Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to access internet through any browser possibly due to malware


  • This topic is locked This topic is locked
4 replies to this topic

#1 Pranav Bhople

Pranav Bhople

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 15 November 2014 - 03:58 AM

Hey there, this is my first time on this forum. Today morning suddenly, I couldn't connect to the internet through any browser on my laptop,(Windows 7), while other devices like my cellphone seem to connect. The Windows troubleshooter said "the remote device or resource wont accept the connection"
My internet connection needs me to connect through a http proxy, so my guess was something is meddling with that.
My first step was to reset all the internet settings from Network and Sharing Center, which seemed to have helped people in the same situation.
No result.
So I went on to detect for some malware, but I had just an old, un-updated version of Microsoft Security Essentials which didn't detect anything.
So I went for downloading AdwCleaner on my cellphone and ran it on my laptop, it detected a few files which I cleaned.
No result.
So I tried ComboFix despite the few risk warnings here and there. It took its time but the process ended smoothly right upto creating a log.
Still no result, I still cannot connect to the internet.
Here are attached the logs from AdwCleaner and ComboFix both
 
There are two files in the logs for AdwCleaner :
 
File no 1.
# AdwCleaner v4.101 - Report created 15/11/2014 at 10:22:55
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows 7 Home Basic Service Pack 1 (64 bits)
# Username : new - NEW-HP
# Running from : C:\Users\new\AppData\Local\Temp\WPDNSE\{00000008-0001-0001-0000-000000000000}\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage
File Found : C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
File Found : C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage
File Found : C:\Users\new\AppData\Roaming\Mozilla\Firefox\Profiles\ednbekks.default\searchplugins\WebSearch.xml
File Found : C:\Users\new\AppData\Roaming\Mozilla\Firefox\Profiles\ednbekks.default\user.js
File Found : C:\Users\new\daemonprocess.txt
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Mobogenie
Folder Found : C:\Program Files (x86)\PANDORA.TV
Folder Found : C:\Program Files (x86)\PutLockerDownloader
Folder Found : C:\Program Files (x86)\WebSearch
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Premium
Folder Found : C:\ProgramData\Vaudix
Folder Found : C:\ProgramData\Vaudix
Folder Found : C:\Users\new\AppData\Local\Conduit
Folder Found : C:\Users\new\AppData\Local\genienext
Folder Found : C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnnajmlhehgnkclpdlggknanmcplloej
Folder Found : C:\Users\new\AppData\Local\Mobogenie
Folder Found : C:\Users\new\AppData\Local\PackageAware
Folder Found : C:\Users\new\AppData\Local\PutLockerDownloader
Folder Found : C:\Users\new\AppData\LocalLow\Conduit
Folder Found : C:\Users\new\AppData\Roaming\goforfiles
Folder Found : C:\Users\new\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
Folder Found : C:\Users\new\AppData\Roaming\Mozilla\Firefox\Profiles\ednbekks.default\Extensions\[email protected]<script type="text/javascript"> /* */ </script>
Folder Found : C:\Users\new\AppData\Roaming\Mozilla\Firefox\Profiles\ednbekks.default\Extensions\[email protected]
Folder Found : C:\Users\new\AppData\Roaming\newnext.me
Folder Found : C:\Users\new\AppData\Roaming\Optimizer Pro
Folder Found : C:\Users\new\AppData\Roaming\registry mechanic
Folder Found : C:\Users\new\Documents\Mobogenie
 
***** [ Scheduled Tasks ] *****
 
Task Found : GoforFilesUpdate
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\ExpressFiles
Key Found : HKCU\Software\GoforFiles
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\outobox
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Cr_Installer
Key Found : [x64] HKCU\Software\ExpressFiles
Key Found : [x64] HKCU\Software\GoforFiles
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\outobox
Key Found : [x64] HKCU\Software\PIP
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\AskTBar
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\PutLockerDownloader
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\ExpressFiles
Key Found : HKLM\SOFTWARE\GoforFiles
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dnnajmlhehgnkclpdlggknanmcplloej
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\outobox
Key Found : HKLM\SOFTWARE\PIP
Key Found : HKLM\SOFTWARE\SProtector
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
 
-\\ Mozilla Firefox v33.1 (x86 en-US)
 
[ednbekks.default] - Line Found : user_pref("CT2776682..clientLogIsEnabled", false);
[ednbekks.default] - Line Found : user_pref("CT2776682..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[ednbekks.default] - Line Found : user_pref("CT2776682..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[ednbekks.default] - Line Found : user_pref("CT2776682.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[ednbekks.default] - Line Found : user_pref("CT2776682.BrowserCompStateIsOpen_129678129407612905", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.BrowserCompStateIsOpen_129681725882385585", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.CTID", "CT2776682");
[ednbekks.default] - Line Found : user_pref("CT2776682.CurrentServerDate", "8-2-2012");
[ednbekks.default] - Line Found : user_pref("CT2776682.DSInstall", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.DialogsAlignMode", "LTR");
[ednbekks.default] - Line Found : user_pref("CT2776682.DialogsGetterLastCheckTime", "Mon Feb 06 2012 18:08:04 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.DownloadReferralCookieData", "");
[ednbekks.default] - Line Found : user_pref("CT2776682.FirstServerDate", "6-2-2012");
[ednbekks.default] - Line Found : user_pref("CT2776682.FirstTime", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.FirstTimeFF3", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.FixPageNotFoundErrors", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.GroupingServerCheckInterval", 1440);
[ednbekks.default] - Line Found : user_pref("CT2776682.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[ednbekks.default] - Line Found : user_pref("CT2776682.HPInstall", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.HasUserGlobalKeys", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.HomePageProtectorEnabled", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.HomepageBeforeUnload", "hxxp://www.google.co.in/");
[ednbekks.default] - Line Found : user_pref("CT2776682.Initialize", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.InitializeCommonPrefs", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.InstallationAndCookieDataSentCount", 2);
[ednbekks.default] - Line Found : user_pref("CT2776682.InstallationId", "ct2776682_brothersoft_extreme.exe");
[ednbekks.default] - Line Found : user_pref("CT2776682.InstallationType", "ConduitXPEIntegration");
[ednbekks.default] - Line Found : user_pref("CT2776682.InstalledDate", "Mon Feb 06 2012 18:08:06 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.InvalidateCache", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.IsAlertDBUpdated", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.IsGrouping", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.IsInitSetupIni", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.IsMulticommunity", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.IsOpenThankYouPage", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.IsOpenUninstallPage", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.LanguagePackLastCheckTime", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.LanguagePackReloadIntervalMM", 1440);
[ednbekks.default] - Line Found : user_pref("CT2776682.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[ednbekks.default] - Line Found : user_pref("CT2776682.LastLogin_3.9.0.3", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.LatestVersion", "3.9.0.3");
[ednbekks.default] - Line Found : user_pref("CT2776682.Locale", "en");
[ednbekks.default] - Line Found : user_pref("CT2776682.MCDetectTooltipHeight", "83");
[ednbekks.default] - Line Found : user_pref("CT2776682.MCDetectTooltipShow", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[ednbekks.default] - Line Found : user_pref("CT2776682.MCDetectTooltipWidth", "295");
[ednbekks.default] - Line Found : user_pref("CT2776682.MyStuffEnabledAtInstallation", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.OriginalFirstVersion", "3.9.0.3");
[ednbekks.default] - Line Found : user_pref("CT2776682.RadioIsPodcast", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.RadioLastCheckTime", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.RadioLastUpdateIPServer", "3");
[ednbekks.default] - Line Found : user_pref("CT2776682.RadioLastUpdateServer", "3");
[ednbekks.default] - Line Found : user_pref("CT2776682.RadioMediaID", "9962");
[ednbekks.default] - Line Found : user_pref("CT2776682.RadioMediaType", "Media Player");
[ednbekks.default] - Line Found : user_pref("CT2776682.RadioMenuSelectedID", "EBRadioMenu_CT27766829962");
[ednbekks.default] - Line Found : user_pref("CT2776682.RadioShrinkedFromSetup", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.RadioStationName", "California%20Rock");
[ednbekks.default] - Line Found : user_pref("CT2776682.RadioStationURL", "hxxp://feedlive.net/california.asx");
[ednbekks.default] - Line Found : user_pref("CT2776682.SearchCaption", "BrotherSoft Extreme Customized Web Search");
[ednbekks.default] - Line Found : user_pref("CT2776682.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
[ednbekks.default] - Line Found : user_pref("CT2776682.SearchFromAddressBarIsInit", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q=");
[ednbekks.default] - Line Found : user_pref("CT2776682.SearchInNewTabEnabled", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.SearchInNewTabIntervalMM", 1440);
[ednbekks.default] - Line Found : user_pref("CT2776682.SearchInNewTabLastCheckTime", "Wed Feb 08 2012 14:12:55 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
[ednbekks.default] - Line Found : user_pref("CT2776682.SearchProtectorEnabled", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.SearchProtectorToolbarDisabled", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.SendProtectorDataViaLogin", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.ServiceMapLastCheckTime", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.SettingsLastCheckTime", "Wed Feb 08 2012 14:12:55 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.SettingsLastUpdate", "1328266213");
[ednbekks.default] - Line Found : user_pref("CT2776682.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2776682&SearchSource=13");
[ednbekks.default] - Line Found : user_pref("CT2776682.ThirdPartyComponentsInterval", 504);
[ednbekks.default] - Line Found : user_pref("CT2776682.ThirdPartyComponentsLastCheck", "Mon Feb 06 2012 18:08:03 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.ThirdPartyComponentsLastUpdate", "1312887586");
[ednbekks.default] - Line Found : user_pref("CT2776682.ToolbarShrinkedFromSetup", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2776682");
[ednbekks.default] - Line Found : user_pref("CT2776682.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
[ednbekks.default] - Line Found : user_pref("CT2776682.UserID", "UN05916291287579423");
[ednbekks.default] - Line Found : user_pref("CT2776682.ValidationData_Toolbar", 1);
[ednbekks.default] - Line Found : user_pref("CT2776682.alertChannelId", "1168776");
[ednbekks.default] - Line Found : user_pref("CT2776682.approveUntrustedApps", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.autoDisableScopes", -1);
[ednbekks.default] - Line Found : user_pref("CT2776682.backendstorage.autocompletepro_enable", "31");
[ednbekks.default] - Line Found : user_pref("CT2776682.backendstorage.autocompletepro_enable_auto", "31");
[ednbekks.default] - Line Found : user_pref("CT2776682.backendstorage.cbfirsttime", "4D6F6E2046656220303620323031322031383A30383A313520474D542B303533302028496E646961205374616E646172642054696D6529");
[ednbekks.default] - Line Found : user_pref("CT2776682.backendstorage.shoppingapp.gk.exipres", "5361742046656220313120323031322031383A30383A313320474D542B303533302028496E646961205374616E646172642054696D6529");
[ednbekks.default] - Line Found : user_pref("CT2776682.backendstorage.shoppingapp.gk.geolocation", "696E646961");
[ednbekks.default] - Line Found : user_pref("CT2776682.components.1000082", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.components.129378290255256948", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
[ednbekks.default] - Line Found : user_pref("CT2776682.globalFirstTimeInfoLastCheckTime", "Mon Feb 06 2012 18:08:04 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.homepageProtectorEnableByLogin", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.initDone", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.isAppTrackingManagerOn", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.isFirstRadioInstallation", false);
[ednbekks.default] - Line Found : user_pref("CT2776682.myStuffEnabled", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.myStuffPublihserMinWidth", 400);
[ednbekks.default] - Line Found : user_pref("CT2776682.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[ednbekks.default] - Line Found : user_pref("CT2776682.myStuffServiceIntervalMM", 1440);
[ednbekks.default] - Line Found : user_pref("CT2776682.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[ednbekks.default] - Line Found : user_pref("CT2776682.revertSettingsEnabled", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.searchProtectorDialogDelayInSec", 10);
[ednbekks.default] - Line Found : user_pref("CT2776682.searchProtectorEnableByLogin", true);
[ednbekks.default] - Line Found : user_pref("CT2776682.testingCtid", "");
[ednbekks.default] - Line Found : user_pref("CT2776682.toolbarAppMetaDataLastCheckTime", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.toolbarContextMenuLastCheckTime", "Mon Feb 06 2012 18:08:09 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CT2776682.usagesFlag", 2);
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2776682/CT2776682", "\"c1f4829f9109c86c06d756aba7d286731\"");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1168776/1164461/IN", "\"0\"");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", "\"1323698988\"");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:0\"");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"023d3d3f2c9cc1:0\"");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2776682", "\"13a760730d9291f1df061003ecf304ce\"");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"cde759bd30c070995eab32eddc00c079\"");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\new\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\ednbekks.default\\conduitCommon\\modules\\3.9.0.3");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT2776682");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2776682");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2776682");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.globalUserId", "cd86833d-7cf0-493b-9fcf-2a96ac2b53c9");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2776682");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Feb 06 2012 18:08:09 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Feb 08 2012 14:13:04 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.locale", "en");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.notifications.userId", "0bec0187-0ea8-473b-beb9-0da250225014");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.co.in/");
[ednbekks.default] - Line Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
[ednbekks.default] - Line Found : user_pref("aol_toolbar.default.homepage.check", false);
[ednbekks.default] - Line Found : user_pref("aol_toolbar.default.search.check", false);
[ednbekks.default] - Line Found : user_pref("extensions.50bdc28c18ec6.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.swe[...]
[ednbekks.default] - Line Found : user_pref("extensions.511a49ac869fb.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.location.hostname)>-1) return;}c[...]
[ednbekks.default] - Line Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);
[ednbekks.default] - Line Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
[ednbekks.default] - Line Found : user_pref("extensions.crossrider.bic", "136c2032fdafb4f5d739ccdd78a07678");
[ednbekks.default] - Line Found : user_pref("[email protected]", true);
[ednbekks.default] - Line Found : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394120568935");
[ednbekks.default] - Line Found : user_pref("extensions.proxytool.referers", "www.google.com,google.com,yahoo.com,bing.com,ask.com,currate.com,alwaysmath.com,facebook.com,twitter.com,craigslist.org");
[ednbekks.default] - Line Found : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[ednbekks.default] - Line Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[ednbekks.default] - Line Found : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
[ednbekks.default] - Line Found : user_pref("extensions.youtubeenhancerdotcom.customstyle5", "@namespace url(hxxp://www.w3.org/1999/xhtml);\n\n\n\n@-moz-document domain(\"youtube.com\") {\n\n\n\nbody, #branded-page-body-container, #bo[...]
[ednbekks.default] - Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch");
[ednbekks.default] - Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch");
[ednbekks.default] - Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.good-results.info/?pid=322&r=2013/02/12&hid=449627789&lg=EN&cc=IN");
[ednbekks.default] - Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://websearch.good-results.info/?pid=322&r=2013/02/12&hid=449627789&lg=EN&cc=IN&l=1&q=");
[ednbekks.default] - Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
[ednbekks.default] - Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
[ednbekks.default] - Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
[ednbekks.default] - Line Found : user_pref("sweetim.toolbar.searchguard.enable", "");
 
-\\ Google Chrome v38.0.2125.111
 
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.good-results.info/?l=1&q={searchTerms}&pid=322&r=2013/02/12&hid=449627789&lg=EN&cc=IN
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : dnnajmlhehgnkclpdlggknanmcplloej
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : jpnbdefcbnoefmmcpelplabbkfmfhlho
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Homepage] : hxxp://in.search.yahoo.com?type=714647&fr=spigot-yhp-ch
 
*************************
 
AdwCleaner[R0].txt - [27177 octets] - [15/11/2014 10:22:55]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [27238 octets] ##########
 
File no 2.
# AdwCleaner v4.101 - Report created 15/11/2014 at 10:24:45
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows 7 Home Basic Service Pack 1 (64 bits)
# Username : new - NEW-HP
# Running from : C:\Users\new\AppData\Local\Temp\WPDNSE\{00000008-0001-0001-0000-000000000000}\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Vaudix
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\PutLockerDownloader
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Program Files (x86)\PANDORA.TV
Folder Deleted : C:\Users\new\AppData\Local\Conduit
Folder Deleted : C:\Users\new\AppData\Local\genienext
Folder Deleted : C:\Users\new\AppData\Local\Mobogenie
Folder Deleted : C:\Users\new\AppData\Local\PackageAware
Folder Deleted : C:\Users\new\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\new\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\new\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\new\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\new\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\new\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\new\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
Folder Deleted : C:\Users\new\Documents\Mobogenie
[!] Folder Deleted : C:\Users\new\AppData\Roaming\Mozilla\Firefox\Profiles\ednbekks.default\Extensions\[email protected]
Folder Deleted : C:\Users\new\AppData\Roaming\Mozilla\Firefox\Profiles\ednbekks.default\Extensions\[email protected]
Folder Deleted : C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnnajmlhehgnkclpdlggknanmcplloej
File Deleted : C:\END
File Deleted : C:\Users\new\daemonprocess.txt
File Deleted : C:\Users\new\AppData\Roaming\Mozilla\Firefox\Profiles\ednbekks.default\searchplugins\WebSearch.xml
File Deleted : C:\Users\new\AppData\Roaming\Mozilla\Firefox\Profiles\ednbekks.default\user.js
File Deleted : C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage
File Deleted : C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lyrics.wikia.com_0.localstorage
File Deleted : C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsfreak.com_0.localstorage
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : GoforFilesUpdate
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dnnajmlhehgnkclpdlggknanmcplloej
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\PutLockerDownloader
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM64\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\outobox
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\AskTBar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ExpressFiles
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\outobox
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM64\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
 
-\\ Mozilla Firefox v33.1 (x86 en-US)
 
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682..clientLogIsEnabled", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_129678129407612905", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_129681725882385585", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.CTID", "CT2776682");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.CurrentServerDate", "8-2-2012");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.DSInstall", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.DialogsAlignMode", "LTR");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.DialogsGetterLastCheckTime", "Mon Feb 06 2012 18:08:04 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.DownloadReferralCookieData", "");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.FirstServerDate", "6-2-2012");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.FirstTime", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.FirstTimeFF3", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.FixPageNotFoundErrors", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.GroupingServerCheckInterval", 1440);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.GroupingServiceUrl", "http://grouping.services.conduit.com/");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.HPInstall", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.HasUserGlobalKeys", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.HomePageProtectorEnabled", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.HomepageBeforeUnload", "http://www.google.co.in/");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.Initialize", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.InitializeCommonPrefs", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.InstallationAndCookieDataSentCount", 2);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.InstallationId", "ct2776682_brothersoft_extreme.exe");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.InstallationType", "ConduitXPEIntegration");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.InstalledDate", "Mon Feb 06 2012 18:08:06 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.InvalidateCache", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.IsAlertDBUpdated", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.IsGrouping", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.IsInitSetupIni", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.IsMulticommunity", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.IsOpenThankYouPage", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.IsOpenUninstallPage", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.LanguagePackLastCheckTime", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.LanguagePackReloadIntervalMM", 1440);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.LastLogin_3.9.0.3", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.LatestVersion", "3.9.0.3");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.Locale", "en");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.MCDetectTooltipHeight", "83");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.MCDetectTooltipShow", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.MCDetectTooltipWidth", "295");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.MyStuffEnabledAtInstallation", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.OriginalFirstVersion", "3.9.0.3");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.RadioIsPodcast", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.RadioLastCheckTime", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.RadioLastUpdateIPServer", "3");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.RadioLastUpdateServer", "3");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.RadioMediaID", "9962");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.RadioMediaType", "Media Player");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.RadioMenuSelectedID", "EBRadioMenu_CT27766829962");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.RadioShrinkedFromSetup", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.RadioStationName", "California%20Rock");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.RadioStationURL", "http://feedlive.net/california.asx");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SearchCaption", "BrotherSoft Extreme Customized Web Search");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SearchFromAddressBarIsInit", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q=");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SearchInNewTabEnabled", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SearchInNewTabIntervalMM", 1440);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SearchInNewTabLastCheckTime", "Wed Feb 08 2012 14:12:55 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SearchProtectorEnabled", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SearchProtectorToolbarDisabled", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SendProtectorDataViaLogin", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.ServiceMapLastCheckTime", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SettingsLastCheckTime", "Wed Feb 08 2012 14:12:55 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.SettingsLastUpdate", "1328266213");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2776682&SearchSource=13");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.ThirdPartyComponentsInterval", 504);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.ThirdPartyComponentsLastCheck", "Mon Feb 06 2012 18:08:03 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.ThirdPartyComponentsLastUpdate", "1312887586");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.ToolbarShrinkedFromSetup", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.TrusteLinkUrl", "http://trust.conduit.com/CT2776682");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.UserID", "UN05916291287579423");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.ValidationData_Toolbar", 1);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.alertChannelId", "1168776");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.approveUntrustedApps", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.autoDisableScopes", -1);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.backendstorage.autocompletepro_enable", "31");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.backendstorage.autocompletepro_enable_auto", "31");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.backendstorage.cbfirsttime", "4D6F6E2046656220303620323031322031383A30383A313520474D542B303533302028496E646961205374616E646172642054696D6529");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.backendstorage.shoppingapp.gk.exipres", "5361742046656220313120323031322031383A30383A313320474D542B303533302028496E646961205374616E646172642054696D6529");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.backendstorage.shoppingapp.gk.geolocation", "696E646961");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.components.1000082", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.components.129378290255256948", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"http://appdown[...]
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.globalFirstTimeInfoLastCheckTime", "Mon Feb 06 2012 18:08:04 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.homepageProtectorEnableByLogin", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.initDone", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.isAppTrackingManagerOn", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.isFirstRadioInstallation", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.myStuffEnabled", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.myStuffPublihserMinWidth", 400);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.myStuffServiceIntervalMM", 1440);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.revertSettingsEnabled", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.searchProtectorDialogDelayInSec", 10);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.searchProtectorEnableByLogin", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.testingCtid", "");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.toolbarAppMetaDataLastCheckTime", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.toolbarContextMenuLastCheckTime", "Mon Feb 06 2012 18:08:09 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CT2776682.usagesFlag", 2);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2776682/CT2776682", "\"c1f4829f9109c86c06d756aba7d286731\"");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1168776/1164461/IN", "\"0\"");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", "\"1323698988\"");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:0\"");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"023d3d3f2c9cc1:0\"");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2776682", "\"13a760730d9291f1df061003ecf304ce\"");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"cde759bd30c070995eab32eddc00c079\"");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\new\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\ednbekks.default\\conduitCommon\\modules\\3.9.0.3");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2776682");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2776682");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2776682");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.globalUserId", "cd86833d-7cf0-493b-9fcf-2a96ac2b53c9");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2776682");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Feb 06 2012 18:08:09 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Feb 08 2012 14:13:04 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Feb 08 2012 14:12:56 GMT+0530 (India Standard Time)");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.notifications.userId", "0bec0187-0ea8-473b-beb9-0da250225014");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.originalHomepage", "http://www.google.co.in/");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.check", false);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.50bdc28c18ec6.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.swe[...]
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.511a49ac869fb.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.location.hostname)>-1) return;}c[...]
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "136c2032fdafb4f5d739ccdd78a07678");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("[email protected]", true);
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394120568935");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.proxytool.referers", "www.google.com,google.com,yahoo.com,bing.com,ask.com,currate.com,alwaysmath.com,facebook.com,twitter.com,craigslist.org");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("extensions.youtubeenhancerdotcom.customstyle5", "@namespace url(http://www.w3.org/1999/xhtml);\n\n\n\n@-moz-document domain(\"youtube.com\") {\n\n\n\nbody, #branded-page-body-container, #bo[...]
[ednbekks.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://websearch.good-results.info/?pid=322&r=2013/02/12&hid=449627789&lg=EN&cc=IN");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "http://websearch.good-results.info/?pid=322&r=2013/02/12&hid=449627789&lg=EN&cc=IN&l=1&q=");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
[ednbekks.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");
 
-\\ Google Chrome v38.0.2125.111
 
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : http://en.softonic.com/s/{searchTerms}
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : http://websearch.good-results.info/?l=1&q={searchTerms}&pid=322&r=2013/02/12&hid=449627789&lg=EN&cc=IN
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : http://en.softonic.com/s/{searchTerms}
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : dnnajmlhehgnkclpdlggknanmcplloej
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : jpnbdefcbnoefmmcpelplabbkfmfhlho
[C:\Users\new\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : http://in.search.yahoo.com?type=714647&fr=spigot-yhp-ch
 
************************************************************************
 
Log for ComboFix :
ComboFix 14-11-15.01 - new 15-11-2014  10:41:37.1.4 - x64
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.91.1033.18.4044.2025 [GMT 5.5:30]
Running from: C:\Users\new\AppData\Local\Temp\WPDNSE\{00000008-0001-0001-0000-000000000000}\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
 
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
 
 
C:\Users\new\AppData\Local\Adobe\downloader.dll
C:\Users\new\AppData\Local\Adobe\gccheck.exe
C:\Users\new\AppData\Local\Adobe\gtbcheck.exe
C:\Users\new\BITC23E.tmp
C:\Windows\msdownld.tmp
C:\Windows\XSxS
I:\Autorun.inf
 
 
(((((((((((((((((((((((((   Files Created from 2014-10-15 to 2014-11-15  )))))))))))))))))))))))))))))))
 
 
2014-11-15 05:21:44 . 2014-11-15 05:21:44 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-11-15 04:52:36 . 2014-11-15 05:06:24 -------- d-----w- C:\AdwCleaner
2014-11-15 04:27:29 . 2014-11-15 04:27:29 -------- d-----w- C:\Program Files\HitmanPro
2014-11-15 04:26:49 . 2014-11-15 04:26:49 -------- d-----w- C:\ProgramData\HitmanPro
2014-11-03 12:46:41 . 2014-11-04 12:58:55 -------- d-----w- C:\Users\new\AppData\Roaming\IDM
2014-11-03 11:18:37 . 2014-11-05 09:29:14 -------- d-----w- C:\Users\new\AppData\Local\JDownloader 2.0
.
 
 
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
 
2014-10-05 09:58:38 . 2010-06-24 18:33:56 23256 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-03 16:07:43 . 2012-04-03 17:54:34 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-03 16:07:43 . 2011-07-17 04:02:03 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-03 16:07:29 . 2014-10-03 16:07:27 17903792 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-09-25 02:08:38 . 2014-10-03 18:01:43 371712 ----a-w- C:\Windows\system32\qdvd.dll
2014-09-25 01:40:50 . 2014-10-03 18:01:43 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-22 06:42:39 . 2010-11-21 03:27:21 278152 ------w- C:\Windows\system32\MpSigStub.exe
2014-09-14 20:38:34 . 2014-10-04 13:31:10 11578928 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F9421B26-A69C-4CB9-915C-5CE826D0D719}\mpengine.dll
2014-09-14 20:38:34 . 2014-10-02 15:22:53 11578928 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-09-10 11:00:14 . 2014-10-02 15:25:31 1188440 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D1D36E57-971D-4C3B-B033-6A8B7D03088C}\gapaengine.dll
2014-09-09 22:11:04 . 2014-10-03 17:56:55 2048 ----a-w- C:\Windows\system32\tzres.dll
2014-09-09 21:47:10 . 2014-10-03 17:56:55 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-08-29 07:31:54 . 2011-12-17 08:04:59 101694776 ----a-w- C:\Windows\system32\MRT.exe
2014-08-23 02:07:00 . 2014-10-03 17:51:37 404480 ----a-w- C:\Windows\system32\gdi32.dll
2014-08-23 01:45:55 . 2014-10-03 17:51:37 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 . 2014-10-03 17:51:37 3163648 ----a-w- C:\Windows\system32\win32k.sys
2014-08-19 19:12:18 . 2014-05-09 13:23:13 2006808 ----a-w- C:\Windows\system32\WacomMT.dll
2014-08-19 19:12:18 . 2014-05-09 13:23:13 1991448 ----a-w- C:\Windows\system32\Pen_Tablet.dll
2014-08-19 19:12:18 . 2014-05-09 13:23:13 1984792 ----a-w- C:\Windows\system32\Pen_Touch_Tablet.dll
2014-08-19 19:12:18 . 2014-05-09 13:23:13 1858328 ----a-w- C:\Windows\system32\Wintab32.dll
2014-08-19 19:12:16 . 2014-05-09 13:23:13 1614104 ----a-w- C:\Windows\SysWow64\Pen_Tablet.dll
2014-08-19 19:12:16 . 2014-05-09 13:23:13 1610008 ----a-w- C:\Windows\SysWow64\WacomMT.dll
2014-08-19 19:12:16 . 2014-05-09 13:23:13 1607448 ----a-w- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
2014-08-19 19:12:16 . 2014-05-09 13:23:13 1493784 ----a-w- C:\Windows\SysWow64\Wintab32.dll
2014-08-19 18:05:24 . 2014-10-05 09:38:24 374968 ----a-w- C:\Windows\system32\iedkcs32.dll
2014-08-18 23:01:00 . 2014-10-05 09:38:23 23591424 ----a-w- C:\Windows\system32\mshtml.dll
2014-08-18 22:29:49 . 2014-10-05 09:38:27 2724864 ----a-w- C:\Windows\system32\mshtml.tlb
2014-08-18 22:29:35 . 2014-10-05 09:38:26 4096 ----a-w- C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 22:20:17 . 2014-10-05 09:38:20 2793984 ----a-w- C:\Windows\system32\iertutil.dll
2014-08-18 22:19:53 . 2014-10-05 09:38:19 5833728 ----a-w- C:\Windows\system32\jscript9.dll
2014-08-18 22:15:34 . 2014-10-05 09:38:25 547328 ----a-w- C:\Windows\system32\vbscript.dll
2014-08-18 22:15:09 . 2014-10-05 09:38:24 66048 ----a-w- C:\Windows\system32\iesetup.dll
2014-08-18 22:14:38 . 2014-10-05 09:38:22 48640 ----a-w- C:\Windows\system32\ieetwproxystub.dll
2014-08-18 22:14:10 . 2014-10-05 09:38:26 83968 ----a-w- C:\Windows\system32\MshtmlDac.dll
2014-08-18 22:08:57 . 2014-10-05 09:38:25 51200 ----a-w- C:\Windows\system32\jsproxy.dll
2014-08-18 22:08:55 . 2014-10-05 09:38:19 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:08:08 . 2014-10-05 09:38:26 33792 ----a-w- C:\Windows\system32\iernonce.dll
2014-08-18 22:05:01 . 2014-10-05 09:38:28 596480 ----a-w- C:\Windows\system32\ieui.dll
2014-08-18 22:03:47 . 2014-10-05 09:38:25 139264 ----a-w- C:\Windows\system32\ieUnatt.exe
2014-08-18 22:03:37 . 2014-10-05 09:38:22 111616 ----a-w- C:\Windows\system32\ieetwcollector.exe
2014-08-18 22:03:01 . 2014-10-05 09:38:26 758272 ----a-w- C:\Windows\system32\jscript9diag.dll
2014-08-18 21:57:44 . 2014-10-05 09:38:27 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 . 2014-10-05 09:38:22 940032 ----a-w- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 21:51:29 . 2014-10-05 09:38:25 446464 ----a-w- C:\Windows\system32\dxtmsft.dll
2014-08-18 21:46:26 . 2014-10-05 09:38:25 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 . 2014-10-05 09:38:24 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 . 2014-10-05 09:38:26 72704 ----a-w- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 . 2014-10-05 09:38:23 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 . 2014-10-05 09:38:26 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:40:29 . 2014-10-05 09:38:25 195584 ----a-w- C:\Windows\system32\msrating.dll
2014-08-18 21:39:13 . 2014-10-05 09:38:25 85504 ----a-w- C:\Windows\system32\mshtmled.dll
2014-08-18 21:38:12 . 2014-10-05 09:38:25 289280 ----a-w- C:\Windows\system32\dxtrans.dll
2014-08-18 21:36:07 . 2014-10-05 09:38:25 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 . 2014-10-05 09:38:23 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:25:40 . 2014-10-05 09:38:24 727040 ----a-w- C:\Windows\system32\msfeeds.dll
2014-08-18 21:25:16 . 2014-10-05 09:38:24 707072 ----a-w- C:\Windows\system32\ie4uinit.exe
2014-08-18 21:23:17 . 2014-10-05 09:38:18 2104832 ----a-w- C:\Windows\system32\inetcpl.cpl
2014-08-18 21:23:16 . 2014-10-05 09:38:22 1249280 ----a-w- C:\Windows\system32\mshtmlmedia.dll
2014-08-18 21:22:48 . 2014-10-05 09:38:23 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:16:25 . 2014-10-05 09:38:17 13588480 ----a-w- C:\Windows\system32\ieframe.dll
2014-08-18 21:15:13 . 2014-10-05 09:38:20 2310656 ----a-w- C:\Windows\system32\wininet.dll
2014-08-18 21:08:54 . 2014-10-05 09:38:18 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 . 2014-10-05 09:38:22 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:55:05 . 2014-10-05 09:38:19 1447424 ----a-w- C:\Windows\system32\urlmon.dll
2014-08-18 20:46:48 . 2014-10-05 09:38:20 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-08-18 20:38:41 . 2014-10-05 09:38:22 775168 ----a-w- C:\Windows\system32\ieapfltr.dll
2011-11-08 00:05:53 . 2012-02-06 12:55:59 237568 ----a-w- C:\Program Files (x86)\Uninstall Ask Toolbar.dll
 
 
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
 
 
*Note* empty entries & legit default entries are not shown 
REGEDIT4
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 129272 ----a-w- C:\Users\new\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 129272 ----a-w- C:\Users\new\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 129272 ----a-w- C:\Users\new\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 129272 ----a-w- C:\Users\new\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"360cloud"="C:\Program Files (x86)\360\360WangPan\360WangPan.exe" [2014-07-25 06:46:01 6317896]
"Vidalia"="C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe" [2014-07-28 23:43:12 6239727]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 09:18:44 379960]
"AdobeCEPServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" [2013-03-13 08:09:04 1039248]
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2014-05-08 11:22:08 840568]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 06:59:36 256896]
 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-6-17 1333024]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ   scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
 
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys;C:\Windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys;C:\Windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 hidkmdf;KMDF Driver;C:\Windows\system32\DRIVERS\hidkmdf.sys;C:\Windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys;C:\Windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS;C:\Windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS;C:\Windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS;C:\Windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys;C:\Windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudserd.sys;C:\Windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TFsExDisk;TFsExDisk;C:\Windows\System32\Drivers\TFsExDisk.sys;C:\Windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WacHidRouter;Wacom Hid Router;C:\Windows\system32\DRIVERS\wachidrouter.sys;C:\Windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\system32\DRIVERS\wacomrouterfilter.sys;C:\Windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe;C:\Windows\SYSNATIVE\atiesrxx.exe [x]
S2 dgdersvc;Device Error Recovery Service;C:\Windows\system32\dgdersvc.exe;C:\Windows\SYSNATIVE\dgdersvc.exe [x]
S2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys;C:\Windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys;C:\Windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe;c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [x]
S2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\system32\drivers\bcbtums.sys;C:\Windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl;C:\Windows\system32\DRIVERS\btwampfl.sys;C:\Windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\system32\DRIVERS\btwdpan.sys;C:\Windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys;C:\Windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys;C:\Windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 dgderdrv;dgderdrv;C:\Windows\system32\drivers\dgderdrv.sys;C:\Windows\SYSNATIVE\drivers\dgderdrv.sys [x]
S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys;C:\Windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys;C:\Windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe;C:\Program Files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
 
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-27 23:11:30 1089352 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
 
Contents of the 'Scheduled Tasks' folder
 
2014-11-15 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 17:54:34 . 2014-10-03 16:07:43]
 
2014-11-15 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14 14:34:30 . 2014-10-20 15:05:53]
 
2014-11-15 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14 14:34:30 . 2014-10-20 15:05:53]
 
2014-11-14 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-144416503-4162103245-2846841361-1000Core.job
- C:\Users\new\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-08 14:02:25 . 2014-10-21 21:02:32]
 
2014-11-15 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-144416503-4162103245-2846841361-1000UA.job
- C:\Users\new\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-08 14:02:25 . 2014-10-21 21:02:32]
 
2014-11-12 C:\Windows\Tasks\HPCeeScheduleFornew.job
- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15:40 . 2010-09-14 05:15:40]
 
2014-11-15 C:\Windows\Tasks\WpsUpdateTask_new.job
- C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe [2013-08-11 16:00:00 . 2014-08-06 08:06:23]
 
 
--------- X64 Entries -----------
 
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 162552 ----a-w- C:\Users\new\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 162552 ----a-w- C:\Users\new\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 162552 ----a-w- C:\Users\new\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 162552 ----a-w- C:\Users\new\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 12:22:26 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 12:22:26 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 12:22:26 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 12:22:26 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 12:22:26 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 12:22:26 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2014-04-21 10:02:26 25112 ----a-w- C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [2011-06-07 22:21:56 1128448]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe" [2014-08-22 09:44:48 1331288]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-20 23:40:08 472992]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-07-08 15:45:02 21720]
 
------- Supplementary Scan -------
 
uLocal Page = C:\Windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.mydreamworld.50webs.com
mLocal Page = C:\Windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyServer = 10.3.100.207:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 144.16.192.1 144.16.192.55
FF - ProfilePath - C:\Users\new\AppData\Roaming\Mozilla\Firefox\Profiles\ednbekks.default\
FF - prefs.js: keyword.URL - hxxp://in.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF - prefs.js: network.proxy.ftp - 10.3.100.207
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 144.16.192.216
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 10.3.100.207
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 10.3.100.207
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 10.3.100.207
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 2
 
- - - - ORPHANS REMOVED - - - -
 
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-4F6D5E84-5826-4394-9F40-3A9A19165651_is1 - C:\Program Files (x86)\PANDORA.TV\PanService\unins000.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
 
Hoping you can help me and in time.
Thanks in advance

Edited by Pranav Bhople, 15 November 2014 - 04:49 AM.


BC AdBot (Login to Remove)

 


#2 Pranav Bhople

Pranav Bhople
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 15 November 2014 - 04:38 AM

Hey on browsing through the forum I leant that you guys need a DDS log too, so here it is.
Mind that this log was taken after I'd done the cleaning with AdwCleaner and Combofix both. (I learnt it too late that you guys advise not using ComboFix unless asked to)
 
 
The DDS log :
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17280  BrowserJavaVersion: 10.67.2
Run by new at 14:42:01 on 2014-11-15
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.91.1033.18.4044.2175 [GMT 5.5:30]
.
AV: Microsoft Security Essentials *Enabled/Outdated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Outdated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Stardock\Object Desktop\WindowBlinds\vistasrv.exe
C:\Program Files (x86)\Stardock\Object Desktop\WindowBlinds\WBVista.exe
C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Stardock\Object Desktop\WindowBlinds\WBVista.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\dgdersvc.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Stardock\Object Desktop\WindowBlinds\WBVista.exe
C:\Windows\Explorer.EXE
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\WacomHost.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\360\360WangPan\360WangPan.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.mydreamworld.50webs.com
uProxyServer = 10.3.100.207:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [AdobeBridge] <no file>
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDriveAutoRun = dword:0
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
TCP: NameServer = 144.16.192.1 144.16.192.55
TCP: Interfaces\{986F99BC-9122-4A6D-A12E-7DCE55CB8F14} : DHCPNameServer = 144.16.192.1 144.16.192.55
TCP: Interfaces\{BA0D9C56-3CD6-4AB9-93C8-DD6A8ECC182B} : DHCPNameServer = 144.16.192.55 144.16.192.1
TCP: Interfaces\{BA0D9C56-3CD6-4AB9-93C8-DD6A8ECC182B}\0574F51337479727 : DHCPNameServer = 144.16.192.55 144.16.192.1
TCP: Interfaces\{BA0D9C56-3CD6-4AB9-93C8-DD6A8ECC182B}\5574F54347869727 : DHCPNameServer = 144.16.192.1 144.16.192.55
TCP: Interfaces\{BA0D9C56-3CD6-4AB9-93C8-DD6A8ECC182B}\5574F55347869727 : DHCPNameServer = 144.16.192.55 144.16.192.1
TCP: Interfaces\{BA0D9C56-3CD6-4AB9-93C8-DD6A8ECC182B}\7457563747F555375627 : DHCPNameServer = 144.16.192.55 144.16.192.1
TCP: Interfaces\{ED029FCC-9134-40E5-9BF8-B2CEB1604D0D} : DHCPNameServer = 192.168.42.129
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages =  scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: WB - C:\PROGRA~2\Stardock\Object Desktop\WindowBlinds\fast64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\new\AppData\Roaming\Mozilla\Firefox\Profiles\ednbekks.default\
FF - prefs.js: keyword.URL - hxxp://in.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF - prefs.js: network.proxy.ftp - 10.3.100.207
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 144.16.192.216
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 10.3.100.207
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 10.3.100.207
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 10.3.100.207
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 1
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Users\new\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\new\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\new\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-5-8 204288]
R2 dgdersvc;Device Error Recovery Service;C:\Windows\System32\dgdersvc.exe [2010-12-20 119632]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-5-6 263496]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-9-6 197536]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-3-25 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-3-25 2372096]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-9-12 180136]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-9-28 212944]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-27 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-27 701512]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 125584]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-4-20 3560288]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-25 2656280]
R2 WTabletServiceCon;Wacom Consumer Service;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2014-5-9 656664]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2012-3-25 133160]
R3 btwampfl;btwampfl;C:\Windows\System32\drivers\btwampfl.sys [2012-3-25 620584]
R3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2012-3-25 89640]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-3-25 39976]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 dgderdrv;dgderdrv;C:\Windows\System32\drivers\dgderdrv.sys [2010-12-20 20552]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2011-8-9 12289472]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-8-27 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-1-8 565352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe --> C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-11-11 36328]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2011-11-11 79680]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2014-5-9 14136]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-10-5 111616]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-3-25 335464]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-11-11 125416]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-11-11 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-11-11 159208]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-11-11 126952]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2011-11-11 201280]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\System32\drivers\ssudserd.sys [2011-11-11 201280]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2011-11-11 16392]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2014-5-9 102200]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2014-5-9 15160]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-11-15 05:58:05 -------- d-sh--w- C:\$RECYCLE.BIN
2014-11-15 05:08:53 98816 ----a-w- C:\Windows\sed.exe
2014-11-15 05:08:53 256000 ----a-w- C:\Windows\PEV.exe
2014-11-15 05:08:53 208896 ----a-w- C:\Windows\MBR.exe
2014-11-15 05:08:42 -------- d-----w- C:\ComboFix
2014-11-15 04:52:36 -------- d-----w- C:\AdwCleaner
2014-11-15 04:27:29 -------- d-----w- C:\Program Files\HitmanPro
2014-11-15 04:26:49 -------- d-----w- C:\ProgramData\HitmanPro
2014-11-15 03:53:07 1658368 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM.dll
2014-11-03 12:46:41 -------- d-----w- C:\Users\new\AppData\Roaming\IDM
2014-11-03 11:18:37 -------- d-----w- C:\Users\new\AppData\Local\JDownloader 2.0
.
==================== Find3M  ====================
.
2014-10-03 16:07:43 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-03 16:07:43 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-03 16:07:29 17903792 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-22 06:42:39 278152 ------w- C:\Windows\System32\MpSigStub.exe
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-19 19:12:18 2006808 ----a-w- C:\Windows\System32\WacomMT.dll
2014-08-19 19:12:18 1991448 ----a-w- C:\Windows\System32\Pen_Tablet.dll
2014-08-19 19:12:18 1984792 ----a-w- C:\Windows\System32\Pen_Touch_Tablet.dll
2014-08-19 19:12:18 1858328 ----a-w- C:\Windows\System32\Wintab32.dll
2014-08-19 19:12:16 1614104 ----a-w- C:\Windows\SysWow64\Pen_Tablet.dll
2014-08-19 19:12:16 1610008 ----a-w- C:\Windows\SysWow64\WacomMT.dll
2014-08-19 19:12:16 1607448 ----a-w- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
2014-08-19 19:12:16 1493784 ----a-w- C:\Windows\SysWow64\Wintab32.dll
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-08 00:05:53 237568 ----a-w- C:\Program Files (x86)\Uninstall Ask Toolbar.dll
.
============= FINISH: 14:42:52.92 ===============

Edited by Pranav Bhople, 15 November 2014 - 04:39 AM.


#3 Pranav Bhople

Pranav Bhople
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 15 November 2014 - 05:11 AM

Hey guys, good news!!!!!!
I no longer need your services, everything's back to normal.

I downloaded Bitdefender and ran its installer, which asked me to uninstall Microsoft Security Essentials, which I did without second thoughts

then it asked me to reboot, I did and voila! bitdefender started downloading its latest updates and things, and I seemed to connect to the internet, as if there never was anything wrong inthe first place.

Anyways, sorry guys for taking your time. :)



#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:42 AM

Posted 20 November 2014 - 09:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/556220 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:42 AM

Posted 25 November 2014 - 09:45 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users