Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

pop ups, slow computer, 2 trojans that AVG will not remove


  • Please log in to reply
14 replies to this topic

#1 seitler

seitler

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 17 April 2013 - 09:03 PM

I've recently started getting two pop ups everytime I open the internet.  I have pop ups blocked on my computer settings and internet settings.  I also am getting a advertisement on the right side of the screen on just about every page that I can close out of but comes back when I go to a different site or web page.  The internet is extremely slow to  load and is having troubles accessing some pages.  I have ran AVG and Malaware Bytes with no success in correcting the problem.  I am running Windows XP Media Center Edition.  Any help would be necessary.

 

Thank you,

 

Bryan

 



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:36 AM

Posted 17 April 2013 - 09:38 PM

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif NOTE. Make sure all logs are pasted not attached.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 seitler

seitler
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 18 April 2013 - 03:45 PM

 Results of screen317's Security Check version 0.99.62  
 Windows XP Service Pack 2 x86   
 Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
AVG Anti-Virus Free Edition 2011   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Out of date HijackThis  installed!
 SpywareBlaster 4.4    
 SUPERAntiSpyware     
 Malwarebytes Anti-Malware version 1.70.0.1100  
 HijackThis 2.0.2    
 Java™ 6 Update 23  
 Java 7 Update 17  
 Adobe Flash Player     11.6.602.180  
 Mozilla Firefox (20.0.1)
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe
 AVG avgtray.exe
 AVG avgrsx.exe
 AVG avgnsx.exe
 AVG avgemc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````
 

 


Farbar Service Scanner Version: 14-04-2013
Ran by HP_Administrator (administrator) on 18-04-2013 at 15:41:21
Running from "C:\Documents and Settings\HP_Administrator.KIMBERLY\Desktop"
Microsoft Windows XP Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:

 



#4 seitler

seitler
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 18 April 2013 - 03:49 PM

MiniToolBox by Farbar  Version:05-03-2013
Ran by HP_Administrator (administrator) on 18-04-2013 at 15:47:58
Running from "C:\Documents and Settings\HP_Administrator.KIMBERLY\Desktop"
Microsoft Windows XP Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1       localhost

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/18/2013 03:01:18 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/17/2013 03:00:45 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/16/2013 03:00:45 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/15/2013 03:00:46 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/14/2013 03:00:48 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/13/2013 03:00:46 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/12/2013 11:20:44 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 20.0.1.4847, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/12/2013 11:20:41 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 20.0.1.4847, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/12/2013 03:00:43 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/11/2013 03:00:50 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560


System errors:
=============
Error: (04/18/2013 03:01:42 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906).

Error: (04/17/2013 10:45:35 AM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (04/17/2013 03:01:02 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906).

Error: (04/16/2013 03:01:03 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906).

Error: (04/15/2013 10:45:34 AM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (04/15/2013 03:01:13 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906).

Error: (04/14/2013 03:00:56 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906).

Error: (04/13/2013 10:45:33 AM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (04/13/2013 03:00:57 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906).

Error: (04/12/2013 03:00:49 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906).


Microsoft Office Sessions:
=========================
Error: (04/18/2013 03:01:18 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/17/2013 03:00:45 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/16/2013 03:00:45 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/15/2013 03:00:46 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/14/2013 03:00:48 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/13/2013 03:00:46 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/12/2013 11:20:44 PM) (Source: Application Hang)(User: )
Description: firefox.exe20.0.1.4847hungapp0.0.0.000000000

Error: (04/12/2013 11:20:41 PM) (Source: Application Hang)(User: )
Description: firefox.exe20.0.1.4847hungapp0.0.0.000000000

Error: (04/12/2013 03:00:43 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560

Error: (04/11/2013 03:00:50 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1683.4989kb979906103366afinstallx865.1.2600.2.2.0.2560


=========================== Installed Programs ============================

1300 (Version: 50.0.206.000)
1300_Help (Version: 50.0.206.000)
1300Tour (Version: 50.0.206.000)
1300Trb (Version: 50.0.206.000)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
AiO_Scan (Version: 50.0.206.000)
AiO_Scan_CDA (Version: 50.0.214.000)
AiOSoftware (Version: 50.0.206.000)
AiOSoftwareNPI (Version: 50.0.214.000)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.9.1.0)
ATI Display Driver (Version: 8.17-050813a1-025991C-HP)
AutoCAD 2008 - English (Version: 17.1.51.0)
Autodesk 3ds Max 2008 32-bit (Version: 10.0)
Autodesk 3ds Max 2008 32-bit Additional Maps and Material Libraries (Version: 10.0)
Autodesk 3ds Max 2008 32-bit Architectural Materials Library (Version: 10.0)
Autodesk 3ds Max 2008 32-bit Help (Version: 10.0)
Autodesk 3ds Max 2008 32-bit Vault 2008 Plug-In (Version: 10.0)
Autodesk 3ds Max 2008 32-bit Vault 5 Plug-In (Version: 10.0)
Autodesk 3ds Max 2008 32-bit Videos (Version: 10.0)
Autodesk DWF Viewer 7 (Version: 7.2.0)
AVG 2011 (Version: 10.0.1432)
AVG 2011 (Version: 10.0.3162)
Backburner (Version: 2007.1)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 53.0.13.000)
CameraDrivers (Version: 5.0.0.290)
CameraDrivers (Version: 5.0.0.328)
Cisco AnyConnect VPN Client (Version: 2.5.1025)
Citrix Presentation Server Client (Version: 10.00.52110)
Coupon Printer for Windows (Version: 4.0)
Coupon Printer for Windows (Version: 5.0.0.0)
CP_AtenaShokunin1Config (Version: 53.0.13.000)
CP_CalendarTemplates1 (Version: 53.0.13.000)
cp_LightScribeConfig (Version: 53.0.24.000)
cp_LightScribePlugin (Version: 53.0.24.000)
CP_Package_Basic1 (Version: 53.0.13.000)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
CP_Panorama1Config (Version: 53.0.13.000)
Critical Update for Windows Media Player 11 (KB959772)
CueTour (Version: 53.0.13.000)
Data Fax SoftModem with SmartCP
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 5.2.0.0)
DocumentViewer (Version: 53.0.13.000)
DocumentViewerQFolder (Version: 1.00.0000)
Enhanced Multimedia Keyboard Solution
Fax (Version: 50.0.206.000)
Fax_CDA (Version: 50.0.214.000)
FBX Plugin 2006.11.1 for Max 2008
Foxit Creator (Version: 3,0,2,0506)
Foxit Reader (Version: 4.3.1.118)
GdiplusUpgrade (Version: 1.00.01)
GetSavin (Version: 1.1364261420)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
HijackThis 2.0.2 (Version: 2.0.2)
HP Boot Optimizer (Version: 2.0.5.1)
HP Deskjet Printer Preload (Version: 10.1.0)
HP DigitalMedia Archive (Version: 1.2)
HP Document Viewer 5.3 (Version: 5.3)
HP Image Zone 5.3 (Version: 5.3)
HP Image Zone for Media Center PC
HP Imaging Device Functions 5.3 (Version: 5.3)
HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1)
HP Photosmart Cameras 5.0 (Version: 5.0)
HP PSC & OfficeJet 5.3.A
HP PSC & OfficeJet 5.3.B
HP Software Update (Version: 3.0.6.002)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HPProductAssistant (Version: 53.0.13.000)
HpSdpAppCoreApp (Version: 3.00.0000)
InstantShareDevices (Version: 53.0.13.000)
InterVideo WinDVD Player
InterVideo WinDVD Player (Version: 5.0-B11.896)
iTunes (Version: 11.0.0.163)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 23 (Version: 6.0.230)
Kobo (Version: 2.1.3)
LightScribe  1.4.52.1 (Version: 1.4.52.1)
Logitech Audio Echo Cancellation Component (Version: 10.00.1439)
Logitech Desktop Messenger (Version: 2.52.18)
Logitech QuickCam (Version: 10.00.1439)
Logitech SetPoint (Version: 2.40)
Logitech Video Enumerator (Version: 10.00.1439)
Logitech® Camera Driver
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee Security Scan Plus (Version: 2.1.121.2)
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Away Mode (Version: 6.0.0160.0)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour (Version: 1.0.0)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Works (Version: 08.04.0623)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
Mp3tag v2.53 (Version: v2.53)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
NetMeeting Resource Kit 3.0
NewCopy (Version: 50.0.206.000)
NewCopy_CDA (Version: 50.0.214.000)
NVIDIA PhysX v8.10.29 (Version: 8.10.29)
OLYMPUS Master 2 (Version: 1.0.2)
PanoStandAlone (Version: 53.0.13.000)
Payroll Mate 2013
PhotoGallery (Version: 53.0.13.000)
PricePeep (Version: 2.1.0.22)
ProductContext (Version: 50.0.206.000)
PSPrinters08 (Version: 8.01.0000)
PSTAPlugin (Version: 8.01.0000)
RandMap (Version: 53.0.13.000)
Readme (Version: 50.0.214.000)
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
Segoe UI (Version: 14.0.4327.805)
SES Driver (Version: 1.0.0)
SkinsHP1 (Version: 53.0.13.000)
Skype™ 4.2 (Version: 4.2.155)
SolutionCenter (Version: 50.0.152.000)
Sonic_PrimoSDK (Version: 53.0.13.000)
Spotify (Version: 0.8.5.1331.ge9d898e3)
SpywareBlaster 4.4 (Version: 4.4.0)
Status (Version: 53.0.13.000)
SUPERAntiSpyware (Version: 4.48.1000)
Symantec KB-DocID:2003093015493306 (Version: 1.0.0.1)
TrayApp (Version: 53.0.13.000)
UMVPLStandalone (Version: 10.00.1439)
Unity Web Player (Version: )
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB900485) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB916595) (Version: 1)
Update for Windows XP (KB920872) (Version: 1)
Update for Windows XP (KB922582) (Version: 1)
Update for Windows XP (KB925720) (Version: 1)
Update for Windows XP (KB927891) (Version: 3)
Update for Windows XP (KB929338) (Version: 1)
Update for Windows XP (KB930916) (Version: 1)
Update for Windows XP (KB931836) (Version: 1)
Update for Windows XP (KB933360) (Version: 1)
Update for Windows XP (KB938828) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB942840) (Version: 1)
Update for Windows XP (KB946627) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB953356) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
Update for Windows XP (KB980182) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
VBA (2627.01) (Version: 6.03.00.9402)
Wal-Mart Digital Photo Manager (Version: 1.4.0.11)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Winamp (Version: 5.572 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.5.0540.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB883667 (Version: 20040812.104354)
Windows XP Hotfix - KB885250 (Version: 20050118.202711)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB887742 (Version: 20041103.095002)
Windows XP Hotfix - KB888113 (Version: 20041116.131036)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890175 (Version: 20041201.233338)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
Windows XP Hotfix - KB892050 (Version: 3)
Windows XP Hotfix - KB893066 (Version: 1)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768

========================= Devices: ================================

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 81%
Total physical RAM: 958.48 MB
Available physical RAM: 180.67 MB
Total Pagefile: 2311.95 MB
Available Pagefile: 1368.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1979.58 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:224.37 GB) (Free:4.42 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:8.5 GB) (Free:1.14 GB) FAT32

========================= Users: ========================================

User accounts for \\SEITLER

Administrator            Guest                    HelpAssistant            
HP_Administrator         SUPPORT_388945a0         SUPPORT_fddfa904         


**** End of log ****
 

 



#5 seitler

seitler
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 18 April 2013 - 04:43 PM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.18.09

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
HP_Administrator :: SEITLER [administrator]

4/18/2013 3:55:28 PM
mbam-log-2013-04-18 (15-55-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 283880
Time elapsed: 34 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Documents and Settings\HP_Administrator.KIMBERLY\Local Settings\temp\pricepeep_1.exe (Adware.Shopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator.KIMBERLY\Local Settings\temp\browseforchange_ibryte_install.zip (Adware.IBryte) -> Quarantined and deleted successfully.

(end)
 

 



#6 seitler

seitler
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 18 April 2013 - 04:48 PM

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 2 x86

Account is Administrative

Internet Explorer version: 6.0.2900.2180

Java version: 1.6.0_23

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.387000 GHz
Memory total: 1005035520, free: 109785088

DDA driver unhooking procedure failed
Downloaded database version: v2013.04.18.10
Downloaded database version: v2013.04.17.03
Initializing...
Done!
Can't access volume using primary device, the volume might be encrypted.
The system volume seems inaccessible or encrypted. Scan can't continue.
=======================================

 

 



#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:36 AM

Posted 18 April 2013 - 04:49 PM

Re-run it from safe mode.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 seitler

seitler
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 18 April 2013 - 05:53 PM

re-run what?

 



#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:36 AM

Posted 18 April 2013 - 05:55 PM

Malwarebytes Anti-Rootkit BETA


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 seitler

seitler
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 18 April 2013 - 09:43 PM

Malwarebytes Anti-Rootkit BETA 1.05.0.1001

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 2 x86

Account is Administrative

Internet Explorer version: 6.0.2900.2180

Java version: 1.6.0_23

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.387000 GHz
Memory total: 1005035520, free: 230649856

------------ Kernel report ------------
     04/18/2013 17:55:47
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
fkym.sys
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
SSHRMD.SYS
SSFS0509.SYS
SSIDRV.SYS
\WINDOWS\SYSTEM32\Drivers\NDIS.SYS
\WINDOWS\SYSTEM32\Drivers\TDI.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
viaide.sys
intelide.sys
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
iaStor.sys
atapi.sys
ftsata2.sys
\WINDOWS\system32\DRIVERS\SCSIPORT.SYS
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
bb-run.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
Mup.sys
avgrkx86.sys
AVGIDSEH.Sys
\SystemRoot\system32\DRIVERS\AmdK8.sys
\SystemRoot\system32\DRIVERS\aracpi.sys
\SystemRoot\system32\DRIVERS\ati2mtag.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\Rtlnicxp.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\HSFHWBS2.sys
\SystemRoot\system32\DRIVERS\HSF_DP.sys
\SystemRoot\system32\DRIVERS\HSF_CNXT.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\drivers\ALCXWDM.SYS
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\System32\Drivers\L8042mou.sys
\SystemRoot\System32\Drivers\LMouKE.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\armoucfltr.sys
\SystemRoot\system32\DRIVERS\L8042Kbd.sys
\SystemRoot\System32\Drivers\sskbfd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\arkbcfltr.sys
\SystemRoot\system32\DRIVERS\arpolicy.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\WINDOWS\system32\drivers\avgtpx86.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\drivers\lvusbsta.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ati2dvag.dll
\SystemRoot\System32\ati2cqag.dll
\SystemRoot\System32\atikvmag.dll
\SystemRoot\System32\ati3duag.dll
\SystemRoot\System32\ativvaxx.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\system32\DRIVERS\AVGIDSShim.Sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\DRIVERS\secdrv.sys
\??\C:\WINDOWS\system32\drivers\symlcbrd.sys
\SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys
\SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys
\SystemRoot\system32\drivers\LVPr2Mon.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR11
Upper Device Object: 0xffffffff85d7b030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000008c\
Lower Device Object: 0xffffffff85f1f030
Lower Device Driver Name: \Driver\usbstor\
Driver name found: usbstor
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR6
Upper Device Object: 0xffffffff85a87ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000083\
Lower Device Object: 0xffffffff85d4b030
Lower Device Driver Name: \Driver\usbstor\
Driver name found: usbstor
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR5
Upper Device Object: 0xffffffff85aa6868
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000082\
Lower Device Object: 0xffffffff8598dd70
Lower Device Driver Name: \Driver\usbstor\
Driver name found: usbstor
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR4
Upper Device Object: 0xffffffff85f01530
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000081\
Lower Device Object: 0xffffffff85e55ea0
Lower Device Driver Name: \Driver\usbstor\
Driver name found: usbstor
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR3
Upper Device Object: 0xffffffff85ee4888
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000080\
Lower Device Object: 0xffffffff85d2e030
Lower Device Driver Name: \Driver\usbstor\
Driver name found: usbstor
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86357ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff86386d98
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.04.18.10
Downloaded database version: v2013.04.17.03
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86357ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff863c5570, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86357ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff863e0820, DeviceName: \Device\00000075\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff86386d98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffe144c258, 0xffffffff86357ab8, 0xffffffff8523f9b8
Lower DeviceData: 0xffffffffe10bb500, 0xffffffff86386d98, 0xffffffff85e15118
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\WINDOWS\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1549F232

Partition information:

    Partition 0 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 17848152

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 17848215  Numsec = 470543850
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-488377168-488397168)...
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff85ee4888, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff859904d8, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff85ee4888, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85d2e030, DeviceName: \Device\00000080\, DriverName: \Driver\usbstor\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xffffffff85f01530, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff859902c0, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff85f01530, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85e55ea0, DeviceName: \Device\00000081\, DriverName: \Driver\usbstor\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xffffffff85aa6868, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85f5e968, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff85aa6868, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8598dd70, DeviceName: \Device\00000082\, DriverName: \Driver\usbstor\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xffffffff85a87ab8, DeviceName: \Device\Harddisk4\DR6\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85f5e750, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff85a87ab8, DeviceName: \Device\Harddisk4\DR6\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85d4b030, DeviceName: \Device\00000083\, DriverName: \Driver\usbstor\
------------ End ----------
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xffffffff85d7b030, DeviceName: \Device\Harddisk5\DR11\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85cc32d8, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff85d7b030, DeviceName: \Device\Harddisk5\DR11\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85f1f030, DeviceName: \Device\0000008c\, DriverName: \Driver\usbstor\
------------ End ----------
Done!
Performing system, memory and registry scan...
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158} --> [Adware.GamePlayLab]
Read File:  File "c:\Documents and Settings\All Users\Application Data\AVG10\Chjw\467425be7425b19b.dat" is sparse (flags = 32768)
Done!
Scan finished
 

 



Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.04.18.10

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
HP_Administrator :: SEITLER [administrator]

4/18/2013 9:36:19 PM
mbar-log-2013-04-18 (21-36-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 34625
Time elapsed: 3 hour(s), 39 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Delete on reboot.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 



#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:36 AM

Posted 18 April 2013 - 09:46 PM

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


=============================================================================

p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


=======================================

p22002970.gif Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 seitler

seitler
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 18 April 2013 - 10:28 PM

# AdwCleaner v2.200 - Logfile created 04/18/2013 at 22:22:18
# Updated 02/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : HP_Administrator - SEITLER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\HP_Administrator.KIMBERLY\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\END
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\PricePeep
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.2180

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

-\\ Google Chrome v [Unable to get version]

*************************

AdwCleaner[S1].txt - [10733 octets] - [18/04/2013 22:22:18]

########## EOF - C:\AdwCleaner[S1].txt - [10794 octets] ##########
 

 



#13 seitler

seitler
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 18 April 2013 - 10:46 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.5 (04.17.2013:1)
OS: Microsoft Windows XP x86
Ran by HP_Administrator on Thu 04/18/2013 at 22:30:37.29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{5c255c8a-e604-49b4-9d64-90988571cecb}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{912c156f-05cf-4b62-851a-96e167a677b0}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{912c156f-05cf-4b62-851a-96e167a677b0}



~~~ Files

Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
Successfully deleted: [File] "C:\WINDOWS\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\HP_Administrator.KIMBERLY\Local Settings\Application Data\getsavin"
Successfully deleted: [Folder] "C:\Documents and Settings\HP_Administrator.KIMBERLY\Local Settings\Application Data\ibryte"
Successfully deleted: [Folder] "C:\Documents and Settings\HP_Administrator.KIMBERLY\Local Settings\Application Data\wajam"
Successfully deleted: [Folder] "C:\Program Files\couponalert_2pei"
Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Documents and Settings\HP_Administrator.KIMBERLY\Local Settings\Application Data\google\chrome\user data\default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\HP_Administrator.KIMBERLY\Application Data\mozilla\firefox\profiles\zyqqts60.default\user.js
Successfully deleted: [File] C:\Documents and Settings\HP_Administrator.KIMBERLY\Application Data\mozilla\firefox\profiles\zyqqts60.default\extensions\pricepeep@getpricepeep.com.xpi
Successfully deleted: [Folder] C:\Documents and Settings\HP_Administrator.KIMBERLY\Application Data\mozilla\firefox\profiles\zyqqts60.default\extensions\crossriderapp2258@crossrider.com
Successfully deleted: [Folder] C:\Documents and Settings\HP_Administrator.KIMBERLY\Application Data\mozilla\firefox\profiles\zyqqts60.default\extensions\getsavin@jetpack
Successfully deleted the following from C:\Documents and Settings\HP_Administrator.KIMBERLY\Application Data\mozilla\firefox\profiles\zyqqts60.default\prefs.js

user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");
user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=");
user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Mar 21 2011 21:25:53 GMT-0500 (Central Daylight Time)");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Mar 21 2011 21:25:53 GMT-0500 (Central Daylight Time)");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "{4db42177-ebea-4f34-bb9d-51e7e69fe75e}");
user_pref("browser.startup.homepage", "hxxp://mysearch.avg.com/?cid={8FA84D10-606D-4F6D-83A1-FE2270753DCC}&mid=a4922255622e47d6bf85d15cb4b1645a-fb01992a4d6b2dae023f77ec985c550
user_pref("extensions.crossrider.bic", "135e4a1696c9134187023aa3602f3c8d");
user_pref("extensions.crossriderapp2258.2258.InstallationThankYouPage", true);
user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1330972706);
user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.searchUserConifrmation", false);
user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setHomepage", false);
user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setNewTab", false);
user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setSearch", false);
user_pref("extensions.crossriderapp2258.2258.active", true);
user_pref("extensions.crossriderapp2258.2258.addressbar", "");
user_pref("extensions.crossriderapp2258.2258.addressbarenhanced", "");
user_pref("extensions.crossriderapp2258.2258.affid", "0");
user_pref("extensions.crossriderapp2258.2258.backgroundjs", "\n\n//\n");
user_pref("extensions.crossriderapp2258.2258.backgroundver", 47);
user_pref("extensions.crossriderapp2258.2258.certdomaininstaller", "");
user_pref("extensions.crossriderapp2258.2258.changeprevious", false);
user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1330972706");
user_pref("extensions.crossriderapp2258.2258.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie.InstallerParams.value", "%7B%22source_id%22%3A%2216474%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%2216474%26subid%3D
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.value", "1330972706");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_arbitrary_code.expiration", "Thu Apr 18 2013 22:32:12 GMT-0500 (Central Daylight Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_arbitrary_code.value", "%22%21appAPI.db.get%28%5C%22_GPL_ib_disclosure%5C%22%29%26%26%28%21appAPI.db.get%28%5C%22_GPL_
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_blocklist.expiration", "Thu Apr 18 2013 22:32:12 GMT-0500 (Central Daylight Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_blocklist.value", "%22nonexistantdomain.com%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_cf_ab_cap1.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_cf_ab_cap1.value", "%22lbcmmpmjjaockhkcofljpakjcbmjmgla%2Cankoaclbfmdocnmjbokdkohpehjjinen%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_cf_bu1.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_cf_bu1.value", "1361244605");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_country_code.expiration", "Wed Apr 24 2013 18:54:25 GMT-0500 (Central Daylight Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_country_code.value", "%22US%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_currenttime.value", "%221366222762%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.value", "%221%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%2216474%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%2216474%26su
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.value", "%2216474%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_pc_20120828.value", "1346196868021");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_pid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_pid.value", "%221119%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.value", "%221119%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.value", "%2222644%22");
user_pref("extensions.crossriderapp2258.2258.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.2258.cookie.dbtest.value", "1346017560708");
user_pref("extensions.crossriderapp2258.2258.description", "I Want This!");
user_pref("extensions.crossriderapp2258.2258.domain", "");
user_pref("extensions.crossriderapp2258.2258.emailsig", "");
user_pref("extensions.crossriderapp2258.2258.enablesearch", false);
user_pref("extensions.crossriderapp2258.2258.exposesites", "");
user_pref("extensions.crossriderapp2258.2258.fbremoteurl", "");
user_pref("extensions.crossriderapp2258.2258.group", 0);
user_pref("extensions.crossriderapp2258.2258.homepage", "");
user_pref("extensions.crossriderapp2258.2258.iframe", false);
user_pref("extensions.crossriderapp2258.2258.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:21,baseCDN:\"co
user_pref("extensions.crossriderapp2258.2258.manifesturl", "");
user_pref("extensions.crossriderapp2258.2258.name", "I Want This");
user_pref("extensions.crossriderapp2258.2258.newtab", "");
user_pref("extensions.crossriderapp2258.2258.opensearch", "");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(B){if(void 0===this||null===this)throw n
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.ver", 15);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(f)
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.name", "GPL Background (BG)");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.ver", 35);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.code", "// CrossriderAppUtils\n\n/**\n * Crossrider appAPI.selectedText. Plugin for text selection event \n * Pr
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.ver", 2);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.code", "// Initialize appAPI if it does not exist already.\nif(typeof(appAPI) === \"undefined\") {\n  // This wi
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.ver", 2);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.name", "FFAppAPIWrapper");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.ver", 6);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.name", "jQuery");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.ver", 3);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.name", "resources_background");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.ver", 2);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};v
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.name", "appApiMessage");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.ver", 1);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=fu
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.name", "appApiValidation");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.ver", 2);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.code", "(function(a){if(typeof a===\"undefined\"||typeof navigator===\"undefined\"||typeof navigator.userAgent==
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.ver", 2);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=function(){var d=function(g){if(g===tru
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_98.name", "omniCommands");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_98.ver", 1);
user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_0", "14,78,16,64,47,72,98,1000015");
user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_1", "17,14,78,13,16,64,72,98,1000014");
user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_5", "14,78,13,16,64,47,72");
user_pref("extensions.crossriderapp2258.2258.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/2258/plugins/091/ff/plugins.json");
user_pref("extensions.crossriderapp2258.2258.pluginsversion", 63);
user_pref("extensions.crossriderapp2258.2258.premium", true);
user_pref("extensions.crossriderapp2258.2258.publisher", "Innovative Apps");
user_pref("extensions.crossriderapp2258.2258.searchstatus", 0);
user_pref("extensions.crossriderapp2258.2258.setnewtab", false);
user_pref("extensions.crossriderapp2258.2258.settingsurl", "");
user_pref("extensions.crossriderapp2258.2258.thankyou", "hxxp://iw.antthis.com/thankyou.html");
user_pref("extensions.crossriderapp2258.2258.updateinterval", 360);
user_pref("extensions.crossriderapp2258.2258.ver", 138);
user_pref("extensions.crossriderapp2258.73407340.InstallationTime", 1330980678);
user_pref("extensions.crossriderapp2258.73407340.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&appAPI.webRequest&&appAPI.webRequest.onBeforeNavigate?_GPL_BG_NEW.prein
user_pref("extensions.crossriderapp2258.73407340.backgroundver", 15);
user_pref("extensions.crossriderapp2258.73407340.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
user_pref("extensions.crossriderapp2258.73407340.cookie.InstallationTime.value", "1330980678");
user_pref("extensions.crossriderapp2258.73407340.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:21,baseCDN:
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(a){if(void 0===this||null===this)thr
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_1000014.ver", 7);
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rules:{},started:!1,log:function(d){console.log(d)},factor:1,preinit:funct
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_1000015.name", "GPL Background (BG)");
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_1000015.ver", 3);
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSele
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_13.ver", 2);
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={}}appAPI.JSON={};if(typeof JSON!==\"undefined\"){appAPI.J
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_14.ver", 2);
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_15.code", "(function(f){var u={};var e=Math.floor(Math.random()*99999);var g=Math.floor(Math.random()*999999999
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_15.name", "FacebookFFIE");
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_15.ver", 1);
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_16.code", "(function(f,B){if(typeof(B)==\"undefined\"){b={}}var d=f.appID+\".\";b.appID=f.appID;b.version=f.ver
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_16.name", "FFAppAPIWrapper");
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_16.ver", 3);
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_17.name", "jQuery");
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_17.ver", 3);
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a)}}());var CrossRiderResourcesManager
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_47.name", "resources_background");
user_pref("extensions.crossriderapp2258.73407340.plugins.plugin_47.ver", 1);
user_pref("extensions.crossriderapp2258.73407340.plugins_lists.plugins_0", "17,14,16,47,1000015");
user_pref("extensions.crossriderapp2258.73407340.plugins_lists.plugins_1", "17,14,13,16,15,1000014");
user_pref("extensions.crossriderapp2258.73407340.pluginsversion", 15);
user_pref("extensions.crossriderapp2258.73407340.ver", 90);
user_pref("extensions.crossriderapp2258.apps", "2258");
user_pref("extensions.crossriderapp2258.bic", "135e4a1696c9134187023aa3602f3c8d");
user_pref("extensions.crossriderapp2258.cid", 2258);
user_pref("extensions.crossriderapp2258.firstrun", false);
user_pref("extensions.crossriderapp2258.hadappinstalled", true);
user_pref("extensions.crossriderapp2258.installationdate", 1330980678);
user_pref("extensions.crossriderapp2258.jsver", 3);
user_pref("extensions.crossriderapp2258.lastcheck", 22772091);
user_pref("extensions.crossriderapp2258.lastcheckitem", 22772368);
user_pref("extensions.crossriderapp2258.misc.lastBgWorkerTimer", "1340665965053");
user_pref("extensions.crossriderapp2258.misc.lastDomWorkerTimer", "1340665965037");
user_pref("extensions.crossriderapp2258.modetype", "production");
user_pref("extensions.crossriderapp2258.statsDailyCounter", 58);
user_pref("keyword.URL", "hxxp://mysearch.avg.com/search?cid={8FA84D10-606D-4F6D-83A1-FE2270753DCC}&mid=a4922255622e47d6bf85d15cb4b1645a-fb01992a4d6b2dae023f77ec985c550617e7c1
Emptied folder: C:\Documents and Settings\HP_Administrator.KIMBERLY\Application Data\mozilla\firefox\profiles\zyqqts60.default\minidumps [10 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 04/18/2013 at 22:44:22.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 



#14 seitler

seitler
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 19 April 2013 - 07:10 AM

The online scanner found no threats.



#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:36 AM

Posted 19 April 2013 - 11:01 AM

How is computer doing?

 

p22002970.gif Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

 

p22002970.gif We need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.

  • Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Do NOT post JavaRa log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users