:\windows\SysWow64\oflc-nz.rs
    2012-12-07 10:46 . 2013-01-12 20:51    44544    ----a-w-    c:\windows\SysWow64\pegibbfc.rs
    2012-12-07 10:46 . 2013-01-12 20:51    20480    ----a-w-    c:\windows\SysWow64\pegi-pt.rs
    2012-12-07 10:46 . 2013-01-12 20:51    23552    ----a-w-    c:\windows\SysWow64\oflc.rs
    2012-12-07 10:46 . 2013-01-12 20:51    20480    ----a-w-    c:\windows\SysWow64\pegi-fi.rs
    2012-12-07 10:46 . 2013-01-12 20:51    46592    ----a-w-    c:\windows\SysWow64\fpb.rs
    2012-12-07 10:46 . 2013-01-12 20:51    20480    ----a-w-    c:\windows\SysWow64\pegi.rs
    2012-12-07 10:46 . 2013-01-12 20:51    21504    ----a-w-    c:\windows\SysWow64\grb.rs
    2012-12-07 10:46 . 2013-01-12 20:51    40960    ----a-w-    c:\windows\SysWow64\cob-au.rs
    2012-12-07 10:46 . 2013-01-12 20:51    15360    ----a-w-    c:\windows\SysWow64\djctq.rs
    2012-12-07 10:46 . 2013-01-12 20:51    51712    ----a-w-    c:\windows\SysWow64\esrb.rs
    2012-12-07 10:46 . 2013-01-12 20:51    55296    ----a-w-    c:\windows\SysWow64\cero.rs
    2012-11-30 05:45 . 2013-01-12 20:49    362496    ----a-w-    c:\windows\system32\wow64win.dll
    2012-11-30 05:45 . 2013-01-12 20:49    243200    ----a-w-    c:\windows\system32\wow64.dll
    2012-11-30 05:45 . 2013-01-12 20:49    13312    ----a-w-    c:\windows\system32\wow64cpu.dll
    2012-11-30 05:43 . 2013-01-12 20:49    16384    ----a-w-    c:\windows\system32\ntvdm64.dll
    2012-11-30 05:41 . 2013-01-12 20:49    424448    ----a-w-    c:\windows\system32\KernelBase.dll
    2012-11-30 05:41 . 2013-01-12 20:49    1161216    ----a-w-    c:\windows\system32\kernel32.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    6144    ---ha-w-    c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    5120    ---ha-w-    c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
    2012-11-30 04:53 . 2013-01-12 20:49    274944    ----a-w-    c:\windows\SysWow64\KernelBase.dll
    2012-11-30 04:45 . 2013-01-12 20:49    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-12 20:49    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-12 20:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-12 20:49    4608    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-12 20:49    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-12 20:49    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-12 20:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    .
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-05 5629312]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-11-08 39408]
    "RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2013-02-12 109784]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
    "AntiLogger"="c:\program files (x86)\AntiLogger\AntiLogger.exe" [2012-12-04 14597616]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-11-29 151952]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
    "Garmin Lifetime Updater"="c:\program files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-06-04 1466760]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
    "VolumeTouch"="c:\program files (x86)\VolumeTouch\VolumeTouch.exe" [2005-07-22 184320]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
    R3 a2acc;a2acc;c:\program files (x86)\MAMUTU\a2accx64.sys [x]
    R3 DigiartyVirtualCDBus;Digiarty Virtual Driver;c:\windows\system32\drivers\DigiartyVirtualCDBus.sys [2011-12-26 275648]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-02 250984]
    R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2011-07-09 307304]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
    R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]
    R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
    R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-20 1255736]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
    S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
    S0 oodisr;O&O DiskImage Snapshot/Restore Driver;c:\windows\system32\DRIVERS\oodisr.sys [2010-05-27 117344]
    S0 oodisrh;oodisrh;c:\windows\system32\DRIVERS\oodisrh.sys [2010-05-27 40032]
    S0 oodivd;O&O DiskImage Virtual Devices Driver;c:\windows\system32\DRIVERS\oodivd.sys [2010-05-27 210528]
    S0 oodivdh;oodivdh;c:\windows\system32\DRIVERS\oodivdh.sys [2010-05-27 42592]
    S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
    S1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog64.sys [2013-01-22 45368]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-08 140672]
    S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-02-16 43112]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
    S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
    S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]
    S2 OO DiskImage;OO DiskImage;c:\program files\Laplink\Laplink DiskImage\oodiag.exe [2010-05-27 3511640]
    S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-05-24 294848]
    S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
    S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
    S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
    S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
    S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
    S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-01-05 1109096]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2013-01-31 03:20    1607120    ----a-w-    c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-02-21 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-20 05:43]
    .
    2013-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-08 17:50]
    .
    2013-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-08 17:50]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-10-30 23:50    133400    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
    2012-12-18 01:50    755816    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
    2012-12-18 01:50    755816    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
    2012-12-18 01:50    755816    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
    2012-12-18 01:50    755816    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OODIIcon]
    @="{14A94384-BBED-47ed-86C0-6BF63FD892D0}"
    [HKEY_CLASSES_ROOT\CLSID\{14A94384-BBED-47ed-86C0-6BF63FD892D0}]
    2010-05-27 20:44    129880    ----a-w-    c:\program files\Laplink\Laplink DiskImage\oodishi.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
    "OODITRAY.EXE"="c:\program files\Laplink\Laplink DiskImage\ooditray.exe" [2010-05-27 2571096]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = https://www.google.com/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <local>;*.local
    IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    IE: Show RoboForm Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    TCP: DhcpNameServer = 10.0.0.1
    TCP: Interfaces\{4DEA9F6C-6A50-43D6-B4D0-F18BFAF17D57}: NameServer = 208.67.222.222,208.67.220.220
    TCP: Interfaces\{4DEA9F6C-6A50-43D6-B4D0-F18BFAF17D57}\84F6D656: NameServer = 208.67.222.222,208.67.220.220
    FF - ProfilePath - c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&rls=org.mozilla:en-US:official&client=firefox-a&sourceid=navclient&gfns=1&q=
    FF - ExtSQL: 2013-01-12 14:33; {22119944-ED35-4ab1-910B-E619EA06A115}; c:\program files (x86)\Siber Systems\AI RoboForm\Firefox
    FF - ExtSQL: 2013-01-12 15:06; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    FF - ExtSQL: 2013-01-12 15:06; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
    FF - ExtSQL: 2013-01-12 15:06; adblockpopups@jessehakanen.net; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\adblockpopups@jessehakanen.net.xpi
    FF - ExtSQL: 2013-01-12 15:07; elemhidehelper@adblockplus.org; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\elemhidehelper@adblockplus.org.xpi
    FF - ExtSQL: 2013-01-12 15:08; fbp@fbpurity.com; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\fbp@fbpurity.com.xpi
    FF - ExtSQL: 2013-01-12 15:08; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
    FF - ExtSQL: 2013-01-12 15:09; {0b457cAA-602d-484a-8fe7-c1d894a011ba}; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
    FF - ExtSQL: 2013-01-12 15:10; {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
    FF - ExtSQL: 2013-01-12 15:11; googledictionary@toptip.ca; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\googledictionary@toptip.ca.xpi
    FF - ExtSQL: 2013-01-12 15:12; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
    FF - ExtSQL: 2013-01-12 15:13; jid0-Rp5hqR3GGdGwDtdjWGZHQAKOFSA@jetpack; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\jid0-Rp5hqR3GGdGwDtdjWGZHQAKOFSA@jetpack
    FF - ExtSQL: 2013-01-12 15:13; {FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3}; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3}.xpi
    FF - ExtSQL: 2013-01-12 15:14; {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
    FF - ExtSQL: 2013-01-12 15:14; nosquint@urandom.ca; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\nosquint@urandom.ca.xpi
    FF - ExtSQL: 2013-01-12 15:15; jid0-RZ1wv8WwA7CKjr2eJZV648uKiuE@jetpack; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\jid0-RZ1wv8WwA7CKjr2eJZV648uKiuE@jetpack
    FF - ExtSQL: 2013-01-12 15:17; jid1-xUfzOsOFlzSOXg@jetpack; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi
    FF - ExtSQL: 2013-01-12 15:20; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
    FF - ExtSQL: 2013-01-12 15:20; thumbnailZoom@dadler.github.com; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\thumbnailZoom@dadler.github.com.xpi
    FF - ExtSQL: 2013-01-12 15:22; info@technologymob.com; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\info@technologymob.com.xpi
    FF - ExtSQL: 2013-01-12 19:38; en-US@dictionaries.addons.mozilla.org; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\en-US@dictionaries.addons.mozilla.org
    FF - ExtSQL: 2013-01-14 20:00; undoclosedtabsbutton@supernova00.biz; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\undoclosedtabsbutton@supernova00.biz.xpi
    FF - ExtSQL: 2013-02-02 19:48; gmailadsremover@florian.bersier; c:\users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\gmailadsremover@florian.bersier.xpi
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-Locked - (no file)
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
    "OOCC7.00.00.01PROSTATION"="4E8A39E9AF66395DCD1353B17F465942EAA5E9BC24DC83005B38EFCBFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3DA2D97226D213B555C038D530D6EB3452A6B5577F31EAAEBAD34428E2A7C50398EB81613C01B436A6694E0900BC2D9179A9A6E14AED33C83B66487A971CC0BAE2F6DF1D0AEDC20289E85403BCA6215342DF8FE0B1705BAF0FCBE63D40FCB1E55A718B19A06BDE5F86378FE9818DE6C58FCF7460AE6C6AEFB52B5000C42918A23D3E7E0CFAA723A1BE94E3BA7A0C4E1202B642403F088A27EE5C17A9947597268FF392001A424B3394F49443D63050F6FD85C53764DE0B0AC36EB37323A8F9B7975D095200D0B890B0004B294CFA85C6ACE0B04CA400DEDE7CA081EB6680A93661F8073934DB704C0111966393E32C667CA19BDC096D9C02A66ABE73D82CB60FBB7995B8C4611C8AB2B6E63EE8D225D21ED27F9A9F9E80E095F50FC0F8505549B9C39E2D3FD10704BCB512590E29779786363B897A7F6780609E7B5DCA045E7AB17475443712A307D50451A7C5B54D58EEBF11812E6E5678DEF5EC28D2534B4FC15ACB80457C05F4F9CF42F2D940724AD3982730553EF171314435D19EBEBD8A45F43CBA045C66C2E9F5E5D49602DA3A771C08170DB607ADB700865F3A3AF87D61FD411C14F2A2F92A8BA13ECDA81C83DEDC230AF612037F9A58F62DB82E66927DDD3D2399F6BB37815740725258EE1AD21D49B2B87FF9CCC1AF0566B1758FC4C335F323BA8FD6AB7CD4EC097EA433045FD6310CFBA123125D988D0EBFE12625A4D40DC224D93B9EECB43AED2D98E85B573676696F90D75F5FDE55790136FD5652C3157D05685766E5D81E62C03337CE501B16EC43D718D67C7F0352182A0D93C3BCFC21113E3C723ED970789DE4E71F211B73912E74863030ACA297ABEA7126342D195101D61EC393837097AB1467A4697ED3A2E8DAE9B5B7C9A219E6186AEF233A21048E9CD56EC5D4BE7DD71BC94889C06341B1F02D471673577E77C45B655437B2847A72609CF9015F389248C309A5142E62C9925F5990F477C091F9CB8ECD31CC7008ACDF8B1670BDAD51DDAF79A6DA29CF778F33F132509FACEA3469875BE4D5BC0014960DC7BD27130B108A3EBBB0292583A97F2DC73BCD66BDE1037F8BC593AEAC666F847FB8CBF4BE0B7714D45FE8D2BD98C0B8651F6561C9698D3C32FA3462DE5477EDEF64C133EA6BBBC62768079D7406135A601AAF6850A09E16E65D48C4E8025E5413F9020395C3C03A2C8085A07F133BE652FCD599995473F8837CC299238AF85A24E36AE9479A96632090CA45B8D1A0CA1A4DE8666EC3EBE4A89BFDF66AF842B423C13C450C69EB4E8533A14EFB48CC845945DB141FA40D6D3730B4491C"
    "OODI05.00.00.01PRO"="377CE4CF6FB56A1E1E5B72E908B5A3194FA72AC85425BA7F76EF9D750ED052CC83CB5655E9ECF09F883ABF001E734B556B8A5B1C38A066B3E7DFC2D54D7BFD25DDBE7C5F6965C48273A9A105DFC4F06B04D05350DDBC16356352FB35D570D361E98468DD395CD0A759DA2573FD390B170BCB3C07F7F6ED386FD7B1028240444C63915CA77991F11649428AA9FC618237819172C891518494A347FB0A827E3458959D51759C4BFA77E41A46E9B652394D7F7B880209D3E747ACBD2A0458C1FD9BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407FEBC9E127BECC74CBA7FD869164D67945D575E7D6A3B9808BA1944FEB4C51F4F27D02D7C65563813E0F71C7C993E6D2CF29ACAAB4B32CAF350EB1813DAF7BA7C4D3E0E153EECF04D7416AF68F59BA5ABA747A52ED5E2A4F48CA230921FAFAA084F366700E6BB8B43351955E3CFEBB58EF9CED6FC92B3FB71003054C0D60AB2C2D46A40CAD9F198DFFC156F6668909A7997C6BE97A8D4D9E94EC803C32DAA8A27945352E4E6431F35B7E1964753EE4835C3876F5E8D7C3F80ADE6ECAA9EB75E505A2C8D232F6717F6E61B16C5F7EDA432D32FB41A0F659D7C6BCAF8E07E5C4F7C077213BEAA1B6D7FA120EC0113FA0701B21D0AF34FCADBC7E373BFBB704671120FEA3B52249C834A8E17CE01B20840575EF81EF841F055738C2A8F726FA9C997FA9B0EDEB9302DF86C67242EBB07908F69AAD79EAE1CD9AF6CF66820483CD7B9E5D0CC495F9D34518C3C86D5E6733027F8DECEB8B495ABD41EA802C59EB80A470218675AD92FD6BA538748A73DC7C640C887CF03C32C02DCD051C3C366DCC33591C6863D45B64442BB7BE9BB2185F2A0A6D8DA9B203108E848C7CC646AED5F9B6E7203049106221AD012A50BC5B14732F44DA484E279DC39DC256DD0C82FA6350476EBA07EF58A95B586E471B1D4C903A9A0952479DF13B67648AB9A726E5BE1D171056E2562092F9ED849B2C1FA7446CF554B45A3C0326A1852C0B2AC782FA66E4942A670A99E81D4CC2371A5B5B44F042F1516767FB485D32B1B7292204D2B0021516C9D2F4250B66B7DB86198ED1AF9B878A95A7F0A59CFFA5C15123CCEBAC3670E43405DDAFE34819275CB3D74C277BE2CF50EAC95DB48B15839EB28444689C80D93BF9CC596D31D51F9123F130D57D11FD49F73ADAA8C011AE235C1B3DFB6BA1329D5DED4C3AD945D7AB24009DC86C7EF8575C51D82005E5EF8D9EB1441C1F21C359117CCD6707E8E110265863E893974A9C71923471A8418C6958CCF46386C56CB55BB66465BB7F03AA7D5B15E748333C824E6F30064F0EA7C7C10496D3BE723E45AC9CF2B45E043D81F3E268EF247EB4B6AAD35D600E631ACF1E253DA7C66995D28C129C0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2013-02-21  18:43:49
    ComboFix-quarantined-files.txt  2013-02-22 00:43
    .
    Pre-Run: 164,832,788,480 bytes free
    Post-Run: 167,621,513,216 bytes free
    .
    - - End Of File - - 63516B6FE61DC193F76B586C720C4C8E
     

     

     

    Results of screen317's Security Check version 0.99.59  
     Windows 7 Service Pack 1 x64 (UAC is disabled!)  
     Internet Explorer 9  
    ``````````````Antivirus/Firewall Check:``````````````
     Windows Firewall Enabled!  
     Windows Firewall Disabled!  
    avast! Antivirus                
    Microsoft Security Essentials   
     Antivirus out of date! (On Access scanning disabled!)
    `````````Anti-malware/Other Utilities Check:`````````
     SpywareBlaster 4.5    
     Malwarebytes Anti-Malware version 1.70.0.1100  
     Java 7 Update 13  
     Adobe Flash Player 11.6.602.168  
     Adobe Reader 10.1.6 Adobe Reader out of Date!  
     Mozilla Firefox 16.0.1 Firefox out of Date!  
     Google Chrome 24.0.1312.56  
     Google Chrome 24.0.1312.57  
    ````````Process Check: objlist.exe by Laurent````````  
     Microsoft Security Essentials MSMpEng.exe
     AVAST Software Avast AvastSvc.exe  
     AVAST Software Avast AvastUI.exe  
    `````````````````System Health check`````````````````
     Total Fragmentation on Drive C: 2%
    ````````````````````End of Log``````````````````````
     

     

     

    # AdwCleaner v2.112 - Logfile created 02/21/2013 at 18:49:45
    # Updated 10/02/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Hoochie Daddy - HOOCHIEDADDY-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Hoochie Daddy\Desktop\adwcleaner0.exe
    # Option [Search]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Folder Found : C:\Program Files (x86)\Conduit
    Folder Found : C:\ProgramData\APN
    Folder Found : C:\Users\Hoochie Daddy\AppData\Local\Conduit
    Folder Found : C:\Users\Hoochie Daddy\AppData\Local\Coupon Companion Plugin
    Folder Found : C:\Users\Hoochie Daddy\AppData\LocalLow\Conduit

    ***** [Registry] *****

    Key Found : HKCU\Software\APN PIP
    Key Found : HKCU\Software\AppDataLow\Software\Crossrider
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Softonic
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\PIP
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Software

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16464

    [OK] Registry is clean.

    -\\ Mozilla Firefox v16.0.1 (en-US)

    File : C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\prefs.js

    Found : user_pref("CT2786678..clientLogIsEnabled", true);
    Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Found : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
    Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Found : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
    Found : user_pref("CT2786678.CTID", "CT2786678");
    Found : user_pref("CT2786678.CurrentServerDate", "18-3-2012");
    Found : user_pref("CT2786678.DSInstall", false);
    Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
    Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Sat Mar 17 2012 23:25:38 GMT-0500 (Central Daylig[...]
    Found : user_pref("CT2786678.DownloadReferralCookieData", "");
    Found : user_pref("CT2786678.EMailNotifierPollDate", "Sat Mar 17 2012 23:25:26 GMT-0500 (Central Daylight Ti[...]
    Found : user_pref("CT2786678.FeedLastCount5690698542593514850", 283);
    Found : user_pref("CT2786678.FeedPollDate2429156812186649977", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813040823546", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813130095866", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813224203613", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813230837251", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813454291735", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813729834876", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813860870021", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156814264681793", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156814863075366", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156815257761081", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
    Found : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
    Found : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
    Found : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
    Found : user_pref("CT2786678.FirstServerDate", "3-2-2012");
    Found : user_pref("CT2786678.FirstTime", true);
    Found : user_pref("CT2786678.FirstTimeFF3", true);
    Found : user_pref("CT2786678.FixPageNotFoundErrors", true);
    Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
    Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Found : user_pref("CT2786678.HPInstall", false);
    Found : user_pref("CT2786678.HasUserGlobalKeys", true);
    Found : user_pref("CT2786678.HomePageProtectorEnabled", false);
    Found : user_pref("CT2786678.HomepageBeforeUnload", "hxxp://www.google.com/");
    Found : user_pref("CT2786678.Initialize", true);
    Found : user_pref("CT2786678.InitializeCommonPrefs", true);
    Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
    Found : user_pref("CT2786678.InstallationId", "ConduitXPEIntegration");
    Found : user_pref("CT2786678.InstallationType", "ConduitXPEIntegration");
    Found : user_pref("CT2786678.InstalledDate", "Fri Feb 03 2012 00:40:34 GMT-0600 (Central Standard Time)");
    Found : user_pref("CT2786678.IsGrouping", false);
    Found : user_pref("CT2786678.IsInitSetupIni", true);
    Found : user_pref("CT2786678.IsMulticommunity", false);
    Found : user_pref("CT2786678.IsOpenThankYouPage", true);
    Found : user_pref("CT2786678.IsOpenUninstallPage", false);
    Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Sat Mar 17 2012 23:25:37 GMT-0500 (Central Dayligh[...]
    Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
    Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Found : user_pref("CT2786678.LastLogin_3.10.0.1", "Sat Mar 17 2012 23:25:34 GMT-0500 (Central Daylight Time)[...]
    Found : user_pref("CT2786678.LastLogin_3.9.0.3", "Fri Feb 03 2012 00:40:35 GMT-0600 (Central Standard Time)"[...]
    Found : user_pref("CT2786678.LatestVersion", "3.10.0.1");
    Found : user_pref("CT2786678.Locale", "en");
    Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
    Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
    Found : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
    Found : user_pref("CT2786678.OriginalFirstVersion", "3.9.0.3");
    Found : user_pref("CT2786678.SearchCaption", "uTorrentBar Customized Web Search");
    Found : user_pref("CT2786678.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
    Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
    Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
    Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
    Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
    Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Sat Mar 17 2012 23:25:34 GMT-0500 (Central Dayli[...]
    Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Found : user_pref("CT2786678.SearchProtectorEnabled", false);
    Found : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
    Found : user_pref("CT2786678.SendProtectorDataViaLogin", true);
    Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Sat Mar 17 2012 23:25:27 GMT-0500 (Central Daylight [...]
    Found : user_pref("CT2786678.SettingsLastCheckTime", "Sat Mar 17 2012 23:25:25 GMT-0500 (Central Daylight Ti[...]
    Found : user_pref("CT2786678.SettingsLastUpdate", "1331834901");
    Found : user_pref("CT2786678.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
    Found : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
    Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sat Mar 17 2012 23:25:25 GMT-0500 (Central Day[...]
    Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586");
    Found : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
    Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
    Found : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
    Found : user_pref("CT2786678.Uninstall", true);
    Found : user_pref("CT2786678.UserID", "UN23111371362663558");
    Found : user_pref("CT2786678.WeatherNetwork", "");
    Found : user_pref("CT2786678.WeatherPollDate", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central Daylight Time)");
    Found : user_pref("CT2786678.WeatherUnit", "F");
    Found : user_pref("CT2786678.alertChannelId", "1178763");
    Found : user_pref("CT2786678.autoDisableScopes", -1);
    Found : user_pref("CT2786678.backendstorage.cbfirsttime", "4672692046656220303320323031322030303A34303A33372[...]
    Found : user_pref("CT2786678.backendstorage.pairingkey", "44454245444146363441443939423444353141454130323539[...]
    Found : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
    Found : user_pref("CT2786678.backendstorage.uttorrents", "7B226275696C64223A32363637312C226C6162656C223A5B5D[...]
    Found : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
    Found : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Sat Mar 17 2012 23:25:38 GMT-0500 (Central [...]
    Found : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
    Found : user_pref("CT2786678.initDone", true);
    Found : user_pref("CT2786678.isAppTrackingManagerOn", true);
    Found : user_pref("CT2786678.myStuffEnabled", true);
    Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
    Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
    Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Found : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804[...]
    Found : user_pref("CT2786678.revertSettingsEnabled", false);
    Found : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
    Found : user_pref("CT2786678.searchProtectorEnableByLogin", true);
    Found : user_pref("CT2786678.testingCtid", "");
    Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Sat Mar 17 2012 23:25:37 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Sat Mar 17 2012 23:25:38 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.usagesFlag", 1);
    Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"15c[...]
    Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Hoochie Daddy\\AppData\\Roaming\\Mo[...]
    Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
    Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://serp.freecause.com/?ourmark=3&sid[...]
    Found : user_pref("CommunityToolbar.ToolbarsList", "CT2786678");
    Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678");
    Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
    Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 17 2012 23:25:29 GMT-0500 (Cen[...]
    Found : user_pref("CommunityToolbar.globalUserId", "23fcc2b0-5210-4087-abd4-4cb1a7647e81");
    Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678");
    Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Feb 03 2012 00:40:3[...]
    Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Found : user_pref("CommunityToolbar.notifications.locale", "en");
    Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Feb 03 2012 00:40:33 GMT-0600 (C[...]
    Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
    Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Found : user_pref("CommunityToolbar.notifications.userId", "a92e95c2-4e49-4b45-8e80-89fd47d34967");
    Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
    Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]

    -\\ Google Chrome v24.0.1312.57

    File : C:\Users\Hoochie Daddy\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [14153 octets] - [21/02/2013 18:49:45]

    ########## EOF - C:\AdwCleaner[R1].txt - [14214 octets] ##########
     

     

    # AdwCleaner v2.112 - Logfile created 02/21/2013 at 18:51:28
    # Updated 10/02/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Hoochie Daddy - HOOCHIEDADDY-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Hoochie Daddy\Desktop\adwcleaner0.exe
    # Option [Search]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Folder Found : C:\Program Files (x86)\Conduit
    Folder Found : C:\ProgramData\APN
    Folder Found : C:\Users\Hoochie Daddy\AppData\Local\Conduit
    Folder Found : C:\Users\Hoochie Daddy\AppData\Local\Coupon Companion Plugin
    Folder Found : C:\Users\Hoochie Daddy\AppData\LocalLow\Conduit

    ***** [Registry] *****

    Key Found : HKCU\Software\APN PIP
    Key Found : HKCU\Software\AppDataLow\Software\Crossrider
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Softonic
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\PIP
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Software

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16464

    [OK] Registry is clean.

    -\\ Mozilla Firefox v16.0.1 (en-US)

    File : C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\prefs.js

    Found : user_pref("CT2786678..clientLogIsEnabled", true);
    Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Found : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
    Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Found : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
    Found : user_pref("CT2786678.CTID", "CT2786678");
    Found : user_pref("CT2786678.CurrentServerDate", "18-3-2012");
    Found : user_pref("CT2786678.DSInstall", false);
    Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
    Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Sat Mar 17 2012 23:25:38 GMT-0500 (Central Daylig[...]
    Found : user_pref("CT2786678.DownloadReferralCookieData", "");
    Found : user_pref("CT2786678.EMailNotifierPollDate", "Sat Mar 17 2012 23:25:26 GMT-0500 (Central Daylight Ti[...]
    Found : user_pref("CT2786678.FeedLastCount5690698542593514850", 283);
    Found : user_pref("CT2786678.FeedPollDate2429156812186649977", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813040823546", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813130095866", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813224203613", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813230837251", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813454291735", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813729834876", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813860870021", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156814264681793", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156814863075366", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedPollDate2429156815257761081", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
    Found : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
    Found : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
    Found : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
    Found : user_pref("CT2786678.FirstServerDate", "3-2-2012");
    Found : user_pref("CT2786678.FirstTime", true);
    Found : user_pref("CT2786678.FirstTimeFF3", true);
    Found : user_pref("CT2786678.FixPageNotFoundErrors", true);
    Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
    Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Found : user_pref("CT2786678.HPInstall", false);
    Found : user_pref("CT2786678.HasUserGlobalKeys", true);
    Found : user_pref("CT2786678.HomePageProtectorEnabled", false);
    Found : user_pref("CT2786678.HomepageBeforeUnload", "hxxp://www.google.com/");
    Found : user_pref("CT2786678.Initialize", true);
    Found : user_pref("CT2786678.InitializeCommonPrefs", true);
    Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
    Found : user_pref("CT2786678.InstallationId", "ConduitXPEIntegration");
    Found : user_pref("CT2786678.InstallationType", "ConduitXPEIntegration");
    Found : user_pref("CT2786678.InstalledDate", "Fri Feb 03 2012 00:40:34 GMT-0600 (Central Standard Time)");
    Found : user_pref("CT2786678.IsGrouping", false);
    Found : user_pref("CT2786678.IsInitSetupIni", true);
    Found : user_pref("CT2786678.IsMulticommunity", false);
    Found : user_pref("CT2786678.IsOpenThankYouPage", true);
    Found : user_pref("CT2786678.IsOpenUninstallPage", false);
    Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Sat Mar 17 2012 23:25:37 GMT-0500 (Central Dayligh[...]
    Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
    Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Found : user_pref("CT2786678.LastLogin_3.10.0.1", "Sat Mar 17 2012 23:25:34 GMT-0500 (Central Daylight Time)[...]
    Found : user_pref("CT2786678.LastLogin_3.9.0.3", "Fri Feb 03 2012 00:40:35 GMT-0600 (Central Standard Time)"[...]
    Found : user_pref("CT2786678.LatestVersion", "3.10.0.1");
    Found : user_pref("CT2786678.Locale", "en");
    Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
    Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
    Found : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
    Found : user_pref("CT2786678.OriginalFirstVersion", "3.9.0.3");
    Found : user_pref("CT2786678.SearchCaption", "uTorrentBar Customized Web Search");
    Found : user_pref("CT2786678.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
    Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
    Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
    Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
    Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
    Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Sat Mar 17 2012 23:25:34 GMT-0500 (Central Dayli[...]
    Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Found : user_pref("CT2786678.SearchProtectorEnabled", false);
    Found : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
    Found : user_pref("CT2786678.SendProtectorDataViaLogin", true);
    Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Sat Mar 17 2012 23:25:27 GMT-0500 (Central Daylight [...]
    Found : user_pref("CT2786678.SettingsLastCheckTime", "Sat Mar 17 2012 23:25:25 GMT-0500 (Central Daylight Ti[...]
    Found : user_pref("CT2786678.SettingsLastUpdate", "1331834901");
    Found : user_pref("CT2786678.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
    Found : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
    Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sat Mar 17 2012 23:25:25 GMT-0500 (Central Day[...]
    Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586");
    Found : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
    Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
    Found : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
    Found : user_pref("CT2786678.Uninstall", true);
    Found : user_pref("CT2786678.UserID", "UN23111371362663558");
    Found : user_pref("CT2786678.WeatherNetwork", "");
    Found : user_pref("CT2786678.WeatherPollDate", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central Daylight Time)");
    Found : user_pref("CT2786678.WeatherUnit", "F");
    Found : user_pref("CT2786678.alertChannelId", "1178763");
    Found : user_pref("CT2786678.autoDisableScopes", -1);
    Found : user_pref("CT2786678.backendstorage.cbfirsttime", "4672692046656220303320323031322030303A34303A33372[...]
    Found : user_pref("CT2786678.backendstorage.pairingkey", "44454245444146363441443939423444353141454130323539[...]
    Found : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
    Found : user_pref("CT2786678.backendstorage.uttorrents", "7B226275696C64223A32363637312C226C6162656C223A5B5D[...]
    Found : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
    Found : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Sat Mar 17 2012 23:25:38 GMT-0500 (Central [...]
    Found : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
    Found : user_pref("CT2786678.initDone", true);
    Found : user_pref("CT2786678.isAppTrackingManagerOn", true);
    Found : user_pref("CT2786678.myStuffEnabled", true);
    Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
    Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
    Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Found : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804[...]
    Found : user_pref("CT2786678.revertSettingsEnabled", false);
    Found : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
    Found : user_pref("CT2786678.searchProtectorEnableByLogin", true);
    Found : user_pref("CT2786678.testingCtid", "");
    Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Sat Mar 17 2012 23:25:37 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Sat Mar 17 2012 23:25:38 GMT-0500 (Central D[...]
    Found : user_pref("CT2786678.usagesFlag", 1);
    Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"15c[...]
    Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Hoochie Daddy\\AppData\\Roaming\\Mo[...]
    Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
    Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://serp.freecause.com/?ourmark=3&sid[...]
    Found : user_pref("CommunityToolbar.ToolbarsList", "CT2786678");
    Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678");
    Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
    Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 17 2012 23:25:29 GMT-0500 (Cen[...]
    Found : user_pref("CommunityToolbar.globalUserId", "23fcc2b0-5210-4087-abd4-4cb1a7647e81");
    Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678");
    Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Feb 03 2012 00:40:3[...]
    Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Found : user_pref("CommunityToolbar.notifications.locale", "en");
    Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Feb 03 2012 00:40:33 GMT-0600 (C[...]
    Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
    Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Found : user_pref("CommunityToolbar.notifications.userId", "a92e95c2-4e49-4b45-8e80-89fd47d34967");
    Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
    Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]

    -\\ Google Chrome v24.0.1312.57

    File : C:\Users\Hoochie Daddy\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [14282 octets] - [21/02/2013 18:49:45]
    AdwCleaner[R2].txt - [14214 octets] - [21/02/2013 18:51:28]

    ########## EOF - C:\AdwCleaner[R2].txt - [14275 octets] ##########
     

     

    # AdwCleaner v2.112 - Logfile created 02/21/2013 at 18:51:56
    # Updated 10/02/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Hoochie Daddy - HOOCHIEDADDY-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Hoochie Daddy\Desktop\adwcleaner0.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\ProgramData\APN
    Folder Deleted : C:\Users\Hoochie Daddy\AppData\Local\Conduit
    Folder Deleted : C:\Users\Hoochie Daddy\AppData\Local\Coupon Companion Plugin
    Folder Deleted : C:\Users\Hoochie Daddy\AppData\LocalLow\Conduit

    ***** [Registry] *****

    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\PIP
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Software

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16464

    [OK] Registry is clean.

    -\\ Mozilla Firefox v16.0.1 (en-US)

    File : C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\prefs.js

    Deleted : user_pref("CT2786678..clientLogIsEnabled", true);
    Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
    Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
    Deleted : user_pref("CT2786678.CTID", "CT2786678");
    Deleted : user_pref("CT2786678.CurrentServerDate", "18-3-2012");
    Deleted : user_pref("CT2786678.DSInstall", false);
    Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
    Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Sat Mar 17 2012 23:25:38 GMT-0500 (Central Daylig[...]
    Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
    Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Sat Mar 17 2012 23:25:26 GMT-0500 (Central Daylight Ti[...]
    Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 283);
    Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
    Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
    Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
    Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
    Deleted : user_pref("CT2786678.FirstServerDate", "3-2-2012");
    Deleted : user_pref("CT2786678.FirstTime", true);
    Deleted : user_pref("CT2786678.FirstTimeFF3", true);
    Deleted : user_pref("CT2786678.FixPageNotFoundErrors", true);
    Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
    Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Deleted : user_pref("CT2786678.HPInstall", false);
    Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
    Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false);
    Deleted : user_pref("CT2786678.HomepageBeforeUnload", "hxxp://www.google.com/");
    Deleted : user_pref("CT2786678.Initialize", true);
    Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
    Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
    Deleted : user_pref("CT2786678.InstallationId", "ConduitXPEIntegration");
    Deleted : user_pref("CT2786678.InstallationType", "ConduitXPEIntegration");
    Deleted : user_pref("CT2786678.InstalledDate", "Fri Feb 03 2012 00:40:34 GMT-0600 (Central Standard Time)");
    Deleted : user_pref("CT2786678.IsGrouping", false);
    Deleted : user_pref("CT2786678.IsInitSetupIni", true);
    Deleted : user_pref("CT2786678.IsMulticommunity", false);
    Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
    Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
    Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Sat Mar 17 2012 23:25:37 GMT-0500 (Central Dayligh[...]
    Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
    Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Deleted : user_pref("CT2786678.LastLogin_3.10.0.1", "Sat Mar 17 2012 23:25:34 GMT-0500 (Central Daylight Time)[...]
    Deleted : user_pref("CT2786678.LastLogin_3.9.0.3", "Fri Feb 03 2012 00:40:35 GMT-0600 (Central Standard Time)"[...]
    Deleted : user_pref("CT2786678.LatestVersion", "3.10.0.1");
    Deleted : user_pref("CT2786678.Locale", "en");
    Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
    Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
    Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
    Deleted : user_pref("CT2786678.OriginalFirstVersion", "3.9.0.3");
    Deleted : user_pref("CT2786678.SearchCaption", "uTorrentBar Customized Web Search");
    Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
    Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
    Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
    Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
    Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
    Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Sat Mar 17 2012 23:25:34 GMT-0500 (Central Dayli[...]
    Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Deleted : user_pref("CT2786678.SearchProtectorEnabled", false);
    Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
    Deleted : user_pref("CT2786678.SendProtectorDataViaLogin", true);
    Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Sat Mar 17 2012 23:25:27 GMT-0500 (Central Daylight [...]
    Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Sat Mar 17 2012 23:25:25 GMT-0500 (Central Daylight Ti[...]
    Deleted : user_pref("CT2786678.SettingsLastUpdate", "1331834901");
    Deleted : user_pref("CT2786678.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
    Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
    Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sat Mar 17 2012 23:25:25 GMT-0500 (Central Day[...]
    Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586");
    Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
    Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
    Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
    Deleted : user_pref("CT2786678.Uninstall", true);
    Deleted : user_pref("CT2786678.UserID", "UN23111371362663558");
    Deleted : user_pref("CT2786678.WeatherNetwork", "");
    Deleted : user_pref("CT2786678.WeatherPollDate", "Sat Mar 17 2012 23:25:41 GMT-0500 (Central Daylight Time)");
    Deleted : user_pref("CT2786678.WeatherUnit", "F");
    Deleted : user_pref("CT2786678.alertChannelId", "1178763");
    Deleted : user_pref("CT2786678.autoDisableScopes", -1);
    Deleted : user_pref("CT2786678.backendstorage.cbfirsttime", "4672692046656220303320323031322030303A34303A33372[...]
    Deleted : user_pref("CT2786678.backendstorage.pairingkey", "44454245444146363441443939423444353141454130323539[...]
    Deleted : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
    Deleted : user_pref("CT2786678.backendstorage.uttorrents", "7B226275696C64223A32363637312C226C6162656C223A5B5D[...]
    Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
    Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Sat Mar 17 2012 23:25:38 GMT-0500 (Central [...]
    Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
    Deleted : user_pref("CT2786678.initDone", true);
    Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true);
    Deleted : user_pref("CT2786678.myStuffEnabled", true);
    Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
    Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
    Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804[...]
    Deleted : user_pref("CT2786678.revertSettingsEnabled", false);
    Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
    Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
    Deleted : user_pref("CT2786678.testingCtid", "");
    Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Sat Mar 17 2012 23:25:37 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Sat Mar 17 2012 23:25:38 GMT-0500 (Central D[...]
    Deleted : user_pref("CT2786678.usagesFlag", 1);
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"15c[...]
    Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Hoochie Daddy\\AppData\\Roaming\\Mo[...]
    Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
    Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://serp.freecause.com/?ourmark=3&sid[...]
    Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2786678");
    Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678");
    Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
    Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 17 2012 23:25:29 GMT-0500 (Cen[...]
    Deleted : user_pref("CommunityToolbar.globalUserId", "23fcc2b0-5210-4087-abd4-4cb1a7647e81");
    Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678");
    Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Feb 03 2012 00:40:3[...]
    Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
    Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Feb 03 2012 00:40:33 GMT-0600 (C[...]
    Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
    Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Deleted : user_pref("CommunityToolbar.notifications.userId", "a92e95c2-4e49-4b45-8e80-89fd47d34967");
    Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
    Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]

    -\\ Google Chrome v24.0.1312.57

    File : C:\Users\Hoochie Daddy\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [14282 octets] - [21/02/2013 18:49:45]
    AdwCleaner[R2].txt - [14343 octets] - [21/02/2013 18:51:28]
    AdwCleaner[S1].txt - [14597 octets] - [21/02/2013 18:51:56]

    ########## EOF - C:\AdwCleaner[S1].txt - [14658 octets] ##########
     

     

     

     

     

     

     


    s522Dck.jpg


    #4 nasdaq

    nasdaq

    • Malware Response Team
    • 38,773 posts
    • ONLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:08:05 AM

    Posted 22 February 2013 - 11:09 AM

     
    BTW...don't know if it's important, but the securityCheck file is showing that I am running firefox V16.0.1, but I'm running V19
    The tools need to be updated. Thanks for the information.
     
     
    Adobe Reader/Acrobat 11.0.02 released Feb 21. 2013.
     
    Get the latest version of the  Adobe Reader.
    Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.
     
    When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
     
    ===
     
    How is the computer performing?
     
    The only thing I cannot find relevant information on is this FireFox extension.
     
    FF - ExtSQL: 2013-01-12 15:22; info@technologymob.com; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\info@technologymob.com.xpi
     
    Do you know what it does?
    Can you give me a link so that I can investigate if it's good or bad.


    #5 cyberski

    cyberski
    • Topic Starter

    • Members
    • 42 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Northern Wisconsin
    • Local time:07:05 AM

    Posted 22 February 2013 - 09:15 PM

    I have no idea what that extention is for, or anything about it. All I can see is their site has a few posts concerning computer news.  technologymob.com

     

    Now as far as the roboform issue, I seem to have found it's fix.  I was looking at what extensions I have for firefox, and I found that the roborm extension was disabled. blush.png  I could of swore that I checked that while trying to track down the videos issue. I ran firefox in safe mode w/o any extensions and that didn't help. I then added one extension at a time and had no luck with the issue either. It was then when I missed re-enabling it. doh...

     

    Except for the video issue, my computer is running OK.  All throughout the trying to fix the videos issue, my computer has shown no other problems.

     

    Here is a screenshot of what hijackthis shows. Note the lsass.exe not running in the system 32 folder towards the bottom

     

    http://i.imgur.com/JVPS22n.jpg

     


    s522Dck.jpg


    #6 nasdaq

    nasdaq

    • Malware Response Team
    • 38,773 posts
    • ONLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:08:05 AM

    Posted 23 February 2013 - 09:03 AM

    FF - ExtSQL: 2013-01-12 15:22; info@technologymob.com; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\info@technologymob.com.xp
    I would remove this extension. A search on Google Advanced search found only your log when looking for info@technologymob.com
    ===
     
     
    Here is a screenshot of what hijackthis shows. Note the lsass.exe not running in the system 32 folder towards the bottom
     
    HijackThis is not ready for Windows 7. It's reporting a lot of bad information.
    The DDS tool should always be used in your case.
     
    Please let me know what problem persists.


    #7 cyberski

    cyberski
    • Topic Starter

    • Members
    • 42 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Northern Wisconsin
    • Local time:07:05 AM

    Posted 25 February 2013 - 01:12 AM

    FF - ExtSQL: 2013-01-12 15:22; info@technologymob.com; C:\Users\Hoochie Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\u2pefvw7.default\extensions\info@technologymob.com.xp
    I would remove this extension. A search on Google Advanced search found only your log when looking for info@technologymob.com
    ===
     
     
    Here is a screenshot of what hijackthis shows. Note the lsass.exe not running in the system 32 folder towards the bottom

     
    Please let me know what problem persists.

    ***********************************************************

    I got rid of that extension. After the deletion I went to facebook and the ticker on the right side was showing. I have the extension "Hide Facebook Ticker v1.1.1"  enabled and so I uninstalled and reinstalled that extension and then the ticker was hiding again, so I guess that the technologymob stuff got involved with that extension somehow.

    The video issue is still present though, so i think i'll just nuke FireFox and reinstall from scratch.

     

    Thank you nasdaq for your assistance with this situation. I do appreciate it a lot.

     

    Jim 


    s522Dck.jpg


    #8 nasdaq

    nasdaq

    • Malware Response Team
    • 38,773 posts
    • ONLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:08:05 AM

    Posted 25 February 2013 - 09:46 AM

    When all is well:
     
    Time for some housekeeping
    The following will implement some cleanup procedures as well as reset  System Restore points:
     
    Click Start > Run  and copy/paste the following bold text into the Run box and click OK:
     
    ComboFix /Uninstall 
    ===
     
    To remove AdwCleaner.
     
    Please double click on AdwCleaner.exe to run the tool.
    Click on Uninstall.
    Confirm with Yes.
     
    If you decide to keep the AdwCleaner tool make sure delete your version and download the latest before running it.
     
    Delete the other tools we used.
    You can Keep the DDS tool as most forum will ask to see a log before suggesting a fix.
     
    Surf Safely, and Think Prevention!
    ===


    #9 nasdaq

    nasdaq

    • Malware Response Team
    • 38,773 posts
    • ONLINE
    •  
    • Gender:Male
    • Location:Montreal, QC. Canada
    • Local time:08:05 AM

    Posted 03 March 2013 - 10:44 AM

    It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users