Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popups from srvinf- locking out of this an other sites


  • Please log in to reply
22 replies to this topic

#1 pspo8315

pspo8315

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 03 February 2014 - 12:51 PM

I have something going on. My internet explorer opened up and all sudden thing went haywire. (HATE INTERNET EXPLORER)  I tried updating mp3 rocket. then i was watching a movie and said i needed to up date flash player (I think). 

I have run a malwarebytes scan and even rkill still getting the pop ups from srvinf. I'm  getting booted (blocked) out of some sites and had to go in to the history to get here. 

Downloads --- Can i delete everything in the download file? Will it effect anything?  Please let me know what to do. Thanks Paula

There are 74 items in Quarantine

 

This was on 2/2/14

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.02.04
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Paula Oliver :: PAULAOLIVER-PC [administrator]
 
2/2/2014 10:59:09 AM
mbam-log-2014-02-02 (10-59-09).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 267602
Time elapsed: 6 minute(s), 1 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 37
HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialdskBnd.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialdskBnd (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} (PUP.Optional.ArcadeCandy.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{1FA98236-7E62-45B2-91E5-CF0794CDBB5D} (PUP.Optional.ArcadeCandy.A) -> Quarantined and deleted successfully.
HKCR\Interface\{2E68E3FA-DBCB-4C7F-A63A-BA7F450FB233} (PUP.Optional.ArcadeCandy.A) -> Quarantined and deleted successfully.
HKCR\ACLinx.Module.1 (PUP.Optional.ArcadeCandy.A) -> Quarantined and deleted successfully.
HKCR\ACLinx.Module (PUP.Optional.ArcadeCandy.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} (PUP.Optional.ArcadeCandy.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} (PUP.Optional.ArcadeCandy.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} (PUP.Optional.ArcadeCandy.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\Software\Datamngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialappCore.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialappCore (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\m (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: mysearchdial Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data:  -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0P1R1Q1B1F1R2W0E -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&a=mp30102&cd=2XzuyEtN2Y1L1QzutBtD0EyDtB0AtCtAzz0CtAyDzyyDyCzytN0D0Tzu0CyByDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=50043201&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&a=mp30102&cd=2XzuyEtN2Y1L1QzutBtD0EyDtB0AtCtAzz0CtAyDzyyDyCzytN0D0Tzu0CyByDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=50043201&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully.
 
Folders Detected: 6
C:\Users\Paula Oliver\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Roaming\mysearchdial\icons_2.2.15.1631 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Roaming\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.21.0 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
 
Files Detected: 23
C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Local\ArcadeCandy\candyEX.dll (PUP.Optional.ArcadeCandy.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Local\Temp\ICReinstall_FLVPlayerSetup.exe (PUP.Optional.Cooltech) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Local\Temp\is877618373\92594558_stp\Mysearchdial.exe (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\Downloads\flvmplayer (1).exe (PUP.BundleInstaller.SOL) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\Downloads\flvmplayer.exe (PUP.BundleInstaller.SOL) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\Downloads\FLVPlayerSetup (1).exe (PUP.Optional.Cooltech) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\Downloads\FLVPlayerSetup.exe (PUP.Optional.Cooltech) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\Desktop\MySearchDial.url (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Roaming\mysearchdial\icons_2.2.15.1631\62.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Roaming\mysearchdial\icons_2.2.15.1631\80.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Roaming\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Roaming\mysearchdial\UpdateProc\STTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Roaming\mysearchdial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.21.0\FavIcon.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.21.0\Sqlite3.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.21.0\uninst.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.21.0\uninstall.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
 
(end)
This is on 2/3/14
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.03.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Paula Oliver :: PAULAOLIVER-PC [administrator]
 
2/3/2014 8:54:07 AM
mbam-log-2014-02-03 (08-54-07).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 492700
Time elapsed: 1 hour(s), 11 minute(s), 10 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 3
C:\System Volume Information\SystemRestore\FRStaging\Users\Paula Oliver\Downloads\flvmplayer (1).exe (PUP.BundleInstaller.SOL) -> Quarantined and deleted successfully.
C:\System Volume Information\SystemRestore\FRStaging\Users\Paula Oliver\Downloads\flvmplayer.exe (PUP.BundleInstaller.SOL) -> Quarantined and deleted successfully.
C:\Users\Paula Oliver\AppData\Local\Temp\546565.Uninstall\__Uninstall_.exe (PUP.Optional.Cooltech) -> Quarantined and deleted successfully.
 
(end)
 
This is rkill  2/3/14
 
Rkill 2.6.5 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/03/2014 10:16:18 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 02/03/2014 10:18:38 AM
Execution time: 0 hours(s), 2 minute(s), and 19 seconds(s)


BC AdBot (Login to Remove)

 


m

#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,023 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:11:55 AM

Posted 03 February 2014 - 01:43 PM

Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.
 
 
Please download Junkware Removal Tool.
 
Open your browser and go to Downloads, then click on the Junkware Removal Tool to install it.  
 
Click on Run to initiate the installation.
 
To avoid potential conflicts, temporarily disable your antivirus and firewall.  You will want to be offline when you do this.
 
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select Run as Administrator.
 
The tool will open and start scanning your system.
 
Please be patient as this can take a while to complete depending on your system's specifications.
 
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.  Copy and this and then post this in your topic.
 
 
 
Please download Hitman Pro
 
Click on HitmanPro.exe (for 32-bit versions of Windows) or HitmanPro_x64.exe (for 64-bit versions of Windows).  You will see the window below, click on Next to install Hitman Pro.
 
HM1_zpsde93e28a.png 
 
You will be asked "Would you like to store a copy of Hitman Pro program file on this computer"?  Click on Yes, then click on Next.  
 
hm2_zps372cdca5.png
 
Hitman Pro will now start to scan your computer.
 
hm3_zps9689b301.png
 
When the scan finishes you will see a list of the malware that was found.  Click Next to remove the maleware.
 
hm4_zpsaf0c967c.png
 
Click on the Activate free license button to begin the free 30 days trial, this is necessary to complete the process.
 
hmlast_zpsa9c68c49.png
 
 

 

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET Online Scan in a new window.
    ESET OnlineScan

  • Click the esetonlinebtn.png button.

  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.

       

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.

       

  • Check "YES, I accept the Terms of Use."

  • Click the Start button.

  • Accept any security warnings from your browser.

  • Under scan settings, check "Scan Archives"and "Remove found threats"

  • Click Advanced settings and select the following:

     

    • Scan potentially unwanted applications

    • Scan for potentially unsafe applications

    • Enable Anti-Stealth technology

       

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

  • When the scan completes, click List Threats

  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

  • Click the Back button.

  • Click the Finish button.

 

 

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 pspo8315

pspo8315
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 03 February 2014 - 07:05 PM

WOW that took some time. LOL 

Forgot I already did a aware scan too 

Do i need to anything else. Thank you for your help

Paula 

 

Adware scan 

 

# AdwCleaner v3.018 - Report created 02/02/2014 at 12:35:30
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Paula Oliver - PAULAOLIVER-PC
# Running from : C:\Users\Paula Oliver\Downloads\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Babylon
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Vuze
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\Users\Paula Oliver\AppData\Local\Babylon
Folder Deleted : C:\Users\Paula Oliver\AppData\Local\Conduit
Folder Deleted : C:\Users\Paula Oliver\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Paula Oliver\AppData\Local\PackageAware
Folder Deleted : C:\Users\Paula Oliver\AppData\Local\Zynga
Folder Deleted : C:\Users\PAULAO~1\AppData\Local\Temp\Babylon
Folder Deleted : C:\Users\Paula Oliver\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Paula Oliver\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Paula Oliver\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\Conduit
Folder Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\ConduitCommon
Folder Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\CT2438727
Folder Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\CT2786678
Folder Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
Folder Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Folder Deleted : C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
File Deleted : C:\Users\Public\Desktop\Babylon.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\searchplugins\Mp3Tube.xml
File Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\searchplugins\SearchResults.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml
File Deleted : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\user.js
File Deleted : C:\Windows\Tasks\MySearchDial.job
File Deleted : C:\Windows\System32\Tasks\MySearchDial
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Key Deleted : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Key Deleted : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : HKLM\SOFTWARE\Classes\.bgl
Key Deleted : HKLM\SOFTWARE\Classes\.bof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonTC.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\BabyDict
Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss
Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Key Deleted : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication
Key Deleted : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication.1
Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0C2E529C-A82C-4AC6-8807-0B51F7AD7BB2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64B00DAC-870D-4E6A-8D34-3A6E3E427A30}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Babylon
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Bandoo
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16455
 
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v10.0.1 (en-US)
 
[ File : C:\Users\Paula Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\od8itvtm.default\prefs.js ]
 
Line Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2438727.CTID", "CT2438727");
Line Deleted : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.CurrentServerDate", "13-11-2011");
Line Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2438727.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2438727.EMailNotifierPollDate", "Sat Nov 12 2011 15:21:06 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2438727.FirstServerDate", "15-2-2011");
Line Deleted : user_pref("CT2438727.FirstTime", true);
Line Deleted : user_pref("CT2438727.FirstTimeFF3", true);
Line Deleted : user_pref("CT2438727.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT2438727.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2438727.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT2438727.GroupingLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Line Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2438727.Initialize", true);
Line Deleted : user_pref("CT2438727.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2438727.InstalledDate", "Mon Feb 14 2011 15:34:04 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2438727.InvalidateCache", false);
Line Deleted : user_pref("CT2438727.IsGrouping", false);
Line Deleted : user_pref("CT2438727.IsMulticommunity", false);
Line Deleted : user_pref("CT2438727.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2438727.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Sat Nov 12 2011 15:00:47 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2438727.LastLogin_2.7.1.3", "Sat Nov 12 2011 15:00:47 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2438727.LatestVersion", "3.8.0.8");
Line Deleted : user_pref("CT2438727.Locale", "en");
Line Deleted : user_pref("CT2438727.LoginCache", 4);
Line Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2438727.RadioIsPodcast", false);
Line Deleted : user_pref("CT2438727.RadioLastCheckTime", "Sat Nov 12 2011 15:01:01 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2438727.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT2438727.RadioLastUpdateServer", "0");
Line Deleted : user_pref("CT2438727.RadioMediaID", "9909");
Line Deleted : user_pref("CT2438727.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2438727.RadioMenuSelectedID", "EBRadioMenu_CT24387279909");
Line Deleted : user_pref("CT2438727.RadioStationName", "WQXR-FM%20NYC%20(Classical)");
Line Deleted : user_pref("CT2438727.RadioStationURL", "hxxp://htc-01.media.globix.net/COMP005996MOD1/meta/wqxr_live_high.asx");
Line Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");
Line Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Sat Nov 12 2011 15:00:44 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Sat Nov 12 2011 15:00:43 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2438727.SettingsLastUpdate", "1314929172");
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Sat Nov 12 2011 15:00:42 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2438727.UserID", "UN39427849936184313");
Line Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2438727.WeatherNetwork", "");
Line Deleted : user_pref("CT2438727.WeatherPollDate", "Sat Nov 12 2011 15:01:03 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2438727.WeatherUnit", "F");
Line Deleted : user_pref("CT2438727.alertChannelId", "832836");
Line Deleted : user_pref("CT2438727.backendstorage.currentgame", "63616665");
Line Deleted : user_pref("CT2438727.clientLogIsEnabled", true);
Line Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2438727.myStuffEnabled", true);
Line Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2786678..clientLogIsEnabled", false);
Line Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2786678.AppTrackingLastCheckTime", "Wed Jan 18 2012 19:03:33 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Line Deleted : user_pref("CT2786678.CTID", "CT2786678");
Line Deleted : user_pref("CT2786678.CurrentServerDate", "22-1-2012");
Line Deleted : user_pref("CT2786678.DSInstall", false);
Line Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Sat Jan 21 2012 19:03:25 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Sun Jan 22 2012 16:14:16 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 461);
Line Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Sun Jan 22 2012 14:39:19 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Sun Jan 22 2012 14:39:18 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Sun Jan 22 2012 14:39:18 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Sun Jan 22 2012 14:39:18 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Sun Jan 22 2012 14:39:19 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Sun Jan 22 2012 14:39:19 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Sun Jan 22 2012 14:39:18 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Sun Jan 22 2012 14:39:19 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Sun Jan 22 2012 14:39:19 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Sun Jan 22 2012 14:39:19 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Sun Jan 22 2012 14:39:18 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Line Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Line Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Line Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Line Deleted : user_pref("CT2786678.FirstServerDate", "2-1-2012");
Line Deleted : user_pref("CT2786678.FirstTime", true);
Line Deleted : user_pref("CT2786678.FirstTimeFF3", true);
Line Deleted : user_pref("CT2786678.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2786678.HPInstall", false);
Line Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT2786678.HomepageBeforeUnload", "hxxp://www.yahoo.com/?ilc=8");
Line Deleted : user_pref("CT2786678.Initialize", true);
Line Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2786678.InstallationId", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2786678.InstallationType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2786678.InstalledDate", "Mon Jan 02 2012 10:15:32 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2786678.IsGrouping", false);
Line Deleted : user_pref("CT2786678.IsInitSetupIni", true);
Line Deleted : user_pref("CT2786678.IsMulticommunity", false);
Line Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Mon Jan 23 2012 14:39:20 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2786678.LastLogin_3.8.1.0", "Sun Jan 22 2012 14:39:17 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.LatestVersion", "3.9.0.3");
Line Deleted : user_pref("CT2786678.Locale", "en");
Line Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2786678.OriginalFirstVersion", "3.8.1.0");
Line Deleted : user_pref("CT2786678.SearchCaption", "uTorrentBar Customized Web Search");
Line Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "Ask.com");
Line Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");
Line Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Mon Jan 23 2012 14:39:19 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2786678.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2786678.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Mon Jan 23 2012 14:39:15 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Sun Jan 22 2012 14:39:15 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.SettingsLastUpdate", "1326994324");
Line Deleted : user_pref("CT2786678.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
Line Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Mon Jan 02 2012 10:15:27 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Line Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2786678.UserID", "UN47300920226639775");
Line Deleted : user_pref("CT2786678.WeatherNetwork", "");
Line Deleted : user_pref("CT2786678.WeatherPollDate", "Sun Jan 22 2012 16:09:18 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.WeatherUnit", "F");
Line Deleted : user_pref("CT2786678.alertChannelId", "1178763");
Line Deleted : user_pref("CT2786678.backendstorage.cbfirsttime", "4D6F6E204A616E20303220323031322031303A31353A333720474D542D30363030202843656E7472616C205374616E646172642054696D6529");
Line Deleted : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");
Line Deleted : user_pref("CT2786678.backendstorage.url_history", "68747470733A2F2F7777772E6174742E636F6D2F6F6C616D2F706173737468726F756768416374696F6E2E6D79776F726C643F616374696F6E547970653D4D616E616765");
Line Deleted : user_pref("CT2786678.backendstorage.url_history_time", "31333235353231333033393634");
Line Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Wed Jan 18 2012 19:03:25 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2786678.initDone", true);
Line Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2786678.myStuffEnabled", true);
Line Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804,1000034,129526967958500204,129309489763975460,5690698542593514850,129309485163350924,12931541142425[...]
Line Deleted : user_pref("CT2786678.revertSettingsEnabled", false);
Line Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2786678.testingCtid", "");
Line Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Mon Jan 23 2012 14:39:20 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Wed Jan 18 2012 19:03:24 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678", "\"1326994325\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", "\"1313448428\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:12ac\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"6a637346d78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678", "\"13a760730d9291f1df061003ecf304ce\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"cde759bd30c070995eab32eddc00c079\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Paula Oliver\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\od8itvtm.default\\conduitCommon\\modules\\3.8.1.0");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT2786678");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT2786678");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Jan 23 2012 14:39:16 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "8164c06d-4fe5-476b-bcf3-19dc98094317");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Jan 18 2012 19:03:24 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Jan 23 2012 14:39:24 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Jan 23 2012 14:39:16 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "948e161f-685d-45d9-8498-0e379353aad2");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.yahoo.com/?ilc=8");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Ask.com");
Line Deleted : user_pref("aol_toolbar.surf.date", "98");
Line Deleted : user_pref("aol_toolbar.surf.lastDate", "22");
Line Deleted : user_pref("aol_toolbar.surf.lastMonth", "0");
Line Deleted : user_pref("aol_toolbar.surf.lastYear", "2012");
Line Deleted : user_pref("aol_toolbar.surf.month", "266");
Line Deleted : user_pref("aol_toolbar.surf.prevMonth", "18");
Line Deleted : user_pref("aol_toolbar.surf.total", "1004");
Line Deleted : user_pref("aol_toolbar.surf.week", "98");
Line Deleted : user_pref("aol_toolbar.surf.year", "266");
Line Deleted : user_pref("browser.search..selectedEngineURL", "hxxp://mp3tubetoolbar.com/?&prt=pinballtbfour01ff&clid=36608ce3e82f4f348146288ba61a3d75&subid=&keywords={searchTerms}");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=mp30102&cd=2XzuyEtN2Y1L1QzutBtD0EyDtB0AtCtAzz0CtAyDzyyDyCzytN0D0Tzu0CyByDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Deleted : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,toolbar@ask.com:3.14.1.100009,{635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202,{7b13ec3e-999a-4b70-b9cb-2[...]
Line Deleted : user_pref("extensions.sahtb.url.prefs.data", "<ToolbarPrefs>\r\n <XMLVersion Number=\"{bdd09e8b-8dee-478c-9f4e-0db5e30597cc}\" />\r\n <AnalyticsURL URL=\"hxxp://www.google-analytics.com/__utm.gif?utmw[...]
Line Deleted : user_pref("CT2438727.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2786678.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
 
-\\ Google Chrome v32.0.1700.102
 
[ File : C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
 
*************************
 
AdwCleaner[R0].txt - [42138 octets] - [02/02/2014 12:33:28]
AdwCleaner[S0].txt - [42176 octets] - [02/02/2014 12:35:30]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [42237 octets] ##########
 
JRT  Scan 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Paula Oliver on Mon 02/03/2014 at 14:07:21.15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\theseaapp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8602497f-4c40-4d6b-bd3f-718063a7c6a6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E680405D-AB8F-4AB9-8D93-EEDB9704D5EE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8602497f-4c40-4d6b-bd3f-718063a7c6a6}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\Tasks\candyupdater.job
Successfully deleted: [File] "C:\Program Files (x86)\adobe\reader 10.0\reader\plug_ins\babylon\babylonrpi.api"
Successfully deleted: [File] "C:\Users\Paula Oliver\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\babylon.lnk"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\Paula Oliver\appdata\local\arcadecandy"
Successfully deleted: [Folder] "C:\Users\Paula Oliver\appdata\locallow\datamngr"
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\Paula Oliver\AppData\Roaming\mozilla\firefox\profiles\od8itvtm.default\extensions\zfyrtzhrac@zfyrtzhrac.org.xpi [Tracur]
Successfully deleted: [Folder] C:\Users\Paula Oliver\AppData\Roaming\mozilla\firefox\profiles\od8itvtm.default\extensions\staged
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\games@acandy.com
Successfully deleted the following from C:\Users\Paula Oliver\AppData\Roaming\mozilla\firefox\profiles\od8itvtm.default\prefs.js
 
user_pref("aim_toolbar.search.searchtype", "web");
user_pref("browser.search..defaultengine", "Yahoo-Mp3Tube");
user_pref("browser.search..defaultenginename", "Yahoo-Mp3Tube");
user_pref("browser.search..order.1", "Yahoo-Mp3Tube");
user_pref("browser.search..selectedEngine", "Yahoo-Mp3Tube");
user_pref("extensions.sahtb.url.merchants.data", "<?xml version=\"1.0\" ?><MerchantSettings><v n=\"289\" /><GlobalSuppresses><s u=\".cab\" g=\"13\" i=\"1342\" /><s u=\".hop.cl
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Paula Oliver\appdata\local\Google\Chrome\User Data\Default\Extensions\nnfegheljpcijmdgonkecjpcaopjlpac
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\nnfegheljpcijmdgonkecjpcaopjlpac
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 02/03/2014 at 14:23:36.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Eset Scan 
 
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Zynga\ldrtbZyng.dll a variant of Win32/Toolbar.Conduit.P application
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Zynga\tbZyng.dll a variant of Win32/Toolbar.Conduit.B application
C:\$Recycle.Bin\S-1-5-21-1198710250-1345668557-1130717403-1000\$R07IWPH.wma a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined
C:\$Recycle.Bin\S-1-5-21-1198710250-1345668557-1130717403-1000\$RWBUFUD.wma a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined
C:\Program Files (x86)\tbZyng.dll a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Users\gnbgbofbklopfgengajlkhdlnpjdinbp\cs.js Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\Paula Oliver\AppData\Local\IsolatedStorage\Google\mkalccehib.dll Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Paula Oliver\AppData\Local\Temp\notepad.exe Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\Paula Oliver\AppData\Local\Temp\setup.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\Paula Oliver\AppData\Local\Temp\tbZyng.dll a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\Users\Paula Oliver\AppData\Local\Temp\aakkfjltx\aakkfjltx.dll Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\Paula Oliver\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\413c849a-3151ce44 multiple threats cleaned by deleting - quarantined
C:\Users\Paula Oliver\Downloads\CheatEngine561.exe multiple threats cleaned by deleting - quarantined
C:\Users\Paula Oliver\Downloads\cnet2_rar_password_unlocker_trial_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Paula Oliver\Downloads\MP3Rocket-Win.exe multiple threats cleaned by deleting - quarantined
C:\Users\Paula Oliver\Downloads\noadware.exe multiple threats cleaned by deleting - quarantined
C:\Users\Paula Oliver\Downloads\PDFXVwer (1).zip a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined
C:\Users\Paula Oliver\Downloads\PDFXVwer.zip a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined
C:\Users\Paula Oliver\Downloads\PIP_AVR80_.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Users\Paula Oliver\Downloads\U_0087_01_P.msi a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined
C:\Users\Paula Oliver\Downloads\U_0093_01_P.msi a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined
C:\Windows\Installer\10c84257.msi a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined
C:\Windows\Installer\10d57c4b.msi a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Zynga\ldrtbZyng.dll a variant of Win32/Toolbar.Conduit.P application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Zynga\tbZyng.dll a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
Operating memory Win32/TrojanDownloader.Tracur.V trojan
 


#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,023 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:11:55 AM

Posted 04 February 2014 - 09:16 AM

There are two other scans requested in my previous post.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#5 pspo8315

pspo8315
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 04 February 2014 - 09:45 AM

Sorry about that no log showed up on the hitman i went back to the history for that.

I must be missing something....  I ran and posted Adware, JRT and Eset  and below is the Hitman.  I don't seam to see another one.

Please let me know

Paula 

 

Hitman

 

HitmanPro 3.7.9.212
www.hitmanpro.com
 
   Computer name . . . . : PAULAOLIVER-PC
   Windows . . . . . . . : 6.1.1.7601.X64/1
   User name . . . . . . : PaulaOliver-PC\Paula Oliver
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)
 
   Scan date . . . . . . : 2014-02-03 14:44:32
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 12m 36s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : Yes
 
   Threats . . . . . . . : 4
   Traces  . . . . . . . : 53
 
   Objects scanned . . . : 1,797,613
   Files scanned . . . . : 49,129
   Remnants scanned  . . : 489,166 files / 1,259,318 keys
 
Suspicious files ____________________________________________________________
 
   C:\Users\Paula Oliver\AppData\Local\Temp\notepad.exe
      Size . . . . . . . : 196,028 bytes
      Age  . . . . . . . : 7.8 days (2014-01-26 20:20:51)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 3083F702CCB91F5764BB1276C4CD1C6642EAF83EDD3F001EA66FD0024B920AD9
      Fuzzy  . . . . . . : 22.0
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Program is impersonating a common Windows system file. This is typical for malware.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Paula Oliver\AppData\Local\Temp\notepad.exe
          0.0s C:\Users\Paula Oliver\AppData\Local\Temp\notepad.exe
          0.0s C:\Users\Paula Oliver\AppData\Local\Temp\notepad.exe
          2.1s C:\Users\Paula Oliver\AppData\Local\Temp\aakkfjltx\
 
   C:\Users\Paula Oliver\Downloads\noadware.exe
      Size . . . . . . . : 2,433,360 bytes
      Age  . . . . . . . : 1448.2 days (2010-02-16 10:22:36)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 7152960692FB8F20847BD061A96097868AA0C2123DA1EC401C81A6B6CB6F3A8D
      Publisher  . . . . :                                                             
      Description  . . . : NoAdware 5.0 Setup                                          
      Version
      Copyright  . . . . :                                                                                                     
      RSA Key Size . . . : 1024
      Authenticode . . . : Blacklisted
      Fuzzy  . . . . . . : 111.0
         Program is code signed with a known fraudulent certificate.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
 
 
Malware remnants ____________________________________________________________
 
   HKLM\SOFTWARE\Classes\TypeLib\{D74CCC9B-C87E-49B8-B686-5DFEED1CCF08}\ (Adware.LivingPlay) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A2F3646F-8BEE-4D69-856A-8434159A6E9E}\ (Adware.LivingPlay) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{D74CCC9B-C87E-49B8-B686-5DFEED1CCF08}\ (Adware.LivingPlay) -> PendingDelete
   HKU\S-1-5-21-1198710250-1345668557-1130717403-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A2F3646F-8BEE-4D69-856A-8434159A6E9E}\ (Adware.LivingPlay) -> Deleted
 
Potential Unwanted Programs _________________________________________________
 
   HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bdc\ (Babylon)
   HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bgl\ (Babylon)
   HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bof\ (Babylon)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888\ (AskBar)
   HKU\.DEFAULT\Software\AskToolbar\ (AskBar)
   HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}\ (Babylon)
   HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ (Yontoo)
   HKU\S-1-5-18\Software\AskToolbar\ (AskBar)
   HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}\ (Babylon)
   HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ (Yontoo)
 
Cookies _____________________________________________________________________
 
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:a1.interclick.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.bleepingcomputer.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.prd.inpwrd.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\Paula Oliver\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\Paula Oliver\AppData\Roaming\Microsoft\Windows\Cookies\SB56XOZ7.txt
 
 


#6 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,023 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:11:55 AM

Posted 04 February 2014 - 10:46 AM

Edited to remove request for scan already run. :whistle:


Edited by dc3, 04 February 2014 - 12:35 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,023 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:11:55 AM

Posted 04 February 2014 - 12:38 PM

Is the computer running any better?
 
 
Please download Temp File Cleaner by Old Timer and save it to your desktop.
 
1. Save any unsaved work. (TFC will close ALL open programs including your browser!)
 
2. Double-click on TFC.exe to run it. (If you are using Vista or Windows 7, right-click on the file and choose "Run As Administrator".)
 
3. Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
 
Important! If TFC prompts you to reboot, please do so immediately. If you are not prompted[/b], manually reboot the machine to ensure a completion.
 

 

Please run Kaspersky's online scan.

 

 
Please download MiniToolBox  , save it to your desktop and run it.
 
 Checkmark the following checkboxes:
 
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
 
 Click on Go to start the scan.  Once it is finished highlight the text, copy it and paste it in your next post.
 
 

 
Double click on the download and choose to run the program.
 
A screen similar to the one below will open, click any key to run the program.
 
securitycheck_zpscfb86945.png
 
When the scan is finished you will have a log similar to the one below, copy and then paste your log in your next post.
 
securitylog_zps5e004078.png

Edited by dc3, 04 February 2014 - 02:31 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 pspo8315

pspo8315
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 04 February 2014 - 01:53 PM

Here are the result of the second eset scan 

 

 

 

C:\Users\Paula Oliver\AppData\Local\Temp\NOD652D.tmp Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting (after the next restart) - quarantined
Operating memory Win32/TrojanDownloader.Tracur.V trojan
 
Running the new tasks now....
 
Just wondering 
I had my pc off line for several mo. stored for a few mo. When I started it, windows started with 79 updates. After that I had several issues so I did a system restore. (Hate to do updates- always a problem). That is currently turned off. 
 
 
I really want to clean up mp PC, However I am not sure what all I can Uninstall and not mess anything up.  I keep getting a message "Dell data safe back up not responding"  I don't use this never have. Do I need it? 
 
I tried to copy this list of programs (not allowed) i did some screen shots of the programs How do i get them on here? or to you? 
 
Will the Advanced System Care 7 do me any good to have?  I ​need a reasonably priced security prog. any recommendations?
 
One other question.   I have I cloud, Is it possible that this virus will spread through that?  I noticed when I had to use my mini dell yesterday the same srvinf - popup is on it. However, I ran a full  malwarebytes scan and it showed no threats.   
 
Thank you again for your help.
Paula 
 

will post when completed 

Thank you 



#9 pspo8315

pspo8315
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 04 February 2014 - 02:27 PM

Ok Ran Temp File Cleaner. and Kaspersky Not showing any files 

 

 

 

Please note: my typing is a delayed..

Took a few to reload after the TFC, the Kaspersky never showed whats on the link, just a small bar and it scaned....

 

Here is mini toolbox 

 

MiniToolBox by Farbar  Version: 23-01-2014

Ran by Paula Oliver (administrator) on 04-02-2014 at 13:20:10
Running from "C:\Users\Paula Oliver\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/04/2014 01:02:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/04/2014 09:50:02 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/04/2014 09:49:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/04/2014 09:49:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/04/2014 09:48:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/04/2014 09:48:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/04/2014 09:48:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/03/2014 05:57:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/03/2014 05:56:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/03/2014 03:09:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (02/04/2014 01:07:12 PM) (Source: DCOM) (User: )
Description: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}
 
Error: (02/04/2014 01:02:37 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004
 
Error: (02/04/2014 01:02:37 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004
 
Error: (02/04/2014 01:02:33 PM) (Source: Service Control Manager) (User: )
Description: The BCM42RLY service failed to start due to the following error: 
%%2
 
Error: (02/04/2014 00:56:43 PM) (Source: Service Control Manager) (User: )
Description: The Advanced SystemCare Service 6 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/03/2014 03:02:52 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004
 
Error: (02/03/2014 03:02:51 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004
 
Error: (02/03/2014 03:02:47 PM) (Source: Service Control Manager) (User: )
Description: The BCM42RLY service failed to start due to the following error: 
%%2
 
Error: (02/03/2014 03:01:27 PM) (Source: Service Control Manager) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error %%0.
 
 
Microsoft Office Sessions:
=========================
Error: (06/24/2013 09:28:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2320 seconds with 660 seconds of active time.  This session ended with a crash.
 
Error: (04/09/2013 01:58:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3792 seconds with 1500 seconds of active time.  This session ended with a crash.
 
Error: (11/11/2012 11:34:22 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 94568 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error: (09/14/2010 08:53:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 562884 seconds with 1680 seconds of active time.  This session ended with a crash.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
3600_Help (Version: 1.00.0000)
3sixty Freight Match (Version: 3.1.4252.18157)
3sixty Freight Match Prerequisites (Version: 1.0.0)
64 Bit HP CIO Components Installer (Version: 6.2.1)
ABC Inventory Software (Version: 3.12.1699)
Adobe AIR (Version: 3.0.0.4080)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader X (10.1.9) (Version: 10.1.9)
Adobe Shockwave Player 11.6 (Version: 11.6.7.637)
Advanced SystemCare 6 (Version: 6.0)
AIM 7
AIO_Scan (Version: 130.0.365.000)
AOL Messaging Toolbar
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ATT-PRT22
ATT-RC Self Support Tool
Avery Template (Version: 2.0.0.0)
Bonjour (Version: 3.0.0.10)
BPD_HPSU (Version: 1.00.0000)
BPD_Scan (Version: 3.00.0000)
BPDSoftware (Version: 130.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 130.0.331.000)
Business Card Factory Deluxe 3.0 (Version: 3.0.0.12)
Business Plan Pro 2007 (Version: 9.06.0006)
Business Plan Toolkit (Version: 7.01.0002)
C4200 (Version: 130.0.365.000)
c4200_Help (Version: 82.0.210.000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant D850 PCI V.92 Modem (Version: 7.80.4.0)
Consumer In-Home Service Agreement (Version: 2.0.0)
Copy (Version: 130.0.428.000)
Dell DataSafe Local Backup (Version: 9.4.51)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
Digital Line Detect (Version: 1.21)
DocProc (Version: 13.0.0.0)
ESET Online Scanner v3
Family Tree Maker 2009 (Version: 18.0.86)
Fax (Version: 130.0.418.000)
FLV Media Player version 1.3 (Version: 1.3)
Genesys Meeting Center (Version: 4.11.7.244)
Google Chrome (Version: 32.0.1700.107)
Google Earth (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.22.3)
GoToMeeting 4.5.0.457
GPBaseService2 (Version: 130.0.371.000)
H&R Block Deluxe + Efile + State 2010 (Version: 10.04.6402)
H&R Block Deluxe + Efile + State 2011 (Version: 11.05.7102)
H&R Block Deluxe + Efile 2009 (Version: 09.03.6901)
H&R Block Oklahoma 2009 (Version: 1.09.3001)
H&R Block Oklahoma 2010 (Version: 1.10.3401)
H&R Block Oklahoma 2011 (Version: 1.11.3301)
HitmanPro 3.7 (Version: 3.7.9.212)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP OfficeJet J3600 (Version: 13.0)
HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
iCloud (Version: 2.0.2.187)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.7.0.21)
J3600 (Version: 130.0.000.000)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 32 (Version: 6.0.320)
Junk Mail filter update (Version: 14.0.8089.726)
LogMeIn (Version: 4.1.1868)
LogMeIn (Version: 4.1.2126)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access Runtime (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 Browser (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Management Objects (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Native Client (Version: 10.0.1600.22)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Setup Support Files (English) (Version: 10.0.1600.22)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP1 English (Version: 3.5.5692.0)
Microsoft SQL Server VSS Writer (Version: 10.0.1600.22)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (Version: 9.0.30729)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (Version: 1)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 (Version: 3.0.5305.0)
Modem Diagnostic Tool (Version: 1.0.24.0)
Mozilla Firefox 10.0.1 (x86 en-US) (Version: 10.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NETGEAR A6200 Genie (Version: 26.0.0.0)
NetWaiting (Version: 2.5.54)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PC*MILER 20
PC*MILER Streets 20.0
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
PowerDVD DX (Version: 8.3.5424)
PowerISO (Version: 5.0)
ProductContext (Version: 130.0.000.000)
PS_AIO_Software_min (Version: 130.0.365.000)
Punch! Home Design - AS4000
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.5864)
Roxio Burn (Version: 1.0)
Roxio Burn (Version: 1.0.0)
Roxio Update Manager (Version: 6.0.0)
Rummy.com
Scan (Version: 13.0.0.0)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Sql Server Customer Experience Improvement Program (Version: 10.0.1600.22)
SQL Server System CLR Types (Version: 10.0.1600.22)
Status (Version: 130.0.469.000)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
Ultimate Business Plan Starter (Version: 4.0.42)
UnloadSupport (Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual C++ 8.0 ATL (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual C++ 8.0 CRT (x86) WinSXS MSM (Version: 8.0.50727.762)
Vuze (Version: 4.3)
WebReg (Version: 130.0.132.017)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yahoo! BrowserPlus 2.9.8
Yahoo! Detect
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
 
========================= Memory info: ===================================
 
Percentage of memory in use: 43%
Total physical RAM: 4061.05 MB
Available physical RAM: 2291 MB
Total Pagefile: 8120.3 MB
Available Pagefile: 5994.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3980.46 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:581.48 GB) (Free:494.57 GB) NTFS
2 Drive d: (A6200) (CDROM) (Total:0.09 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\PAULAOLIVER-PC
 
Administrator            Guest                    Mcx1-PAULAOLIVER-PC      
Paula Oliver             
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
running other scan now


#10 pspo8315

pspo8315
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 04 February 2014 - 02:41 PM

Security check 

 

 Results of screen317's Security Check version 0.99.79  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java™ 6 Update 32  
 Java 7 Update 7  
 Java version out of Date! 
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox 10.0.1 Firefox out of Date!  
 Google Chrome 32.0.1700.102  
 Google Chrome 32.0.1700.107  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 


#11 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,023 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:11:55 AM

Posted 04 February 2014 - 02:45 PM

The minitoolbox will have a list of the programs installed on your computer.

 

As for a antivirus, I use Avast free, it is one of the better ones out there.

 

You can set the updates so that you can see what is being suggested that you install and then choose from those.  You will find Windows update in the Control Panel.  The choices are pretty straightforward.

 

srvinf.exe is part of the operating system, I would leave it alone.

 

I see that two of the scans have just been posted, I will look at the and get back to your.

 

Is the computer running any better?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#12 pspo8315

pspo8315
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 04 February 2014 - 03:04 PM

It seams to be keeping up with my typing now. Thank you very Much.

 What do you think of the Advance SystemCare 7?   I have 6 currently installed. My daughter had me install over a year ago. However, really remember doing much with it. It does show on my desktop  PC Health :( 

Im assuming it wants me to update.

Should I just uninstall?



#13 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,023 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:11:55 AM

Posted 04 February 2014 - 03:21 PM

I definitely would suggest uninstalling advanced system care and install Avast. Bleeping Computer strongly suggest that registry cleaners and optimizers not be used.  They can cause more harm than good.  If the registry damaged when using a registry cleaner it can leave your computer inoperable.

 

Firefox, Adobe Reader, and Java are all out of date.  If you intend on using these they need to be updated.

 

It looks like there may be a problem with your Broad comm driver/s.  You should download the latest but not install it until you have unistalled the old one/s.

 

There's more to come, let's see what the rest of the scans produce.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#14 pspo8315

pspo8315
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 04 February 2014 - 03:31 PM

I've run and posted all the scans you requested. Is there any I've missed?

I am installing the Avast now... 

 

What is the Broad comm driver/s?



#15 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,023 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:11:55 AM

Posted 04 February 2014 - 03:48 PM

Please download and install Speccy to provide us with information about your computer.  When  FileHippo opens, click on Download latest version in the upper right pane.
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users