Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Infection


  • Please log in to reply
5 replies to this topic

#1 nanaimoguy

nanaimoguy

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 08 March 2013 - 10:20 PM

I believe I have an infection. A few days ago I got infected with a java virus bzr.45 and Avira removed it. However, since than it's still be running slow. When im playing games i get massive lag now (3800ms) or constant lag. The machine is also taking longer to boot up. No other machines on the network are experiencing this.

 

What I have done

1) Run Malware Bytes (no results)

2) Run Avira (found 1 java virus)

3) Run Scan dsk & defragged (since it was still slow after the removal)

4) Installed Zone Alarm Firewall

 

After installing zone alarm my ping returned to normal and zone alarm noted it was blocking some outbound connections.

 

Windows Vista Home Premium 64 bit SP2. I have a few outstanding windows updates that I am installing now.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:53 PM

Posted 12 March 2013 - 11:36 PM

Hello ..Please run DrWeb Cure-It

 

Please click here to download the free version of Dr.Web CureIt! by clicking the Next Button.

 

Then click Download Dr.Web CureIt! and send the statistics Button.

 

On the next page check the I Accept License agreement box and click Continue..

 

You will be redirected to their Facebook page.

 

As it downloads you can view images of what the install instructions will do, Here

 

At the Choose a desired protection mode page select Cancel.

 

When the scanning is finished, view the scan report by clicking Open Report.

 

Please Copy/Paste that report in your next reply.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 nanaimoguy

nanaimoguy
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 14 March 2013 - 05:16 PM

Firefox & IE keep on crashing when i try to post the log.

 

The scan came back clean without any infections.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:53 PM

Posted 14 March 2013 - 09:18 PM

Let's do these then ...

 

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

 

>>>>>

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 nanaimoguy

nanaimoguy
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 14 March 2013 - 11:19 PM

MiniToolBox by Farbar  Version:05-03-2013
Ran by Jordan (administrator) on 14-03-2013 at 20:59:03
Running from "K:\Big Stock Photo\Large Format\Large Format"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Atheros 802.11 a/b/g/n Dualband Wireless Network Module = Wireless Network Connection (Connected)
Intel® 82567V-2 Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Desktop
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : no.shawcable.net

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : no.shawcable.net
   Description . . . . . . . . . . . : Atheros 802.11 a/b/g/n Dualband Wireless Network Module
   Physical Address. . . . . . . . . : 00-21-00-E1-AB-8A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:4643:989b:0:94e3:4e5f:98c8:3daf(Preferred)
   Temporary IPv6 Address. . . . . . : 2002:4643:989b:0:24fb:e936:56c7:89cf(Preferred)
   Link-local IPv6 Address . . . . . : fe80::94e3:4e5f:98c8:3daf%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : March-14-13 2:15:24 PM
   Lease Expires . . . . . . . . . . : March-15-13 2:15:23 PM
   Default Gateway . . . . . . . . . : fe80::6a7f:74ff:fe33:9a80%11
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 184557824
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-C4-B0-65-00-26-18-0E-05-F5
   DNS Servers . . . . . . . . . . . : 8.26.56.26
                                       156.154.70.22
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82567V-2 Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-26-18-0E-05-F5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{10AB1D31-B99B-4BCD-ACB7-C8B37914396C}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.no.shawcable.net
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  ns1.recursive.dns.com
Address:  8.26.56.26

Name:    google.com.no.shawcable.net
Addresses:  fe80:1::225:90ff:fe19:4b12
      92.242.144.50



Pinging google.com [173.194.47.39] with 32 bytes of data:

Reply from 173.194.47.39: bytes=32 time=300ms TTL=43

Reply from 173.194.47.39: bytes=32 time=305ms TTL=43



Ping statistics for 173.194.47.39:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 300ms, Maximum = 305ms, Average = 302ms

Server:  ns1.recursive.dns.com
Address:  8.26.56.26

Name:    yahoo.com.no.shawcable.net
Addresses:  fe80:1::225:90ff:fe19:4b12
      92.242.144.50



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=34ms TTL=54

Reply from 206.190.36.45: bytes=32 time=36ms TTL=54



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 34ms, Maximum = 36ms, Average = 35ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 1ms, Average = 0ms

===========================================================================
Interface List
 11 ...00 21 00 e1 ab 8a ...... Atheros 802.11 a/b/g/n Dualband Wireless Network Module
 10 ...00 26 18 0e 05 f5 ...... Intel® 82567V-2 Gigabit Network Connection
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  isatap.{10AB1D31-B99B-4BCD-ACB7-C8B37914396C}
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 13 ...00 00 00 00 00 00 00 e0  isatap.no.shawcable.net
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.102     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.102    281
    192.168.1.102  255.255.255.255         On-link     192.168.1.102    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.102    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.102    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.102    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11   4121 ::/0                     fe80::6a7f:74ff:fe33:9a80
  1    306 ::1/128                  On-link
 11     33 2002:4643:989b::/64      On-link
 11    281 2002:4643:989b:0:24fb:e936:56c7:89cf/128
                                    On-link
 11    281 2002:4643:989b:0:94e3:4e5f:98c8:3daf/128
                                    On-link
 11    281 fe80::/64                On-link
 11    281 fe80::94e3:4e5f:98c8:3daf/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/14/2013 08:26:51 PM) (Source: Application Error) (User: )
Description: Faulting application nmsrvc.exe, version 11.0.9154.0, time stamp 0x4a26a47d, faulting module nmcore.dll, version 11.2.9169.1, time stamp 0x4a3b0a0e, exception code 0xc0000417, fault offset 0x001de116,
process id 0x994, application start time 0xnmsrvc.exe0.

Error: (03/14/2013 03:03:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (03/14/2013 02:22:20 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (03/14/2013 02:22:20 PM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (03/14/2013 02:11:26 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (03/14/2013 02:11:26 PM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (03/14/2013 02:11:05 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (03/14/2013 02:07:32 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (03/14/2013 01:34:29 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (03/14/2013 01:34:29 PM) (Source: LoadPerf) (User: )
Description: Performance16


System errors:
=============
Error: (03/14/2013 08:26:56 PM) (Source: Service Control Manager) (User: )
Description: Pure Networks Platform Service1

Error: (03/14/2013 04:01:53 PM) (Source: Service Control Manager) (User: )
Description: ESET Service

Error: (03/14/2013 02:15:53 PM) (Source: Service Control Manager) (User: )
Description: Beep
luafv
SRTSP
SRTSPX

Error: (03/14/2013 02:14:56 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (03/14/2013 02:13:57 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (03/14/2013 02:10:13 PM) (Source: Service Control Manager) (User: )
Description: Network Location Awareness11001Restart the service

Error: (03/14/2013 02:10:13 PM) (Source: Service Control Manager) (User: )
Description: DNS Client11200001Restart the service

Error: (03/14/2013 02:10:13 PM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services1600001Restart the service

Error: (03/14/2013 02:10:07 PM) (Source: Service Control Manager) (User: )
Description: Windows Firewall11200001Restart the service

Error: (03/14/2013 02:10:07 PM) (Source: Service Control Manager) (User: )
Description: Base Filtering Engine11200001Restart the service


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-03-14 16:02:43.756
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vsdatant.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-14 15:21:18.569
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vsdatant.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-14 15:21:18.444
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vsdatant.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-14 15:21:18.303
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vsdatant.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-14 15:21:18.163
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vsdatant.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-14 15:21:14.450
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vsdatant.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-14 15:21:14.325
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vsdatant.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-14 15:21:14.185
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vsdatant.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-14 15:21:14.045
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vsdatant.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-08 18:40:48.248
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Jordan\{673c1dc8-02d1-461c-8bbf-55ec9c90849e}\vsdatant.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe Acrobat 9 Pro Extended 64-bit Add-On (Version: 9.0.0)
Adobe CSI CS4 x64 (Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Akamai NetSession Interface
AMD Catalyst Install Manager (Version: 8.0.873.0)
Apple Mobile Device Support (Version: 5.2.0.6)
Bonjour (Version: 3.0.0.10)
ccc-utility64 (Version: 2012.0405.2205.37728)
CCleaner (Version: 3.28)
ESET NOD32 Antivirus (Version: 6.0.308.0)
Google Chrome (Version: 25.0.1364.152)
Hardware Diagnostic Tools (Version: 5.1.5144.16)
HP MediaSmart SmartMenu (Version: 2.1.12)
HP Remote Software (Version: 1.0.5.0)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565)
Intel® Matrix Storage Manager
iTunes (Version: 10.6.3.25)
Java 7 Update 15 (64-bit) (Version: 7.0.150)
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
NVIDIA Install Application (Version: 2.1002.62.312)
PaperPort Image Printer 64-bit (Version: 1.00.0001)
Roxio File Backup (Version: 1.3.0)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
WinRAR archiver
ZoneAlarm LTD Toolbar

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 9206.2 MB
Available physical RAM: 6014.39 MB
Total Pagefile: 10113.2 MB
Available Pagefile: 6612.81 MB
Total Virtual: 4095.88 MB
Available Virtual: 3989.38 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:873.49 GB) (Free:613.86 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:14.07 GB) (Free:1.98 GB) NTFS
3 Drive e: (DiamondHDxxxx) (CDROM) (Total:0.61 GB) (Free:0 GB) CDFS
9 Drive k: (CruisePlus) (Fixed) (Total:9.76 GB) (Free:0.66 GB) NTFS
10 Drive m: () (Fixed) (Total:34.18 GB) (Free:16.65 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP

Administrator            Bea                      Guest                    
Jordan                   

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 



# AdwCleaner v2.114 - Logfile created 03/14/2013 at 21:00:09
# Updated 05/03/2013 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Jordan - DESKTOP
# Boot Mode : Normal
# Running from : K:\Big Stock Photo\Large Format\Large Format\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\q20wixo3.default\searchplugins\Conduit.xml
File Found : C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\q20wixo3.default\searchplugins\zonealarm.xml
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\FreeRIP
Folder Found : C:\Users\Bea\AppData\Local\AVG Security Toolbar
Folder Found : C:\Users\Bea\AppData\LocalLow\AVG Security Toolbar
Folder Found : C:\Users\Bea\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jordan\AppData\Local\AVG Security Toolbar
Folder Found : C:\Users\Jordan\AppData\Local\Conduit
Folder Found : C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcmflmkceipgecmhoddphflfndnfbbe
Folder Found : C:\Users\Jordan\AppData\LocalLow\AVG Security Toolbar
Folder Found : C:\Users\Jordan\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jordan\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Jordan\AppData\Roaming\Complitly

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\AskToolbarInfo
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\Toolbar
Key Found : HKCU\Software\Ask&Record
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Ask.com.tmp
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Complitly
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\pmcmflmkceipgecmhoddphflfndnfbbe
Key Found : HKCU\Software\GreenTree Applications
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\Software\GreenTree Applications
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\SimplyGen
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmcmflmkceipgecmhoddphflfndnfbbe
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKU\S-1-5-21-506331316-113286094-1729006448-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-506331316-113286094-1729006448-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2737658

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\q20wixo3.default\prefs.js

Found : user_pref("CT2737658.1000082.isPlayDisplay", "true");
Found : user_pref("CT2737658.1000082.state", "{\"state\":\"stopped\",\"text\":\"Classic R...\",\"description[...]
Found : user_pref("CT2737658.2737658a129531115111807042000000paramsGK0", "{\"updateReqTime\":1342749241272,\[...]
Found : user_pref("CT2737658.CT2737658ads1", "%7B%22ads%22%3A%5B%7B%22aid%22%3A%2247299%22%2C%22title%22%3A%[...]
Found : user_pref("CT2737658.CT2737658current_term", "");
Found : user_pref("CT2737658.CT2737658sdate", "19");
Found : user_pref("CT2737658.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2737658.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT2737658.FirstTime", "true");
Found : user_pref("CT2737658.FirstTimeFF3", "true");
Found : user_pref("CT2737658.RSS_Pub_Config", "{\"settings\":{\"icon\":\"hxxp://storage.conduit.com/58/273/C[...]
Found : user_pref("CT2737658.RSSapp2737658a129531115111807042000000ReadItemsArr", "%7B%22hxxp%3A%2F%2Fwww.ny[...]
Found : user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat0", "%5B%7B%22type%22%3A%22rss%22%2C%2[...]
Found : user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat1", "%5B%7B%22type%22%3A%22rss%22%2C%2[...]
Found : user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat2", "%5B%7B%22type%22%3A%22rss%22%2C%2[...]
Found : user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat3", "%5B%7B%22type%22%3A%22rss%22%2C%2[...]
Found : user_pref("CT2737658.RSSapp2737658a129531115111807042000000embeddedVersion", "2.5.0");
Found : user_pref("CT2737658.RSSapp2737658a129531115111807042000000feedsObj", "%7B%22channels%22%3A%7B%22id%[...]
Found : user_pref("CT2737658.RSSapp2737658a129531115111807042000000lastReportTime", "1342749271244 ");
Found : user_pref("CT2737658.RSSapp2737658a129531115111807042000000newFeeds", "newFeeds");
Found : user_pref("CT2737658.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT273[...]
Found : user_pref("CT2737658.UserID", "UN52982875844150182");
Found : user_pref("CT2737658.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT2737658.autoDisableScopes", -1);
Found : user_pref("CT2737658.browser.search.defaultthis.engineName", true);
Found : user_pref("CT2737658.cbcountry_001", "CA");
Found : user_pref("CT2737658.cbfirsttime", "Thu Jul 19 2012 18:53:59 GMT-0700 (Pacific Daylight Time)");
Found : user_pref("CT2737658.defaultSearch", "true");
Found : user_pref("CT2737658.embeddedsData", "[{\"appId\":\"129258407936791975\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT2737658.enableAlerts", "always");
Found : user_pref("CT2737658.enableSearchFromAddressBar", "true");
Found : user_pref("CT2737658.firstTimeDialogOpened", "true");
Found : user_pref("CT2737658.fixPageNotFoundError", "true");
Found : user_pref("CT2737658.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT2737658.fixUrls", true);
Found : user_pref("CT2737658.installId", "ConduitInstaller.exe");
Found : user_pref("CT2737658.installType", "ConduitNSISIntegration");
Found : user_pref("CT2737658.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2737658.isNewTabEnabled", true);
Found : user_pref("CT2737658.isPerformedSmartBarTransition", "true");
Found : user_pref("CT2737658.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2737658.keyword", true);
Found : user_pref("CT2737658.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Found : user_pref("CT2737658.openThankYouPage", "false");
Found : user_pref("CT2737658.openUninstallPage", "true");
Found : user_pref("CT2737658.search.searchAppId", "129258407936791975");
Found : user_pref("CT2737658.search.searchCount", "0");
Found : user_pref("CT2737658.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT2737658.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2737658.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT2737658.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Found : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT2737658.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT2737658.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1342749239285");
Found : user_pref("CT2737658.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1342749239262");
Found : user_pref("CT2737658.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "13427492392[...]
Found : user_pref("CT2737658.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1342749239273"[...]
Found : user_pref("CT2737658.serviceLayer_services_app.twitter.user-google_lastUpdate", "1342749239237");
Found : user_pref("CT2737658.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1342749239296")[...]
Found : user_pref("CT2737658.serviceLayer_services_app.twitter.user-time_lastUpdate", "1342749239467");
Found : user_pref("CT2737658.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1342749239410");
Found : user_pref("CT2737658.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1342749236867");
Found : user_pref("CT2737658.serviceLayer_services_appTracking_lastUpdate", "1342749239160");
Found : user_pref("CT2737658.serviceLayer_services_appsMetadata_lastUpdate", "1342749236810");
Found : user_pref("CT2737658.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1342749237460");
Found : user_pref("CT2737658.serviceLayer_services_login_10.10.20.14_lastUpdate", "1342749248667");
Found : user_pref("CT2737658.serviceLayer_services_optimizer_lastUpdate", "1342749237339");
Found : user_pref("CT2737658.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1342749237543");
Found : user_pref("CT2737658.serviceLayer_services_searchAPI_lastUpdate", "1342749236584");
Found : user_pref("CT2737658.serviceLayer_services_serviceMap_lastUpdate", "1342749235773");
Found : user_pref("CT2737658.serviceLayer_services_toolbarContextMenu_lastUpdate", "1342749237603");
Found : user_pref("CT2737658.serviceLayer_services_toolbarSettings_lastUpdate", "1342749236012");
Found : user_pref("CT2737658.serviceLayer_services_translation_lastUpdate", "1342749236821");
Found : user_pref("CT2737658.settingsINI", true);
Found : user_pref("CT2737658.shouldFirstTimeDialog", "true");
Found : user_pref("CT2737658.smartbar.CTID", "CT2737658");
Found : user_pref("CT2737658.smartbar.Uninstall", "1");
Found : user_pref("CT2737658.smartbar.homepage", true);
Found : user_pref("CT2737658.smartbar.toolbarName", "FreeOnlineRadioPlayerRecorder ");
Found : user_pref("CT2737658.toolbarBornServerTime", "20-7-2012");
Found : user_pref("CT2737658.toolbarCurrentServerTime", "20-7-2012");
Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2737658&SearchSource=1[...]
Found : user_pref("Smartbar.ConduitSearchEngineList", "FreeOnlineRadioPlayerRecorder Customized Web Search")[...]
Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658[...]
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT2737658");
Found : user_pref("extensions.zonealarm.dspFFXOld", "FreeOnlineRadioPlayerRecorder Customized Web Search");
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=2&q=[...]

File : C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\9o9z05cb.default\prefs.js

Found : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\10.0.0.7");
Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Found : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bf52b158b-d744-4251-835e-e7570fd5bba0%[...]

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.23] : icon_url = "hxxp://search.conduit.com/fav.ico",
Found [l.26] : keyword = "search.conduit.com",
Found [l.29] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2737658&sspv=CHSB15",
Found [l.30] : suggest_url = "hxxp://search.conduit.com/"
Found [l.317] : homepage = "hxxp://search.conduit.com/?ctid=CT2737658&SearchSource=48&sspv=CHSB15",
Found [l.538] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2737658&SearchSource=48&sspv=CHSB15" ]

File : C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [20534 octets] - [14/03/2013 21:00:09]

########## EOF - C:\AdwCleaner[R1].txt - [20595 octets] ##########
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:53 PM

Posted 15 March 2013 - 10:42 AM

Good ,run one more please..
 
Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
  • .Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
    • After completing the scan, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab .
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
    • Exit Malwarebytes when done.
    Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    -- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

Edited by boopme, 15 March 2013 - 10:43 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users